CloseProcesses: CreateRestorePoint: EmptyTemp: File: C:\Program Files (x86)\AppSafe\AppSafe.exe HKU\S-1-5-21-623783590-927091288-1908669224-1000\...\MountPoints2: {05477e17-cfd7-11e9-a094-00ac1d9639f4} - L:\HiSuiteDownLoader.exe HKU\S-1-5-21-623783590-927091288-1908669224-1000\...\MountPoints2: {14fb8be0-2d67-11e7-81c5-00ac1d9639f4} - M:\autorun.exe HKU\S-1-5-21-623783590-927091288-1908669224-1000\...\MountPoints2: {f2b96b5c-4b7e-11e8-a0b0-00ac1d9639f4} - L:\HiSuiteDownLoader.exe HKU\S-1-5-21-623783590-927091288-1908669224-1000\...\MountPoints2: {fc0686ee-c179-11e9-afba-00ac1d9639f4} - L:\HiSuiteDownLoader.exe BootExecute: autocheck autochk * bootdelete GroupPolicy: Ograniczenia - Chrome <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA Task: {06DAE638-3B64-42D9-9E23-D0D23A8B1CE6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe) Task: {1171072D-CA2D-45A5-AF50-39851C1B5973} - System32\Tasks\{B8550103-F7A2-4C12-82CA-FBA63D46426F} => C:\Windows\system32\pcalua.exe -a C:\Windows\IsUninst.exe -c -f"e:\Uninst.isu" Task: {1AB50D1C-1763-46F1-A9A0-2CAA2D0179B7} - System32\Tasks\{D4F2ACD5-B8EE-45A2-81E0-5043CD98495D} => C:\Windows\system32\pcalua.exe -a C:\Users\reszka\AppData\Local\Temp\jre-8u91-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau-m FAMILYUPGRADE=1 <==== UWAGA Task: {222C9ACC-9FED-4CC4-8AD4-154C73A49BE9} - System32\Tasks\{B365A646-FAEB-4058-A13E-0D3D4DD9CDB7} => C:\Windows\system32\pcalua.exe -a C:\Users\reszka\AppData\Local\Temp\jre-8u171-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== UWAGA Task: {274B3E4F-8B2F-4AE6-9344-AC41F8BF23C4} - System32\Tasks\{3049F041-561D-405B-B722-8514991663FC} => C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2.exe Task: {2BA67ED2-A827-472D-944E-CC657C00CF86} - System32\Tasks\{1426DB3D-E94C-42C9-BF2F-854158E58804} => C:\Windows\system32\pcalua.exe -a C:\Users\reszka\Downloads\slow.exe -d C:\Users\reszka\Downloads Task: {3DB9BF6E-64B1-42B4-A7B7-E74C66A0ACAC} - System32\Tasks\{3546A6E6-F684-442F-8E26-3C7B1D7E5762} => C:\Windows\system32\pcalua.exe -a C:\Users\reszka\Desktop\lgs510.exe -d C:\Users\reszka\Desktop Task: {48097FEA-88ED-4965-AB9A-2494EE917DB6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-09] (Adobe Inc. -> Adobe) Task: {4B8EB068-C409-4EBF-9ACE-14E36F50BB94} - System32\Tasks\{6CEBC3B1-A3CA-4A5A-8568-D0D49C31F5D2} => C:\Windows\system32\pcalua.exe -a N:\directx\dxsetup.exe -d N:\directx Task: {5F211C03-8FCC-4C6C-A1CE-33CCD2D6BC9A} - System32\Tasks\WinSTAT => C:\ProgramData\WinSTAT\WinSTAT.exe <==== UWAGA Task: {5FC78A5A-FA93-4B7B-BE49-2A20DFF32BC9} - System32\Tasks\{12EADACE-154C-41AF-977E-AFE15F27A7D8} => C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2.exe Task: {6290D83E-6081-47F3-AFDA-F1BAE3C93C02} - \Binkiland -> Brak pliku <==== UWAGA Task: {7145CC89-41C2-4A82-A858-749731419727} - System32\Tasks\{869DF296-C741-4049-B034-12AC746B703B} => C:\Windows\system32\pcalua.exe -a C:\Users\reszka\Downloads\ULi_Integrated220\IntegratedDriver2.20.exe -d C:\Users\reszka\Downloads\ULi_Integrated220 Task: {7F1FFDFF-4A65-4B17-89DC-37C9BF78F1F6} - System32\Tasks\AppSafe => C:\Program Files (x86)\AppSafe\AppSafe.exe <==== UWAGA Task: {AC8CAA05-BE2C-487C-BD53-9FFE2C44A047} - System32\Tasks\{A9A5EAAE-F5F5-43B2-8DED-4DBFE5E447B3} => C:\Windows\system32\pcalua.exe -a C:\Users\reszka\AppData\Local\Temp\jre-8u101-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== UWAGA Task: {B684D2B9-9773-42DE-8B40-79298E8C4505} - System32\Tasks\{CD73057F-32B7-4D66-AE53-F2A7A9924760} => C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2.exe Task: {EC7D4B80-ABBD-4A81-9268-EF38A821ADC2} - System32\Tasks\{B3962BEB-A33D-4700-A19F-04172C5F8F9E} => C:\Windows\system32\pcalua.exe -a M:\vcredist_x64.exe -d M:\ -c /q Task: {EE2E583D-D866-4256-B60E-0F27B259116F} - System32\Tasks\{7B5F68CF-75C1-4BBA-A067-6A2A81101EA0} => O:\setup.exe Task: {F536820C-F870-4A70-8FC6-D9252ECE8B2E} - System32\Tasks\{98BF03E9-4B96-4CE1-A6A7-D2FF5FC3E8CD} => C:\Windows\system32\pcalua.exe -a C:\Users\reszka\Desktop\irfanview_plugins_438_setup_(www.programki.pl).exe -d C:\Users\reszka\Desktop Task: C:\Windows\Tasks\AppSafe.job => C:\Program Files (x86)\AppSafe\AppSafe.exe <==== UWAGA S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [190464 2021-01-25] (ESET, spol. s r.o. -> ESET) R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [70048 2021-01-25] (ESET, spol. s r.o. -> ESET) R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [56152 2021-01-25] (ESET, spol. s r.o. -> ESET) ProxyEnable: [.DEFAULT] => Proxy [funkcja włączona] ProxyServer: [.DEFAULT] => http=127.0.0.1:55832;https=127.0.0.1:55832 ProxyServer: [S-1-5-21-623783590-927091288-1908669224-1000] => 192.168.1.184:8080 Tcpip\..\Interfaces\{15DA5E25-3720-4734-BE01-29AE72C97822}: [DhcpNameServer] 194.255.56.78 194.255.56.79 Tcpip\..\Interfaces\{99F73E47-F494-46CD-BA65-739FCCA3DA96}: [DhcpNameServer] 192.168.1.1 FF Extension: (Yahoo! Toolbar) - C:\Users\reszka\AppData\Roaming\Mozilla\Firefox\Profiles\t47mmkh3.default-1480887140195\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2016-12-04] [Przestarzałe] [Brak podpisu cyfrowego] FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => nie znaleziono FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF => nie znaleziono FF HKLM-x32\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Users\reszka\AppData\Roaming\Mozilla\Firefox\Profiles\dylchjm3.default\extensions\fftoolbar2014@etech.com => nie znaleziono FF HKLM-x32\...\Firefox\Extensions: [quick_searchff@gmail.com] - C:\Users\reszka\AppData\Roaming\Mozilla\Firefox\Profiles\dylchjm3.default\extensions\quick_searchff@gmail.com => nie znaleziono FF HKLM-x32\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\reszka\AppData\Roaming\Mozilla\Firefox\Profiles\dylchjm3.default\extensions\sweetsearch@gmail.com => nie znaleziono FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\reszka\AppData\Roaming\Mozilla\Firefox\Profiles\dylchjm3.default\extensions\defsearchp@gmail.com => nie znaleziono FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\reszka\AppData\Roaming\Mozilla\Firefox\Profiles\dylchjm3.default\extensions\deskCutv2@gmail.com => nie znaleziono FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => nie znaleziono FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] CHR DefaultSearchURL: Default -> hxxps://srchbar.com/?q={searchTerms} CHR DefaultSuggestURL: Default -> hxxps://srch.bar/?s={searchTerms} CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx U3 a8til7xs; Brak ImagePath S3 dgderdrv; System32\drivers\dgderdrv.sys [X] U2 TMAgent; Brak ImagePath S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => -> Brak pliku ContextMenuHandlers2: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => -> Brak pliku ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team) ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => -> Brak pliku ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> Brak pliku ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => -> Brak pliku ContextMenuHandlers6: [PowerISO] -> [CC]{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> Brak pliku AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0] HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://dk.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_18¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Ddk%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0A0CtC0DzyyCtAzy0FyEtC0FyBtDtN0D0Tzu0StCyDzzzytN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDtByCyCyBtC0B0BtGyBtCtCtAtGyD0ByEzytGyD0E0DyEtG0FyDtBtByC0D0A0BtCyB0BtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0CtCtCtDyCzy0CtGyC0C0B0BtGyE0F0EzztGzytB0FyBtG0CtAzz0DyEzzyC0ByCtAtC0C2QtN0A0LzutB%26cr%3D790096104%26a%3Dwbf_ir_16_18%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://dk.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_18¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Ddk%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0A0CtC0DzyyCtAzy0FyEtC0FyBtDtN0D0Tzu0StCyDzzzytN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDtByCyCyBtC0B0BtGyBtCtCtAtGyD0ByEzytGyD0E0DyEtG0FyDtBtByC0D0A0BtCyB0BtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0CtCtCtDyCzy0CtGyC0C0B0BtGyE0F0EzztGzytB0FyBtG0CtAzz0DyEzzyC0ByCtAtC0C2QtN0A0LzutB%26cr%3D790096104%26a%3Dwbf_ir_16_18%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://dk.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_18¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Ddk%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0A0CtC0DzyyCtAzy0FyEtC0FyBtDtN0D0Tzu0StCyDzzzytN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDtByCyCyBtC0B0BtGyBtCtCtAtGyD0ByEzytGyD0E0DyEtG0FyDtBtByC0D0A0BtCyB0BtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0CtCtCtDyCzy0CtGyC0C0B0BtGyE0F0EzztGzytB0FyBtG0CtAzz0DyEzzyC0ByCtAtC0C2QtN0A0LzutB%26cr%3D790096104%26a%3Dwbf_ir_16_18%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://dk.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_18¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Ddk%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0A0CtC0DzyyCtAzy0FyEtC0FyBtDtN0D0Tzu0StCyDzzzytN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDtByCyCyBtC0B0BtGyBtCtCtAtGyD0ByEzytGyD0E0DyEtG0FyDtBtByC0D0A0BtCyB0BtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0CtCtCtDyCzy0CtGyC0C0B0BtGyE0F0EzztGzytB0FyBtG0CtAzz0DyEzzyC0ByCtAtC0C2QtN0A0LzutB%26cr%3D790096104%26a%3Dwbf_ir_16_18%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms} SearchScopes: HKLM -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = hxxp://speedial.com/results.php?f=4&q={searchTerms}&a=spd_dsites02_14_24_ff&cd=2XzuyEtN2Y1L1QzutDtDtC0DyBtB0B0FyEtDzztDtC0FyBtDtN0D0Tzu0SzzzyyCtN1L2XzutBtFtBtCtFyEtFtDtN1L1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2StD0A0Czz0FtC0A0AtGyC0F0CtCtG0DyB0B0AtGyDtByD0BtGtB0Azz0AtC0E0CzzzyyD0BtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzyzy0D0A0B0AtAtGtCtAyCzytG0D0D0D0EtGtAyB0F0BtGtAtB0FyByByB0BtC0C0CtAzy2Q&cr=382837293&ir= SearchScopes: HKLM -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = SearchScopes: HKLM -> {6586d803-df30-46d3-a89a-4136c8571d45} URL = hxxps://dk.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_46¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Ddk%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0A0CtC0DzyyCtAzy0FyEtC0FyBtDtN0D0Tzu0StCyEtCtBtN1L2XzutAtFtCyEtFtDtFtCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0F0B0C0AyDtB0BtGtD0FyB0EtG0EtBtAzytGtC0Azy0CtG0AyEtAtAtDyByDyD0CtAtDtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0CtCtCtDyCzy0CtGyC0C0B0BtGyE0F0EzztGzytB0FyBtG0CtAzz0DyEzzyC0ByCtAtC0C2QtN0A0LzutB%26cr%3D658983749%26a%3Dwncy_ir_15_46%26os%3DWindows%2B7%2BUltimate&p={searchTerms} SearchScopes: HKLM -> {73cd434e-8e1e-46b6-bb8d-7dd935140717} URL = hxxps://dk.search.yahoo.com/yhs/search?hspart=itm&hsimp=yhs-001&type=jmb_ir_16_13¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Ddk%26pa%3DJoomborio%26cd%3D2XzuyEtN2Y1L1QzutDtD0A0CtC0DzyyCtAzy0FyEtC0FyBtDtN0D0Tzu0StCyDyEzztN1L2XzutAtFtCzytFtAtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StB0E0FtD0E0E0CtBtGtD0E0BzztGtDyDtAyEtGyE0Azy0EtGyCyCyD0AtB0C0ByC0E0B0CyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0CtCtCtDyCzy0CtGyC0C0B0BtGyE0F0EzztGzytB0FyBtG0CtAzz0DyEzzyC0ByCtAtC0C2QtN0A0LzutBtN1B2Z1V1T1S1NzutCyByEzy%26cr%3D1168938642%26a%3Djmb_ir_16_13%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms} SearchScopes: HKLM -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL = hxxps://dk.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_kmpswt_15_46¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Ddk%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1QzutDtD0A0CtC0DzyyCtAzy0FyEtC0FyBtDtN0D0Tzu0StCyEtCtAtN1L2XzutAtFtCyEtFtDtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StByEyByE0BtD0BtCtGtBtBtAyEtGzyyCyCtAtGyBtCyD0CtG0F0AtDzyyEzztD0EtD0AtAtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0CtCtCtDyCzy0CtGyC0C0B0BtGyE0F0EzztGzytB0FyBtG0CtAzz0DyEzzyC0ByCtAtC0C2QtN0A0LzutB%26cr%3D922633449%26a%3Dwny_kmpswt_15_46%26os%3DWindows%2B7%2BUltimate&p={searchTerms} SearchScopes: HKLM -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://dk.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_18¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Ddk%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0A0CtC0DzyyCtAzy0FyEtC0FyBtDtN0D0Tzu0StCyDzzzytN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDtByCyCyBtC0B0BtGyBtCtCtAtGyD0ByEzytGyD0E0DyEtG0FyDtBtByC0D0A0BtCyB0BtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0CtCtCtDyCzy0CtGyC0C0B0BtGyE0F0EzztGzytB0FyBtG0CtAzz0DyEzzyC0ByCtAtC0C2QtN0A0LzutB%26cr%3D790096104%26a%3Dwbf_ir_16_18%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms} SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://dk.