Proszę o pomoc w usunięciu
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:09-12-2015
Uruchomiony przez Izabela (administrator) LEO (11-12-2015 20:50:41)
Uruchomiony z C:\Users\Izabela\Downloads
Załadowane profile: Izabela (Dostępne profile: Izabela)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesy (filtrowane) =================
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Users\Izabela\AppData\Local\Google\Update\GoogleUpdate.exe
(SEC) C:\Program Files\MagicTune Premium\MagicTune.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files\MagicTune Premium\GammaTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(tsvr.com) C:\Users\Izabela\AppData\Roaming\TSv\TSvr.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TODO: & lt; 公司名 & gt; ) C:\Program Files (x86)\SFK\SSFK.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(TODO: & lt; 公司名 & gt; ) C:\Program Files (x86)\SFK\SSFK.exe
(TFuns LIMITED) C:\ProgramData\1WdM1\WdMan.exe
(Google Inc.) C:\Users\Izabela\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Izabela\AppData\Local\Google\Chrome\Application\chrome.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Google Inc.) C:\Users\Izabela\AppData\Local\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Taiwan Shui Mu Chih Ching Technology Limited) C:\Program Files (x86)\Picexa\Picexa.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Google Inc.) C:\Users\Izabela\AppData\Local\Google\Chrome\Application\chrome.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(Google Inc.) C:\Users\Izabela\AppData\Local\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
(Google Inc.) C:\Users\Izabela\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Rejestr (filtrowane) ===========================
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
HKLM\...\Run: [RunDLLEntry] = & gt; C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry
HKLM\...\Run: [MagicTuneEngine] = & gt; C:\Program Files\MagicTune Premium\MagicTuneLauncher.exe [53760 2010-12-14] ()
HKLM\...\Run: [RtHDVCpl] = & gt; C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] = & gt; C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [VolPanel] = & gt; C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe [241789 2009-05-04] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] = & gt; C:\Windows\UpdReg.EXE
HKLM-x32\...\Run: [APSDaemon] = & gt; C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] = & gt; C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] = & gt; C:\Program Files\AVAST Software\Avast\AvastUI.exe [7004376 2015-11-24] (AVAST Software)
HKLM-x32\...\Run: [KiesTrayAgent] = & gt; C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1106504487-2662737222-822640506-1000\...\Run: [Google Update] = & gt; C:\Users\Izabela\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc.)
HKU\S-1-5-21-1106504487-2662737222-822640506-1000\...\Run: [] = & gt; C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1015104 2015-07-27] (Samsung)
HKU\S-1-5-21-1106504487-2662737222-822640506-1000\...\Run: [NokiaSuite.exe] = & gt; C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia)
HKU\S-1-5-21-1106504487-2662737222-822640506-1000\...\Run: [KiesPDLR.exe] = & gt; C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1015104 2015-07-27] (Samsung)
HKU\S-1-5-21-1106504487-2662737222-822640506-1000\...\Run: [GalaxyClient] = & gt; C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [7744568 2015-10-17] (GOG.com)
HKU\S-1-5-21-1106504487-2662737222-822640506-1000\...\Run: [CCleaner Monitoring] = & gt; C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-1106504487-2662737222-822640506-1000\...\Run: [GarminExpressTrayApp] = & gt; C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403304 2015-10-29] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1106504487-2662737222-822640506-1000\...\MountPoints2: {2bbfed60-24bf-11e2-8af2-bc5ff44bcb4f} - F:\Setup.exe
