Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 20.06.2018
- Uruchomiony przez admin (administrator) ADMIN-KOMPUTER (22-06-2018 17:28:03)
- Uruchomiony z C:\Users\admin\Downloads
- Załadowane profile: admin (Dostępne profile: admin)
- Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska)
- Internet Explorer Wersja 11 (Domyślna przeglądarka: FF)
- Tryb startu: Safe Mode (with Networking)
- Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Procesy (filtrowane) =================
- (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
- (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
- (Microsoft Corporation) C:\Windows\System32\dllhost.exe
- (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
- (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
- (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
- (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- (Microsoft Corporation) C:\Windows\System32\dllhost.exe
- (Microsoft Corporation) C:\Windows\System32\dllhost.exe
- ==================== Rejestr (filtrowane) ===========================
- (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
- HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-06-13] (AVAST Software)
- HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2208448 2018-03-13] (COMODO)
- HKLM-x32\...\Run: [GX77 mouse] => "C:\Program Files (x86)\Genesis\GX77 Mouse\Monitor.exe"
- HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-03-28] (Adobe Systems Incorporated)
- HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4072376 2018-01-17] (COMODO)
- HKLM\...\RunOnce: [ucdrv_repair] => "C:\Program Files (x86)\UCBrowser\Security\uclauncher.exe" --repair
- HKLM\ DisallowedCertificates: 03D22C9C66915D58C88912B64C1F984B8344EF09 (Comodo Security Solutions) <==== UWAGA
- HKLM\ DisallowedCertificates: 0F684EC1163281085C6AF20528878103ACEFCAAB (F-Secure Corporation) <==== UWAGA
- HKLM\ DisallowedCertificates: 1667908C9E22EFBD0590E088715CC74BE4C60884 (FRISK Software International/F-Prot) <==== UWAGA
- HKLM\ DisallowedCertificates: 18DEA4EFA93B06AE997D234411F3FD72A677EECE (Bitdefender SRL) <==== UWAGA
- HKLM\ DisallowedCertificates: 2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF (G DATA Software AG) <==== UWAGA
- HKLM\ DisallowedCertificates: 249BDA38A611CD746A132FA2AF995A2D3C941264 (Malwarebytes Corporation) <==== UWAGA
- HKLM\ DisallowedCertificates: 31AC96A6C17C425222C46D55C3CCA6BA12E54DAF (Symantec Corporation) <==== UWAGA
- HKLM\ DisallowedCertificates: 331E2046A1CCA7BFEF766724394BE6112B4CA3F7 (Trend Micro) <==== UWAGA
- HKLM\ DisallowedCertificates: 3353EA609334A9F23A701B9159E30CB6C22D4C59 (Webroot Inc.) <==== UWAGA
- HKLM\ DisallowedCertificates: 373C33726722D3A5D1EDD1F1585D5D25B39BEA1A (SUPERAntiSpyware.com) <==== UWAGA
- HKLM\ DisallowedCertificates: 3850EDD77CC74EC9F4829AE406BBF9C21E0DA87F (Kaspersky Lab) <==== UWAGA
- HKLM\ DisallowedCertificates: 3D496FA682E65FC122351EC29B55AB94F3BB03FC (AVG Technologies CZ) <==== UWAGA
- HKLM\ DisallowedCertificates: 4243A03DB4C3C15149CEA8B38EEA1DA4F26BD159 (PC Tools) <==== UWAGA
- HKLM\ DisallowedCertificates: 42727E052C0C2E1B35AB53E1005FD9EDC9DE8F01 (K7 Computing Pvt Ltd) <==== UWAGA
- HKLM\ DisallowedCertificates: 4420C99742DF11DD0795BC15B7B0ABF090DC84DF (Doctor Web Ltd.) <==== UWAGA
- HKLM\ DisallowedCertificates: 4C0AF5719009B7C9D85C5EAEDFA3B7F090FE5FFF (Emsisoft Ltd) <==== UWAGA
- HKLM\ DisallowedCertificates: 5240AB5B05D11B37900AC7712A3C6AE42F377C8C (Check Point Software Technologies Ltd.) <==== UWAGA
- HKLM\ DisallowedCertificates: 5DD3D41810F28B2A13E9A004E6412061E28FA48D (Emsisoft Ltd) <==== UWAGA
- HKLM\ DisallowedCertificates: 7457A3793086DBB58B3858D6476889E3311E550E (K7 Computing Pvt Ltd) <==== UWAGA
- HKLM\ DisallowedCertificates: 76A9295EF4343E12DFC5FE05DC57227C1AB00D29 (BullGuard Ltd) <==== UWAGA
- HKLM\ DisallowedCertificates: 775B373B33B9D15B58BC02B184704332B97C3CAF (McAfee) <==== UWAGA
- HKLM\ DisallowedCertificates: 872CD334B7E7B3C3D1C6114CD6B221026D505EAB (Comodo Security Solutions) <==== UWAGA
- HKLM\ DisallowedCertificates: 88AD5DFE24126872B33175D1778687B642323ACF (McAfee) <==== UWAGA
- HKLM\ DisallowedCertificates: 9132E8B079D080E01D52631690BE18EBC2347C1E (Adaware Software) <==== UWAGA
- HKLM\ DisallowedCertificates: 982D98951CF3C0CA2A02814D474A976CBFF6BDB1 (Safer Networking Ltd.) <==== UWAGA
- HKLM\ DisallowedCertificates: 9A08641F7C5F2CCA0888388BE3E5DBDDAAA3B361 (Webroot Inc.) <==== UWAGA
- HKLM\ DisallowedCertificates: 9C43F665E690AB4D486D4717B456C5554D4BCEB5 (ThreatTrack Security) <==== UWAGA
- HKLM\ DisallowedCertificates: 9E3F95577B37C74CA2F70C1E1859E798B7FC6B13 (CURIOLAB S.M.B.A.) <==== UWAGA
- HKLM\ DisallowedCertificates: A1F8DCB086E461E2ABB4B46ADCFA0B48C58B6E99 (Avira Operations GmbH & Co. KG) <==== UWAGA
- HKLM\ DisallowedCertificates: A5341949ABE1407DD7BF7DFE75460D9608FBC309 (BullGuard Ltd) <==== UWAGA
- HKLM\ DisallowedCertificates: A59CC32724DD07A6FC33F7806945481A2D13CA2F (ESET) <==== UWAGA
- HKLM\ DisallowedCertificates: AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947 (AVG Technologies CZ) <==== UWAGA
- HKLM\ DisallowedCertificates: AD4C5429E10F4FF6C01840C20ABA344D7401209F (Avast Antivirus/Software) <==== UWAGA
- HKLM\ DisallowedCertificates: AD96BB64BA36379D2E354660780C2067B81DA2E0 (Symantec Corporation) <==== UWAGA
- HKLM\ DisallowedCertificates: B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84 (Malwarebytes Corporation) <==== UWAGA
- HKLM\ DisallowedCertificates: CDC37C22FE9272D8F2610206AD397A45040326B8 (Trend Micro) <==== UWAGA
- HKLM\ DisallowedCertificates: D3F78D747E7C5D6D3AE8ABFDDA7522BFB4CBD598 (Kaspersky Lab) <==== UWAGA
- HKLM\ DisallowedCertificates: DB303C9B61282DE525DC754A535CA2D6A9BD3D87 (ThreatTrack Security) <==== UWAGA
- HKLM\ DisallowedCertificates: DB77E5CFEC34459146748B667C97B185619251BA (Avast Antivirus/Software) <==== UWAGA
- HKLM\ DisallowedCertificates: E22240E837B52E691C71DF248F12D27F96441C00 (Total Defense, Inc.) <==== UWAGA
- HKLM\ DisallowedCertificates: E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF (AVG Technologies CZ) <==== UWAGA
- HKLM\ DisallowedCertificates: ED841A61C0F76025598421BC1B00E24189E68D54 (Bitdefender SRL) <==== UWAGA
- HKLM\ DisallowedCertificates: F83099622B4A9F72CB5081F742164AD1B8D048C9 (ESET) <==== UWAGA
- HKLM\ DisallowedCertificates: FBB42F089AF2D570F2BF6F493D107A3255A9BB1A (Panda Security S.L) <==== UWAGA
- HKLM\ DisallowedCertificates: FFFA650F2CB2ABC0D80527B524DD3F9FC172C138 (Doctor Web Ltd.) <==== UWAGA
- HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA
- HKU\S-1-5-21-2298222908-433205819-1316438490-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18364648 2018-05-24] (Piriform Ltd)
- HKU\S-1-5-21-2298222908-433205819-1316438490-1000\...\Run: [Spotify Web Helper] => C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [781712 2018-06-19] (Spotify Ltd)
- HKU\S-1-5-21-2298222908-433205819-1316438490-1000\...\Policies\Explorer: []
- HKU\S-1-5-21-2298222908-433205819-1316438490-1000\...\MountPoints2: G - G:\AutoRun.exe
- HKU\S-1-5-21-2298222908-433205819-1316438490-1000\...\MountPoints2: {0842096d-57c8-11e6-bd05-94de80615e8b} - G:\AutoRun.exe
- HKU\S-1-5-21-2298222908-433205819-1316438490-1000\...\MountPoints2: {528f65ee-54fc-11e6-bdca-94de80615e8b} - I:\AutoRun.exe
- HKU\S-1-5-21-2298222908-433205819-1316438490-1000\...\MountPoints2: {528f6607-54fc-11e6-bdca-94de80615e8b} - G:\AutoRun.exe
- HKU\S-1-5-21-2298222908-433205819-1316438490-1000\...\MountPoints2: {5c4528af-1fa5-11e3-a719-806e6f6e6963} - D:\Run.exe
- HKU\S-1-5-21-2298222908-433205819-1316438490-1000\...\MountPoints2: {65ef0f89-5596-11e6-a554-94de80615e8b} - G:\AutoRun.exe
- HKU\S-1-5-21-2298222908-433205819-1316438490-1000\...\MountPoints2: {900e1b01-ea7a-11e3-a58a-94de80615e8b} - G:\Startme.exe
- HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
- HKU\S-1-5-18\...\Run: [] => [X]
- GroupPolicy: Ograniczenia - Chrome <==== UWAGA
- CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
- ==================== Internet (filtrowane) ====================
- (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
- Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt
- Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
- Tcpip\..\Interfaces\{70AD6163-87BD-4F28-9BD4-E98419A1A59E}: [DhcpNameServer] 192.168.0.1
- Internet Explorer:
- ==================
- HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130969010825297016&GUID=00000000-0000-0000-0000-000000000000
- HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
- HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
- HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
- HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
- HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
- HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
- HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
- HKU\S-1-5-21-2298222908-433205819-1316438490-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
- HKU\S-1-5-21-2298222908-433205819-1316438490-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
- SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
- SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
- SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
- SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
- SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
- SearchScopes: HKU\S-1-5-21-2298222908-433205819-1316438490-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
- BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-06-13] (AVAST Software)
- BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
- BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
- BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2017-01-21] (Oracle Corporation)
- BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-06-13] (AVAST Software)
- BHO-x32: Pomocnik logowania za pomocą konta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
- BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2017-01-21] (Oracle Corporation)
- BHO-x32: Brak nazwy -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> Brak pliku
- DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
- FireFox:
- ========
- FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\s50thq2w.default-1443558943282 [2018-06-22]
- FF user.js: detected! => C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\s50thq2w.default-1443558943282\user.js [2017-01-10]
- FF Homepage: Mozilla\Firefox\Profiles\s50thq2w.default-1443558943282 -> hxxps://www.facebook.com/
- FF NetworkProxy: Mozilla\Firefox\Profiles\s50thq2w.default-1443558943282 -> http_port", 8080
- FF Extension: (Avast SafePrice) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\s50thq2w.default-1443558943282\Extensions\[email protected] [2018-06-14]
- FF Extension: (Avast Online Security) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\s50thq2w.default-1443558943282\Extensions\[email protected] [2018-06-14]
- FF Extension: (Video AdBlock for Firefox) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\s50thq2w.default-1443558943282\Extensions\{a00bef25-f21a-4539-adbb-b179b29e2b92} [2016-01-06] [Przestarzałe] [Brak podpisu cyfrowego]
- FF Extension: (Adblock Plus) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\s50thq2w.default-1443558943282\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-05-16]
- FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\s50thq2w.default-1443558943282\searchplugins\google-default.xml [2015-09-30]
- FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [2018-06-11] ()
- FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
- FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
- FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
- FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-06-11] ()
- FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
- FF Plugin-x32: @graphisoft.com/GDL Web Plug-in -> C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll [Brak pliku]
- FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2017-01-21] (Oracle Corporation)
- FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2017-01-21] (Oracle Corporation)
- FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
- FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
- FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
- FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-01] (NVIDIA Corporation)
- FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-01] (NVIDIA Corporation)
- FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [Brak pliku]
- FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [Brak pliku]
- FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> D:\VLC\npvlc.dll [Brak pliku]
- FF Plugin-x32: Adobe Reader -> E:\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
- FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
- Chrome:
- =======
- CHR DefaultProfile: Default
- CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2018-06-19]
- CHR Extension: (Prezentacje) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-02]
- CHR Extension: (Dokumenty) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-02]
- CHR Extension: (Dysk Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-02]
- CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-02]
- CHR Extension: (Adblock Plus) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-05-15]
- CHR Extension: (Arkusze) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-02]
- CHR Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-03]
- CHR Extension: (Ace Script) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2017-12-02]
- CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-15]
- CHR Extension: (Brak nazwy) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbdpajcdgknpendpmecafmopknefafha [2018-06-13]
- CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-02]
- CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-15]
- CHR Extension: (Brak nazwy) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\SystemTable\1.2_0 [2018-06-13]
- CHR HKU\S-1-5-21-2298222908-433205819-1316438490-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
- CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
- CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
- CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
- Opera:
- =======
- OPR StartupUrls: "hxxp://www.gazeta.pl/0,0.html?p=188"
- OPR Extension: (Brak nazwy) - C:\Users\admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\pbdpajcdgknpendpmecafmopknefafha [2018-06-13]
- ==================== Usługi (filtrowane) ====================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- S2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.)
- S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
- S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
- S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
- S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7620096 2018-06-13] (AVAST Software)
- S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [Brak podpisu cyfrowego]
- S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [317280 2018-06-13] (AVAST Software)
- S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2017-12-04] ()
- S2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1199544 2018-01-17] (COMODO)
- R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
- S3 mi-raysat_3dsmax2017_64; E:\3ds\3ds Max 2017\raysat_3dsmax2017_64server.exe [86016 2011-09-15] () [Brak podpisu cyfrowego]
- S2 MTrackAudioDevMon; C:\Program Files (x86)\M-Audio\M-Track\AudioDevMon.exe [546816 2013-04-24] (M-Audio) [Brak podpisu cyfrowego]
- S2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [35616 2015-01-09] (Microsoft)
- S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
- S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)
- S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
- S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Brak podpisu cyfrowego]
- S2 winamgr; C:\ProgramData\Microsoft\Windows\Audio\winamgr.exe [10644480 2018-05-28] (Microsoft Corporation) [Brak podpisu cyfrowego] <==== UWAGA
- S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
- S2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
- S2 UCBrowserSvc; "C:\Program Files (x86)\UCBrowser\Application\UCService.exe" [X] <==== UWAGA
- ===================== Sterowniki (filtrowane) ======================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- S1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [196640 2018-06-13] (AVAST Software)
- S1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [227504 2018-06-13] (AVAST Software)
- S0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199440 2018-06-13] (AVAST Software)
- S0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343752 2018-06-13] (AVAST Software)
- S0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57680 2018-06-13] (AVAST Software)
- S1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [234560 2018-06-13] (AVAST Software)
- S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-06-13] (AVAST Software)
- S2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [159120 2018-06-13] (AVAST Software)
- R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111360 2018-06-13] (AVAST Software)
- S0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85968 2018-06-13] (AVAST Software)
- S1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027720 2018-06-13] (AVAST Software)
- S1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460520 2018-06-13] (AVAST Software)
- S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [205976 2018-06-13] (AVAST Software)
- S0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381552 2018-06-13] (AVAST Software)
- R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-10-02] (Disc Soft Ltd)
- S1 isedrv; C:\Windows\system32\drivers\isedrv.sys [50576 2018-01-17] (COMODO)
- S3 MTRACK; C:\Windows\System32\DRIVERS\MAudioMTrack.sys [471040 2013-04-24] (M-Audio)
- S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
- S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
- S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()
- S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()
- S1 ucdrv; C:\Windows\System32\drivers:ucdrv-x64.sys [25444 ] (UC Web Inc.) <==== UWAGA
- S3 cpuz135; \??\C:\Users\admin\AppData\Local\Temp\HBCD\PCWizard\pcwiz_x64.sys [X] <==== UWAGA
- S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
- S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
- S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
- S3 gdrv; \??\C:\Windows\gdrv.sys [X]
- S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
- S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
- S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
- S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
- S3 hwusb_cdcacm; system32\DRIVERS\ew_cdcacm.sys [X]
- S3 hwusb_wwanecm; system32\DRIVERS\ew_wwanecm.sys [X]
- ==================== NetSvcs (filtrowane) ===================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- ==================== Jeden miesiąc - utworzone pliki i foldery ========
- (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
- 2018-06-22 17:28 - 2018-06-22 17:28 - 000025675 _____ C:\Users\admin\Downloads\FRST.txt
- 2018-06-22 17:21 - 2018-06-22 17:28 - 000000000 ____D C:\FRST
- 2018-06-22 17:21 - 2018-06-22 17:21 - 002412544 _____ (Farbar) C:\Users\admin\Downloads\FRST64.exe
- 2018-06-22 17:11 - 2018-06-22 17:11 - 000328192 _____ C:\Windows\SysWOW64\SelfFolder.idc
- 2018-06-20 00:01 - 2018-06-20 00:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
- 2018-06-20 00:00 - 2018-06-22 17:25 - 000000272 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job
- 2018-06-19 23:59 - 2018-06-22 17:27 - 000585150 _____ C:\Windows\ntbtlog.txt
- 2018-06-19 23:54 - 2018-06-20 00:00 - 000000000 ____D C:\AdwCleaner
- 2018-06-19 23:54 - 2018-06-19 23:51 - 007372496 _____ (Malwarebytes) C:\Users\admin\Desktop\AdwCleaner.exe
- 2018-06-19 23:35 - 2018-06-22 17:11 - 000000000 ___HD C:\Users\admin\AppData\Local\Opera-12.8
- 2018-06-19 23:34 - 2018-06-19 23:34 - 005350312 _____ C:\Windows\system32\FNTCACHE.DAT
- 2018-06-19 23:14 - 2018-06-19 23:14 - 045712392 _____ (AVAST Software ) C:\Users\admin\Downloads\avast_cleanup_setup.exe
- 2018-06-19 21:55 - 2018-06-19 23:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
- 2018-06-19 21:55 - 2018-06-19 21:55 - 000000000 ____D C:\Users\admin\AppData\Local\Comodo
- 2018-06-19 21:55 - 2018-06-19 21:55 - 000000000 ____D C:\Program Files\COMODO
- 2018-06-19 21:55 - 2018-01-17 09:59 - 000255248 _____ (COMODO) C:\Windows\system32\iseguard64.dll
- 2018-06-19 21:55 - 2018-01-17 09:59 - 000205256 _____ (COMODO) C:\Windows\SysWOW64\iseguard32.dll
- 2018-06-19 21:55 - 2018-01-17 09:59 - 000050576 _____ (COMODO) C:\Windows\system32\Drivers\isedrv.sys
- 2018-06-19 21:54 - 2018-06-19 23:36 - 000000000 ____D C:\Program Files (x86)\Comodo
- 2018-06-19 21:52 - 2018-06-19 23:40 - 000000000 ____D C:\ProgramData\Comodo
- 2018-06-19 21:52 - 2018-06-19 21:52 - 005546648 _____ (COMODO) C:\Users\admin\Downloads\cispremium_installer_10555_51.exe
- 2018-06-19 21:49 - 2018-06-20 00:02 - 000002020 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
- 2018-06-19 21:49 - 2018-06-19 21:49 - 000000000 ____D C:\Program Files\Malwarebytes
- 2018-06-19 21:49 - 2018-05-24 06:55 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
- 2018-06-19 21:48 - 2018-06-19 21:48 - 078101496 _____ (Malwarebytes ) C:\Users\admin\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.374-1.0.5526.exe
- 2018-06-19 21:19 - 2018-06-19 21:19 - 000000000 ____D C:\Users\admin\AppData\LocalLow\Intel
- 2018-06-19 20:30 - 2018-06-19 20:30 - 000024628 _____ C:\Users\admin\Documents\cc_20180619_203029.reg
- 2018-06-19 20:16 - 2018-06-19 21:20 - 000000000 ___HD C:\Users\admin\AppData\Local\CCleaner v9.18
- 2018-06-15 22:27 - 2018-06-15 22:27 - 000000000 _____ C:\Users\admin\Desktop\Nowy dokument tekstowy.txt
- 2018-06-15 22:20 - 2018-06-15 22:20 - 000000000 __SHD C:\Windows\system32\Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}
- 2018-06-15 21:33 - 2018-06-15 21:33 - 000000000 ____D C:\Users\admin\Desktop\2017 - Przechodzień o wschodzie
- 2018-06-15 21:30 - 2018-06-15 21:32 - 099216191 _____ C:\Users\admin\Downloads\2017 - Przechodzień o wschodzie.rar
- 2018-06-13 23:28 - 2018-06-13 23:28 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
- 2018-06-13 23:20 - 2018-06-13 23:20 - 000000000 ___HD C:\$AV_ASW
- 2018-06-13 23:18 - 2018-06-19 23:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
- 2018-06-13 23:18 - 2018-06-13 23:18 - 000000000 ____D C:\Users\admin\AppData\Roaming\AVAST Software
- 2018-06-13 23:17 - 2018-06-16 16:36 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
- 2018-06-13 23:17 - 2018-06-13 23:17 - 001027720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
- 2018-06-13 23:17 - 2018-06-13 23:17 - 000460520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
- 2018-06-13 23:17 - 2018-06-13 23:17 - 000381552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
- 2018-06-13 23:17 - 2018-06-13 23:17 - 000376536 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
- 2018-06-13 23:17 - 2018-06-13 23:17 - 000343752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
- 2018-06-13 23:17 - 2018-06-13 23:17 - 000234560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
- 2018-06-13 23:17 - 2018-06-13 23:17 - 000227504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
- 2018-06-13 23:17 - 2018-06-13 23:17 - 000205976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
- 2018-06-13 23:17 - 2018-06-13 23:17 - 000199440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
- 2018-06-13 23:17 - 2018-06-13 23:17 - 000196640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
- 2018-06-13 23:17 - 2018-06-13 23:17 - 000159120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
- 2018-06-13 23:17 - 2018-06-13 23:17 - 000111360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
- 2018-06-13 23:17 - 2018-06-13 23:17 - 000085968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
- 2018-06-13 23:17 - 2018-06-13 23:17 - 000057680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
- 2018-06-13 23:17 - 2018-06-13 23:17 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
- 2018-06-13 23:17 - 2018-06-13 23:17 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
- 2018-06-13 23:16 - 2018-06-13 23:16 - 007325024 _____ (AVAST Software) C:\Users\admin\Downloads\avast_free_antivirus_setup_online_a2f.exe
- 2018-06-13 23:16 - 2018-06-13 23:16 - 000000000 ____D C:\Program Files\AVAST Software
- 2018-06-13 22:54 - 2018-06-13 22:55 - 077668920 _____ (Malwarebytes ) C:\Users\admin\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.374-1.0.5464.exe
- 2018-06-13 22:48 - 2018-06-13 22:49 - 000000085 _____ C:\Windows\wininit.ini
- 2018-06-13 20:04 - 2018-06-13 22:49 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
- 2018-06-13 20:04 - 2018-06-13 22:49 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
- 2018-06-13 20:04 - 2018-06-13 20:04 - 000000000 ____D C:\Windows\System32\Tasks\Safer-Networking
- 2018-06-13 20:02 - 2018-06-13 20:02 - 069910960 _____ (Safer-Networking Ltd. ) C:\Users\admin\Downloads\spybotsd-2.7.64.0.exe
- 2018-06-13 19:59 - 2018-06-13 19:59 - 000060380 _____ C:\Users\admin\Documents\cc_20180613_195953.reg
- 2018-06-13 19:57 - 2018-06-13 19:57 - 000000000 ____D C:\Users\admin\AppData\Local\Windows
- 2018-06-13 19:52 - 2018-06-13 19:52 - 000000266 __RSH C:\Users\admin\ntuser.pol
- 2018-06-13 19:52 - 2018-06-13 19:52 - 000000000 ____D C:\Users\admin\AppData\Roaming\gpipbx1tgth
- 2018-06-13 19:52 - 2018-06-13 19:52 - 000000000 ____D C:\Users\admin\AppData\LocalLow\MAL
- 2018-06-13 19:44 - 2018-06-22 17:26 - 000000034 _____ C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}
- 2018-06-13 19:44 - 2018-06-16 16:36 - 000003678 _____ C:\Windows\System32\Tasks\{27255DE4-5108-389B-BC43-756072BCCABC}
- 2018-06-13 19:44 - 2018-06-16 16:36 - 000003440 _____ C:\Windows\System32\Tasks\{153CED8F-1F64-F1CF-14FC-2F76962E44BA}
- 2018-06-13 19:44 - 2018-06-13 23:21 - 000000000 ____D C:\Program Files (x86)\C++
- 2018-06-13 19:44 - 2018-06-13 22:49 - 000000266 __RSH C:\ProgramData\ntuser.pol
- 2018-06-13 19:44 - 2018-06-13 19:44 - 000000003 _____ C:\Users\admin\AppData\Local\wbem.ini
- 2018-06-13 19:44 - 2018-06-13 19:44 - 000000000 ____D C:\Users\Public\Documents\XMUpdate
- 2018-06-13 19:44 - 2018-06-13 19:44 - 000000000 ____D C:\Users\admin\AppData\Roaming\oyhsvfkdgqc
- 2018-06-13 19:43 - 2018-06-13 23:27 - 000000000 ____D C:\Users\admin\AppData\Local\361618bd08934136af379eb7aa29e1a8
- 2018-06-13 19:43 - 2018-06-13 23:27 - 000000000 ____D C:\ProgramData\c6ef9faa279b4480ac035d885e8a2dcc
- 2018-06-13 19:43 - 2018-06-13 23:27 - 000000000 ____D C:\ProgramData\40ccc1d60c1d4712ab2be982f0b65780
- 2018-06-12 18:04 - 2018-06-12 18:04 - 007348480 _____ C:\Users\admin\Documents\bartek2016.dae
- 2018-06-12 18:04 - 2018-06-12 18:04 - 000000000 ____D C:\Users\admin\Documents\bartek2016
- 2018-06-12 17:53 - 2018-06-12 18:11 - 065435489 _____ C:\Users\admin\Desktop\bartek2016.skb
- 2018-06-12 17:48 - 2018-06-12 17:48 - 002948240 _____ (BitTorrent Inc.) C:\Users\admin\Downloads\uTorrent.exe
- 2018-06-12 17:43 - 2018-06-12 18:13 - 065424887 _____ C:\Users\admin\Desktop\bartek2016.skp
- 2018-06-12 17:33 - 2018-06-12 17:33 - 059116094 _____ C:\Users\admin\Desktop\bartek11.skb
- 2018-06-12 17:17 - 2018-06-12 17:43 - 064657863 _____ C:\Users\admin\Desktop\bartek11.skp
- 2018-06-12 16:39 - 2018-06-12 16:39 - 000852141 _____ C:\Users\admin\Downloads\Oob-layouts-6.2.0.rbz
- 2018-06-12 16:14 - 2018-06-12 16:14 - 006427721 _____ C:\Users\admin\Downloads\LibFredo6_v8.4g.rbz
- 2018-06-12 16:05 - 2018-06-12 16:05 - 000300842 _____ C:\Users\admin\Downloads\RoundCorner_v3.2g.rbz
- 2018-06-12 15:59 - 2018-06-12 15:59 - 000001987 _____ C:\Users\Public\Desktop\SketchUp 2017.lnk
- 2018-06-12 15:59 - 2018-06-12 15:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2017
- 2018-06-12 15:53 - 2018-06-12 15:56 - 161521269 _____ (Trimble Navigation Limited) C:\Users\admin\Downloads\SketchUpMake-pl-x64.exe
- 2018-06-07 18:11 - 2018-06-07 19:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
- 2018-06-05 19:07 - 2018-06-05 19:07 - 000000000 ____D C:\Program Files\Common Files\Avast Software
- 2018-06-03 16:16 - 2018-06-03 16:16 - 000000000 ____D C:\Users\admin\Documents\BIMx
- 2018-06-03 16:16 - 2018-06-03 16:16 - 000000000 ____D C:\Users\admin\.oracle_jre_usage
- 2018-06-03 16:15 - 2018-06-11 21:19 - 000000000 ____D C:\Program Files (x86)\CodeMeter
- ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
- (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
- 2018-06-22 17:27 - 2016-11-18 23:27 - 000000000 ____D C:\Users\admin\AppData\LocalLow\Mozilla
- 2018-06-22 17:26 - 2013-09-17 11:02 - 000000000 ____D C:\ProgramData\NVIDIA
- 2018-06-22 17:26 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
- 2018-06-22 17:19 - 2009-07-14 06:45 - 000029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
- 2018-06-22 17:19 - 2009-07-14 06:45 - 000029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
- 2018-06-20 00:49 - 2016-10-05 19:29 - 000000456 _____ C:\Windows\Tasks\UCBrowserUpdater.job
- 2018-06-20 00:02 - 2016-01-08 00:12 - 000000000 ____D C:\Users\admin\AppData\Local\CrashDumps
- 2018-06-20 00:01 - 2015-03-09 22:58 - 000000000 ____D C:\ProgramData\Malwarebytes
- 2018-06-19 23:59 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
- 2018-06-19 23:37 - 2015-05-19 23:36 - 000000000 ____D C:\ProgramData\AVAST Software
- 2018-06-19 23:17 - 2017-01-25 22:03 - 000000000 ____D C:\Users\admin\AppData\Roaming\Spotify
- 2018-06-19 22:08 - 2017-08-25 19:14 - 000000000 ____D C:\Program Files\VueScan
- 2018-06-19 21:19 - 2013-09-17 10:46 - 000000000 ____D C:\Program Files\Intel
- 2018-06-19 21:19 - 2013-09-17 10:46 - 000000000 ____D C:\Program Files (x86)\Intel
- 2018-06-19 20:31 - 2017-01-25 22:03 - 000000000 ____D C:\Users\admin\AppData\Local\Spotify
- 2018-06-19 20:31 - 2013-09-17 11:16 - 000000000 ____D C:\Users\admin\AppData\Local\Adobe
- 2018-06-16 16:36 - 2018-03-14 19:25 - 000004574 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
- 2018-06-16 16:36 - 2018-01-31 10:41 - 000003470 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-admin-Komputer-admin
- 2018-06-16 16:36 - 2016-10-05 19:29 - 000003462 _____ C:\Windows\System32\Tasks\UCBrowserUpdater
- 2018-06-16 16:36 - 2016-04-19 11:22 - 000003160 _____ C:\Windows\System32\Tasks\SidebarExecute
- 2018-06-16 16:36 - 2015-12-07 16:57 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
- 2018-06-16 16:36 - 2015-10-28 17:37 - 000003514 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-admin-Komputer-admin
- 2018-06-16 16:36 - 2015-01-04 19:51 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
- 2018-06-16 16:36 - 2013-11-09 18:59 - 000002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
- 2018-06-16 16:36 - 2013-09-17 15:22 - 000004412 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
- 2018-06-16 16:36 - 2013-09-17 12:27 - 000003482 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
- 2018-06-16 16:36 - 2013-09-17 12:27 - 000003354 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
- 2018-06-16 16:36 - 2013-09-17 12:25 - 000003548 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
- 2018-06-15 23:09 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\Resources
- 2018-06-14 23:29 - 2013-09-17 10:39 - 000000000 ____D C:\Users\admin\AppData\Local\VirtualStore
- 2018-06-14 18:22 - 2016-06-01 07:12 - 000000000 ____D C:\Program Files\Common Files\McAfee
- 2018-06-14 00:03 - 2017-01-10 22:13 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
- 2018-06-13 23:54 - 2013-10-02 22:17 - 000000000 ____D C:\ProgramData\McAfee
- 2018-06-13 23:49 - 2013-09-17 10:46 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
- 2018-06-13 23:46 - 2017-01-25 22:03 - 000001998 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
- 2018-06-13 23:37 - 2017-08-25 18:08 - 000000000 ____D C:\Users\admin\AppData\Roaming\HpUpdate
- 2018-06-13 23:37 - 2016-01-06 00:55 - 000000000 ____D C:\Users\admin\AppData\Roaming\MPC-HC
- 2018-06-13 23:37 - 2015-05-26 11:28 - 000000000 ____D C:\Users\admin\AppData\Roaming\Skype
- 2018-06-13 23:37 - 2013-09-17 17:27 - 000000000 ____D C:\Windows\Panther
- 2018-06-13 23:35 - 2016-02-01 19:40 - 000000000 ____D C:\Users\admin\AppData\Local\Avid
- 2018-06-13 23:35 - 2015-11-30 00:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
- 2018-06-13 23:35 - 2015-05-04 23:17 - 000000000 ____D C:\Users\admin\AppData\Local\Pinnacle
- 2018-06-13 23:35 - 2015-03-25 14:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
- 2018-06-13 23:35 - 2015-01-04 19:57 - 000000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
- 2018-06-13 23:35 - 2013-10-08 15:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GRAPHISOFT
- 2018-06-13 23:35 - 2013-09-17 11:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLMediaServer
- 2018-06-13 23:35 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
- 2018-06-13 23:28 - 2016-10-13 19:54 - 000000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
- 2018-06-13 23:28 - 2016-10-13 19:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
- 2018-06-13 23:28 - 2013-11-09 18:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
- 2018-06-13 23:17 - 2013-11-09 18:59 - 000000000 ____D C:\Program Files\CCleaner
- 2018-06-13 22:59 - 2014-02-06 21:20 - 000000000 ____D C:\Users\admin\AppData\Local\ElevatedDiagnostics
- 2018-06-13 22:59 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
- 2018-06-13 22:51 - 2014-10-13 14:43 - 000000000 ____D C:\Users\admin\AppData\Roaming\Autodesk
- 2018-06-13 22:51 - 2014-10-13 14:43 - 000000000 ____D C:\ProgramData\Autodesk
- 2018-06-13 20:51 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\LiveKernelReports
- 2018-06-13 19:52 - 2013-09-17 10:39 - 000000000 ____D C:\Users\admin
- 2018-06-13 19:44 - 2014-04-03 21:43 - 000000000 ____D C:\Program Files (x86)\Google
- 2018-06-13 19:44 - 2013-09-17 10:46 - 000000000 ____D C:\ProgramData\Intel
- 2018-06-13 19:44 - 2009-07-14 05:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
- 2018-06-12 23:24 - 2018-03-18 17:41 - 000000000 ____D C:\Users\admin\AppData\Roaming\Abvent_Artlantis6
- 2018-06-12 21:15 - 2013-09-17 12:28 - 000002190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
- 2018-06-12 17:44 - 2013-10-08 15:23 - 000000000 ____D C:\Users\admin\AppData\Roaming\Abvent_Artlantis5
- 2018-06-12 15:58 - 2017-01-08 14:19 - 000000000 ____D C:\Users\admin\AppData\Roaming\Trimble Navigation Limited
- 2018-06-12 15:58 - 2017-01-08 14:19 - 000000000 ____D C:\Program Files\SketchUp
- 2018-06-11 21:25 - 2017-05-04 19:15 - 000000000 ____D C:\Users\admin\AppData\Roaming\JAM Software
- 2018-06-11 20:25 - 2013-09-17 15:22 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
- 2018-06-11 20:25 - 2013-09-17 15:22 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
- 2018-06-11 20:25 - 2013-09-17 15:22 - 000000000 ____D C:\Windows\SysWOW64\Macromed
- 2018-06-11 20:25 - 2013-09-17 15:22 - 000000000 ____D C:\Windows\system32\Macromed
- 2018-06-07 18:05 - 2009-07-14 07:08 - 000032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT
- 2018-06-03 16:25 - 2015-03-10 15:54 - 000000000 ____D C:\Users\admin\AppData\Roaming\MAXON
- 2018-06-03 16:25 - 2013-10-14 13:24 - 000000000 ____D C:\Users\admin\Graphisoft
- 2018-06-03 16:19 - 2013-10-14 13:24 - 000000000 ____D C:\Users\admin\AppData\Roaming\Graphisoft
- 2018-06-03 16:16 - 2013-10-08 15:20 - 000000000 ____D C:\Program Files\GRAPHISOFT
- 2018-06-03 16:16 - 2013-10-08 15:19 - 000025988 _____ C:\Windows\vpd.properties
- 2018-06-03 16:16 - 2013-10-08 15:14 - 000000000 ____D C:\Users\admin\AppData\Roaming\Install.GS
- 2018-06-01 14:32 - 2017-09-03 18:04 - 000021081 _____ C:\Users\admin\Desktop\Marzanny oplaty 01.2018.xlsx
- ==================== Pliki w katalogu głównym wybranych folderów =======
- 2015-10-06 12:32 - 2015-05-25 13:54 - 000003584 _____ () C:\Users\admin\Kn0ck0ut.64.dll
- 1601-01-03 21:33 - 1601-01-03 21:33 - 000073216 ____N (Microsoft Corporation) C:\Program Files (x86)\EEGaUi.exe
- 1601-01-03 21:33 - 1601-01-03 21:33 - 000073216 ____N (Microsoft Corporation) C:\Program Files (x86)\Common Files\oYcrNERiYiuM.exe
- 2017-01-01 16:42 - 2017-01-01 16:45 - 000000038 _____ () C:\Users\admin\AppData\Roaming\.pedal.version
- 2017-01-01 16:34 - 2017-01-01 16:34 - 000000033 _____ () C:\Users\admin\AppData\Roaming\.pgbiaspedal
- 2015-05-04 23:17 - 2016-02-01 19:40 - 000001926 _____ () C:\Users\admin\AppData\Roaming\ADMIN-KOMPUTER.MTBF.txt
- 2016-10-05 19:26 - 2016-10-05 19:25 - 000693760 _____ () C:\Users\admin\AppData\Roaming\Alpha-Ron.exe
- 2016-10-05 19:26 - 2016-10-05 19:26 - 001926611 _____ () C:\Users\admin\AppData\Roaming\Alpha-Ron.tst
- 2016-10-05 19:25 - 2016-10-05 19:25 - 000937776 _____ (AutoIt Team) C:\Users\admin\AppData\Roaming\hKXF.exe
- 2016-10-05 19:25 - 2016-10-05 19:25 - 000961349 _____ () C:\Users\admin\AppData\Roaming\hKXFC.au3
- 2015-01-12 19:23 - 2016-05-03 21:05 - 000000132 _____ () C:\Users\admin\AppData\Roaming\Preferencje formatu GIF CS6 firmy Adobe
- 2015-03-29 20:55 - 2016-06-15 11:58 - 000000132 _____ () C:\Users\admin\AppData\Roaming\Preferencje formatu PNG CS6 firmy Adobe
- 2016-10-05 19:26 - 2016-10-05 19:26 - 000190394 _____ () C:\Users\admin\AppData\Roaming\Tiptam.bin
- 2016-10-05 19:26 - 2016-10-05 19:26 - 000032038 _____ () C:\Users\admin\AppData\Roaming\uninstall_temp.ico
- 2013-12-19 10:42 - 2015-03-09 01:20 - 000000157 _____ () C:\Users\admin\AppData\Roaming\WB.CFG
- 2016-10-05 19:26 - 2016-10-05 19:26 - 001897576 _____ () C:\Users\admin\AppData\Roaming\Zonex.bin
- 2015-06-11 00:25 - 2015-06-11 00:25 - 000000001 _____ () C:\Users\admin\AppData\Local\llftool.4.40.agreement
- 2015-11-26 16:43 - 2015-11-22 23:42 - 001020214 _____ (Program ) C:\Users\admin\AppData\Local\mp4tomov_setup.exe
- 2017-01-19 22:29 - 2017-01-19 22:29 - 000007605 _____ () C:\Users\admin\AppData\Local\Resmon.ResmonCfg
- 2018-06-13 19:44 - 2018-06-13 19:44 - 000000003 _____ () C:\Users\admin\AppData\Local\wbem.ini
- ==================== Bamital & volsnap ======================
- (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
- C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo
- C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo
- C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo
- C:\Windows\explorer.exe => Plik podpisany cyfrowo
- C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo
- C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo
- C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo
- C:\Windows\system32\services.exe => Plik podpisany cyfrowo
- C:\Windows\system32\User32.dll => Plik podpisany cyfrowo
- C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo
- C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo
- C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo
- C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo
- C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo
- C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
- C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo
- LastRegBack: 2018-06-18 18:54
- ==================== Koniec FRST.txt ============================
Add Comment
Please, Sign In to add comment
