Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 07-12-2016 Uruchomiony przez fff (administrator) SSS (11-12-2016 20:37:49) Uruchomiony z L:\_instalki 2016\_spy Załadowane profile: fff (Dostępne profile: fff & Filippo) Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: "C:\Program Files\Nightly\firefox.exe" -osint -url "%1") Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Wacom Technology, Corp.) C:\Program Files\WTouch\WTouchService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe (Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe (gdipp Project) C:\Program Files (x86)\gdipp\gdipp_svc_32.exe (gdipp Project) C:\Program Files (x86)\gdipp\gdipp_svc_64.exe (Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe (Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe (DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe (Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (gdipp Project) C:\Program Files (x86)\gdipp\gdipp_hook_32.exe (gdipp Project) C:\Program Files (x86)\gdipp\gdipp_hook_64.exe (Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Wacom Technology, Corp.) C:\Program Files\WTouch\WTouchUser.exe () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe (Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (PeerBlock, LLC) C:\Program Files\PeerBlock\peerblock.exe (Sysinternals - www.sysinternals.com) C:\Desktops\Desktops.exe (Winstep Software Technologies) C:\Program Files (x86)\Winstep\Nexus.exe (Microsoft Corporation) C:\Windows\System32\StikyNot.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe (EnTech Taiwan) C:\Program Files (x86)\iRotate\iRotate.exe (Wacom Technology, Corp.) C:\Windows\System32\WTablet\Pen_TabletUser.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe (Creative Technology Ltd.) C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe () C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe (Portrait Displays, Inc) C:\Program Files (x86)\Portrait Displays\HP Display Assistant\dthtml.exe (Creative Technology Ltd.) C:\Windows\V0220Mon.exe (Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe () C:\Windows\Samsung\PanelMgr\SSMMgr.exe (Portrait Displays Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe () C:\Windows\Samsung\PanelMgr\caller64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Creative Technology Ltd.) C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelper.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (BitTorrent, Inc.) L:\uTorrent\utorrent.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-06-05] (Realtek Semiconductor) HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.) HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation) HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] () HKLM-x32\...\Run: [DT HWP] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [122384 2013-10-11] (Portrait Displays, Inc.) HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe [241789 2009-07-07] (Creative Technology Ltd) HKLM-x32\...\Run: [Module Loader] => C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe [57344 2007-07-23] (Creative Technology Ltd.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [V0220Mon.exe] => C:\Windows\V0220Mon.exe [32768 2014-12-02] (Creative Technology Ltd.) HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039240 2013-05-16] (Adobe Systems Incorporated) HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2745544 2016-02-16] (Dominik Reichl) HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [614400 2009-08-28] () HKLM-x32\...\Run: [Bonus.SSR.FR12] => L:\FineReader12\Bonus.ScreenshotReader.exe [1517088 2014-12-01] (ABBYY Production LLC.) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [916072 2016-10-28] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-11-22] (Avira Operations GmbH & Co. KG) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\S-1-5-21-916462668-3198608929-2543406701-1000\...\Run: [PeerBlock] => C:\Program Files\PeerBlock\peerblock.exe [2513992 2014-01-14] (PeerBlock, LLC) HKU\S-1-5-21-916462668-3198608929-2543406701-1000\...\Run: [Sysinternals Desktops] => C:\Desktops\Desktops.exe [116824 2015-01-18] (Sysinternals - www.sysinternals.com) HKU\S-1-5-21-916462668-3198608929-2543406701-1000\...\Run: [Nexus] => C:\Program Files (x86)\Winstep\Nexus.exe [29440640 2016-03-08] (Winstep Software Technologies) HKU\S-1-5-21-916462668-3198608929-2543406701-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2015-07-13] (Nero AG) HKU\S-1-5-21-916462668-3198608929-2543406701-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-916462668-3198608929-2543406701-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 ShellExecuteHooks: QTTabBarLib.ExplorerProcessCaptor - {D2BF470E-ED1C-487F-AAAA-2BD8835EB6CE} - C:\Windows\System32\mscoree.dll [444752 2010-11-05] (Microsoft Corporation) ShellExecuteHooks-x32: QTTabBarLib.ExplorerProcessCaptor - {D2BF470E-ED1C-487F-AAAA-2BD8835EB6CE} - C:\Windows\System32\mscoree.dll [444752 2010-11-05] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2014-06-05] ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2016-12-10] ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () Startup: C:\Users\sss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iRotate.lnk [2014-06-15] ShortcutTarget: iRotate.lnk -> C:\Program Files (x86)\iRotate\iRotate.exe (EnTech Taiwan) Startup: C:\Users\sss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iRotate.lnk [2014-06-15] ShortcutTarget: iRotate.lnk -> C:\Program Files (x86)\iRotate\iRotate.exe (EnTech Taiwan) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{1BEA857B-2995-4676-A076-B25C1710D919}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{3004FD58-8E8E-448A-A85D-400519730FF4}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{74F030B3-4B3F-4BBC-84A0-6EDB34E18DF6}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{8422B153-AFAA-418F-8176-4E0119F5A93A}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{86EFB31D-6DF9-41D2-AA64-ECEB4FEF148C}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{8FBDC76A-4AE9-4431-B9FA-F4B820E413F2}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{A615BF48-BD6F-4976-8BB9-F031918ED662}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{B1F0DCAC-94E2-4798-8FDA-0C149265EE4C}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{FA29980D-113A-4467-90FB-0FC3B0B6C43F}: [DhcpNameServer] 192.168.1.254 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKU\S-1-5-21-916462668-3198608929-2543406701-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-916462668-3198608929-2543406701-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-10-20] (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-20] (Oracle Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation) BHO-x32: Pomocnik logowania za pomocą konta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated) Toolbar: HKLM - QT Command Bar - {d2bf470e-ed1c-487f-a666-2bd8835eb6ce} - C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation) Toolbar: HKLM - QT Command Bar 2 - {d2bf470e-ed1c-487f-a777-2bd8835eb6ce} - C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation) Toolbar: HKLM - QTTabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation) Toolbar: HKLM - QT Base Toolbar - {d2bf470e-ed1c-487f-a300-2bd8835eb6ce} - C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - QT Command Bar - {d2bf470e-ed1c-487f-a666-2bd8835eb6ce} - C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation) Toolbar: HKLM-x32 - QT Command Bar 2 - {d2bf470e-ed1c-487f-a777-2bd8835eb6ce} - C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation) Toolbar: HKLM-x32 - QTTabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation) Toolbar: HKLM-x32 - QT Base Toolbar - {d2bf470e-ed1c-487f-a300-2bd8835eb6ce} - C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: b0y3dd3t.fff FF ProfilePath: C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\zvncdiv3.default [nie znaleziono] FF ProfilePath: C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\u61s69m3.Default User [2016-12-11] FF Extension: (Ghostery) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\u61s69m3.Default User\Extensions\firefox@ghostery.com.xpi [2014-04-23] [Brak podpisu cyfrowego] FF Extension: (HTTPS-Everywhere) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\u61s69m3.Default User\Extensions\https-everywhere@eff.org [2014-06-05] [Brak podpisu cyfrowego] FF Extension: (keyword.URL Hack!) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\u61s69m3.Default User\Extensions\keyword@evilpie.com.xpi [2014-04-21] [Brak podpisu cyfrowego] FF Extension: (Save Images) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\u61s69m3.Default User\Extensions\LDSI_plashcor@gmail.com.xpi [2014-04-13] [Brak podpisu cyfrowego] FF Extension: (Save Session) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\u61s69m3.Default User\Extensions\savesession@noasobi.net.xpi [2014-05-22] [Brak podpisu cyfrowego] FF Extension: (Scriptish) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\u61s69m3.Default User\Extensions\scriptish@erikvold.com.xpi [2013-08-17] [Brak podpisu cyfrowego] FF Extension: (Flagfox) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\u61s69m3.Default User\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-05-08] [Brak podpisu cyfrowego] FF Extension: (Stylish) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\u61s69m3.Default User\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2014-05-04] [Brak podpisu cyfrowego] FF Extension: (Adblock Plus) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\u61s69m3.Default User\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-04] [Brak podpisu cyfrowego] FF Extension: (Tab Mix Plus) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\u61s69m3.Default User\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-04-13] [Brak podpisu cyfrowego] FF Extension: (DownThemAll!) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\u61s69m3.Default User\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-04-30] [Brak podpisu cyfrowego] FF Extension: (Brak nazwy) - C:\Users\fff\AppData\Roaming\Mozilla\Firefox\Profiles\bppj7lup.default\extensions\isreaditlater@ideashower.com [nie znaleziono] FF Extension: (Brak nazwy) - C:\Users\fff\AppData\Roaming\Mozilla\Firefox\Profiles\bppj7lup.default\extensions\scriptish@erikvold.com.xpi [nie znaleziono] FF Extension: (Brak nazwy) - C:\Users\fff\AppData\Roaming\Mozilla\Firefox\Profiles\bppj7lup.default\extensions\LDSI_plashcor@gmail.com.xpi [nie znaleziono] FF Extension: (Brak nazwy) - C:\Users\fff\AppData\Roaming\Mozilla\Firefox\Profiles\bppj7lup.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [nie znaleziono] FF Extension: (Brak nazwy) - C:\Users\fff\AppData\Roaming\Mozilla\Firefox\Profiles\bppj7lup.default\extensions\https-everywhere@eff.org [nie znaleziono] FF Extension: (Brak nazwy) - C:\Users\fff\AppData\Roaming\Mozilla\Firefox\Profiles\bppj7lup.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [nie znaleziono] FF Extension: (Brak nazwy) - C:\Users\fff\AppData\Roaming\Mozilla\Firefox\Profiles\bppj7lup.