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_18¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Ddk%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0A0CtC0DzyyCtAzy0FyEtC0FyBtDtN0D0Tzu0StCyDzzzytN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDtByCyCyBtC0B0BtGyBtCtCtAtGyD0ByEzytGyD0E0DyEtG0FyDtBtByC0D0A0BtCyB0BtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0CtCtCtDyCzy0CtGyC0C0B0BtGyE0F0EzztGzytB0FyBtG0CtAzz0DyEzzyC0ByCtAtC0C2QtN0A0LzutB%26cr%3D790096104%26a%3Dwbf_ir_16_18%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms} SearchScopes: HKU\S-1-5-21-623783590-927091288-1908669224-1000 -> {6586d803-df30-46d3-a89a-4136c8571d45} URL = hxxp://www.palikan.com/results.php?f=4&q={searchTerms}&a=plk_ir_15_48&cd=2XzuyEtN2Y1L1QzutDtD0A0CtC0DzyyCtAzy0FyEtC0FyBtDtN0D0Tzu0StCyEtByEtN1L2XzutAtFtCyEtFtDtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCzyyEyCtB0Bzy0DtGtCtC0F0FtGzy0CyCyBtGtCtCyCtCtG0B0FyEyDyCyB0Bzz0DyEyD0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0CtCtCtDyCzy0CtGyC0C0B0BtGyE0F0EzztGzytB0FyBtG0CtAzz0DyEzzyC0ByCtAtC0C2QtN0A0LzutB&cr=745912521&ir= SearchScopes: HKU\S-1-5-21-623783590-927091288-1908669224-1000 -> {73cd434e-8e1e-46b6-bb8d-7dd935140717} URL = hxxps://dk.search.yahoo.com/yhs/search?hspart=itm&hsimp=yhs-001&type=jmb_ir_16_13¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Ddk%26pa%3DJoomborio%26cd%3D2XzuyEtN2Y1L1QzutDtD0A0CtC0DzyyCtAzy0FyEtC0FyBtDtN0D0Tzu0StCyDyEzztN1L2XzutAtFtCzytFtAtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StB0E0FtD0E0E0CtBtGtD0E0BzztGtDyDtAyEtGyE0Azy0EtGyCyCyD0AtB0C0ByC0E0B0CyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0CtCtCtDyCzy0CtGyC0C0B0BtGyE0F0EzztGzytB0FyBtG0CtAzz0DyEzzyC0ByCtAtC0C2QtN0A0LzutBtN1B2Z1V1T1S1NzutCyByEzy%26cr%3D1168938642%26a%3Djmb_ir_16_13%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms} SearchScopes: HKU\S-1-5-21-623783590-927091288-1908669224-1000 -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL = hxxps://dk.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_kmpswt_15_46¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Ddk%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1QzutDtD0A0CtC0DzyyCtAzy0FyEtC0FyBtDtN0D0Tzu0StCyEtCtAtN1L2XzutAtFtCyEtFtDtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StByEyByE0BtD0BtCtGtBtBtAyEtGzyyCyCtAtGyBtCyD0CtG0F0AtDzyyEzztD0EtD0AtAtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0CtCtCtDyCzy0CtGyC0C0B0BtGyE0F0EzztGzytB0FyBtG0CtAzz0DyEzzyC0ByCtAtC0C2QtN0A0LzutB%26cr%3D922633449%26a%3Dwny_kmpswt_15_46%26os%3DWindows%2B7%2BUltimate&p={searchTerms} SearchScopes: HKU\S-1-5-21-623783590-927091288-1908669224-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://dk.search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10028_DK_151011__yaie&p={searchTerms} Toolbar: HKLM - Brak nazwy - {32099AAC-C132-4136-9E9A-4E364A424E17} - Brak pliku Toolbar: HKU\S-1-5-21-623783590-927091288-1908669224-1000 -> Brak nazwy - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Brak pliku Toolbar: HKU\S-1-5-21-623783590-927091288-1908669224-1000 -> Brak nazwy - {32099AAC-C132-4136-9E9A-4E364A424E17} - Brak pliku Toolbar: HKU\S-1-5-21-623783590-927091288-1908669224-1000 -> Brak nazwy - {093F479D-712E-46CD-9E06-62E734A05F68} - Brak pliku StartMenuInternet: IEXPLORE.EXE - iexplore.exe IE trusted site: HKU\S-1-5-21-623783590-927091288-1908669224-1000\...\hola.org -> hxxp://hola.org IE trusted site: HKU\S-1-5-21-623783590-927091288-1908669224-1000\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-623783590-927091288-1908669224-1000\...\webcompanion.com -> hxxp://webcompanion.com FirewallRules: [{780A9CFE-AF67-45DC-801B-CD3A87FA6C80}] => (Allow) LPort=26675 RemoveProxy: Hosts: