Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 29-03-2020
- Uruchomiony przez Miras (administrator) MIRAS-HP (Hewlett-Packard Presario CQ58 Notebook PC) (03-04-2020 18:59:35)
- Uruchomiony z C:\Users\Miras\Desktop\Pobierane ze Stron
- Załadowane profile: Miras (Dostępne profile: Miras)
- Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska)
- Internet Explorer Wersja 11 (Domyślna przeglądarka: FF)
- Tryb startu: Normal
- Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Procesy (filtrowane) =================
- (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
- (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
- (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
- (Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
- (Atheros Communications Inc. -> Atheros Commnucations) [Brak podpisu cyfrowego] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
- (Atheros Communications Inc. -> Atheros Commnucations) [Brak podpisu cyfrowego] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
- (Atheros Communications Inc. -> Atheros Communications) [Brak podpisu cyfrowego] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
- (Atheros Communications Inc. -> Atheros) [Brak podpisu cyfrowego] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
- (AuthenTec, Inc. -> HP) C:\Program Files (x86)\HP SimplePass\BioMonitor.exe
- (AuthenTec, Inc. -> HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
- (CyberLink -> CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
- (EasyBits Software AS -> EasyBits Software AS) [Brak podpisu cyfrowego] C:\Windows\SysWOW64\ezSharedSvcHost.exe
- (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
- (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
- (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
- (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
- (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
- (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
- (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
- (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
- (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
- (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\avp.exe
- (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\avpui.exe
- (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
- (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
- (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
- (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
- (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
- (Microsoft Corporation -> Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
- (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
- (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
- (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
- (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
- (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
- ==================== Rejestr (filtrowane) ===================
- (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
- HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6463592 2012-02-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
- HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2885904 2012-02-24] (Synaptics Incorporated -> Synaptics Incorporated)
- HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1016992 2012-01-19] (Atheros Communications Inc. -> Atheros Communications) [Brak podpisu cyfrowego]
- HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2012-01-19] (Atheros Communications Inc. -> Atheros Commnucations) [Brak podpisu cyfrowego]
- HKLM-x32\...\Run: [] => [X]
- HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
- HKU\S-1-5-21-3940486013-205667877-1000148699-1000\...\Policies\system: [DisableLockWorkstation] 0
- HKU\S-1-5-21-3940486013-205667877-1000148699-1000\...\Policies\system: [DisableChangePassword] 0
- HKU\S-1-5-21-3940486013-205667877-1000148699-1000\...\MountPoints2: {2fc260c0-b44d-11e9-9602-446d57de3b2a} - G:\HiSuiteDownLoader.exe
- HKU\S-1-5-21-3940486013-205667877-1000148699-1000\...\MountPoints2: {d3f6720f-ed44-11e7-a27f-b4b52f2aea4d} - G:\Setup.exe
- HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
- HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.162\Installer\chrmstp.exe [2020-04-01] (Google LLC -> Google LLC)
- HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
- HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{438363A8-F486-4C37-834C-4955773CB3D3}] -> msiexec /fu {438363A8-F486-4C37-834C-4955773CB3D3} /qn
- HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
- HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2012-01-19] (Atheros Communications Inc. -> Atheros Commnucations) [Brak podpisu cyfrowego]
- HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
- HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2012-01-19] (Atheros Communications Inc. -> Atheros Commnucations) [Brak podpisu cyfrowego]
- ==================== Zaplanowane zadania (filtrowane) ============
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- Task: {049DCD98-58FE-414D-984B-13908AA7604E} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_Plugin.exe [1458232 2020-03-11] (Adobe Inc. -> Adobe)
- Task: {1351B11B-7137-4DB3-AA0F-5B746CC9C595} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
- Task: {19058136-0840-4615-8312-39CD19973087} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
- Task: {1C70ACE6-5F29-44D6-811A-BC22117C5A8E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
- Task: {25C0550E-F01B-47A2-9427-359B585F9646} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3940486013-205667877-1000148699-1000Core => C:\Users\Miras\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-04-18] (Facebook, Inc. -> Facebook Inc.)