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [nie znaleziono] FF Extension: (Brak nazwy) - C:\Users\fff\AppData\Roaming\Mozilla\Firefox\Profiles\bppj7lup.default\extensions\savesession@noasobi.net.xpi [nie znaleziono] FF Extension: (Brak nazwy) - C:\Program Files (x86)\IObit Apps Toolbar\FF [nie znaleziono] FF Extension: (Brak nazwy) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\u61s69m3.Default User\extensions\adsremoval@adsremoval.net [nie znaleziono] FF Extension: (Brak nazwy) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\u61s69m3.Default User\extensions\adremoveext@adremoveext.net [nie znaleziono] FF Extension: (Brak nazwy) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\u61s69m3.Default User\extensions\iobitascsurfingprotection@iobit.com [nie znaleziono] FF SearchPlugin: C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\u61s69m3.Default User\searchplugins\dodatki-dla-firefox.xml [2013-06-12] FF SearchPlugin: C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\u61s69m3.Default User\searchplugins\kickasstorrents.xml [2014-05-17] FF SearchPlugin: C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\u61s69m3.Default User\searchplugins\the-free-dictionary.xml [2014-04-11] FF SearchPlugin: C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\u61s69m3.Default User\searchplugins\wyszukiwarka-filmw-w-youtube.xml [2013-06-12] FF ProfilePath: C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff [2016-12-11] FF DefaultSearchEngine: Mozilla\Firefox\Profiles\b0y3dd3t.fff -> Google FF SelectedSearchEngine: Mozilla\Firefox\Profiles\b0y3dd3t.fff -> Google FF Keyword.URL: Mozilla\Firefox\Profiles\b0y3dd3t.fff -> hxxps://www.google.com/search?ie=UTF-8&sourceid=navclient&gfns=1&q= FF NetworkProxy: Mozilla\Firefox\Profiles\b0y3dd3t.fff -> socks_remote_dns", true FF NetworkProxy: Mozilla\Firefox\Profiles\b0y3dd3t.fff -> type", 0 FF Extension: (Bookmark Favicon Changer) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\bookmarkfaviconchanger@sonthakit.xpi [2016-01-31] FF Extension: (Classic Theme Restorer) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2016-11-24] FF Extension: (Firebug) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\firebug@software.joehewitt.com.xpi [2016-10-12] FF Extension: (Firefox Hotfix) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-31] FF Extension: (Ghostery) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\firefox@ghostery.com.xpi [2016-11-29] FF Extension: (MEGA) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\firefox@mega.co.nz.xpi [2016-12-09] FF Extension: (FoxyProxy Standard) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\foxyproxy@eric.h.jung [2016-09-01] FF Extension: (HTTPS Everywhere) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\https-everywhere-eff@eff.org.xpi [2016-12-01] FF Extension: (Pocket) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\isreaditlater@ideashower.com [2015-05-29] FF Extension: (Awesome Screenshot - Capture, Annotate & More) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2016-09-23] FF Extension: (KeeFox) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\keefox@chris.tomlinson [2016-11-24] FF Extension: (Polski Language Pack) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\langpack-pl@Waterfox.mozilla.org.xpi [2014-07-09] [Brak podpisu cyfrowego] FF Extension: (Lazarus: Form Recovery) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\lazarus@interclue.com.xpi [2016-04-28] FF Extension: (Save Images) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\LDSI_plashcor@gmail.com.xpi [2016-04-29] FF Extension: (MD5 Reborned Hasher) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\md5rehasher@phoneixs.es.xpi [2016-04-27] FF Extension: (TableTools2) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\tabletools2@mingyi.org [2016-08-05] FF Extension: (Google Translator for Firefox) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\translator@zoli.bod.xpi [2016-04-28] FF Extension: (uBlock Origin) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\uBlock0@raymondhill.net.xpi [2016-11-29] FF Extension: (Wappalyzer) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\wappalyzer@crunchlabz.com.xpi [2016-09-05] FF Extension: (Resurrect Pages) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\{0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3}.xpi [2016-05-01] FF Extension: (Flagfox) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2016-11-24] FF Extension: (Session Manager) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2016-03-18] FF Extension: (Stylish) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2016-08-11] FF Extension: (FEBE) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2016-11-12] FF Extension: (NoScript) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-11-29] FF Extension: (Download YouTube Videos as MP4) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2016-09-04] FF Extension: (Web Developer) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2016-08-24] FF Extension: (RightToClick) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi [2015-11-30] FF Extension: (Textise Add-On v3.0) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\{d358dc61-498f-3de1-4d99-deacebaa276f}.xpi [2016-05-01] FF Extension: (Tab Mix Plus) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-10-27] FF Extension: (DownThemAll!) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-09-30] FF Extension: (YouTube Flash Video Player) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi [2016-11-29] FF Extension: (Diigo Toolbar) - C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\Extensions\{fc2b8f80-d9a5-4f51-8076-7c7ce3c67ee3} [2016-05-01] FF SearchPlugin: C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\searchplugins\dodatki-dla-firefox.xml [2013-06-12] FF SearchPlugin: C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\searchplugins\duckduckgo.xml [2014-06-24] FF SearchPlugin: C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\searchplugins\ixquick-ssl.xml [2014-07-26] FF SearchPlugin: C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\searchplugins\sowniki-pwn.xml [2015-05-22] FF SearchPlugin: C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\searchplugins\startpage---polski.xml [2016-01-25] FF SearchPlugin: C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\searchplugins\the-free-dictionary.xml [2014-04-11] FF SearchPlugin: C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\searchplugins\tumacz-google.xml [2014-08-15] FF SearchPlugin: C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\searchplugins\voqz349ke6e.xml [2014-10-27] FF SearchPlugin: C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\searchplugins\wolframalpha.xml [2014-11-29] FF SearchPlugin: C:\Users\sss\AppData\Roaming\Mozilla\Firefox\Profiles\b0y3dd3t.fff\searchplugins\wyszukiwarka-filmw-w-youtube.xml [2013-06-12] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-12-08] [Brak podpisu cyfrowego] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-30] () FF Plugin: @cuminas.jp/DjVuPlugin -> C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2014-04-12] (Cuminas Corporation) FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-09-23] (Tracker Software Products (Canada) Ltd.) FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-20] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-20] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-30] () FF Plugin-x32: @cuminas.jp/DjVuPlugin -> C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2014-04-12] (Cuminas Corporation) FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-09-23] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-07] (Foxit Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2016-02-18] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-09] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-09] (NVIDIA Corporation) FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2009-09-25] (Wacom, Inc.) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-09-12] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems) FF Plugin-x32: Soda PDF 6 -> C:\Program Files (x86)\Soda PDF 6\np-previewer.dll [2014-08-27] (LULU SOFTWARE LIMITED) FF Plugin HKU\S-1-5-21-916462668-3198608929-2543406701-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\sss\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-916462668-3198608929-2543406701-1000: @talk.google.com/O1DPlugin -> C:\Users\sss\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-916462668-3198608929-2543406701-1000: @tools.google.com/Google Update;version=3 -> C:\Users\sss\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin HKU\S-1-5-21-916462668-3198608929-2543406701-1000: @tools.google.com/Google Update;version=9 -> C:\Users\sss\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\sss\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin ProgramFiles/Appdata: C:\Users\sss\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google) StartMenuInternet: FIREFOX.EXE - C:\Program Files\Nightly\firefox.exe Chrome: ======= CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1089088 2016-10-28] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [475232 2016-10-28] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [475232 2016-10-28] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1488240 2016-10-28] (Avira Operations GmbH & Co. KG) R2 Asset Management Daemon; C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe [134672 2013-10-11] () R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350528 2016-11-24] (Avira Operations GmbH & Co. KG) S4 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2015-06-16] (CobianSoft, Luis Cobian) [Brak podpisu cyfrowego] S4 CobianBackup11; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008 2015-06-16] (Luis Cobian, CobianSoft) [Brak podpisu cyfrowego] S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-06-05] (Creative Labs) [Brak podpisu cyfrowego] S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-06-05] (Creative Labs) [Brak podpisu cyfrowego] R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [Brak podpisu cyfrowego] R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2370240 2015-01-26] (Comodo Security Solutions, Inc.) R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [138768 2013-10-11] (Portrait Displays, Inc.) R2 gdipp_svc_32; C:\Program Files (x86)\gdipp\gdipp_svc_32.exe [93696 2016-02-03] (gdipp Project) [Brak podpisu cyfrowego] R2 gdipp_svc_64; C:\Program Files (x86)\gdipp\gdipp_svc_64.exe [106496 2016-02-03] (gdipp Project) [Brak podpisu cyfrowego] S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-10-06] (NVIDIA Corporation) S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2153792 2016-10-14] (IObit) R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility LLC) S4 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2012-07-05] (Nalpeiron Ltd.) [Brak podpisu cyfrowego] S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2015-07-13] (Nero AG) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-07-01] () R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2015-01-28] (arvato digital services llc) R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2015-12-08] (Motorola) [Brak podpisu cyfrowego] R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.) R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2015-12-28] (DEVGURU Co., LTD.) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Brak podpisu cyfrowego] R2 Themes; C:\Windows\system32\themeservice.dll [44544 2016-02-03] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 WTouchService; C:\Program Files\WTouch\WTouchService.exe [127784 2016-10-25] (Wacom Technology, Corp.) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1037312 2016-12-10] (Atheros Communications, Inc.) S3 AutoBoot; C:\Program Files (x86)\MSI\AutoBoot\NTGLM7X64.sys [44344 2009-02-19] (MICRO-STAR INT'L CO., LTD.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [177432 2016-10-28] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [145536 2016-10-14] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2016-10-14] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-10-13] (Avira Operations GmbH & Co. KG) R0 DDB74C9E; C:\Windows\System32\drivers\DDB74C9E.sys [478392 2016-12-08] (Kaspersky Lab ZAO) S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-02-04] (Samsung Electronics Co., Ltd.) R1 Eve; C:\Windows\System32\DRIVERS\eve.sys [41304 2015-03-09] () U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-05] (Microsoft Corporation) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2016-08-03] (REALiX(tm)) R3 ksaud; C:\Windows\System32\drivers\ksaud.sys [1134208 2009-08-05] (Creative Technology Ltd.) R3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [2212496 2016-12-10] (MediaTek Inc.) R3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-14] () R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [22824 2013-06-18] (Portrait Displays, Inc.) R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2015-12-12] () S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2015-12-12] () R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14648 2010-05-27] () R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33960 2016-08-03] (Synaptics Incorporated) S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2015-12-28] (DEVGURU Co., LTD.(www.devguru.co.kr)) U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-12-08] () S3 V0220Dev; C:\Windows\System32\DRIVERS\V0220Dev.sys [208352 2014-12-02] (Creative Technology Ltd.) S3 V0220Vfx; C:\Windows\System32\DRIVERS\V0220Vfx.sys [12288 2014-12-02] (EyePower Games Pte. Ltd.) S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115208 2015-01-27] (Oracle Corporation) S3 catchme; \??\C:\cf\catchme.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-12-11 16:52 - 2016-12-11 16:52 - 00000000 ___DC C:\Users\sss\AppData\Roaming\ProductData 2016-12-11 16:51 - 2016-12-11 16:51 - 00000000 ___DC C:\Users\sss\AppData\Roaming\WTouch 2016-12-11 16:41 - 2016-12-11 16:41 - 00039278 ____C C:\ComboFix.txt 2016-12-11 16:34 - 2016-12-11 16:34 - 00001994 ____C C:\Users\sss\Desktop\JRT.txt 2016-12-11 16:30 - 2016-12-11 16:30 - 00001038 ____C C:\Users\Public\Desktop\Revo Uninstaller.lnk 2016-12-11 16:30 - 2016-12-11 16:30 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2016-12-11 16:30 - 2016-12-11 16:30 - 00000000 ___DC C:\Program Files\VS Revo Group 2016-12-11 16:23 - 2016-12-11 16:33 - 00000000 ___DC C:\AdwCleaner 2016-12-11 04:19 - 2016-12-11 04:19 - 01247020 ____C C:\Users\sss\Desktop\art%3A10.1186%2Fs13002-016-0095-x.pdf 2016-12-11 03:41 - 2016-12-11 03:41 - 379540898 ____C C:\Users\sss\Documents\11216 eusing.reg 2016-12-11 03:40 - 2016-12-11 16:39 - 00000000 ___DC C:\Program Files (x86)\Eusing Free Registry Cleaner 2016-12-11 03:40 - 2016-12-11 03:40 - 00001057 ____C C:\Users\sss\Desktop\Eusing Free Registry Cleaner.lnk 2016-12-11 03:40 - 2016-12-11 03:40 - 00001057 ____C C:\Users\Filippo\Desktop\Eusing Free Registry Cleaner.lnk 2016-12-11 03:40 - 2016-12-11 03:40 - 00000000 ___DC C:\Users\sss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner 2016-12-11 03:40 - 2016-12-11 03:40 - 00000000 ___DC C:\Users\sss\AppData\Roaming\Eusing 2016-12-11 03:40 - 2016-12-11 03:40 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner 2016-12-11 03:16 - 2016-12-11 03:33 - 00000000 ___DC C:\Users\sss\AppData\Roaming\Wise Registry Cleaner 2016-12-11 03:16 - 2016-12-11 03:33 - 00000000 ___DC C:\Users\sss\AppData\Roaming\Wise Euask 2016-12-11 03:16 - 2016-12-11 03:16 - 00001231 ____C C:\Users\Public\Desktop\Wise Registry Cleaner.lnk 2016-12-11 03:16 - 2016-12-11 03:16 - 00000000 ___DC C:\Windows\System32\Tasks\WiseCleaner 2016-12-11 03:16 - 2016-12-11 03:16 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner 2016-12-11 03:16 - 2016-12-11 03:16 - 00000000 ___DC C:\Program Files (x86)\Wise 2016-12-11 03:11 - 2016-12-11 16:57 - 00000000 ___DC C:\Temp 2016-12-11 03:01 - 2016-12-11 03:02 - 00001249 ____C C:\fixlist.txt 2016-12-11 02:16 - 2016-12-11 02:16 - 00044822 ____C C:\Users\sss\Desktop\Zioła w leczeniu boreliozy.htm 2016-12-11 02:16 - 2016-12-11 02:16 - 00000000 ___DC C:\Users\sss\Desktop\Zioła w leczeniu boreliozy_pliki 2016-12-11 01:57 - 2016-12-11 01:57 - 02850283 ____C C:\Users\sss\Desktop\Lustmord_Art_Print_Demo_web.jpeg 2016-12-10 21:46 - 2016-12-10 21:52 - 00000433 ____C C:\Windows\system32\Drivers\etc\hosts.ics 2016-12-10 21:45 - 2016-12-10 21:45 - 00000000 ___DC C:\ProgramData\Ralink 2016-12-10 21:40 - 2016-12-10 21:46 - 00000000 ___DC C:\Users\sss\AppData\Roaming\TP-LINK 2016-12-10 21:40 - 2016-12-10 21:46 - 00000000 ___DC C:\ProgramData\TP-LINK 2016-12-10 21:40 - 2016-12-10 21:46 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK 2016-12-10 21:40 - 2016-12-10 21:45 - 02212496 ____C (MediaTek Inc.) C:\Windows\system32\netr28ux.sys 2016-12-10 21:40 - 2016-12-10 21:40 - 00000000 ___DC C:\Program Files (x86)\TP-LINK 2016-12-10 21:40 - 2014-11-11 07:47 - 00009926 ____C C:\Windows\system32\netr28ux.cat 2016-12-10 21:40 - 2014-08-26 08:48 - 01608768 ____C (Ralink Technology, Corp.) C:\Windows\SysWOW64\RaCertMgr.dll 2016-12-10 21:40 - 2014-06-26 16:15 - 00091412 ____C C:\Windows\system32\FW_7662.bin 2016-12-10 21:40 - 2014-05-05 16:24 - 00020626 ____C C:\Windows\system32\Patch_7662.bin 2016-12-10 21:32 - 2016-12-10 21:32 - 00003056 ____C C:\Windows\System32\Tasks\{28E7BE6F-9DBD-43B5-BE8E-DE5B50CB1598} 2016-12-10 20:37 - 2016-12-10 21:45 - 00334992 ____C (Mediatek Inc.) C:\Windows\system32\RaCoInstx.dll 2016-12-10 20:37 - 2016-12-10 20:37 - 02212496 ____C (MediaTek Inc.) C:\Windows\system32\Drivers\netr28ux.sys 2016-12-10 20:37 - 2014-06-27 09:15 - 00091412 ____C C:\Windows\system32\Drivers\FW_7662.bin 2016-12-10 20:37 - 2014-06-26 22:06 - 00016103 ____C C:\Windows\system32\RaCoInst.dat 2016-12-10 20:37 - 2014-05-06 09:24 - 00020626 ____C C:\Windows\system32\Drivers\Patch_7662.bin 2016-12-10 19:17 - 2016-12-10 19:17 - 00000000 ___DC C:\Users\sss\Desktop\Halftone_Automator 2016-12-10 16:53 - 2016-12-10 16:53 - 00002038 ____C C:\Users\sss\Desktop\TRMBT - The Real Multirow Bookmarks Toolbar - FF4.txt 2016-12-10 16:31 - 2016-12-11 03:33 - 00000000 ___DC C:\Program Files\Nightly 2016-12-10 16:01 - 2016-12-10 16:01 - 01037312 ____C (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrxusb.sys 2016-12-10 15:57 - 2016-12-10 15:57 - 00493435 ____C C:\Users\sss\Desktop\faq.pdf 2016-12-10 14:06 - 2016-12-10 14:06 - 00196750 ____C C:\Users\sss\Desktop\Western Blot igg.pdf 2016-12-09 23:45 - 2016-12-09 23:45 - 00004267 ____C C:\Users\sss\Desktop\Halftone_Automator.zip 2016-12-09 15:00 - 2016-12-09 15:00 - 00827082 ____C C:\Users\sss\Desktop\dickson.pdf 2016-12-09 14:25 - 2016-12-09 14:25 - 00214205 ____C C:\Users\sss\Desktop\Western Blot igm.pdf 2016-12-08 21:49 - 2011-06-26 07:45 - 00256000 ____C C:\Windows\PEV.exe 2016-12-08 21:49 - 2010-11-07 18:20 - 00208896 ____C C:\Windows\MBR.exe 2016-12-08 21:49 - 2009-04-20 05:56 - 00060416 ____C (NirSoft) C:\Windows\NIRCMD.exe 2016-12-08 21:49 - 2000-08-31 01:00 - 00518144 ____C (SteelWerX) C:\Windows\SWREG.exe 2016-12-08 21:49 - 2000-08-31 01:00 - 00406528 ____C (SteelWerX) C:\Windows\SWSC.exe 2016-12-08 21:49 - 2000-08-31 01:00 - 00098816 ____C C:\Windows\sed.exe 2016-12-08 21:49 - 2000-08-31 01:00 - 00080412 ____C C:\Windows\grep.exe 2016-12-08 21:49 - 2000-08-31 01:00 - 00068096 ____C C:\Windows\zip.exe 2016-12-08 21:48 - 2016-12-11 16:41 - 00000000 ___DC C:\Qoobox 2016-12-08 21:47 - 2016-12-08 22:13 - 00000000 ___DC C:\Windows\erdnt 2016-12-08 20:42 - 2016-12-08 20:42 - 00000000 ___DC C:\Program Files\HitmanPro 2016-12-08 20:14 - 2016-12-08 20:14 - 00478392 ____C (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\DDB74C9E.sys 2016-12-08 20:14 - 2016-12-08 20:14 - 00000000 ___DC C:\KVRT_Data 2016-12-08 20:11 - 2016-12-08 20:12 - 00242834 ____C C:\TDSSKiller.3.1.0.12_08.12.2016_20.11.35_log.txt 2016-12-08 18:07 - 2016-12-08 18:07 - 00000000 ___HC C:\Windows\system32\Drivers\Msft_Kernel_ImmunetNetworkMonitor_01009.Wdf 2016-12-08 18:05 - 2016-12-08 18:05 - 00351761 ____C C:\Windows\Minidump\120816-9750-01.dmp 2016-12-08 15:14 - 2016-12-09 15:04 - 00000000 ___DC C:\Program Files (x86)\Zemana AntiMalware 2016-12-08 15:14 - 2016-12-09 15:03 - 00068231 ____C C:\Windows\ZAM_Guard.krnl.trace 2016-12-08 15:14 - 2016-12-09 13:34 - 00050662 ____C C:\Windows\ZAM.krnl.trace 2016-12-08 14:13 - 2016-12-08 14:13 - 00000000 ___DC C:\.Trash-999 2016-12-08 02:46 - 2016-12-11 20:37 - 00000000 ___DC C:\FRST 2016-12-08 02:44 - 2016-12-08 13:19 - 00000670 ____C C:\usterka.txt 2016-12-08 02:37 - 2016-12-08 02:37 - 00000000 ___DC C:\gmer 2016-12-08 02:33 - 2016-12-08 12:38 - 00192216 ____C (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-12-08 02:33 - 2016-12-08 02:33 - 00001122 ____C C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-12-08 02:33 - 2016-12-08 02:33 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-12-08 02:33 - 2016-12-08 02:33 - 00000000 ___DC C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-12-08 02:33 - 2016-03-10 14:09 - 00064896 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-12-08 02:33 - 2016-03-10 14:08 - 00140672 ____C (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-12-08 02:33 - 2016-03-10 14:08 - 00027008 ____C (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-12-08 02:32 - 2016-12-08 02:32 - 00371282 ____C C:\gmer.zip 2016-12-08 01:55 - 2016-12-08 01:55 - 00000000 ___DC C:\ProcessExplorer 2016-12-07 21:03 - 2016-12-07 21:03 - 00000000 ___DC C:\Users\sss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView 2016-12-07 21:03 - 2016-12-07 21:03 - 00000000 ___DC C:\Program Files\IrfanView 2016-12-07 18:32 - 2016-12-07 19:44 - 00002501 ____C C:\Users\sss\Desktop\listy fb.txt 2016-12-06 01:32 - 2016-12-06 01:32 - 03435846 ____C C:\Users\sss\Desktop\as-wyklad.pdf 2016-12-04 14:36 - 2016-12-04 14:36 - 00115010 ____C C:\Users\sss\Desktop\p-tlumaczenie.pdf 2016-12-04 14:31 - 2016-12-11 01:26 - 00000992 ____C C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job 2016-12-04 14:31 - 2016-12-04 14:31 - 00003972 ____C C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2016-12-04 00:12 - 2016-12-04 00:12 - 00000004 ____C C:\Windows\csdf_sdum.dat 2016-12-04 00:12 - 2016-12-04 00:12 - 00000004 ____C C:\Windows\csdf.dat 2016-12-03 19:54 - 2016-12-03 19:54 - 00000532 ____C C:\Users\Public\Desktop\HoMM3 HD.lnk 2016-12-01 13:59 - 2016-12-01 13:59 - 00000000 ___DC C:\Anaconda2 2016-12-01 13:58 - 2016-12-01 13:58 - 00000000 ___DC C:\Users\sss\.conda 2016-12-01 13:53 - 2016-12-01 13:53 - 00000000 ___DC C:\phantomjs 2016-12-01 13:47 - 2016-12-01 13:47 - 00000000 ___DC C:\Users\sss\Documents\Python Scripts 2016-12-01 13:43 - 2016-12-01 13:44 - 00000000 ___DC C:\Users\sss\Miniconda2 2016-12-01 13:33 - 2016-12-03 00:45 - 00000000 ___DC C:\coursera down 2016-12-01 13:32 - 2016-12-01 13:33 - 00014742 ____C C:\www-coursera-downloader-master.zip 2016-11-30 22:57 - 2016-11-30 22:57 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SWF File Player 2016-11-30 22:57 - 2016-11-30 22:57 - 00000000 ___DC C:\Program Files (x86)\SWF File Player 2016-11-29 18:24 - 2016-11-29 18:24 - 00000715 ____C C:\Users\sss\Desktop\zmst.txt 2016-11-27 13:42 - 2016-11-27 13:42 - 00131694 ____C C:\Users\sss\Desktop\nominalizm.pdf 2016-11-24 12:07 - 2016-12-02 10:32 - 00000000 ___DC C:\Program Files (x86)\Mozilla Firefox 2016-11-22 12:03 - 2016-11-22 12:03 - 00349513 ____C C:\Users\sss\Downloads\1-tLXwRws998aZSZn_p36S-Q.jpeg 2016-11-15 18:17 - 2016-11-15 18:17 - 00000000 ___DC C:\ProgramData\Microsoft Toolkit 2016-11-15 16:30 - 2016-12-11 18:38 - 00000000 ___DC C:\Users\sss\AppData\LocalLow\Mozilla 2016-11-15 16:26 - 2016-11-15 16:26 - 00000878 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nightly.lnk 2016-11-14 19:12 - 2016-11-14 19:12 - 00000000 ___DC C:\nvidiainspector 2016-11-14 19:11 - 2016-11-14 19:11 - 00288725 ____C C:\nvidiainspector.zip 2016-11-13 17:29 - 2016-11-13 18:29 - 00000000 ___DC C:\QTTabBar_1038(1) 2016-11-13 17:28 - 2016-11-13 17:28 - 00000058 ____C C:\Users\sss\Desktop\skr.txt 2016-11-12 23:15 - 2016-11-12 23:15 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QTTabBar 2016-11-12 23:15 - 2016-11-12 23:15 - 00000000 ___DC C:\Program Files\QTTabBar 2016-11-12 23:07 - 2016-11-12 23:09 - 00000000 ___DC C:\Program Files (x86)\FileHippo.com 2016-11-12 23:05 - 2016-11-12 23:05 - 00000000 ___DC C:\$Windows.~WS 2016-11-12 23:02 - 2016-11-12 23:02 - 05048171 ____C C:\QTTabBar_1038(1).zip 2016-11-12 12:03 - 2016-11-12 12:04 - 00000000 ___DC C:\Users\sss\AppData\Roaming\Affinity 2016-11-12 01:58 - 2016-11-12 01:59 - 80720640 ____C (PortSwigger Web Security) C:\Users\sss\Downloads\burpsuite_free_windows-x64_v1_7_10.exe 2016-11-11 04:30 - 2016-11-11 04:30 - 00000580 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Affinity Designer Public Beta.lnk 2016-11-11 04:14 - 2016-11-11 04:14 - 00000558 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Affinity Photo Public Beta.lnk 2016-11-11 04:13 - 2016-11-11 04:15 - 00000000 ___DC C:\Program Files\Affinity ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-12-11 20:07 - 2016-04-20 18:50 - 00001050 ____C C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-916462668-3198608929-2543406701-1000UA.job 2016-12-11 19:41 - 2014-11-13 21:28 - 00001048 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-12-11 19:07 - 2016-04-20 18:50 - 00000998 ____C C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-916462668-3198608929-2543406701-1000Core.job 2016-12-11 18:41 - 2014-11-13 21:28 - 00001044 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-12-11 17:05 - 2009-07-14 05:45 - 00015040 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-12-11 17:05 - 2009-07-14 05:45 - 00015040 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-12-11 16:57 - 2016-11-09 11:56 - 00000000 ___DC C:\ProgramData\NVIDIA 2016-12-11 16:57 - 2016-10-25 11:38 - 00000000 ___DC C:\Users\sss\AppData\Roaming\WTablet 2016-12-11 16:57 - 2014-06-15 02:35 - 00000028 ____C C:\Users\sss\AppData\Roaming\iRotate.INI 2016-12-11 16:57 - 2014-06-05 00:55 - 00000000 ___DC C:\Program Files\PeerBlock 2016-12-11 16:57 - 2009-07-14 06:08 - 00000006 ___HC C:\Windows\Tasks\SA.DAT 2016-12-11 16:53 - 2014-10-26 22:52 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO 2016-12-11 16:53 - 2009-07-14 04:20 - 00000000 ___DC C:\Windows\inf 2016-12-11 16:52 - 2009-07-14 18:55 - 02553576 ____C C:\Windows\system32\perfh015.dat 2016-12-11 16:52 - 2009-07-14 18:55 - 01097388 ____C C:\Windows\system32\perfc015.dat 2016-12-11 16:48 - 2016-10-02 19:27 - 05003496 ____C C:\Windows\ntbtlog.txt 2016-12-11 16:39 - 2009-07-14 03:34 - 00000247 ____C C:\Windows\system.ini 2016-12-11 16:22 - 2016-02-16 21:30 - 00000000 ___DC C:\Users\sss\AppData\Roaming\KeePass 2016-12-11 05:48 - 2014-09-28 11:35 - 00000000 ___DC C:\Users\sss\AppData\Roaming\foobar2000 2016-12-11 03:57 - 2016-10-11 21:41 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HoMM3 HD 2016-12-11 03:57 - 2016-10-06 16:59 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doom 2016-12-11 03:57 - 2016-10-03 19:45 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks 2016-12-11 03:57 - 2015-01-01 14:02 - 00000000 ___DC C:\Users\sss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks 2016-12-11 03:57 - 2014-06-05 02:35 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack 2016-12-11 03:36 - 2014-06-08 23:27 - 00000000 ___DC C:\Program Files (x86)\Mozilla Maintenance Service 2016-12-11 03:09 - 2009-07-14 04:20 - 00000000 __HDC C:\Windows\system32\GroupPolicy 2016-12-11 03:09 - 2009-07-14 04:20 - 00000000 ___DC C:\Windows\SysWOW64\GroupPolicy 2016-12-11 01:26 - 2014-06-05 13:27 - 00000000 ___DC C:\Windows\SysWOW64\Macromed 2016-12-10 22:47 - 2014-06-05 03:31 - 00000000 ___DC C:\Users\sss\AppData\Roaming\vlc 2016-12-10 21:40 - 2014-06-04 22:08 - 00000000 __HDC C:\Program Files (x86)\InstallShield Installation Information 2016-12-10 16:00 - 2014-09-20 19:29 - 00000000 ___DC C:\Users\sss\Desktop\sessions 2016-12-10 14:15 - 2016-10-13 23:09 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-12-10 14:15 - 2014-09-23 17:08 - 00000000 ___DC C:\ProgramData\Package Cache 2016-12-08 20:46 - 2014-07-31 10:34 - 00000000 ___DC C:\ProgramData\HitmanPro 2016-12-08 18:58 - 2014-06-04 18:07 - 00000000 ___DC C:\Users\sss 2016-12-08 18:05 - 2014-06-05 02:21 - 00000000 ___DC C:\Windows\Minidump 2016-12-08 16:38 - 2016-03-08 19:32 - 00000000 ___DC C:\Users\Public\Documents\Winstep 2016-12-08 13:06 - 2016-08-03 16:24 - 00000000 ___DC C:\ProgramData\RogueKiller 2016-12-08 12:45 - 2016-08-03 16:26 - 00028272 ____C C:\Windows\system32\Drivers\TrueSight.sys 2016-12-08 01:55 - 2014-06-26 20:23 - 00000000 ___DC C:\Users\Filippo 2016-12-08 01:51 - 2014-06-05 01:49 - 00000000 ___DC C:\Program Files (x86)\SpeedFan 2016-12-08 01:51 - 2014-06-05 01:14 - 00000000 ___DC C:\Program Files (x86)\MSI Afterburner 2016-12-08 00:45 - 2014-06-05 03:04 - 00000000 ___DC C:\Users\sss\AppData\Roaming\IObit 2016-12-08 00:45 - 2014-06-05 03:04 - 00000000 ___DC C:\Program Files (x86)\IObit 2016-12-07 21:03 - 2014-06-05 02:18 - 00000000 ___DC C:\Users\sss\AppData\Roaming\IrfanView 2016-12-07 21:02 - 2014-06-05 02:18 - 00000000 ___DC C:\Program Files (x86)\IrfanView 2016-12-04 14:31 - 2016-09-18 11:00 - 00796352 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-12-04 14:31 - 2016-09-18 11:00 - 00142528 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-12-04 14:31 - 2014-06-05 13:27 - 00000000 ___DC C:\Windows\system32\Macromed 2016-12-04 14:31 - 2014-06-05 03:58 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRWare Iron 2016-12-04 14:31 - 2014-06-05 03:57 - 00000000 ___DC C:\Program Files (x86)\SRWare Iron 2016-12-04 13:43 - 2014-06-06 14:08 - 00011348 ____C C:\Users\sss\AppData\Roaming\SmarThruOptions.xml 2016-12-01 13:47 - 2016-11-09 12:07 - 00000000 ___DC C:\Users\sss\AppData\Roaming\NVIDIA 2016-12-01 13:25 - 2016-10-19 17:05 - 00000100 ____C C:\Users\sss\Desktop\progs.txt 2016-11-26 23:51 - 2015-05-20 14:56 - 00000000 ___DC C:\Users\sss\Documents\The Witcher 3 2016-11-26 15:10 - 2014-09-26 13:55 - 00000000 ___DC C:\Users\sss\AppData\Roaming\HD Tune Pro 2016-11-18 15:08 - 2009-07-14 06:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-11-17 19:12 - 2016-10-11 20:03 - 00000000 ___DC C:\Users\sss\AppData\LocalLow\THD 2016-11-17 19:12 - 2014-07-11 14:43 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2016-11-17 19:12 - 2009-07-14 06:32 - 00000000 __RDC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-11-17 17:42 - 2014-12-28 18:06 - 00599720 ____C (www.patchmypc.net) C:\PatchMyPC.exe 2016-11-17 17:17 - 2014-06-05 02:01 - 00003004 ____C C:\Windows\System32\Tasks\MSIAfterburner 2016-11-15 16:18 - 2016-11-10 23:27 - 00000000 ___DC C:\Program Files\Waterfox 2016-11-15 16:17 - 2014-06-05 02:14 - 00000898 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waterfox.lnk 2016-11-12 23:06 - 2014-06-04 19:03 - 00000000 ___DC C:\Windows\Panther ==================== Pliki w katalogu głównym wybranych folderów ======= 2013-01-19 08:44 - 2013-01-19 08:44 - 2174976 ____C (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll 2014-06-15 02:35 - 2016-12-11 16:57 - 0000028 ____C () C:\Users\sss\AppData\Roaming\iRotate.INI 2014-10-29 15:59 - 2016-03-01 21:15 - 0013030 ____C () C:\Users\sss\AppData\Roaming\PDOXUSRS.NET 2014-06-06 14:08 - 2016-12-04 13:43 - 0011348 ____C () C:\Users\sss\AppData\Roaming\SmarThruOptions.xml 2016-08-05 10:56 - 2016-08-05 14:31 - 0000009 ____C () C:\Users\sss\AppData\Roaming\update.dat 2014-06-13 19:23 - 2016-12-04 13:35 - 0001496 ____C () C:\Users\sss\AppData\Local\Adobe Zapisz dla Internetu 13.0 Prefs 2014-06-11 20:02 - 2016-11-26 03:04 - 0039936 ____C () C:\Users\sss\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-06-05 02:16 - 2016-12-08 02:02 - 0007606 ____C () C:\Users\sss\AppData\Local\Resmon.ResmonCfg 2015-01-20 21:45 - 2015-01-20 21:45 - 0009839 ____C () C:\Users\sss\AppData\Local\soulseek-client.dat.1421786720229 2015-01-20 21:50 - 2015-01-20 21:50 - 0009839 ____C () C:\Users\sss\AppData\Local\soulseek-client.dat.1421787057726 2015-01-22 18:29 - 2015-01-22 18:29 - 0009839 ____C () C:\Users\sss\AppData\Local\soulseek-client.dat.1421947791687 2016-04-20 18:29 - 2016-04-20 18:29 - 0000000 ____C () C:\Users\sss\AppData\Local\{45AF4C09-B0AC-4D3F-87C2-CC430D872DD2} 2015-11-04 20:31 - 2015-11-04 20:31 - 0000057 ____C () C:\ProgramData\Ament.ini 2014-06-05 01:07 - 2009-02-24 11:40 - 0001026 ____C () C:\ProgramData\cfSB0270.ini 2014-06-05 01:07 - 2009-02-24 11:40 - 0001026 ____C () C:\ProgramData\cfSB0271.ini 2014-06-05 01:07 - 2009-02-24 11:40 - 0001302 ____C () C:\ProgramData\cfSB0300.ini 2014-06-05 01:07 - 2009-02-24 11:40 - 0001282 ____C () C:\ProgramData\cfSB0471.ini 2014-06-05 01:07 - 2009-02-24 11:40 - 0001208 ____C () C:\ProgramData\cfSB0490.ini 2014-06-05 01:07 - 2009-02-24 11:40 - 0001027 ____C () C:\ProgramData\cfSB0560.ini 2014-06-05 01:07 - 2009-02-24 11:40 - 0001352 ____C () C:\ProgramData\cfSB0910.ini 2014-06-05 01:07 - 2009-02-24 11:40 - 0000590 ____C () C:\ProgramData\cfSB0950.ini 2014-06-05 01:07 - 2009-02-24 11:40 - 0001352 ____C () C:\ProgramData\cfSB1090.ini 2014-06-05 01:07 - 2009-02-24 11:40 - 0001346 ____C () C:\ProgramData\cfSB1100.ini 2014-06-08 17:08 - 2014-09-08 17:08 - 0000193 ____C () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-12-04 15:13 ==================== Koniec FRST.txt ============================