Nie mogę usunąć Price Fountain, nie ma go wśród zainstalowanych programów, w dodatkach przeglądarki także nie ma, a i tak nie mogę go usunąć.
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:13-12-2015
Uruchomiony przez Dom (administrator) DOM-KOMPUTER (14-12-2015 10:59:19)
Uruchomiony z C:\Users\Dom\Downloads
Załadowane profile: Dom (Dostępne profile: Dom)
Platform: Windows 7 Professional (X64) Język: Polski (Polska)
Internet Explorer Wersja 9 (Domyślna przeglądarka: FF)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesy (filtrowane) =================
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(TFuns LIMITED) C:\ProgramData\OWdMO\WdMan.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(www.BitComet.com) C:\Program Files (x86)\BitComet\BitComet.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_235.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_235.exe
==================== Rejestr (filtrowane) ===========================
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
HKLM\...\Run: [RtHDVCpl] = & gt; C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [HP Software Update] = & gt; C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] = & gt; C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] = & gt; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [hpqSRMon] = & gt; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [BCSSync] = & gt; C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1564761924-1972294937-700308316-1000\...\Run: [AVG-Secure-Search-Update_1213b] = & gt; C:\Users\Dom\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=4efde61cb5a547d2be05d15036ed6ed2-ad1491be2ce6c122f6b66faa90e70c2decf7d34c /CMPID=1213b
HKU\S-1-5-21-1564761924-1972294937-700308316-1000\...\Run: [BitComet] = & gt; C:\Program Files (x86)\BitComet\BitComet.exe [14276784 2013-12-31] (www.BitComet.com)
HKU\S-1-5-21-1564761924-1972294937-700308316-1000\...\MountPoints2: {0f34e89c-8f63-11e5-b25e-902b34c795ab} - F:\AutoRun.exe
HKU\S-1-5-21-1564761924-1972294937-700308316-1000\...\MountPoints2: {0f34e8a7-8f63-11e5-b25e-902b34c795ab} - F:\AutoRun.exe
HKU\S-1-5-21-1564761924-1972294937-700308316-1000\...\MountPoints2: {0f34e8ca-8f63-11e5-b25e-902b34c795ab} - F:\AutoRun.exe
HKU\S-1-5-21-1564761924-1972294937-700308316-1000\...\MountPoints2: {0f34e8f4-8f63-11e5-b25e-902b34c795ab} - F:\AutoRun.exe
HKU\S-1-5-21-1564761924-1972294937-700308316-1000\...\MountPoints2: {4297e7dc-6992-11e3-af03-902b34c795ab} - F:\Startme.exe
HKU\S-1-5-21-1564761924-1972294937-700308316-1000\...\MountPoints2: {4297e7e4-6992-11e3-af03-902b34c795ab} - F:\Startme.exe
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE - & gt;
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-01-04]
ShortcutTarget: HP Digital Imaging Monitor.lnk - & gt; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
==================== Internet (filtrowane) ====================
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2B597875-E525-415E-809A-83854678D171}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{A3E7C58A-BB98-4322-B114-E616F8CC7784}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM - & gt; DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds & ts=1450082927 & z=855772a062d7cba5a65d3d5g8zfwae3e4b7o2t0c1b & from=wpm07173 & uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S273127131271 & q={searchTerms}
SearchScopes: HKLM - & gt; {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds & ts=1450082927 & z=855772a062d7cba5a65d3d5g8zfwae3e4b7o2t0c1b & from=wpm07173 & uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S273127131271 & q={searchTerms}
BHO: Lync Browser Helper - & gt; {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - & gt; C:\Program Files\Microsoft Office\Office15\OCHelper.dll = & gt; Brak pliku
BHO: Windows Live ID Sign-in Helper - & gt; {9030D464-4C02-4ABF-8ECC-5164760863C6} - & gt; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler - & gt; {B4F3A835-0E21-4959-BA22-42B3008E02FF} - & gt; C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL = & gt; Brak pliku
BHO-x32: HP Print Enhancer - & gt; {0347C33E-8762-4905-BF09-768834316C61} - & gt; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper - & gt; {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - & gt; C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03] (Adobe Systems Incorporated)
BHO-x32: BitComet Helper - & gt; {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - & gt; C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll [2013-11-29] (BitComet)
BHO-x32: Windows Live ID Sign-in Helper - & gt; {9030D464-4C02-4ABF-8ECC-5164760863C6} - & gt; C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - & gt; {B4F3A835-0E21-4959-BA22-42B3008E02FF} - & gt; C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - & gt; {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - & gt; C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2013-10-21] (Microsoft Corporation)
BHO-x32: HP Smart BHO Class - & gt; {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - & gt; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKU\S-1-5-21-1564761924-1972294937-700308316-1000 - & gt; Brak nazwy - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Brak pliku
Toolbar: HKU\S-1-5-21-1564761924-1972294937-700308316-1000 - & gt; Brak nazwy - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Brak pliku
FireFox:
========
FF ProfilePath: C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\bniecjc1.default-1446464668714
FF Homepage: hxxp://www.wp.pl/
FF Plugin: @adobe.com/FlashPlayer - & gt; C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-12] ()
FF Plugin: @microsoft.com/GENUINE - & gt; disabled [Brak pliku]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - & gt; c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - & gt; C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [Brak pliku]
FF Plugin: @microsoft.com/SharePoint,version=14.0 - & gt; C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [Brak pliku]
FF Plugin-x32: @adobe.com/FlashPlayer - & gt; C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-12] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - & gt; C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - & gt; disabled [Brak pliku]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - & gt; C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-10-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - & gt; c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - & gt; C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - & gt; C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - & gt; C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-01-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-10-17] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2012-01-03] (Adobe Systems Inc.)
FF Extension: Widget context - C:\Users\Dom\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2014-01-22] [Brak podpisu cyfrowego]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-01-04] [Brak podpisu cyfrowego]
FF HKLM-x32\...\Firefox\Extensions: [sidebarff@gmail.com] - C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\bniecjc1.default-1446464668714\extensions\sidebarff@gmail.com = & gt; nie znaleziono
FF HKU\S-1-5-21-1564761924-1972294937-700308316-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR Profile: C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-07]
CHR Extension: (Google Drive) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-07]
CHR Extension: (YouTube) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-07]
CHR Extension: (Google Search) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-07]
CHR Extension: (Google Docs Offline) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-07]
CHR Extension: (Shortcuts for All Google™) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdiejbegdjikmehflknhkbieocmnogcf [2015-11-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-07]
CHR Extension: (Gmail) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-07]
CHR HKLM\...\Chrome\Extension: [jdiejbegdjikmehflknhkbieocmnogcf] - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdiejbegdjikmehflknhkbieocmnogcf.crx [2015-11-07]
CHR HKLM-x32\...\Chrome\Extension: [jdiejbegdjikmehflknhkbieocmnogcf] - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdiejbegdjikmehflknhkbieocmnogcf.crx [2015-11-07]
==================== Usługi (filtrowane) ========================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 BITCOMET_HELPER_SERVICE; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [Brak podpisu cyfrowego]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Brak podpisu cyfrowego]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [Brak podpisu cyfrowego]
R3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [Brak podpisu cyfrowego]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Brak podpisu cyfrowego]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Brak podpisu cyfrowego]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-08] (Nero AG)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Brak podpisu cyfrowego]
R2 WdMan; C:\ProgramData\OWdMO\WdMan.exe [333312 2015-12-04] (TFuns LIMITED) [Brak podpisu cyfrowego]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S2 Update Jump Flip; " C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe " [X]
===================== Sterowniki (filtrowane) ==========================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22128 2012-03-08] ()
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-11-25] ()
S3 SG762_64; C:\Windows\System32\DRIVERS\WlanBZ64.sys [493440 2006-01-19] (ZyDAS Technology Corporation)
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
==================== NetSvcs (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
==================== Jeden miesiąc - utworzone pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2015-12-14 10:58 - 2015-12-14 10:58 - 02369536 _____ (Farbar) C:\Users\Dom\Downloads\FRST64.exe
2015-12-14 10:40 - 2015-12-14 10:40 - 01740288 _____ C:\Users\Dom\Downloads\adwcleaner_5.025.exe
2015-12-14 10:22 - 2015-12-14 10:22 - 00003112 _____ C:\Windows\System32\Tasks\{A5F842CB-0C25-407E-BF08-F72C301A520C}
2015-12-14 10:12 - 2015-12-14 10:13 - 00006636 _____ C:\Users\Dom\Downloads\avgremover_msilog.txt
2015-12-14 10:12 - 2015-12-14 10:12 - 03681088 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Dom\Downloads\avg_remover_stf_x64_2015_5501.exe
2015-12-14 10:06 - 2015-12-14 10:06 - 00000000 ____D C:\Program Files (x86)\Soft-4-Free.com
2015-12-14 10:04 - 2015-12-14 10:04 - 00000000 ____D C:\Users\Dom\AppData\Roaming\Soft-4-Free.com
2015-12-14 10:03 - 2015-12-14 10:03 - 05001640 _____ (Soft-4-Free.com) C:\Users\Dom\Downloads\Avg-Free-Antivirus_setup.exe
2015-12-14 09:49 - 2015-12-14 10:15 - 00000001 _____ C:\Windows\SysWOW64\pl.html
2015-12-14 09:49 - 2015-12-14 09:50 - 00000000 ____D C:\ProgramData\OWdMO
2015-12-14 09:48 - 2015-12-14 09:48 - 00000000 ____D C:\ProgramData\6WdM6
2015-12-12 17:24 - 2015-12-12 17:24 - 02895464 _____ (AVG Technologies) C:\Users\Dom\Downloads\AVG_Protection_Free_1144.exe
2015-12-12 17:19 - 2015-12-12 17:19 - 02924856 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Dom\Downloads\AVG_Protection_Free_1005.exe
2015-12-12 17:13 - 2015-12-14 10:42 - 00001021 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-12 17:13 - 2015-12-14 10:42 - 00001009 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-12-11 13:34 - 2015-12-11 13:34 - 00029991 _____ C:\Users\Dom\Desktop\FRST.txt
2015-12-11 13:15 - 2015-12-11 13:15 - 00013461 _____ C:\Users\Dom\Downloads\Addition.txt
2015-12-11 13:14 - 2015-12-14 10:59 - 00017335 _____ C:\Users\Dom\Downloads\FRST.txt
2015-12-11 13:14 - 2015-12-14 10:59 - 00000000 ____D C:\FRST
2015-12-11 13:13 - 2015-12-11 13:13 - 01720320 _____ (Farbar) C:\Users\Dom\Downloads\FRST.exe
2015-12-11 13:12 - 2015-12-11 13:15 - 00000000 ____D C:\AdwCleaner
2015-12-09 11:13 - 2015-12-11 13:02 - 00000000 ____D C:\Windows\system32\appmgmt
2015-12-06 13:32 - 2015-12-06 13:35 - 00000000 ____D C:\Users\Dom\Desktop\Zdjęcia aneta telefon
2015-12-06 12:22 - 2015-12-06 12:22 - 00000000 ____D C:\Users\Dom\Desktop\Nowy folder (8)
2015-12-03 16:20 - 2015-12-03 16:56 - 00000000 ____D C:\Users\Dom\Desktop\Nowy folder (6)
2015-12-02 11:14 - 2015-12-02 11:14 - 00000000 ____D C:\Users\Dom\AppData\Roaming\AVG
2015-12-02 11:09 - 2015-12-14 10:17 - 00000000 ____D C:\ProgramData\Avg
2015-12-02 11:08 - 2015-12-14 10:17 - 00000000 ____D C:\Users\Dom\AppData\Local\AvgSetupLog
2015-11-27 12:59 - 2015-11-27 12:59 - 00003432 _____ C:\Windows\System32\Tasks\ZitheristPacemakersV2
2015-11-27 12:58 - 2015-12-14 10:21 - 00000000 ____D C:\Users\Dom\AppData\Local\ZitheristPacemakers
2015-11-27 12:56 - 2015-11-27 12:56 - 00996128 _____ (Software ) C:\Users\Dom\Downloads\PhotoRec 7.exe
2015-11-27 12:13 - 2015-12-12 17:03 - 00000000 ____D C:\Users\Dom\Desktop\testdisk-7.0
2015-11-27 12:11 - 2015-11-27 12:12 - 12444088 ____R C:\Users\Dom\Desktop\testdisk-7.0.win.zip
2015-11-27 11:39 - 2015-11-27 11:42 - 00000000 ____D C:\Users\Dom\Desktop\Amelka telefon
2015-11-26 21:15 - 2015-11-26 21:15 - 01433600 _____ C:\Users\Dom\Downloads\Cennik_nowego_Forda_Focus.pdf
2015-11-26 21:14 - 2015-11-26 21:14 - 00366001 _____ C:\Users\Dom\Downloads\Nowy_Focus_wkladka_promo(2).pdf
2015-11-24 20:52 - 2015-11-24 20:52 - 00366001 _____ C:\Users\Dom\Downloads\Nowy_Focus_wkladka_promo.pdf
2015-11-24 20:52 - 2015-11-24 20:52 - 00366001 _____ C:\Users\Dom\Downloads\Nowy_Focus_wkladka_promo(1).pdf
2015-11-20 10:08 - 2015-12-12 17:01 - 00000000 ____D C:\Program Files (x86)\Aero2
2015-11-20 10:04 - 2015-11-20 10:05 - 00010752 ___SH C:\Users\Dom\Downloads\Thumbs.db
2015-11-20 10:01 - 2015-11-20 10:01 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_juextctrl_01007.Wdf
2015-11-20 10:01 - 2015-11-20 10:01 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2015-11-20 09:59 - 2015-11-20 09:59 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2015-11-20 09:59 - 2015-11-20 09:59 - 00003246 _____ C:\Windows\System32\Tasks\{F5B3C98C-5FA3-4676-A45C-6890BFE31878}
2015-11-20 09:56 - 2015-12-12 17:02 - 00000000 ____D C:\ProgramData\Internet w Cyfrowym Polsacie
2015-11-20 09:56 - 2015-11-20 09:56 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
2015-11-20 09:56 - 2011-08-16 10:40 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2015-11-20 09:56 - 2011-08-16 10:40 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll
2015-11-20 09:55 - 2015-11-27 12:54 - 00000000 ____D C:\ProgramData\DatacardService
2015-11-18 14:43 - 2015-11-18 14:43 - 00438272 _____ C:\Users\Dom\Desktop\Kopia Lista_po_meryt_tech.xls
==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2015-12-14 10:58 - 2015-01-26 15:24 - 00000000 ____D C:\Users\Dom\AppData\Roaming\BitComet
2015-12-14 10:50 - 2009-07-14 05:45 - 00014256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-14 10:50 - 2009-07-14 05:45 - 00014256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-14 10:48 - 2015-11-02 09:42 - 00000000 ____D C:\Program Files (x86)\Opera
2015-12-14 10:43 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-14 10:42 - 2015-11-02 09:43 - 00000954 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-12-14 10:42 - 2015-11-02 09:43 - 00000942 _____ C:\Users\Public\Desktop\Opera.lnk
2015-12-14 10:42 - 2013-11-25 16:58 - 00001136 _____ C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-14 10:42 - 2013-11-25 16:58 - 00000993 _____ C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-12-14 10:36 - 2013-11-25 18:57 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-14 10:21 - 2013-12-25 23:18 - 00000000 ____D C:\Users\Dom\AppData\Local\CrashDumps
2015-12-14 10:17 - 2014-01-22 20:58 - 00000000 ____D C:\Program Files (x86)\AVG
2015-12-12 17:36 - 2013-11-25 18:57 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-12 17:36 - 2013-11-25 18:57 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-12 17:36 - 2013-11-25 18:57 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-12 17:13 - 2015-11-08 22:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-12 17:13 - 2013-11-25 18:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-12 17:09 - 2013-11-25 17:01 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-12 17:06 - 2013-11-25 16:58 - 00000000 ____D C:\Users\Dom
2015-12-12 17:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-12 17:04 - 2015-06-27 21:31 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-12 17:04 - 2013-11-25 19:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-12-12 17:04 - 2013-11-25 19:22 - 00000000 ____D C:\Program Files (x86)\HP
2015-12-12 17:04 - 2013-11-25 18:57 - 00000000 ____D C:\Windows\system32\Macromed
2015-12-12 17:04 - 2013-11-25 18:23 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-12-12 17:04 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2015-12-12 17:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-12-12 17:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-12 17:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2015-12-12 17:03 - 2013-11-25 18:47 - 00000000 ____D C:\Users\Dom\AppData\Local\Mozilla
2015-12-12 17:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2015-12-09 11:20 - 2014-12-05 14:37 - 00000000 ____D C:\Users\Dom\AppData\Local\Avg
2015-11-26 12:32 - 2015-10-26 18:32 - 00000699 _____ C:\Users\Dom\Desktop\KIgema POIR 321 (2).lnk
2015-11-24 12:20 - 2009-07-14 18:55 - 00737730 _____ C:\Windows\system32\perfh015.dat
2015-11-24 12:20 - 2009-07-14 18:55 - 00154418 _____ C:\Windows\system32\perfc015.dat
2015-11-24 12:20 - 2009-07-14 06:13 - 01662556 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-18 10:22 - 2015-11-02 09:43 - 00003880 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1446453834
==================== Pliki w katalogu głównym wybranych folderów =======
2014-01-24 19:04 - 2014-06-28 16:15 - 0003735 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2013-11-25 19:22 - 2015-12-09 11:10 - 0051425 _____ () C:\ProgramData\hpzinstall.log
Niektóre pliki w TEMP:
====================
C:\Users\Dom\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Dom\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\Dom\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\Dom\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Dom\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\Dom\AppData\Local\Temp\MSN8084.exe
C:\Users\Dom\AppData\Local\Temp\ose00000.exe
C:\Users\Dom\AppData\Local\Temp\ose00001.exe
C:\Users\Dom\AppData\Local\Temp\ose00002.exe
C:\Users\Dom\AppData\Local\Temp\ResetDevice.exe
C:\Users\Dom\AppData\Local\Temp\rk.exe
C:\Users\Dom\AppData\Local\Temp\sqlite3.dll
C:\Users\Dom\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Dom\AppData\Local\Temp\WTFastSetupSO.exe
C:\Users\Dom\AppData\Local\Temp\_is70CB.exe
==================== Bamital & volsnap =================
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
C:\Windows\system32\winlogon.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\wininit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\explorer.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\services.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\User32.dll
[2009-07-14 00:38] - [2009-07-14 02:41] - 1008640 ____A (Microsoft Corporation) 8D0F86272C524052236761CABF6E7AFE
C:\Windows\SysWOW64\User32.dll
[2015-02-19 16:52] - [2015-02-19 16:52] - 0833024 ____A (Microsoft Corporation) E01EBE6A0C7B306763667FDC60A0B25A
C:\Windows\system32\userinit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys = & gt; Plik podpisany cyfrowo
LastRegBack: 2015-12-03 16:51
==================== Koniec FRST.txt ============================