HKU\S-1-5-21-1106504487-2662737222-822640506-1000\...\MountPoints2: {476b53ef-4979-11e4-b849-bc5ff44bcb4f} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1106504487-2662737222-822640506-1000\...\MountPoints2: {6c69d528-24c0-11e2-b6dc-bc5ff44bcb4f} - F:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-1106504487-2662737222-822640506-1000\...\MountPoints2: {9b653268-48be-11e4-b533-bc5ff44bcb4f} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] = & gt; C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403304 2015-10-29] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [00avast] - & gt; {472083B0-C522-11CF-8763-00608CC02F24} = & gt; C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-11-24] (AVAST Software)
ShellIconOverlayIdentifiers: [GGDriveOverlay1] - & gt; {E68D0A50-3C40-4712-B90D-DCFA93FF2534} = & gt; C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay2] - & gt; {E68D0A51-3C40-4712-B90D-DCFA93FF2534} = & gt; C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay3] - & gt; {E68D0A52-3C40-4712-B90D-DCFA93FF2534} = & gt; C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay4] - & gt; {E68D0A53-3C40-4712-B90D-DCFA93FF2534} = & gt; C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] - & gt; {8BA85C75-763B-4103-94EB-9470F12FE0F7} = & gt; C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] - & gt; {CD55129A-B1A1-438E-A425-CEBC7DC684EE} = & gt; C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] - & gt; {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} = & gt; C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GammaTray.exe.lnk [2012-10-13]
ShortcutTarget: GammaTray.exe.lnk - & gt; C:\Program Files\MagicTune Premium\GammaTray.exe ()
Startup: C:\Users\Izabela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013-03-02]
ShortcutTarget: OpenOffice.org 3.4.1.lnk - & gt; C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (filtrowane) ====================
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8AD6901D-A2C6-486A-A7EF-1375B7757E1F}: [DhcpNameServer] 194.204.152.34 194.204.159.1
Tcpip\..\Interfaces\{F255D548-04A5-4F5A-8953-6D13A2ED8A2A}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp & ts=1449855859 & z=1ea2ff1ad9e329b855bb85bgdz0zct2baw0w2b6w2t & from=ient07021 & uid=WDCXWD5000AAKX-001CA0_WD-WMAYUU64965949659
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp & ts=1449855859 & z=1ea2ff1ad9e329b855bb85bgdz0zct2baw0w2b6w2t & from=ient07021 & uid=WDCXWD5000AAKX-001CA0_WD-WMAYUU64965949659
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds & ts=1449855859 & z=1ea2ff1ad9e329b855bb85bgdz0zct2baw0w2b6w2t & from=ient07021 & uid=WDCXWD5000AAKX-001CA0_WD-WMAYUU64965949659 & q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds & ts=1449855859 & z=1ea2ff1ad9e329b855bb85bgdz0zct2baw0w2b6w2t & from=ient07021 & uid=WDCXWD5000AAKX-001CA0_WD-WMAYUU64965949659 & q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp & ts=1449855859 & z=1ea2ff1ad9e329b855bb85bgdz0zct2baw0w2b6w2t & from=ient07021 & uid=WDCXWD5000AAKX-001CA0_WD-WMAYUU64965949659
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp & ts=1449855859 & z=1ea2ff1ad9e329b855bb85bgdz0zct2baw0w2b6w2t & from=ient07021 & uid=WDCXWD5000AAKX-001CA0_WD-WMAYUU64965949659
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds & ts=1449855859 & z=1ea2ff1ad9e329b855bb85bgdz0zct2baw0w2b6w2t & from=ient07021 & uid=WDCXWD5000AAKX-001CA0_WD-WMAYUU64965949659 & q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds & ts=1449855859 & z=1ea2ff1ad9e329b855bb85bgdz0zct2baw0w2b6w2t & from=ient07021 & uid=WDCXWD5000AAKX-001CA0_WD-WMAYUU64965949659 & q={searchTerms}
HKU\S-1-5-21-1106504487-2662737222-822640506-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp & ts=1449855859 & z=1ea2ff1ad9e329b855bb85bgdz0zct2baw0w2b6w2t & from=ient07021 & uid=WDCXWD5000AAKX-001CA0_WD-WMAYUU64965949659
HKU\S-1-5-21-1106504487-2662737222-822640506-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp & ts=1449855859 & z=1ea2ff1ad9e329b855bb85bgdz0zct2baw0w2b6w2t & from=ient07021 & uid=WDCXWD5000AAKX-001CA0_WD-WMAYUU64965949659
SearchScopes: HKU\S-1-5-21-1106504487-2662737222-822640506-1000 - & gt; DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds & ts=1449855859 & z=1ea2ff1ad9e329b855bb85bgdz0zct2baw0w2b6w2t & from=ient07021 & uid=WDCXWD5000AAKX-001CA0_WD-WMAYUU64965949659 & q={searchTerms}
SearchScopes: HKU\S-1-5-21-1106504487-2662737222-822640506-1000 - & gt; {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds & ts=1449855859 & z=1ea2ff1ad9e329b855bb85bgdz0zct2baw0w2b6w2t & from=ient07021 & uid=WDCXWD5000AAKX-001CA0_WD-WMAYUU64965949659 & q={searchTerms}
BHO: Skype for Business Browser Helper - & gt; {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - & gt; C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-10-13] (Microsoft Corporation)
BHO: avast! Online Security - & gt; {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - & gt; C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-11-24] (AVAST Software)
BHO: Office Document Cache Handler - & gt; {B4F3A835-0E21-4959-BA22-42B3008E02FF} - & gt; C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-10-13] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - & gt; {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - & gt; C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper - & gt; {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - & gt; C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-10-13] (Microsoft Corporation)
BHO-x32: avast! Online Security - & gt; {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - & gt; C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-11-24] (AVAST Software)
BHO-x32: Office Document Cache Handler - & gt; {B4F3A835-0E21-4959-BA22-42B3008E02FF} - & gt; C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - & gt; {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - & gt; C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Brak pliku
Toolbar: HKU\S-1-5-21-1106504487-2662737222-822640506-1000 - & gt; avast! EasyPass Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - Brak pliku
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.yoursites123.com/?type=sc & ts=1449855859 & z=1ea2ff1ad9e329b855bb85bgdz0zct2baw0w2b6w2t & from=ient07021 & uid=WDCXWD5000AAKX-001CA0_WD-WMAYUU64965949659
FireFox:
========
FF Plugin: @garmin.com/GpsControl - & gt; C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @microsoft.com/GENUINE - & gt; disabled [Brak pliku]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - & gt; C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @garmin.com/GpsControl - & gt; C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - & gt; C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - & gt; disabled [Brak pliku]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - & gt; C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - & gt; C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - & gt; C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-14] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - & gt; C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( )
FF Plugin-x32: @nvidia.com/3DVision - & gt; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - & gt; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - & gt; C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - & gt; C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: Adobe Reader - & gt; C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1106504487-2662737222-822640506-1000: @citrixonline.com/appdetectorplugin - & gt; C:\Users\Izabela\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-04-02] (Citrix Online)
FF Plugin HKU\S-1-5-21-1106504487-2662737222-822640506-1000: @tools.google.com/Google Update;version=3 - & gt; C:\Users\Izabela\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-1106504487-2662737222-822640506-1000: @tools.google.com/Google Update;version=9 - & gt; C:\Users\Izabela\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-1106504487-2662737222-822640506-1000: ubisoft.com/uplaypc - & gt; C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-03-17] ()
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-11-24]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-11-24]
Chrome:
=======
CHR StartupUrls: Default - & gt; " hxxps://isearch.avg.com/?cid={6ED4E46E-ABAE-4496-841E-5FD518FB3E67} & mid=62611325353047d081466d16b2af22bc-ad1491be2ce6c122f6b66faa90e70c2decf7d34c & lang=pl & ds=xn011 & pr=sa & d=2012-09-20 16:48:42 & v=12.2.5.34 & sap=hp " , " hxxp://isearch.avg.com/?cid={C9B05095-C459-415B-8AD0-8B048F45EE1A} & mid=62611325353047d081466d16b2af22bc-ad1491be2ce6c122f6b66faa90e70c2decf7d34c & lang=pl & ds=xn011 & pr=sa & d=2013-01-15 18:48:18 & v=13.3.0.17 & sap=hp " , " hxxp://websearch.searchesplace.info/?pid=34 & r=2013/08/09 & hid=3913480663 & lg=EN & cc=PL & unqvl=30 " , " hxxp://www.google.pl/ " , " hxxp://www.istartsurf.com/?type=hp & ts=1434394570 & z=6a2feb0839c8ac81ae38ebag2z8c5z0c0t7z4w8q7m & from=cor & uid=WDCXWD5000AAKX-001CA0_WD-WMAYUU64965949659 " , " hxxp://www.delta-homes.com/?type=hp & ts=1442922786 & z=c2a277584ef9b904d2c20c6gbz4zeo0t5obo6m6b4m & from=ient07031 & uid=WDCXWD5000AAKX-001CA0_WD-WMAYUU64965949659 " , " hxxp://www.yoursites123.com/?type=hp & ts=1449855859 & z=1ea2ff1ad9e329b855bb85bgdz0zct2baw0w2b6w2t & from=ient07021 & uid=WDCXWD5000AAKX-001CA0_WD-WMAYUU64965949659 "
CHR Profile: C:\Users\Izabela\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Sprawdzanie poczty Google) - C:\Users\Izabela\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-02-17]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Izabela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (Gmail) - C:\Users\Izabela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-11-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-11-24]
StartMenuInternet: Google Chrome.4ORFJZVB3LM6FGP6B4K5F7JSPA - C:\Users\Izabela\AppData\Local\Google\Chrome\Application\chrome.exe hxxp://www.yoursites123.com/?type=sc & ts=1449855859 & z=1ea2ff1ad9e329b855bb85bgdz0zct2baw0w2b6w2t & from=ient07021 & uid=WDCXWD5000AAKX-001CA0_WD-WMAYUU64965949659
==================== Usługi (filtrowane) ========================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [174416 2015-11-24] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2797752 2015-10-13] (Microsoft Corporation)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2012-09-20] (Creative Labs) [Brak podpisu cyfrowego]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2012-09-20] (Creative Labs) [Brak podpisu cyfrowego]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [Brak podpisu cyfrowego]
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-17] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7184440 2015-12-07] (GOG.com)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [777744 2015-10-29] (Garmin Ltd. or its subsidiaries)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-08-04] (Nero AG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Brak podpisu cyfrowego]
R2 IhPul; C:\Users\Izabela\AppData\Roaming\TSv\TSvr.exe [580752 2015-12-08] (tsvr.com)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21007192 2014-04-30] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Brak podpisu cyfrowego]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2012-12-02] ()
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [Brak podpisu cyfrowego]
S3 Sound Blaster X-Fi MB Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [79360 2012-09-20] (Creative Labs) [Brak podpisu cyfrowego]
R2 SSFK; C:\Program Files (x86)\SFK\SSFK.exe [170144 2015-11-27] (TODO: & lt; 公司名 & gt; )
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
R2 WdMan; C:\ProgramData\1WdM1\WdMan.exe [333312 2015-12-04] (TFuns LIMITED) [Brak podpisu cyfrowego]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 Update FindRight; " C:\Program Files (x86)\FindRight\updateFindRight.exe " [X]
S2 Util FindRight; " C:\Program Files (x86)\FindRight\bin\utilFindRight.exe " [X]
===================== Sterowniki (filtrowane) ==========================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-11-24] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-11-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-11-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-11-24] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-24] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-24] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [154256 2015-11-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-11-24] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2012-11-23] ()
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 ew_hwusbdev; C:\Windows\System32\DRIVERS\ew_hwusbdev.sys [117248 2012-06-06] (Huawei Technologies Co., Ltd.) [Brak podpisu cyfrowego]
S3 ew_usbenumfilter; C:\Windows\System32\DRIVERS\ew_usbenumfilter.sys [13952 2012-06-06] (Huawei Technologies Co., Ltd.) [Brak podpisu cyfrowego]
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [Brak podpisu cyfrowego]
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2013-09-23] (hxxp://libusb-win32.sourceforge.net)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2012-11-23] ()
R1 MagicTune; C:\Windows\system32\drivers\MTiCtwl.sys [23096 2008-11-04] (Samsung Electronics, Inc. )
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18776 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-12-11] ()
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
==================== NetSvcs (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
==================== Jeden miesiąc - utworzone pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2015-12-11 20:50 - 2015-12-11 20:50 - 00000000 ____D C:\FRST
2015-12-11 20:49 - 2015-12-11 20:49 - 02369024 _____ (Farbar) C:\Users\Izabela\Downloads\FRST64.exe
2015-12-11 20:46 - 2015-12-11 20:50 - 00028484 _____ C:\Users\Izabela\Downloads\FRST.txt
2015-12-11 20:43 - 2015-12-11 20:43 - 00046446 _____ C:\Users\Izabela\Downloads\Addition_11-12-2015_14-11-40.txt
2015-12-11 20:42 - 2015-12-11 20:42 - 00000000 ____D C:\Users\Izabela\AppData\Roaming\eCyber
2015-12-11 20:39 - 2015-12-11 20:39 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-12-11 19:23 - 2015-12-11 19:23 - 00022638 _____ C:\Users\Izabela\Downloads\Addition.txt
2015-12-11 19:16 - 2015-12-11 19:16 - 00030684 _____ C:\Users\Izabela\Downloads\Shortcut.txt
2015-12-11 18:47 - 2015-12-11 18:47 - 00001789 _____ C:\Users\Public\Desktop\Picexa.lnk
2015-12-11 18:47 - 2015-12-11 18:47 - 00000000 ____D C:\Users\Izabela\AppData\Roaming\Picexa Viewer
2015-12-11 18:47 - 2015-12-11 18:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picexa
2015-12-11 18:47 - 2015-12-11 18:47 - 00000000 ____D C:\Program Files (x86)\Picexa
2015-12-11 18:46 - 2015-12-11 20:41 - 00000000 ____D C:\Program Files (x86)\SFK
2015-12-11 18:46 - 2015-12-11 18:47 - 00000000 ____D C:\ProgramData\1WdM1
2015-12-11 18:46 - 2015-12-11 18:46 - 00000074 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-12-08 18:04 - 2015-12-08 18:04 - 00529920 _____ C:\Users\Izabela\Downloads\BRz_lista_losow_2015.xls
2015-12-03 21:39 - 2015-12-03 21:39 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2015-12-03 21:39 - 2015-12-03 21:39 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-02 15:10 - 2015-12-02 21:21 - 00000000 _____ C:\Windows\SysWOW64\pl2.exe
2015-11-24 20:51 - 2015-11-24 20:51 - 00386096 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-11-24 20:51 - 2015-11-24 20:51 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-11-22 21:08 - 2015-11-22 21:30 - 00034098 _____ C:\Users\Izabela\Desktop\Roczny plan treningowy Sławek 2016.xlsx
2015-11-19 16:36 - 2015-11-19 16:36 - 00694448 _____ C:\Users\Izabela\Downloads\activity_961192717.tcx
2015-11-19 16:36 - 2015-11-19 16:36 - 00267276 _____ C:\Users\Izabela\Downloads\activity_961192717.gpx
2015-11-19 16:36 - 2015-11-19 16:36 - 00028772 _____ C:\Users\Izabela\Downloads\961192717.zip
2015-11-12 17:04 - 2015-11-12 17:04 - 00000000 ____D C:\Users\Izabela\Documents\SelfMV
2015-11-12 17:03 - 2015-11-12 17:03 - 00001969 _____ C:\Users\Public\Desktop\Samsung Kies 3.lnk
2015-11-12 17:01 - 2015-11-12 17:02 - 43832704 _____ (Samsung Electronics Co., Ltd.) C:\Users\Izabela\Downloads\Kies3Setup.exe
2015-11-12 16:44 - 2015-05-21 07:02 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2015-11-12 16:44 - 2015-05-21 07:02 - 00110720 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2015-11-12 16:40 - 2013-12-30 10:53 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2015-11-12 16:35 - 2015-11-12 16:37 - 78749536 _____ (Samsung Electronics Co., Ltd.) C:\Users\Izabela\Downloads\KiesSetup.exe
2015-11-12 16:31 - 2015-11-12 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2015-11-12 16:31 - 2015-11-12 16:31 - 00000000 ____D C:\Program Files (x86)\MyFree Codec
2015-11-11 08:59 - 2015-11-11 08:59 - 00679936 _____ C:\Users\Izabela\Downloads\lista_wszech_czasow_2015_pub_v6 (1).xls
==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2015-12-11 20:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-11 20:49 - 2009-07-14 05:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-11 20:49 - 2009-07-14 05:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-11 20:42 - 2015-06-16 21:17 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-12-11 20:41 - 2014-09-30 18:40 - 00000000 ____D C:\Users\Izabela\AppData\Local\HTC MediaHub
2015-12-11 20:39 - 2013-11-11 13:30 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-11 20:39 - 2013-04-18 05:48 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-12-11 20:38 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-11 20:37 - 2012-09-20 15:07 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-11 20:01 - 2013-11-11 13:30 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-11 19:54 - 2012-11-06 07:57 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-11 19:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-11 19:00 - 2012-09-23 16:44 - 00000000 ____D C:\Users\Izabela\AppData\Local\CrashDumps
2015-12-11 18:45 - 2015-09-22 12:53 - 00000000 ____D C:\Users\Izabela\AppData\Roaming\TSv
2015-12-11 18:44 - 2012-09-21 18:06 - 00001337 _____ C:\Users\Public\Desktop\Uruchom Wiedźmin 2.lnk
2015-12-11 18:44 - 2012-09-20 15:17 - 00002691 _____ C:\Users\Izabela\Desktop\Google Chrome.lnk
2015-12-11 18:44 - 2012-09-20 14:46 - 00001749 _____ C:\Users\Izabela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-10 22:36 - 2015-05-21 17:15 - 00000000 ____D C:\Users\Izabela\Documents\The Witcher 3
2015-12-10 17:50 - 2012-09-20 18:30 - 00000000 ____D C:\Users\Izabela\AppData\Roaming\GG
2015-12-09 15:54 - 2012-11-06 07:57 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 15:54 - 2012-11-06 07:57 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-09 15:54 - 2012-11-06 07:57 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-07 12:06 - 2012-09-20 18:30 - 00000000 ____D C:\Users\Izabela\AppData\Local\GG
2015-12-07 09:00 - 2012-09-20 15:16 - 00001014 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1106504487-2662737222-822640506-1000Core.job
2015-12-02 12:57 - 2014-11-15 13:01 - 00000000 ____D C:\Users\Izabela\Documents\Outlook Files
2015-12-02 08:56 - 2013-11-11 13:30 - 00004044 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-02 08:56 - 2013-11-11 13:30 - 00003792 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-02 08:55 - 2012-09-20 15:16 - 00004044 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1106504487-2662737222-822640506-1000UA
2015-12-02 08:55 - 2012-09-20 15:16 - 00003648 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1106504487-2662737222-822640506-1000Core
2015-12-02 08:55 - 2012-09-20 15:16 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1106504487-2662737222-822640506-1000UA.job
2015-11-26 22:01 - 2015-11-07 09:06 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-24 20:51 - 2015-06-16 21:17 - 01059656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-11-24 20:51 - 2015-06-16 21:17 - 00449992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-11-24 20:51 - 2015-06-16 21:17 - 00273784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-11-24 20:51 - 2015-06-16 21:17 - 00154256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-11-24 20:51 - 2015-06-16 21:17 - 00097648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-11-24 20:51 - 2015-06-16 21:17 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-11-24 20:51 - 2015-06-16 21:17 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-11-24 20:51 - 2015-06-16 21:17 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-11-24 16:56 - 2014-08-14 20:23 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-11-24 16:55 - 2014-08-14 20:10 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-11-12 17:42 - 2012-12-08 15:00 - 00000000 ____D C:\Users\Izabela\Documents\samsung
2015-11-12 17:03 - 2012-12-08 15:00 - 00000000 ____D C:\Users\Izabela\AppData\Roaming\Samsung
2015-11-12 17:03 - 2012-12-08 14:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-11-12 17:03 - 2012-12-08 14:56 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-11-12 17:03 - 2012-09-20 14:52 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-12 16:52 - 2012-09-22 09:13 - 00000000 ____D C:\Users\Izabela\Documents\Izabela
2015-11-12 16:41 - 2012-12-08 15:00 - 00000000 ____D C:\Users\Izabela\AppData\Local\Samsung
2015-11-12 16:40 - 2012-12-08 14:56 - 00000000 ____D C:\ProgramData\Samsung
2015-11-12 16:38 - 2012-12-08 14:53 - 00000000 ____D C:\Users\Izabela\AppData\Local\Downloaded Installations
2015-11-12 16:31 - 2013-03-06 08:42 - 00002002 _____ C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
==================== Pliki w katalogu głównym wybranych folderów =======
2014-03-08 18:13 - 2014-03-08 18:13 - 0003584 _____ () C:\Users\Izabela\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-10-02 16:17 - 2012-10-02 16:17 - 0007605 _____ () C:\Users\Izabela\AppData\Local\Resmon.ResmonCfg
2013-03-18 19:14 - 2013-03-18 19:14 - 0002416 _____ () C:\Users\Izabela\AppData\Local\unins000.dat
2013-03-18 19:14 - 2013-03-18 19:14 - 0707504 _____ () C:\Users\Izabela\AppData\Local\unins000.exe
2013-03-18 19:14 - 2013-03-18 19:14 - 0011761 _____ () C:\Users\Izabela\AppData\Local\unins000.msg
2012-09-20 14:57 - 2012-09-20 14:57 - 0000003 _____ () C:\Users\Izabela\AppData\Local\user_data.ini
2015-12-11 18:46 - 2015-12-11 18:46 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Pliki do przeniesienia lub usunięcia:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Niektóre pliki w TEMP:
====================
C:\Users\Izabela\AppData\Local\Temp\Execute2App.exe
C:\Users\Izabela\AppData\Local\Temp\GarminExpressInstaller.exe
C:\Users\Izabela\AppData\Local\Temp\ggdrive-menu.exe
C:\Users\Izabela\AppData\Local\Temp\ggdrive-overlay.exe
C:\Users\Izabela\AppData\Local\Temp\installstats.exe
C:\Users\Izabela\AppData\Local\Temp\Kies2RemoveAll.exe
C:\Users\Izabela\AppData\Local\Temp\msvcp90.dll
C:\Users\Izabela\AppData\Local\Temp\msvcr90.dll
C:\Users\Izabela\AppData\Local\Temp\NEventMessages.dll
C:\Users\Izabela\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Izabela\AppData\Local\Temp\sqlite3.dll
Niektóre zerobajtowe pliki/foldery:
==========================
C:\Windows\SysWOW64\pl2.exe
==================== Bamital & volsnap =================
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
C:\Windows\system32\winlogon.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\wininit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\explorer.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\services.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\User32.dll = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\User32.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys = & gt; Plik podpisany cyfrowo
LastRegBack: 2015-12-10 18:25
==================== Koniec FRST.txt ============================