- Task: {B7B91724-CA83-470E-8DF0-81C000A08897} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe [38784 2012-02-17] (Hewlett-Packard Company -> )
- Task: {C76DF12D-DCF8-4414-B40C-DCFEE5EDB4E1} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
- Task: {D8BF6FE0-91D1-4580-BD57-F3E9697FA5CF} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3940486013-205667877-1000148699-1000UA => C:\Users\Miras\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-04-18] (Facebook, Inc. -> Facebook Inc.)
- Task: {DCFD592D-70DB-4EEB-8A6A-6AC59F5921E0} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2012-02-10] (CyberLink -> CyberLink)
- Task: {FAC81B33-E839-4570-933D-0605C8277775} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe)
- Task: {FCA2B5F6-297C-4A55-AB57-444E98A0FE6A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [147832 2020-02-24] (HP Inc. -> HP Inc.)
- (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)
- Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3940486013-205667877-1000148699-1000Core.job => C:\Users\Miras\AppData\Local\Facebook\Update\FacebookUpdate.exe
- Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3940486013-205667877-1000148699-1000UA.job => C:\Users\Miras\AppData\Local\Facebook\Update\FacebookUpdate.exe
- ==================== Internet (filtrowane) ====================
- (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
- Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
- Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
- Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
- Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
- Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
- Tcpip\..\Interfaces\{055FE1BB-F7DF-405D-83CD-926364635EB2}: [DhcpNameServer] 192.168.1.1 192.168.1.1
- Internet Explorer:
- ==================
- HKU\S-1-5-21-3940486013-205667877-1000148699-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CPNTDF
- HKU\S-1-5-21-3940486013-205667877-1000148699-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CPNTDF
- SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
- SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
- SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
- SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://pl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
- SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://pl.wikipedia.org/wiki/Special:Search?search={searchTerms}
- SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
- SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
- SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
- SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://pl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
- SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://pl.wikipedia.org/wiki/Special:Search?search={searchTerms}
- SearchScopes: HKU\S-1-5-21-3940486013-205667877-1000148699-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
- SearchScopes: HKU\S-1-5-21-3940486013-205667877-1000148699-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
- SearchScopes: HKU\S-1-5-21-3940486013-205667877-1000148699-1000 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
- SearchScopes: HKU\S-1-5-21-3940486013-205667877-1000148699-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://pl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
- SearchScopes: HKU\S-1-5-21-3940486013-205667877-1000148699-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://pl.wikipedia.org/wiki/Special:Search?search={searchTerms}
- BHO: HP SimplePass Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll [2011-12-11] (AuthenTec, Inc. -> HP)
- BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
- BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll => Brak pliku
- BHO: Kaspersky Protection -> {9F904093-6E18-4536-BF5F-B03689CF00F0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\IEExt\ie_plugin.dll [2019-12-16] (Kaspersky Lab -> AO Kaspersky Lab)
- BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation -> Microsoft Corporation.)
- BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => Brak pliku
- BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-21] (Oracle America, Inc. -> Oracle Corporation)
- BHO-x32: HP SimplePass Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass\IEBHO.DLL [2011-12-11] (AuthenTec, Inc. -> HP)
- BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-01-19] (Atheros Communications Inc. -> Atheros Commnucations) [Brak podpisu cyfrowego]
- BHO-x32: Pomocnik logowania za pomocą identyfikatora Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
- BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\OnlineBanking\online_banking_bho.dll => Brak pliku
- BHO-x32: Kaspersky Protection -> {9F904093-6E18-4536-BF5F-B03689CF00F0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\IEExt\ie_plugin.dll [2019-12-16] (Kaspersky Lab -> AO Kaspersky Lab)
- BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation -> Microsoft Corporation.)
- BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-21] (Oracle America, Inc. -> Oracle Corporation)
- BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll => Brak pliku
- Toolbar: HKLM - HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll [2011-12-11] (AuthenTec, Inc. -> HP)
- Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation -> Microsoft Corporation.)
- Toolbar: HKLM - Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\IEExt\ie_plugin.dll [2019-12-16] (Kaspersky Lab -> AO Kaspersky Lab)
- Toolbar: HKLM-x32 - HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\IEBHO.DLL [2011-12-11] (AuthenTec, Inc. -> HP)
- Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation -> Microsoft Corporation.)
- Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\IEExt\ie_plugin.dll [2019-12-16] (Kaspersky Lab -> AO Kaspersky Lab)
- FireFox:
- ========
- FF DefaultProfile: oms8kln4.default
- FF ProfilePath: C:\Users\Miras\AppData\Roaming\Mozilla\Firefox\Profiles\oms8kln4.default [2020-04-03]
- FF DownloadDir: C:\Users\Miras\Desktop\Pobierane ze Stron
- FF Homepage: Mozilla\Firefox\Profiles\oms8kln4.default -> hxxp://niezalezna.pl/
- FF Notifications: Mozilla\Firefox\Profiles\oms8kln4.default -> hxxps://web.skype.com; hxxps://topsecret.api.sociaplus.com; hxxps://popularne.net; hxxps://kochamyzwierzaki.pl; hxxps://genialne.to; hxxps://projekty-muratordom-pl-02.salesmanagopush.com; hxxps://www-centrumofert-com-02.salesmanagopush.com; hxxps://www.prawdaobiektywna.pl; hxxps://www.interia.pl; hxxps://www-lamoda-pl.pushpushgo.com; hxxps://popularne.pl; hxxps://dompelenpomyslow.pl; hxxps://www.pomponik.pl; hxxps://570e2f8590f01.edrone.me; hxxps://allani.pl; hxxps://newsweb.os.tc; hxxps://motoryzacja.interia.pl; hxxps://dzisiaj.net.pl; hxxps://www.homebook.pl; hxxps://swiatciast.pl; hxxps://sportowefakty.wp.pl; hxxps://pakuten.pl; hxxps://www.popularne.pl; hxxps://czasnabuty.edrone.me; hxxps://mediamarkt.pl; hxxps://domodi.pl; hxxps://www.bonami.pl; hxxps://antaresa-pl-02.salesmanagopush.com; hxxps://estore-oceanic-com-pl-02.salesmanagopush.com; hxxps://5abb5c97dc6c5.edrone.me; hxxps://www-royalfashion-pl.pushpushgo.com; hxxps://sklep.sizeer.com; hxxps://fitanu.com; hxxps://deezee.pl; hxxps://www.eobuwie.com.pl; hxxps://www.facebook.com; hxxps://kik.okazjum.pl
- FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\Miras\AppData\Roaming\Mozilla\Firefox\Profiles\oms8kln4.default\Extensions\hotfix-update-xpi-intermediate@mozilla.com.xpi [2019-05-15]
- FF Extension: (YouTube™ Flash® Player) - C:\Users\Miras\AppData\Roaming\Mozilla\Firefox\Profiles\oms8kln4.default\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2017-08-11]
- FF Extension: (uBlock Origin) - C:\Users\Miras\AppData\Roaming\Mozilla\Firefox\Profiles\oms8kln4.default\Extensions\uBlock0@raymondhill.net.xpi [2020-03-10]
- FF Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Miras\AppData\Roaming\Mozilla\Firefox\Profiles\oms8kln4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-04-01]
- FF HKLM\...\Firefox\Extensions: [light_plugin_F363A72DD7B6435783A76E5F612C9006@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\FFExt\light_plugin_firefox\addon.xpi => nie znaleziono
- FF HKLM\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi => nie znaleziono
- FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F363A72DD7B6435783A76E5F612C9006@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\FFExt\light_plugin_firefox\addon.xpi => nie znaleziono
- FF HKLM-x32\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi => nie znaleziono
- FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-03-11] (Adobe Inc. -> )
- FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
- FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] (Microsoft Corporation -> Microsoft Corporation)
- FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll [2020-03-11] (Adobe Inc. -> )
- FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2011-11-07] (Adobe Systems, Inc.) [Brak podpisu cyfrowego]
- FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
- FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
- FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-21] (Oracle America, Inc. -> Oracle Corporation)
- FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-21] (Oracle America, Inc. -> Oracle Corporation)
- FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
- FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] (Microsoft Corporation -> Microsoft Corporation)
- FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
- FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation)
- FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation)
- FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2011-09-28] (WildTangent Inc -> )
- FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
- FF Plugin HKU\S-1-5-21-3940486013-205667877-1000148699-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Miras\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Software Sarl -> Skype Limited)
- FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-05-21] <==== UWAGA (Linkuje do pliku *.cfg)
- FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-05-21] <==== UWAGA
- Chrome:
- =======
- CHR DefaultProfile: Default
- CHR Profile: C:\Users\Miras\AppData\Local\Google\Chrome\User Data\Default [2020-03-21]
- CHR Extension: (Kaspersky Protection) - C:\Users\Miras\AppData\Local\Google\Chrome\User Data\Default\Extensions\elhpdacimkjpccooodognopfhbdgnpbk [2020-03-21]
- CHR Extension: (Website Logon) - C:\Users\Miras\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfgjjhcgfbfkkoelpepohanhmbhdanh [2014-11-22]
- CHR Extension: (Skype) - C:\Users\Miras\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-10-30]
- CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Miras\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-30]
- CHR Extension: (Chrome Media Router) - C:\Users\Miras\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-30]
- CHR Profile: C:\Users\Miras\AppData\Local\Google\Chrome\User Data\System Profile [2015-04-30]
- CHR Extension: (Google Slides) - C:\Users\Miras\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-30]
- CHR Extension: (Google Docs) - C:\Users\Miras\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-30]
- CHR Extension: (Google Drive) - C:\Users\Miras\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-30]
- CHR Extension: (YouTube) - C:\Users\Miras\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-30]
- CHR Extension: (Google Search) - C:\Users\Miras\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-30]
- CHR Extension: (Kaspersky URL Advisor) - C:\Users\Miras\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2015-04-30]
- CHR Extension: (Google Sheets) - C:\Users\Miras\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-30]
- CHR Extension: (Bookmark Manager) - C:\Users\Miras\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-30]
- CHR Extension: (Content Blocker) - C:\Users\Miras\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2015-04-30]
- CHR Extension: (Website Logon) - C:\Users\Miras\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\jpfgjjhcgfbfkkoelpepohanhmbhdanh [2015-04-30]
- CHR Extension: (Skype Click to Call) - C:\Users\Miras\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-04-30]
- CHR Extension: (Kaspersky Protection) - C:\Users\Miras\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh [2015-04-30]
- CHR Extension: (Google Wallet) - C:\Users\Miras\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-30]
- CHR Extension: (Gmail) - C:\Users\Miras\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-30]
- CHR HKLM\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
- CHR HKLM-x32\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
- CHR HKLM-x32\...\Chrome\Extension: [jpfgjjhcgfbfkkoelpepohanhmbhdanh] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2011-12-09]
- CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
- ==================== Usługi (filtrowane) ===================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [106144 2012-01-19] (Atheros Communications Inc. -> Atheros Commnucations) [Brak podpisu cyfrowego]
- R2 AVP20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\avp.exe [357416 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
- R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS -> EasyBits Software AS) [Brak podpisu cyfrowego]
- R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [260424 2011-12-11] (AuthenTec, Inc. -> HP)
- R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [361848 2019-12-06] (HP Inc. -> HP Inc.)
- R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation -> Intel Corporation)
- S3 klvssbridge64_20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\vssbridge64.exe [438928 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
- S3 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [354008 2019-02-08] (Kaspersky Lab -> AO Kaspersky Lab)
- S3 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (Kaspersky Lab -> AO Kaspersky Lab)
- S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [269640 2011-12-09] (AuthenTec, Inc. -> AuthenTec, Inc.)
- R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
- R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
- R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2012-01-19] (Atheros Communications Inc. -> Atheros) [Brak podpisu cyfrowego]
- ===================== Sterowniki (filtrowane) ===================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- S3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2015-09-09] (ASROCK Incorporation -> ASRock Incorporation)
- S3 ATHDFU; C:\Windows\System32\Drivers\AthDfu.sys [51872 2012-01-19] (Atheros Communications Inc. -> Windows (R) Win 7 DDK provider)
- R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2801664 2012-01-10] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
- R3 clwvd; C:\Windows\System32\DRIVERS\clwvd.sys [31088 2010-07-28] (CyberLink -> CyberLink Corporation)
- R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab)
- R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2015-10-05] (DT Soft Ltd -> DT Soft Ltd)
- R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [531584 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
- R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [79768 2020-02-10] (Kaspersky Lab -> AO Kaspersky Lab)
- R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [145504 2020-02-10] (Kaspersky Lab -> AO Kaspersky Lab)
- R1 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [93312 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
- R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [251512 2019-11-01] (Kaspersky Lab -> AO Kaspersky Lab)
- R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [586496 2020-01-27] (Kaspersky Lab -> AO Kaspersky Lab)
- R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1163216 2020-01-24] (Kaspersky Lab -> AO Kaspersky Lab)
- R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [998296 2020-02-10] (Kaspersky Lab -> AO Kaspersky Lab)
- R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
- R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [79184 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
- R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
- R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
- R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (AnchorFree Inc -> The OpenVPN Project)
- S4 klwfp; C:\Windows\System32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab)
- R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [211048 2019-12-16] (Kaspersky Lab -> AO Kaspersky Lab)
- R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [232272 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
- S3 lehidmini; C:\Windows\system32\drivers\leath_hid.sys [36128 2012-01-19] (Atheros Communications Inc. -> Atheros)
- S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [259688 2011-10-27] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
- R3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [21264 2012-02-24] (Synaptics Incorporated -> Synaptics Incorporated)
- S3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL6.SYS [292864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
- S3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
- S3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT6.SYS [740864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
- ==================== NetSvcs (filtrowane) ===================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- ==================== Trzy miesiące (utworzone) ===================
- (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
- 2020-04-03 18:59 - 2020-04-03 19:01 - 000000000 ____D C:\FRST
- 2020-03-26 16:03 - 2020-03-26 16:01 - 000355086 _____ C:\Users\Miras\Desktop\O14_Faktura_indywidualna_000-037-7860-9057_20_03_F003_U2003161005952470069.pdf
- 2020-03-22 16:37 - 2020-03-22 16:34 - 000001032 _____ C:\Users\Miras\Desktop\Nowy dokument tekstowy (3).txt
- 2020-03-10 02:53 - 2020-03-10 02:53 - 000000017 _____ C:\Windows\SysWOW64\shortcut_ex.dat
- 2020-03-05 01:36 - 2020-03-05 01:36 - 000000000 _____ C:\Windows\SysWOW64\shoD750.tmp
- 2020-02-19 18:18 - 2020-02-19 18:45 - 000000000 ____D C:\Users\Miras\Desktop\dziadek
- 2020-02-19 15:20 - 2020-03-14 20:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
- 2020-01-27 08:42 - 2020-01-27 08:42 - 000586496 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klgse.sys
- 2020-01-24 05:36 - 2020-01-24 05:36 - 001163216 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
- ==================== Trzy miesiące (zmodyfikowane) ==================
- (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
- 2020-04-03 19:02 - 2012-03-16 21:44 - 096874836 _____ C:\Windows\system32\perfh015.dat
- 2020-04-03 19:02 - 2012-03-16 21:44 - 034810504 _____ C:\Windows\system32\perfc015.dat
- 2020-04-03 19:02 - 2009-07-14 07:13 - 000006564 _____ C:\Windows\system32\PerfStringBackup.INI
- 2020-04-03 19:00 - 2016-12-05 15:34 - 000000000 ____D C:\ProgramData\Kaspersky Lab
- 2020-04-03 18:59 - 2012-12-08 19:52 - 000000000 ____D C:\Users\Miras\Desktop\Pobierane ze Stron
- 2020-04-03 18:58 - 2016-11-18 23:24 - 000000000 ____D C:\Users\Miras\AppData\LocalLow\Mozilla
- 2020-04-03 18:58 - 2012-12-08 19:26 - 000000000 ____D C:\Users\Miras\AppData\Local\CrashDumps
- 2020-04-03 18:58 - 2012-12-08 15:29 - 000000000 ____D C:\Users\Miras\AppData\LocalLow\AuthenTec
- 2020-04-03 18:42 - 2013-04-18 18:37 - 000000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3940486013-205667877-1000148699-1000UA.job
- 2020-04-03 18:42 - 2013-04-18 18:37 - 000000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3940486013-205667877-1000148699-1000Core.job
- 2020-04-03 18:13 - 2014-07-25 14:02 - 000007590 _____ C:\Users\Miras\AppData\Local\Resmon.ResmonCfg
- 2020-04-03 09:34 - 2009-07-14 06:45 - 000031472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
- 2020-04-03 09:34 - 2009-07-14 06:45 - 000031472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
- 2020-04-02 22:40 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
- 2020-04-01 10:28 - 2013-05-27 23:08 - 000002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
- 2020-04-01 10:28 - 2013-05-27 23:08 - 000002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk
- 2020-04-01 10:28 - 2013-05-27 23:08 - 000002189 _____ C:\ProgramData\Desktop\Google Chrome.lnk
- 2020-03-25 10:30 - 2012-12-08 15:30 - 000000000 ____D C:\Users\Miras\AppData\Roaming\Atheros
- 2020-03-24 21:01 - 2012-12-08 15:30 - 000000000 ____D C:\Users\Miras\Documents\Bluetooth Folder
- 2020-03-20 23:21 - 2013-05-27 22:59 - 000003484 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
- 2020-03-20 23:21 - 2013-05-27 22:59 - 000003356 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
- 2020-03-14 20:49 - 2012-12-08 18:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
- 2020-03-11 16:21 - 2018-03-14 11:14 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
- 2020-03-11 16:21 - 2012-03-16 13:24 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
- 2020-03-11 16:21 - 2012-03-16 13:24 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
- 2020-03-11 16:21 - 2012-03-16 13:24 - 000004412 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
- 2020-03-11 16:21 - 2012-03-16 13:24 - 000000000 ____D C:\Windows\SysWOW64\Macromed
- 2020-03-11 16:21 - 2012-03-16 13:24 - 000000000 ____D C:\Windows\system32\Macromed
- 2020-03-08 02:26 - 2013-05-08 16:48 - 000000000 ____D C:\Users\Miras\AppData\Roaming\SoftGrid Client
- ==================== Pliki w katalogu głównym wybranych folderów ========
- 2014-07-25 14:02 - 2020-04-03 18:13 - 000007590 _____ () C:\Users\Miras\AppData\Local\Resmon.ResmonCfg
- ==================== SigCheckExt =========================
- 2012-01-19 13:23 - 2012-01-19 13:23 - 000347808 _____ (Atheros Commnucations) C:\Windows\system32\AthCredentialProvider.dll
- 2012-06-15 01:22 - 2012-01-15 19:46 - 000442528 _____ (Atheros) C:\Windows\system32\athihvs.dll
- 2012-06-15 01:22 - 2012-01-15 19:46 - 000063648 _____ (Atheros) C:\Windows\system32\athihvui.dll
- 2012-03-16 13:20 - 2011-08-24 09:52 - 000117248 _____ (Hewlett-Packard) C:\Windows\system32\HPMUIDir.exe
- 2012-06-15 01:24 - 2011-12-26 04:02 - 000120832 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
- 2012-06-15 01:24 - 2011-12-26 04:02 - 000020992 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
- 2012-06-15 01:27 - 2012-01-16 21:06 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
- 2012-01-30 12:00 - 2012-01-30 12:00 - 000433848 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezEMail7.dll
- 2012-01-30 12:00 - 2012-01-30 12:00 - 000161976 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezFileImport7.dll
- 2012-01-30 12:00 - 2012-01-30 12:00 - 000268472 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezHints7.dll
- 2012-06-15 01:33 - 2012-06-15 01:33 - 000019640 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezMAPIHelper.exe
- 2012-01-30 12:00 - 2012-01-30 12:00 - 000225976 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezMDUninstall.exe
- 2012-01-30 12:00 - 2012-01-30 12:00 - 000565944 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezMenu7.dll
- 2012-01-30 12:00 - 2012-01-30 12:00 - 000905912 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezPrint7.dll
- 2012-01-30 12:00 - 2012-01-30 12:00 - 000062136 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezRas7.dll
- 2012-01-30 12:00 - 2012-01-30 12:00 - 000636088 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezScore7.dll
- 2012-06-15 01:33 - 2010-04-23 12:00 - 000514232 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
- 2012-06-15 01:33 - 2012-06-15 01:33 - 000145592 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezShellStart.exe
- 2012-01-30 12:00 - 2012-01-30 12:00 - 000114872 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezSubs7.dll
- 2012-06-15 01:33 - 2010-04-23 12:00 - 000588472 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezsvc7x.dll
- 2012-06-15 01:33 - 2012-06-15 01:33 - 000121016 _____ (EasyBits Software Corp.) C:\Windows\SysWOW64\ezUninst.exe
- 2012-06-15 01:33 - 2012-06-15 01:33 - 000052920 _____ (EasyBits Software Corp.) C:\Windows\SysWOW64\ezUPBHook.dll
- 2012-01-30 12:00 - 2012-01-30 12:00 - 000728760 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezUtils7.dll
- 2012-01-30 12:00 - 2012-01-30 12:00 - 000486584 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezWizard7.dll
- 2012-06-15 01:24 - 2011-12-26 04:07 - 000086016 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
- 2012-02-02 22:08 - 2012-02-02 22:08 - 000001536 _____ C:\Windows\SysWOW64\IusEventLog.dll
- 2012-06-15 01:24 - 2011-12-26 04:06 - 000017920 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
- ==================== SigCheck ============================
- (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
- ==================== BCD ================================
- Mened�er rozruchu systemu Windows
- ---------------------------------
- Identyfikator {bootmgr}
- device partition=\Device\HarddiskVolume1
- description Windows Boot Manager
- locale pl-PL
- inherit {globalsettings}
- extendedinput Yes
- default {current}
- resumeobject {158181c0-9a00-11db-8a1d-b11d19fd3102}
- displayorder {current}
- toolsdisplayorder {memdiag}
- timeout 30
- customactions 0x1000085000001
- 0x5400000f
- custom:5400000f {5b0b5efe-b6c1-11e1-9fbc-d51d8fdf70ff}
- Modu� �aduj�cy rozruchu systemu Windows
- ---------------------------------------
- Identyfikator {current}
- device partition=C:
- path \Windows\system32\winload.exe
- description Windows 7
- locale pl-PL
- inherit {bootloadersettings}
- recoverysequence {5b0b5efe-b6c1-11e1-9fbc-d51d8fdf70ff}
- recoveryenabled Yes
- osdevice partition=C:
- systemroot \Windows
- resumeobject {158181c0-9a00-11db-8a1d-b11d19fd3102}
- nx OptIn
- Modu� �aduj�cy rozruchu systemu Windows
- ---------------------------------------
- Identyfikator {572bcd60-ffa7-11d9-aae0-0007e994107d}
- device ramdisk=[boot]\sources\boot.wim,{ramdiskoptions}
- path \windows\system32\boot\winload.exe
- description Microsoft Windows PE 2.0
- osdevice ramdisk=[boot]\sources\boot.wim,{ramdiskoptions}
- systemroot \windows
- detecthal Yes
- winpe Yes
- ems Yes
- Modu� �aduj�cy rozruchu systemu Windows
- ---------------------------------------
- Identyfikator {5b0b5efe-b6c1-11e1-9fbc-d51d8fdf70ff}
- device ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{5b0b5eff-b6c1-11e1-9fbc-d51d8fdf70ff}
- path \windows\system32\winload.exe
- description Windows Recovery Environment
- inherit {bootloadersettings}
- osdevice ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{5b0b5eff-b6c1-11e1-9fbc-d51d8fdf70ff}
- systemroot \windows
- nx OptIn
- winpe Yes
- Wznawianie ze stanu hibernacji
- ------------------------------
- Identyfikator {158181c0-9a00-11db-8a1d-b11d19fd3102}
- device partition=C:
- path \Windows\system32\winresume.exe
- description Windows Resume Application
- locale pl-PL
- inherit {resumeloadersettings}
- filedevice partition=C:
- filepath \hiberfil.sys
- debugoptionenabled No
- Modu� testuj�cy pami�� systemu Windows
- --------------------------------------
- Identyfikator {memdiag}
- device partition=\Device\HarddiskVolume1
- path \boot\memtest.exe
- description Windows Memory Diagnostic
- locale pl-PL
- inherit {globalsettings}
- badmemoryaccess Yes
- Ustawienia us�ug EMS
- --------------------
- Identyfikator {emssettings}
- bootems Yes
- Ustawienia debugera
- -------------------
- Identyfikator {dbgsettings}
- debugtype Serial
- debugport 1
- baudrate 115200
- Uszkodzenia pami�ci RAM
- -----------------------
- Identyfikator {badmemory}
- Ustawienia globalne
- -------------------
- Identyfikator {globalsettings}
- inherit {dbgsettings}
- {emssettings}
- {badmemory}
- Ustawienia modu�u �aduj�cego rozruchu
- -------------------------------------
- Identyfikator {bootloadersettings}
- inherit {globalsettings}
- {hypervisorsettings}
- Ustawienia funkcji hypervisor
- -----------------------------
- Identyfikator {hypervisorsettings}
- hypervisordebugtype Serial
- hypervisordebugport 1
- hypervisorbaudrate 115200
- Ustawienia modu�u �aduj�cego wznawiania
- ---------------------------------------
- Identyfikator {resumeloadersettings}
- inherit {globalsettings}
- Opcje urz�dzenia
- ----------------
- Identyfikator {5b0b5eff-b6c1-11e1-9fbc-d51d8fdf70ff}
- description Ramdisk Options
- ramdisksdidevice partition=D:
- ramdisksdipath \Recovery\WindowsRE\boot.sdi
- Opcje instalacji urz�dzenia Ramdisk
- -----------------------------------
- Identyfikator {ramdiskoptions}
- description Ramdisk Options
- ramdisksdidevice boot
- ramdisksdipath \boot\boot.sdi
- LastRegBack: 2020-03-28 15:31
- ==================== Koniec FRST.txt ========================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement