Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
- Ran by Dawid (administrator) on DESKTOP-I4PON84 (12-08-2018 00:41:02)
- Running from C:\Users\Dawid\Desktop
- Loaded Profiles: Dawid (Available Profiles: Dawid)
- Platform: Windows 10 Pro Version 1803 17134.165 (X64) Language: Angielski (Stany Zjednoczone)
- Internet Explorer Version 11 (Default browser: Chrome)
- Boot Mode: Normal
- Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Processes (All) =================
- (Microsoft Corporation) C:\Windows\System32\smss.exe
- (Microsoft Corporation) C:\Windows\System32\csrss.exe
- (Microsoft Corporation) C:\Windows\System32\wininit.exe
- (Microsoft Corporation) C:\Windows\System32\services.exe
- (Microsoft Corporation) C:\Windows\System32\lsass.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\dasHost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
- (Microsoft Corporation) C:\Windows\System32\spoolsv.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\NisSrv.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\audiodg.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\csrss.exe
- (Microsoft Corporation) C:\Windows\System32\winlogon.exe
- (Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe
- (Microsoft Corporation) C:\Windows\System32\dwm.exe
- (Microsoft Corporation) C:\Windows\System32\sihost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\taskhostw.exe
- (Microsoft Corporation) C:\Windows\System32\ctfmon.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Microsoft Corporation) C:\Windows\explorer.exe
- (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
- () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Malwarebytes) C:\Users\Dawid\Desktop\adwcleaner_7.2.2.exe
- (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
- (Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
- (Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
- (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
- (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
- (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MpCmdRun.exe
- (Disc Soft Ltd) G:\PROGRAMY\DAEMON Tools Lite\DTShellHlp.exe
- (Disc Soft Ltd) G:\PROGRAMY\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
- (Plumbytes Software Lp) C:\Program Files\Plumbytes Software\Plumbytes Anti-Malware\AmwService.exe
- (Plumbytes Software Lp) C:\Program Files\Plumbytes Software\Plumbytes Anti-Malware\Plumbytes.exe
- (Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe
- (Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
- (Piriform Ltd) G:\PROGRAMY\CCleaner\CCleaner64.exe
- (Microsoft Corporation) C:\Windows\System32\svchost.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
- (Farbar) C:\Users\Dawid\Desktop\FRST64.exe
- ==================== Registry (Whitelisted) ===========================
- (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
- HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
- HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388936 2018-04-05] (Realtek Semiconductor)
- HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
- HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
- HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-06-21] (AVAST Software)
- HKLM\...\Run: [Plumbytes Anti-Malware] => C:\Program Files\Plumbytes Software\Plumbytes Anti-Malware\Plumbytes.exe [2189304 2018-06-13] (Plumbytes Software Lp)
- HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] ()
- HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
- HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [57954808 2018-03-04] (Discord Inc.)
- HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5885352 2018-05-30] (LogMeIn Inc.)
- HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
- HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
- HKU\S-1-5-21-3848223809-3660055808-2796009117-1001\...\Run: [DAEMON Tools Lite Automount] => G:\PROGRAMY\DAEMON Tools Lite\DTAgent.exe [5263040 2018-01-30] (Disc Soft Ltd)
- HKU\S-1-5-21-3848223809-3660055808-2796009117-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3206432 2018-08-09] (Valve Corporation)
- HKU\S-1-5-21-3848223809-3660055808-2796009117-1001\...\Run: [Discord] => C:\Users\Dawid\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.)
- HKU\S-1-5-21-3848223809-3660055808-2796009117-1001\...\Run: [CCleaner Monitoring] => G:\PROGRAMY\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd)
- HKU\S-1-5-21-3848223809-3660055808-2796009117-1001\...\Run: [EpicGamesLauncher] => G:\GRY\EpicGames\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32973712 2018-07-26] (Epic Games, Inc.)
- HKU\S-1-5-21-3848223809-3660055808-2796009117-1001\...\RunOnce: [Application Restart #0] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MSI)
- HKU\S-1-5-21-3848223809-3660055808-2796009117-1001\...\Winlogon: [Shell] C:\Windows\System32\cmd.exe [273920 2018-04-12] (Microsoft Corporation) <==== ATTENTION
- ==================== Internet (All) ====================
- (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
- Winsock: Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [54784 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [64000 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [341920 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [24064 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [51712 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [341920 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [341920 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [341920 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [341920 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [341920 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [341920 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [341920 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [341920 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [341920 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [341920 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [341920 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [341920 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog9 13 C:\WINDOWS\SysWOW64\mswsock.dll [341920 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog9 14 C:\WINDOWS\SysWOW64\mswsock.dll [341920 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog5-x64 01 C:\Windows\system32\napinsp.dll [67072 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog5-x64 02 C:\Windows\system32\pnrpnsp.dll [84992 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog5-x64 03 C:\Windows\system32\pnrpnsp.dll [84992 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog5-x64 04 C:\Windows\system32\NLAapi.dll [80896 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog5-x64 05 C:\Windows\System32\mswsock.dll [401968 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog5-x64 06 C:\Windows\System32\winrnr.dll [31232 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog5-x64 07 C:\Windows\System32\wshbth.dll [63488 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog9-x64 01 C:\Windows\system32\mswsock.dll [401968 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog9-x64 02 C:\Windows\system32\mswsock.dll [401968 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog9-x64 03 C:\Windows\system32\mswsock.dll [401968 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog9-x64 04 C:\Windows\system32\mswsock.dll [401968 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog9-x64 05 C:\Windows\system32\mswsock.dll [401968 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog9-x64 06 C:\Windows\system32\mswsock.dll [401968 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog9-x64 07 C:\Windows\system32\mswsock.dll [401968 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog9-x64 08 C:\Windows\system32\mswsock.dll [401968 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog9-x64 09 C:\Windows\system32\mswsock.dll [401968 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog9-x64 10 C:\Windows\system32\mswsock.dll [401968 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog9-x64 11 C:\Windows\system32\mswsock.dll [401968 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog9-x64 12 C:\Windows\system32\mswsock.dll [401968 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog9-x64 13 C:\Windows\system32\mswsock.dll [401968 2018-04-12] (Microsoft Corporation)
- Winsock: Catalog9-x64 14 C:\Windows\system32\mswsock.dll [401968 2018-04-12] (Microsoft Corporation)
- Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
- Tcpip\..\Interfaces\{05f01c30-ae2c-40f5-8921-a70a42555589}: [NameServer] 8.8.8.8
- Tcpip\..\Interfaces\{53a907c7-0068-11e8-8286-806e6f6e6963}: [NameServer] 8.8.8.8
- Tcpip\..\Interfaces\{8b6d7d5f-d3fa-423c-859b-89fb128a3299}: [DhcpNameServer] 192.168.1.1
- Tcpip\..\Interfaces\{ae28c06c-3666-4e8d-82a3-78eef270980e}: [NameServer] 8.8.8.8
- Tcpip\..\Interfaces\{cb38fbd2-c1d4-4382-beac-84460fe58627}: [NameServer] 8.8.8.8
- Tcpip\..\Interfaces\{f9daa187-0eab-47aa-806a-b94a0f5010ab}: [NameServer] 8.8.8.8
- Tcpip\..\Interfaces\{f9daa187-0eab-47aa-806a-b94a0f5010ab}: [DhcpNameServer] 192.168.0.1
- Internet Explorer:
- ==================
- HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
- HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
- HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
- HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
- HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
- HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
- HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
- HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
- HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
- HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
- HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
- HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
- HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
- HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
- HKU\S-1-5-21-3848223809-3660055808-2796009117-1001\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
- HKU\S-1-5-21-3848223809-3660055808-2796009117-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
- HKU\S-1-5-21-3848223809-3660055808-2796009117-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
- URLSearchHook: HKU\S-1-5-21-3848223809-3660055808-2796009117-1001 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
- URLSearchHook: HKU\S-1-5-21-3848223809-3660055808-2796009117-1001 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
- SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
- SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
- SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
- SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
- SearchScopes: HKU\S-1-5-21-3848223809-3660055808-2796009117-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
- SearchScopes: HKU\S-1-5-21-3848223809-3660055808-2796009117-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
- Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2018-07-06] (Microsoft Corporation)
- Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2018-07-06] (Microsoft Corporation)
- Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll [2018-07-06] (Microsoft Corporation)
- Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll [2018-07-06] (Microsoft Corporation)
- Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll [2018-04-12] (Microsoft Corporation)
- Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll [2018-04-12] (Microsoft Corporation)
- Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2018-07-06] (Microsoft Corporation)
- Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2018-07-06] (Microsoft Corporation)
- Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2018-07-06] (Microsoft Corporation)
- Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2018-07-06] (Microsoft Corporation)
- Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2018-07-06] (Microsoft Corporation)
- Handler-x32: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2018-07-06] (Microsoft Corporation)
- Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2018-07-06] (Microsoft Corporation)
- Handler-x32: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2018-07-06] (Microsoft Corporation)
- Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2018-05-15] (Microsoft Corporation)
- Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2018-05-15] (Microsoft Corporation)
- Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2018-07-06] (Microsoft Corporation)
- Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2018-07-06] (Microsoft Corporation)
- Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2018-07-06] (Microsoft Corporation)
- Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2018-07-06] (Microsoft Corporation)
- Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2018-07-06] (Microsoft Corporation)
- Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2018-07-06] (Microsoft Corporation)
- Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll [2018-04-12] (Microsoft Corporation)
- Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll [2018-04-12] (Microsoft Corporation)
- Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2018-07-06] (Microsoft Corporation)
- Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2018-07-06] (Microsoft Corporation)
- Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2018-05-15] (Microsoft Corporation)
- Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2018-05-15] (Microsoft Corporation)
- Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2018-07-06] (Microsoft Corporation)
- Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2018-07-06] (Microsoft Corporation)
- Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2018-06-08] (Microsoft Corporation)
- Handler-x32: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2018-06-08] (Microsoft Corporation)
- Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll [2018-04-12] (Microsoft Corporation)
- Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll [2018-04-12] (Microsoft Corporation)
- Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2018-07-06] (Microsoft Corporation)
- Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2018-07-06] (Microsoft Corporation)
- Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2018-06-08] (Microsoft Corporation)
- Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2018-06-08] (Microsoft Corporation)
- Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2018-04-12] (Microsoft Corporation)
- Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2018-04-12] (Microsoft Corporation)
- Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2018-04-12] (Microsoft Corporation)
- Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2018-04-12] (Microsoft Corporation)
- Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2018-04-12] (Microsoft Corporation)
- Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2018-04-12] (Microsoft Corporation)
- StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe
- Edge:
- ======
- Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [2018-04-12]
- Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [2018-04-12]
- FireFox:
- ========
- FF DefaultProfile: j6co5fv1.default
- FF ProfilePath: C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\j6co5fv1.default [2018-08-12]
- FF Extension: (TLS 1.3 gradual roll-out) - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\j6co5fv1.default\features\{86c6c052-61f7-428c-bc98-a98442d2ba83}\tls13-rollout-bug1442042@mozilla.org.xpi [2018-04-12] [Legacy]
- FF Extension: (Default) - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2018-04-12] [Legacy] [not signed]
- FF Extension: (Activity Stream) - C:\Program Files\Mozilla Firefox\browser\features\activity-stream@mozilla.org.xpi [2018-04-12] [Legacy] [not signed]
- FF Extension: (Application Update Service Helper) - C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi [2018-04-12] [Legacy] [not signed]
- FF Extension: (Pocket) - C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi [2018-04-12] [Legacy] [not signed]
- FF Extension: (Follow-on Search Telemetry) - C:\Program Files\Mozilla Firefox\browser\features\followonsearch@mozilla.com.xpi [2018-04-12] [Legacy] [not signed]
- FF Extension: (Form Autofill) - C:\Program Files\Mozilla Firefox\browser\features\formautofill@mozilla.org.xpi [2018-04-12] [Legacy] [not signed]
- FF Extension: (Photon onboarding) - C:\Program Files\Mozilla Firefox\browser\features\onboarding@mozilla.org.xpi [2018-04-12] [Legacy] [not signed]
- FF Extension: (Firefox Screenshots) - C:\Program Files\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi [2018-02-07] [Legacy] [not signed]
- FF Extension: (Shield Recipe Client) - C:\Program Files\Mozilla Firefox\browser\features\shield-recipe-client@mozilla.org.xpi [2018-04-12] [Legacy] [not signed]
- FF Extension: (Web Compat) - C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi [2018-04-12] [Legacy] [not signed]
- FF HKLM\...\Mozilla Firefox 59.0.2\Extensions: [Components] - C:\Program Files\Mozilla Firefox\components => not found
- FF HKLM\...\Mozilla Firefox 59.0.2\Extensions: [Plugins] - C:\Program Files\Mozilla Firefox\plugins => not found
- FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-15] ()
- FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
- FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-15] ()
- FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-06-01] (NVIDIA Corporation)
- FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-06-01] (NVIDIA Corporation)
- FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
- FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
- FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
- FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)
- StartMenuInternet: Firefox-308046B0AF4A39CB - "C:\Program Files\Mozilla Firefox\firefox.exe"
- FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\channel-prefs.js [2018-02-07]
- Chrome:
- =======
- CHR StartupUrls: Default -> "","hxxp://google.pl/"
- CHR DefaultSearchURL: Default -> {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:iOSSearchLanguage}{google:searchClient}{google:sourceId}{google:contextualSearchVersion}ie={inputEncoding}
- CHR DefaultSearchKeyword: Default -> google.pl_
- CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
- CHR Profile: C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default [2018-08-12]
- CHR Extension: (Prezentacje) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-23]
- CHR Extension: (Dokumenty) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-23]
- CHR Extension: (Dysk Google) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-23]
- CHR Extension: (YouTube) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-23]
- CHR Extension: (Adblock Plus) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-07-18]
- CHR Extension: (Adobe Acrobat) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-07-06]
- CHR Extension: (Arkusze) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-23]
- CHR Extension: (Dokumenty Google offline) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-01-23]
- CHR Extension: (No Coin - Block miners on the web!) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojamcfopckidlocpkbelmpjcgmbgjcl [2018-03-21]
- CHR Extension: (Google Keep – notatki i listy) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2018-08-09]
- CHR Extension: (SmallringFX DarkBlue Theme) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfijmgohofmpjlcgmjplbpmkpchdhpk [2018-06-03]
- CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-02]
- CHR Extension: (Gmail) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-01-23]
- CHR Extension: (Chrome Media Router) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-05]
- CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
- StartMenuInternet: Google Chrome - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
- CHR crx: C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\default_apps\docs.crx [2018-08-08]
- CHR crx: C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\default_apps\drive.crx [2018-08-08]
- CHR crx: C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\default_apps\gmail.crx [2018-08-08]
- CHR crx: C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\default_apps\youtube.crx [2018-08-08]
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement