Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 3-07-2019 Uruchomiony przez Dorota (administrator) DOROTA-KOMPUTER (Acer Aspire 4755) (03-07-2019 22:11:10) Uruchomiony z C:\Users\Dorota\Downloads Załadowane profile: UpdatusUser & Dorota (Dostępne profile: UpdatusUser & Dorota) Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Atheros Communications Inc. -> Atheros Commnucations) [Brak podpisu cyfrowego] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Atheros Communications Inc. -> Atheros Commnucations) [Brak podpisu cyfrowego] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Communications Inc. -> Atheros Communications) [Brak podpisu cyfrowego] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Corel Corporation -> Corel) C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe (Corel, Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe (CyberLink -> CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe (CyberLink -> CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe (Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (Emsi Software GmbH -> Emsi Software GmbH) C:\Program Files (x86)\a-squared Free\a2service.exe (Facebook, Inc. -> Facebook Inc.) C:\Users\Dorota\AppData\Local\Facebook\Update\FacebookUpdate.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Huawei Technologies Co., Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\blueconnect\DataCardMonitor.exe (Huawei Technologies Co., Ltd.) [Brak podpisu cyfrowego] C:\Users\Dorota\AppData\Roaming\blueconnect\ouc.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Nektra S.A.) [Brak podpisu cyfrowego] C:\Program Files (x86)\ivo\Expressivo\integr\OutlookExpress\ExprOElauncher.exe (NTI Corporation -> NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation -> NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Protexis Inc. -> Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Shenzhen Huion Animation Technology Co., Ltd. -> HUION Animation Technology Co.,ltd) C:\Huion Tablet\Huion Tablet.exe (Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11855976 2011-05-18] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-05-18] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-02-23] (Atheros Communications Inc. -> Atheros Communications) [Brak podpisu cyfrowego] HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-02-23] (Atheros Communications Inc. -> Atheros Commnucations) [Brak podpisu cyfrowego] HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2392360 2010-10-09] (Synaptics Incorporated -> Synaptics Incorporated) HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831528 2011-05-10] (Acer Incorporated -> Acer Incorporated) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [262024 2019-05-20] (AVAST Software s.r.o. -> AVAST Software) HKLM\...\Run: [TabletDriver] => C:\Huion Tablet\Huion Tablet.exe [2821128 2017-06-26] (Shenzhen Huion Animation Technology Co., Ltd. -> HUION Animation Technology Co.,ltd) HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation -> NTI Corporation) HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-02-03] (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.) HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation -> Renesas Electronics Corporation) HKLM-x32\...\Run: [NWEReboot] => [X] HKLM-x32\...\Run: [DataCardMonitor] => C:\Program Files (x86)\blueconnect\DataCardMonitor.exe**C:\Usersťo*|*%**Č*8*x*8*am Files (x86)\blueconnect\DataCardMonitor.exe**x*8*Ä*8******%**x*8*Ä*8*exe*es\Common Fi”o*t*%****V*˙˙˙˙**************** (dane wartości zawierają 56 znaków więcej). HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-14] (Dritek System Inc. -> Dritek System Inc.) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-05-14] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [Corel File Shell Monitor] => c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe HKLM-x32\...\Run: [Standby] => c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe [105632 2010-01-07] (Corel Corporation -> Corel) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [413696 2008-09-06] (Apple Inc.) [Brak podpisu cyfrowego] HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid} HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid} HKU\S-1-5-21-4133095598-1319835705-4122882115-1000\...\Run: [IVONA ControlCenter] => C:\Program Files (x86)\IVONA\IVONA ControlCenter\IVONA ControlCenter.exe [1770360 2012-02-22] (IVO Software Sp. z o.o. -> IVONA Software Sp. z o.o.) HKU\S-1-5-21-4133095598-1319835705-4122882115-1000\...\Run: [ExprOElauncher] => C:\Program Files (x86)\ivo\Expressivo\integr\OutlookExpress\ExprOElauncher.exe [94720 2009-04-28] (Nektra S.A.) [Brak podpisu cyfrowego] HKU\S-1-5-21-4133095598-1319835705-4122882115-1000\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] => "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB HKU\S-1-5-21-4133095598-1319835705-4122882115-1001\...\Run: [IVONA ControlCenter] => C:\Program Files (x86)\IVONA\IVONA ControlCenter\IVONA ControlCenter.exe [1770360 2012-02-22] (IVO Software Sp. z o.o. -> IVONA Software Sp. z o.o.) HKU\S-1-5-21-4133095598-1319835705-4122882115-1001\...\Run: [ExprOElauncher] => C:\Program Files (x86)\ivo\Expressivo\integr\OutlookExpress\ExprOElauncher.exe [94720 2009-04-28] (Nektra S.A.) [Brak podpisu cyfrowego] HKU\S-1-5-21-4133095598-1319835705-4122882115-1001\...\Run: [HW_OPENEYE_OUC_blueconnect] => C:\Program Files (x86)\blueconnect\UpdateDog\ouc.exe [110592 2009-06-23] (Huawei Technologies Co., Ltd.) [Brak podpisu cyfrowego] HKU\S-1-5-21-4133095598-1319835705-4122882115-1001\...\Run: [Facebook Update] => C:\Users\Dorota\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-07-15] (Facebook, Inc. -> Facebook Inc.) HKU\S-1-5-21-4133095598-1319835705-4122882115-1001\...\Run: [Google Update] => C:\Users\Dorota\AppData\Local\Google\Update\1.3.34.11\GoogleUpdateCore.exe [410920 2019-05-15] (Google Inc -> Google LLC) HKU\S-1-5-21-4133095598-1319835705-4122882115-1001\...\Run: [Corel Photo Downloader] => c:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [522752 2011-09-07] (Corel, Inc.) [Brak podpisu cyfrowego] HKU\S-1-5-21-4133095598-1319835705-4122882115-1001\...\Run: [TomTom MySports Connect.exe] => C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe --hideSplashScreen HKU\S-1-5-21-4133095598-1319835705-4122882115-1001\...\Run: [Chromium] => c:\users\dorota\appdata\local\chromium\application\chrome.exe [4186112 2017-10-10] (The Chromium Authors) [Brak podpisu cyfrowego] HKU\S-1-5-21-4133095598-1319835705-4122882115-1001\...\Run: [GoogleChromeAutoLaunch_0DDD9364BC7B174D2DF21322496AF5C7] => C:\Users\Dorota\AppData\Local\chromium\Application\chrome.exe [4186112 2017-10-10] (The Chromium Authors) [Brak podpisu cyfrowego] HKU\S-1-5-21-4133095598-1319835705-4122882115-1001\...\MountPoints2: {073a794a-5cb4-11e3-bbb0-206a8a53b783} - E:\autorun.exe HKU\S-1-5-21-4133095598-1319835705-4122882115-1001\...\MountPoints2: {13d09f0f-86fc-11e2-af0a-206a8a53b783} - E:\AutoRun.exe HKU\S-1-5-21-4133095598-1319835705-4122882115-1001\...\MountPoints2: {26c72a8e-add8-11e2-987f-206a8a53b783} - E:\Startme.exe HKU\S-1-5-21-4133095598-1319835705-4122882115-1001\...\MountPoints2: {6b6810a8-bd55-11e2-8c71-206a8a53b783} - F:\AutoRun.exe HKU\S-1-5-21-4133095598-1319835705-4122882115-1001\...\MountPoints2: {b8454f3e-865b-11e2-9092-206a8a53b783} - E:\AutoRun.exe HKU\S-1-5-21-4133095598-1319835705-4122882115-1001\...\MountPoints2: {b8454f4e-865b-11e2-9092-206a8a53b783} - E:\AutoRun.exe HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid} HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\SysWOW64\l3codecp.acm [220672 2009-07-14] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS) HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [445504 2008-03-13] (Electronic Arts -> On2.com) [Brak podpisu cyfrowego] HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [445504 2008-03-13] (Electronic Arts -> On2.com) [Brak podpisu cyfrowego] HKLM\...\Drivers32: [VIDC.MKVC] => C:\Windows\SysWOW64\KMVIDC32.DLL [47104 2016-11-09] () [Brak podpisu cyfrowego] HKLM\...\Drivers32: [msacm.dvacm] => c:\Program Files (x86)\Common Files\Ulead Systems\VIO\DVACM.acm [20480 2010-01-07] (Corel TW Corp.) [Brak podpisu cyfrowego] HKLM\...\Drivers32: [msacm.MPEGacm] => c:\Program Files (x86)\Common Files\Ulead Systems\MPEG\MPEGACM.acm [69632 2010-01-07] (Ulead Systems, Inc.) [Brak podpisu cyfrowego] HKLM\...\Drivers32: [msacm.ulmp3acm] => c:\Program Files (x86)\Common Files\Ulead Systems\MPEG\ulmp3acm.acm [319488 2010-01-07] (Ulead systems) [Brak podpisu cyfrowego] HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-21] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\75.0.1447.80\Installer\chrmstp.exe [2019-06-29] (AVAST Software s.r.o. -> AVAST Software) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [226920 2011-06-06] (NVIDIA Corporation -> NVIDIA Corporation) AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [193128 2011-06-06] (NVIDIA Corporation -> NVIDIA Corporation) FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0009AE5E-CC27-43F4-903E-C42479C04FAB} - System32\Tasks\Opera scheduled Autoupdate 1386458626 => C:\Program Files (x86)\Opera\launcher.exe [1252440 2019-02-12] (Opera Software AS -> Opera Software) Task: {04C73574-34C4-4CE7-8EA5-C655B9A39C44} - System32\Tasks\e-pity2018_kwiecien => C:\Program Files (x86)\e-file\e-pity\Assets\signxml.exe [1389512 2019-03-08] (e-file sp. z o.o. -> e-file sp. z o.o. sp. k.) Task: {05179383-BE5E-44A7-BD2C-0C6580D8FE1D} - System32\Tasks\{CD87BB91-268A-4923-BFA6-DA4EBAF316F4} => c:\program files (x86)\opera\opera.exe [879456 2014-04-27] (Opera Software ASA -> Opera Software) Task: {092402BC-B16F-4D36-86EC-8377AED16AD5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4133095598-1319835705-4122882115-1001UA => C:\Users\Dorota\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-07-15] (Facebook, Inc. -> Facebook Inc.) Task: {26A48313-FB43-43EF-9725-83E9AF50CFC0} - System32\Tasks\Games\UpdateCheck_S-1-5-21-4133095598-1319835705-4122882115-1001 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {2A409D5B-889D-4B9D-8BC7-F8CA1A5ADB8D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4133095598-1319835705-4122882115-1001UA => C:\Users\Dorota\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.) Task: {2DDBEFBB-2DC8-454D-A282-B51FA1658CDF} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [169352 2011-05-20] (CyberLink -> CyberLink) Task: {30DA2D40-1047-4015-9642-795A35BEA7EE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2281944 2019-06-05] (AVAST Software s.r.o. -> AVAST Software) Task: {41099659-E114-43B0-997F-E3438C214337} - System32\Tasks\Adobe Reader Speed Launcher => c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe Task: {4E6EC77B-48BB-4023-86C4-BCF945E4BD49} - System32\Tasks\Adobe ARM => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Task: {4FCB05F6-F0AC-42F8-B252-6A19180FE775} - System32\Tasks\{6500C504-1675-4978-B3B5-7663EAC30E20} => c:\program files (x86)\opera\opera.exe [879456 2014-04-27] (Opera Software ASA -> Opera Software) Task: {6103C661-C1A7-48A8-B02D-F3D47BB3F5C5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4133095598-1319835705-4122882115-1001Core => C:\Users\Dorota\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.) Task: {63593D62-0962-4039-988A-4B2F915A3425} - System32\Tasks\{C7F46D6F-52AA-47A9-9BFD-FD8766AA850F} => c:\program files (x86)\opera\opera.exe [879456 2014-04-27] (Opera Software ASA -> Opera Software) Task: {6D168B75-C9D4-48D1-96F2-017C36C2F674} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_pepper.exe [1452544 2019-02-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {7753C703-ABE9-4461-8B59-C85381094FE0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.) Task: {77E80B61-1E1E-4D57-BF8B-F797469E1F79} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [120104 2011-05-20] (CyberLink -> CyberLink Corp.) Task: {844F1A75-1D2C-4EDE-B734-5B263E6F07BE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-02-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {99F25D71-91CB-4722-B8A1-E097A6B14673} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-31] (AVAST Software s.r.o. -> AVAST Software) Task: {9DE8CA12-CECC-4EBD-9282-70D459797115} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe [1457152 2019-02-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {A06951DF-F5AC-443D-B353-FC1D64DF7936} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-31] (AVAST Software s.r.o. -> AVAST Software) Task: {B23AFE65-62A0-4D5B-8FF2-6412462DA741} - System32\Tasks\{6F2EFEB5-ABDF-4771-9D37-18025A6408E6} => C:\Windows\system32\pcalua.exe -a C:\Users\Dorota\Desktop\vkaraoke.exe -d C:\Users\Dorota\Desktop Task: {B64A004A-1F66-4D76-8720-C3BFDB3029FF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Task: {BFC1ED6C-D29D-4827-9CBA-9BD5B4188F7D} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-06-12] (AVAST Software s.r.o. -> AVAST Software) Task: {C04748D8-E0EF-4A47-B4F6-DD64E6E79D6A} - System32\Tasks\{FC917A69-A170-442D-854C-18EE03222E5A} => c:\program files (x86)\opera\opera.exe [879456 2014-04-27] (Opera Software ASA -> Opera Software) Task: {C37222BC-B6FA-4C4E-8E38-7D02715FFFA6} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {DE67EAEE-EDAF-4592-B303-6D24B5F8289C} - System32\Tasks\e-pity2018_styczen => C:\Program Files (x86)\e-file\e-pity\Assets\signxml.exe [1389512 2019-03-08] (e-file sp. z o.o. -> e-file sp. z o.o. sp. k.) Task: {E054DE41-F44E-4A92-AAD5-DA45401AC4D4} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4133095598-1319835705-4122882115-1001Core => C:\Users\Dorota\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-07-15] (Facebook, Inc. -> Facebook Inc.) Task: {E934B401-1B61-4736-A192-75B5A8542093} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-06-12] (AVAST Software s.r.o. -> AVAST Software) Task: {EF3E36A4-1CC6-44AF-881D-E1B2F62302DA} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [264760 2011-05-20] (CyberLink -> Acer Incorporated) Task: {F452E883-2F34-4695-BCEF-3E92DB7BF877} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2934152 2019-05-20] (AVAST Software s.r.o. -> AVAST Software) Task: {FB777D63-B0B6-4F39-AC3A-7C4546422BC4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4133095598-1319835705-4122882115-1001Core.job => C:\Users\Dorota\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4133095598-1319835705-4122882115-1001UA.job => C:\Users\Dorota\AppData\Local\Facebook\Update\FacebookUpdate.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: 46.23.70.78 pagead2.googlesyndication.com Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{B7B553C4-333E-4BD7-9FDE-E85B1C22D7DB}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-4133095598-1319835705-4122882115-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://pl.v9.com/?utm_source=b&utm_medium=vlt HKU\S-1-5-21-4133095598-1319835705-4122882115-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nav-pl.com/ HKU\S-1-5-21-4133095598-1319835705-4122882115-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz= URLSearchHook: HKU\S-1-5-21-4133095598-1319835705-4122882115-1000 - (Brak nazwy) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - Brak pliku SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-4133095598-1319835705-4122882115-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.google.pl/cse?q={searchTerms}&cx=partner-pub-2489206448026482%3A4041638047&tbm=&ie=UTF-8#gsc.tab=0&gsc.q={searchTerms} SearchScopes: HKU\S-1-5-21-4133095598-1319835705-4122882115-1001 -> DefaultScope {C4722B60-9C61-4EC1-81F3-C4BCB0F5BAA2} URL = hxxp://www.nav-pl.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-4133095598-1319835705-4122882115-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-4133095598-1319835705-4122882115-1001 -> {8C27C44E-6860-45AB-821A-4F4B0F763EBF} URL = hxxp://www.search.ask.com/web?tpid=ORJ-SPE&o=APN11406&pf=V7&p2=^BBE^OSJ000^YY^PL&gct=&itbv=12.15.5.30&apn_uid=2BDE9602-4881-4A78-98BA-A5FDE606642E&apn_ptnrs=BBE&apn_dtid=^OSJ000^YY^PL&apn_dbr=Opera.exe_0_12.17.1863.0&doi=2014-08-14&trgb=IE&q={searchTerms}&psv=&pt=tb SearchScopes: HKU\S-1-5-21-4133095598-1319835705-4122882115-1001 -> {C4722B60-9C61-4EC1-81F3-C4BCB0F5BAA2} URL = hxxp://www.nav-pl.com/search?q={searchTerms} BHO: Expressivo -> {85F685C3-20D9-4943-95E4-EB4224056C3F} -> C:\Program Files (x86)\ivo\Expressivo\integr\ih-iexplorer\IH_iexplorer_x64.dll [2008-09-19] (IVO Software Sp. z o.o.) [Brak podpisu cyfrowego] BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2016-01-03] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Expressivo -> {85F685C3-20D9-4943-95E4-EB4224056C3F} -> C:\Program Files (x86)\ivo\Expressivo\integr\ih-iexplorer\IH_iexplorer.dll [2008-09-19] (IVO Software Sp. z o.o.) [Brak podpisu cyfrowego] BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-02-23] (Atheros Communications Inc. -> Atheros Commnucations) [Brak podpisu cyfrowego] BHO-x32: Pomocnik logowania za pomocą identyfikatora Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-03] (Oracle America, Inc. -> Oracle Corporation) Toolbar: HKLM - Expressivo - {85F685C3-20D9-4943-95E4-EB4224056C3F} - C:\Program Files (x86)\ivo\Expressivo\integr\ih-iexplorer\IH_iexplorer_x64.dll [2008-09-19] (IVO Software Sp. z o.o.) [Brak podpisu cyfrowego] Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Brak pliku Toolbar: HKLM - Brak nazwy - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Brak pliku Toolbar: HKLM-x32 - Expressivo - {85F685C3-20D9-4943-95E4-EB4224056C3F} - C:\Program Files (x86)\ivo\Expressivo\integr\ih-iexplorer\IH_iexplorer.dll [2008-09-19] (IVO Software Sp. z o.o.) [Brak podpisu cyfrowego] Toolbar: HKU\S-1-5-21-4133095598-1319835705-4122882115-1000 -> Brak nazwy - {BA14329E-9550-4989-B3F2-9732E92D17CC} - Brak pliku Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Software Sarl -> Skype Technologies) StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.delta-homes.com/?type=sc&ts=1419855272&from=wpm12233&uid=HitachiXHTS547550A9E384_J2160051C95YNDC95YNDX FireFox: ======== FF ProfilePath: C:\Users\Dorota\AppData\Roaming\Mozilla\Firefox\Profiles\no48ijoo.default [2019-05-29] FF Homepage: Mozilla\Firefox\Profiles\no48ijoo.default -> hxxp://www.interia.pl/#utm_source=instalki1&utm_medium=installer&utm_campaign=instalki1&iwa_source=installer_instalki FF Extension: (Security Protection) - C:\Users\Dorota\AppData\Roaming\Mozilla\Firefox\Profiles\no48ijoo.default\Extensions\detgdp@gmail.com [2014-12-29] [Przestarzałe] [Brak podpisu cyfrowego] FF Extension: (Video DownloadHelper) - C:\Users\Dorota\AppData\Roaming\Mozilla\Firefox\Profiles\no48ijoo.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-09-13] [Przestarzałe] FF HKLM-x32\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\Dorota\AppData\Roaming\Mozilla\Firefox\Profiles\no48ijoo.default\extensions\detgdp@gmail.com FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll [2019-02-13] (Adobe Systems Incorporated -> ) FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-02-13] (Adobe Systems Incorporated -> ) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-06-06] (Google Inc -> Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2016-01-03] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2016-01-03] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc. -> RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.) [Brak podpisu cyfrowego] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-4133095598-1319835705-4122882115-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Dorota\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Software Sarl -> Skype Limited) FF Plugin HKU\S-1-5-21-4133095598-1319835705-4122882115-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Dorota\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google Inc -> Google) FF Plugin HKU\S-1-5-21-4133095598-1319835705-4122882115-1001: @talk.google.com/O1DPlugin -> C:\Users\Dorota\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google Inc -> Google) FF Plugin HKU\S-1-5-21-4133095598-1319835705-4122882115-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Dorota\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC) FF Plugin HKU\S-1-5-21-4133095598-1319835705-4122882115-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Dorota\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC) FF Plugin HKU\S-1-5-21-4133095598-1319835705-4122882115-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Dorota\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS -> Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Users\Dorota\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-16] FF Plugin ProgramFiles/Appdata: C:\Users\Dorota\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-16] Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> search.ask.com CHR StartupUrls: Default -> "hxxp://www.google.pl/" CHR DefaultSearchURL: Default -> hxxp://www.nav-pl.com/search?q={searchTerms} CHR DefaultSearchKeyword: Default -> szukaj CHR Profile: C:\Users\Dorota\AppData\Local\Google\Chrome\User Data\Default [2019-07-03] CHR Extension: (Ask Search) - C:\Users\Dorota\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca [2019-07-03] CHR Extension: (Ask Search) - C:\Users\Dorota\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf [2019-07-03] CHR Extension: (Adobe Acrobat) - C:\Users\Dorota\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-06-16] CHR Extension: (Avast Online Security) - C:\Users\Dorota\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-02] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Dorota\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-17] CHR Extension: (Chrome Media Router) - C:\Users\Dorota\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-21] CHR HKLM\...\Chrome\Extension: [aaaaahaeginbdcckocjkhbciadcafnep] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaahaeginbdcckocjkhbciadcafnep.crx CHR HKLM\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaahlfahldnilidgnlikdckbfehhca.crx CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx CHR HKLM\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\Dorota\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [2014-12-29] CHR HKU\S-1-5-21-4133095598-1319835705-4122882115-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [aaaaahaeginbdcckocjkhbciadcafnep] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaahaeginbdcckocjkhbciadcafnep.crx CHR HKLM-x32\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaahlfahldnilidgnlikdckbfehhca.crx CHR HKLM-x32\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx CHR HKLM-x32\...\Chrome\Extension: [ippenodjaoidmkkfdlmdhofiebnpjddb] - C:\Program Files (x86)\BrowseSmart\ippenodjaoidmkkfdlmdhofiebnpjddb.crx CHR HKLM-x32\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\Dorota\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [2014-12-29] CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx Opera: ======= OPR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Dorota\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2019-03-28] StartMenuInternet: (HKLM) Opera - C:\Program Files (x86)\Opera\Opera.exe hxxp://www.delta-homes.com/?type=sc&ts=1419855272&from=wpm12233&uid=HitachiXHTS547550A9E384_J2160051C95YNDC95YNDX ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 a2free; C:\Program Files (x86)\a-squared Free\a2service.exe [1872320 2010-04-15] (Emsi Software GmbH -> Emsi Software GmbH) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6844776 2019-06-21] (AVAST Software s.r.o. -> AVAST Software) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [76448 2011-02-23] (Atheros Communications Inc. -> Atheros Commnucations) [Brak podpisu cyfrowego] S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-31] (AVAST Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [409224 2019-05-20] (AVAST Software s.r.o. -> AVAST Software) S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-31] (AVAST Software s.r.o. -> AVAST Software) S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\75.0.1447.80\elevation_service.exe [978720 2019-06-12] (AVAST Software s.r.o. -> AVAST Software) S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation -> Symantec Corporation) R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation -> NTI Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) U4 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X] ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-05-20] (AVAST Software s.r.o. -> AVAST Software) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [207448 2019-05-20] (AVAST Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [262496 2019-05-20] (AVAST Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [205848 2019-05-20] (AVAST Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61472 2019-05-20] (AVAST Software s.r.o. -> AVAST Software) R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279120 2019-05-20] (AVAST Software s.r.o. -> AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-05-20] (AVAST Software s.r.o. -> AVAST Software) R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [168104 2019-06-21] (AVAST Software s.r.o. -> AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112312 2019-05-20] (AVAST Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87944 2019-05-20] (AVAST Software s.r.o. -> AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030784 2019-05-20] (AVAST Software s.r.o. -> AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477584 2019-05-20] (AVAST Software s.r.o. -> AVAST Software) R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225600 2019-06-21] (AVAST Software s.r.o. -> AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [385880 2019-06-21] (AVAST Software s.r.o. -> AVAST Software) R1 GSVDRIVE; C:\Windows\System32\DRIVERS\GSVDRIVE.sys [30816 2016-10-27] (Pepstyle International Limited -> GiliSoft International LLC.) S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [116992 2009-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [113792 2009-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 L1E; C:\Windows\System32\DRIVERS\L1E62x64.sys [54272 2009-06-20] (Microsoft Windows -> Atheros Communications, Inc.) R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [80384 2010-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation) R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [181248 2010-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation) S3 optousb; C:\Windows\System32\DRIVERS\optousb.sys [27264 2013-03-11] (Microsoft Windows Hardware Compatibility Publisher -> OPTO ELECTRONICS CO.,LTD.) S3 optovcm; C:\Windows\System32\DRIVERS\optovcm.sys [34432 2013-03-11] (Microsoft Windows Hardware Compatibility Publisher -> OPTO ELECTRONICS CO.,LTD.) R3 vmulti; C:\Windows\System32\DRIVERS\vmulti.sys [10752 2014-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Trzy miesiące (utworzone) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) Error(1) reading file: "C:\Users\Dorota\Desktop\Wszystko to co mam tylko Tobie dam " 2019-07-03 22:11 - 2019-07-03 22:14 - 000047493 _____ C:\Users\Dorota\Downloads\FRST.txt 2019-07-03 22:10 - 2019-07-03 22:11 - 000000000 ____D C:\FRST 2019-07-03 22:09 - 2019-07-03 22:10 - 002420224 _____ (Farbar) C:\Users\Dorota\Downloads\FRST64.exe 2019-07-03 21:40 - 2019-07-03 21:40 - 007025360 _____ (Malwarebytes) C:\Users\Dorota\Downloads\adwcleaner_7.3.exe 2019-07-03 21:39 - 2019-07-03 21:39 - 007316688 _____ (Malwarebytes) C:\Users\Dorota\Downloads\adwcleaner_7.2.7.0.exe 2019-07-02 23:46 - 2019-07-02 23:47 - 005937968 _____ (EnigmaSoft Limited) C:\Users\Dorota\Downloads\sh-remover.exe 2019-06-24 19:28 - 2019-06-24 20:31 - 000000000 ____D C:\Users\Dorota\Desktop\dddddd_data 2019-06-24 19:28 - 2019-06-24 20:17 - 000003104 _____ C:\Users\Dorota\Desktop\dddddd.aup 2019-06-24 19:28 - 2019-06-24 19:57 - 000005156 _____ C:\Users\Dorota\Desktop\dddddd.aup.bak 2019-06-16 21:55 - 2019-06-16 22:01 - 733012128 _____ C:\Users\Dorota\Downloads\Cudowny chłopak Cudowny chłopak.avi 2019-06-16 21:49 - 2019-06-16 21:49 - 000022356 _____ C:\Users\Dorota\Downloads\potwierdzenie (1).pdf 2019-06-16 21:46 - 2019-06-16 21:47 - 000022463 _____ C:\Users\Dorota\Downloads\potwierdzenie.pdf 2019-06-15 17:28 - 2019-06-25 11:07 - 000035194 _____ C:\Users\Dorota\Desktop\tato wołam Ciebie.aup 2019-06-15 17:28 - 2019-06-25 11:07 - 000000000 ____D C:\Users\Dorota\Desktop\tato wołam Ciebie_data 2019-06-15 17:28 - 2019-06-25 10:59 - 000035194 _____ C:\Users\Dorota\Desktop\tato wołam Ciebie.aup.bak 2019-06-07 10:26 - 2019-06-07 10:27 - 009872355 _____ C:\Users\Dorota\Downloads\Zofia.eml 2019-05-29 22:15 - 2019-05-29 22:15 - 005134226 _____ C:\Users\Dorota\Desktop\Letnia Chakalaka - moja ulubiona! Wegańska, wegetariańska, wysokobiałkowa! - Qchenne Inspiracje.pdf 2019-05-29 21:46 - 2019-05-29 21:49 - 000000000 ____D C:\Users\Dorota\Desktop\Wakacje 2019 - HISZPANIA 2019-05-29 21:44 - 2019-05-29 21:47 - 000000000 ____D C:\Users\Dorota\Desktop\Podyplomówka Oligo 2019-05-29 21:40 - 2019-05-29 21:55 - 000000000 ____D C:\Users\Dorota\Desktop\ZDJĘCIA ZDJĘCIA ZDJĘCIA i filmy 2019-05-29 21:24 - 2019-05-29 21:50 - 000000000 ____D C:\Users\Dorota\Desktop\Obrazki do pomocy dydaktycznych 2019-05-29 19:55 - 2019-05-29 19:55 - 000000000 ____D C:\Users\Dorota\Desktop\treningi 2019-05-29 19:26 - 2019-05-29 19:26 - 000000000 ____D C:\Program Files (x86)\Lame For Audacity 2019-05-29 19:24 - 2019-05-29 19:25 - 000527423 _____ ( ) C:\Users\Dorota\Downloads\Lame_v3.99.3_for_Windows.exe 2019-05-29 19:23 - 2019-05-29 19:23 - 000002277 _____ C:\Users\Dorota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk 2019-05-29 19:23 - 2019-05-29 19:23 - 000002269 _____ C:\Users\Dorota\Desktop\Chromium.lnk 2019-05-29 19:22 - 2019-05-29 19:23 - 000000000 ____D C:\Users\Dorota\AppData\Local\chromium 2019-05-29 19:21 - 2019-06-21 21:09 - 000000000 ____D C:\Users\Dorota\AppData\Local\WallpaperSuite 2019-05-29 19:21 - 2019-05-29 19:24 - 000000000 ____D C:\Users\Dorota\AppData\Local\{954AA316-B1E2-CFAE-DC7A-EA46F81216DE} 2019-05-29 19:21 - 2019-05-29 19:21 - 000001298 _____ C:\Users\Dorota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk 2019-05-29 19:20 - 2019-05-29 19:20 - 002287816 _____ (Gohuhoma ) C:\Users\Dorota\Downloads\LAME-MP3-encoder-12377-AsystentPobierania_3979078599.exe 2019-05-29 19:18 - 2019-05-29 19:18 - 001524133 _____ C:\Users\Dorota\Downloads\lame-3.100 (1).tar.gz 2019-05-29 19:17 - 2019-05-29 19:17 - 001524133 _____ C:\Users\Dorota\Downloads\lame-3.100.tar.gz 2019-05-29 19:17 - 2019-05-29 19:17 - 000000000 ____D C:\Users\Dorota\Downloads\lame-3.100 2019-05-29 19:13 - 2016-12-03 22:05 - 000001090 ____N C:\Users\Dorota\Downloads\How to fix Lame_enc.dll errors - DLLDownloader.com.txt 2019-05-29 19:12 - 2019-05-29 19:12 - 000287900 _____ C:\Users\Dorota\Downloads\lame_enc.dll.zip 2019-05-29 19:00 - 2019-05-29 19:58 - 000000000 ____D C:\Users\Dorota\AppData\Roaming\Audacity 2019-05-29 19:00 - 2019-05-29 19:13 - 000000000 ____D C:\Program Files (x86)\Audacity2 2019-05-29 19:00 - 2019-05-29 19:00 - 000001022 _____ C:\Users\Public\Desktop\Audacity.lnk 2019-05-29 18:58 - 2019-05-29 18:58 - 024210616 _____ (Audacity Team ) C:\Users\Dorota\Downloads\audacity-win-2.1.0.exe 2019-05-28 12:32 - 2019-05-28 12:32 - 000131986 _____ C:\Users\Dorota\Downloads\ZGODY_ZWYCIĘZCY (1).pdf 2019-05-28 12:27 - 2019-05-28 12:27 - 000131145 _____ C:\Users\Dorota\Downloads\ZGODY_ZWYCIĘZCY.pdf 2019-05-25 22:07 - 2019-05-25 22:07 - 000718042 _____ C:\Users\Dorota\Downloads\IPET-dla-dziewczyn.pdf 2019-05-20 18:53 - 2019-05-20 18:48 - 000262496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys 2019-05-20 18:53 - 2019-05-20 18:48 - 000205848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys 2019-05-20 18:53 - 2019-05-20 18:48 - 000061472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys 2019-05-20 18:53 - 2019-05-20 18:48 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys 2019-05-20 18:52 - 2019-05-20 18:49 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2019-05-12 20:21 - 2019-05-12 20:21 - 000086518 _____ C:\Users\Dorota\Downloads\credo Janusz Korczak.pdf 2019-04-26 11:56 - 2019-04-26 11:56 - 000109733 _____ C:\Users\Dorota\Downloads\SC-308-Luzi19042611550.pdf 2019-04-26 11:56 - 2019-04-26 11:56 - 000109733 _____ C:\Users\Dorota\Downloads\SC-308-Luzi19042611550 (1).pdf 2019-04-17 18:09 - 2019-06-29 21:06 - 000003732 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) 2019-04-17 18:09 - 2019-06-29 21:06 - 000003150 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) 2019-04-15 21:16 - 2019-04-15 22:17 - 000000000 ____D C:\Users\Dorota\Desktop\dla Pani Jadzi 2019-04-11 12:49 - 2019-04-13 00:31 - 000084480 ____H C:\Users\Dorota\Desktop\~WRL0724.tmp 2019-04-11 12:49 - 2019-04-12 23:50 - 000077312 ____H C:\Users\Dorota\Desktop\~WRL3817.tmp 2019-04-11 12:49 - 2019-04-12 23:43 - 000076800 ____H C:\Users\Dorota\Desktop\~WRL1201.tmp 2019-04-11 12:49 - 2019-04-12 23:35 - 000076288 ____H C:\Users\Dorota\Desktop\~WRL3611.tmp 2019-04-11 12:49 - 2019-04-12 23:20 - 000074240 ____H C:\Users\Dorota\Desktop\~WRL3353.tmp 2019-04-11 12:49 - 2019-04-12 23:17 - 000073728 ____H C:\Users\Dorota\Desktop\~WRL3227.tmp 2019-04-11 12:49 - 2019-04-12 22:50 - 000073728 ____H C:\Users\Dorota\Desktop\~WRL0550.tmp 2019-04-11 12:49 - 2019-04-12 22:44 - 000072704 ____H C:\Users\Dorota\Desktop\~WRL0272.tmp 2019-04-11 12:49 - 2019-04-12 22:32 - 000072192 ____H C:\Users\Dorota\Desktop\~WRL3185.tmp 2019-04-11 12:49 - 2019-04-12 22:01 - 000069632 ____H C:\Users\Dorota\Desktop\~WRL2727.tmp 2019-04-11 12:49 - 2019-04-12 21:43 - 000068096 ____H C:\Users\Dorota\Desktop\~WRL2745.tmp 2019-04-11 12:49 - 2019-04-12 21:42 - 000068096 ____H C:\Users\Dorota\Desktop\~WRL3408.tmp 2019-04-11 12:49 - 2019-04-12 21:13 - 000065536 ____H C:\Users\Dorota\Desktop\~WRL2110.tmp 2019-04-11 12:49 - 2019-04-12 21:05 - 000064512 ____H C:\Users\Dorota\Desktop\~WRL1782.tmp 2019-04-11 12:49 - 2019-04-12 20:27 - 000064000 ____H C:\Users\Dorota\Desktop\~WRL0096.tmp 2019-04-11 12:49 - 2019-04-12 20:24 - 000063488 ____H C:\Users\Dorota\Desktop\~WRL3896.tmp 2019-04-11 12:49 - 2019-04-12 19:52 - 000060416 ____H C:\Users\Dorota\Desktop\~WRL3819.tmp 2019-04-11 12:49 - 2019-04-12 19:24 - 000058880 ____H C:\Users\Dorota\Desktop\~WRL3581.tmp 2019-04-11 12:49 - 2019-04-12 19:11 - 000058368 ____H C:\Users\Dorota\Desktop\~WRL0575.tmp 2019-04-11 12:49 - 2019-04-12 19:07 - 000058368 ____H C:\Users\Dorota\Desktop\~WRL1427.tmp 2019-04-11 12:49 - 2019-04-12 19:03 - 000057344 ____H C:\Users\Dorota\Desktop\~WRL3571.tmp 2019-04-11 12:49 - 2019-04-12 18:58 - 000056320 ____H C:\Users\Dorota\Desktop\~WRL2875.tmp 2019-04-11 12:49 - 2019-04-12 18:56 - 000056320 ____H C:\Users\Dorota\Desktop\~WRL2838.tmp 2019-04-11 12:49 - 2019-04-12 18:39 - 000053760 ____H C:\Users\Dorota\Desktop\~WRL1630.tmp 2019-04-11 12:49 - 2019-04-12 18:16 - 000050688 ____H C:\Users\Dorota\Desktop\~WRL2844.tmp 2019-04-11 12:49 - 2019-04-12 13:08 - 000046080 ____H C:\Users\Dorota\Desktop\~WRL1406.tmp 2019-04-11 12:49 - 2019-04-11 22:33 - 000040960 ____H C:\Users\Dorota\Desktop\~WRL0888.tmp 2019-04-11 12:49 - 2019-04-11 22:29 - 000040960 ____H C:\Users\Dorota\Desktop\~WRL2017.tmp 2019-04-11 12:49 - 2019-04-11 22:23 - 000037888 ____H C:\Users\Dorota\Desktop\~WRL1034.tmp 2019-04-11 12:49 - 2019-04-11 14:27 - 000030720 ____H C:\Users\Dorota\Desktop\~WRL2645.tmp 2019-04-11 12:49 - 2019-04-11 14:13 - 000030208 ____H C:\Users\Dorota\Desktop\~WRL3810.tmp 2019-04-11 12:49 - 2019-04-11 13:20 - 000027136 ____H C:\Users\Dorota\Desktop\~WRL3270.tmp 2019-04-11 12:49 - 2019-04-11 13:20 - 000027136 ____H C:\Users\Dorota\Desktop\~WRL2640.tmp 2019-04-11 12:49 - 2019-04-11 13:00 - 000025600 ____H C:\Users\Dorota\Desktop\~WRL3502.tmp 2019-04-11 12:49 - 2019-04-11 12:53 - 000025088 ____H C:\Users\Dorota\Desktop\~WRL3732.tmp 2019-04-11 12:49 - 2019-04-11 12:49 - 000025088 ____H C:\Users\Dorota\Desktop\~WRL2635.tmp ==================== Trzy miesiące (zmodyfikowane) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-07-03 22:14 - 2009-07-14 06:45 - 000031712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-07-03 22:14 - 2009-07-14 06:45 - 000031712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-07-03 21:52 - 2011-08-27 08:05 - 000753788 _____ C:\Windows\system32\perfh015.dat 2019-07-03 21:52 - 2011-08-27 08:05 - 000160844 _____ C:\Windows\system32\perfc015.dat 2019-07-03 21:52 - 2009-07-14 07:13 - 001698726 _____ C:\Windows\system32\PerfStringBackup.INI 2019-07-03 21:52 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2019-07-03 21:48 - 2014-04-09 19:17 - 000000441 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2019-07-03 21:47 - 2011-08-27 07:26 - 000000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini 2019-07-03 21:47 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-07-03 21:44 - 2011-08-27 07:15 - 000000000 ____D C:\Users\UpdatusUser 2019-07-03 21:42 - 2013-05-26 14:10 - 000001657 _____ C:\Users\Dorota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2019-07-03 21:42 - 2012-03-03 20:56 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2019-07-03 21:41 - 2014-07-23 11:12 - 000000000 ____D C:\AdwCleaner 2019-07-03 21:03 - 2012-03-23 11:18 - 000000000 ____D C:\Users\Dorota\AppData\Local\ElevatedDiagnostics 2019-06-29 21:11 - 2012-04-13 12:50 - 000000000 ___RD C:\Users\Dorota\Desktop\MUZYKA 2019-06-29 21:07 - 2018-03-31 23:09 - 000002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk 2019-06-21 22:07 - 2012-03-03 21:41 - 000002234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-06-21 21:46 - 2014-01-01 23:57 - 000225600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2019-06-21 21:46 - 2013-06-19 18:45 - 000385880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2019-06-21 21:46 - 2013-06-19 02:00 - 000168104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2019-06-21 21:08 - 2012-03-03 20:55 - 000001361 _____ C:\Windows\wininit.ini 2019-06-21 21:07 - 2012-03-03 21:28 - 000000000 ____D C:\Program Files\AVAST Software 2019-06-16 21:32 - 2017-12-20 19:50 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2019-06-15 17:21 - 2012-03-03 02:38 - 000000000 ____D C:\Users\Dorota\AppData\Local\CrashDumps 2019-06-12 10:55 - 2014-04-23 22:02 - 000000000 ____D C:\Users\Dorota\Cropped 2019-06-12 10:52 - 2012-03-03 21:49 - 000000000 ____D C:\Users\Dorota\AppData\Local\Corel 2019-06-12 10:31 - 2012-03-03 21:53 - 000002828 ___SH C:\ProgramData\KGyGaAvL.sys 2019-06-12 10:31 - 2012-03-03 21:49 - 000000000 ____D C:\Users\Dorota\Documents\My PSP Files 2019-06-12 10:30 - 2018-08-30 09:30 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update 2019-06-11 20:49 - 2019-03-18 23:58 - 000003990 _____ C:\Windows\System32\Tasks\e-pity2018_styczen 2019-06-11 20:49 - 2019-03-18 23:58 - 000003990 _____ C:\Windows\System32\Tasks\e-pity2018_kwiecien 2019-06-11 20:49 - 2015-12-03 15:09 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software 2019-06-11 20:49 - 2014-12-26 22:37 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2019-06-11 20:49 - 2013-08-20 20:48 - 000003662 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4133095598-1319835705-4122882115-1001UA 2019-06-11 20:49 - 2013-08-20 20:48 - 000003390 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4133095598-1319835705-4122882115-1001Core 2019-06-11 20:49 - 2012-03-03 21:39 - 000003482 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2019-06-11 20:49 - 2012-03-03 21:39 - 000003354 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2019-06-10 20:31 - 2012-04-13 12:47 - 000000000 ____D C:\Users\Dorota\Desktop\WAŻNE DOKUMENTY ==================== Pliki w katalogu głównym wybranych folderów ================ 2012-03-03 22:01 - 2011-08-23 19:34 - 000465264 _____ (Corel) C:\Program Files (x86)\Common Files\AppFramework.dll 2012-03-03 22:01 - 2011-08-23 17:42 - 000148177 _____ () C:\Program Files (x86)\Common Files\BookViewer.xap 2012-03-03 22:01 - 2011-08-23 19:35 - 000402800 _____ () C:\Program Files (x86)\Common Files\facebook.dll 2012-03-03 22:01 - 2011-08-23 19:35 - 000033136 _____ (Corel-V1E) C:\Program Files (x86)\Common Files\FlickrProvider.dll 2012-03-03 22:01 - 2011-08-23 19:42 - 000332144 _____ (Corel) C:\Program Files (x86)\Common Files\MediaOrganizer.dll 2012-03-03 22:01 - 2011-08-23 19:35 - 000130416 _____ () C:\Program Files (x86)\Common Files\PluginCommon.dll 2014-01-28 21:32 - 2014-01-28 21:32 - 000000060 _____ () C:\Users\Dorota\AppData\Roaming\WB.CFG 2012-03-03 21:55 - 2019-01-22 12:04 - 000022528 _____ () C:\Users\Dorota\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-06-01 09:23 - 2015-06-01 09:23 - 000000000 _____ () C:\Users\Dorota\AppData\Local\{7C94154D-A52A-4D34-BD5E-FC6EC1F9857C} 2014-01-18 11:25 - 2014-01-18 11:25 - 000000000 _____ () C:\Users\Dorota\AppData\Local\{D56FA213-B158-48A4-A01C-E6E3344FD13F} ==================== SigCheckExt ================ 2014-08-06 21:22 - 2013-04-14 18:00 - 000227328 _____ (Brother Industries, Ltd.) C:\Windows\system32\BRCOI13I.DLL 2014-08-06 21:23 - 2012-10-19 14:02 - 000087040 ____R (Brother Industries, Ltd.) C:\Windows\system32\BrNetSti.dll 2014-08-06 21:23 - 2012-10-29 05:50 - 000065024 ____R (Brother Industries,Ltd) C:\Windows\system32\Brnsplg.dll 2014-08-06 21:23 - 2005-04-22 06:36 - 000143360 ____R C:\Windows\system32\BrSNMP64.dll 2014-08-06 21:23 - 2012-10-19 14:06 - 000059392 ____R (Brother Industries,Ltd.) C:\Windows\system32\BrWiaNCp.dll 2012-10-30 21:42 - 2010-02-05 15:00 - 001700352 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2014-08-06 21:23 - 2012-11-09 13:13 - 000324096 ____R (brother) C:\Windows\system32\NSSRH64.dll 2011-05-20 20:13 - 2011-05-20 20:13 - 000089088 ____N (Microsoft Corporation) C:\Windows\SysWOW64\atl71.dll 2013-04-06 16:54 - 2013-04-06 16:54 - 000487424 _____ (hxxp://aegisknight.org/) C:\Windows\SysWOW64\audiere.dll 2014-08-06 21:21 - 2010-03-15 20:45 - 000073728 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2.dll 2014-08-06 21:21 - 2007-12-13 23:16 - 000004608 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2L.dll 2014-08-06 21:21 - 2013-05-09 14:34 - 000002560 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2S.dll 2014-08-06 21:22 - 2013-04-15 11:29 - 000025299 _____ (Brother Industries, Ltd) C:\Windows\SysWOW64\BRLM03A.DLL 2014-08-06 21:22 - 2013-04-15 11:29 - 000077824 _____ (Brother Industries, Ltd.) C:\Windows\SysWOW64\BRLMW03A.DLL 2014-08-06 21:22 - 2013-04-15 11:29 - 000180224 _____ (Brother Industries, Ltd.) C:\Windows\SysWOW64\BROSNMP.DLL 2014-08-06 21:22 - 2013-04-15 11:29 - 000050688 _____ (Brother Industries Ltd.) C:\Windows\SysWOW64\BRPRTINK.DLL 2014-08-06 21:22 - 2013-04-15 11:29 - 000045056 _____ C:\Windows\SysWOW64\BRTCPCON.DLL 2011-08-02 08:02 - 2010-12-23 21:09 - 000053248 ____N (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll 2016-10-27 20:56 - 2016-11-09 22:31 - 000047104 _____ C:\Windows\SysWOW64\KMVIDC32.DLL 2008-06-29 15:24 - 2008-06-29 15:24 - 001526468 _____ C:\Windows\SysWOW64\libeay32.dll 2017-05-22 22:07 - 2003-07-15 12:39 - 000496640 _____ C:\Windows\SysWOW64\mac_unistall.exe 1999-04-08 11:23 - 1999-04-08 11:23 - 000053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC42PLK.DLL 2011-05-20 20:13 - 2011-05-20 20:13 - 001060864 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MFC71.dll 2011-05-20 20:13 - 2011-05-20 20:13 - 001047552 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MFC71u.dll 2013-05-29 12:24 - 2012-05-05 11:54 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL 1999-06-04 15:22 - 1999-06-04 15:22 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPRPPL.DLL 2000-05-11 13:06 - 2000-05-11 13:06 - 000397312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSRDO20.DLL 2000-05-23 22:45 - 2000-05-23 22:45 - 000118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL 1998-08-09 11:07 - 1998-08-09 11:07 - 000094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTKPRP.DLL 2011-05-20 20:13 - 2011-05-20 20:13 - 000499712 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll 2011-05-20 20:13 - 2011-05-20 20:13 - 000348160 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll 2014-08-06 21:21 - 2013-01-10 14:56 - 000253952 ____N (brother) C:\Windows\SysWOW64\NSSearch.dll 2008-04-28 14:55 - 2008-04-28 14:55 - 000151552 _____ (RenatoMancuso.com) C:\Windows\SysWOW64\pcre.dll 2012-05-08 22:10 - 2010-02-15 20:00 - 000278528 _____ (Real Networks, Inc) C:\Windows\SysWOW64\pncrt.dll 2012-05-08 22:10 - 2010-02-15 20:00 - 000006656 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5016.dll 2012-05-08 22:10 - 2010-02-15 20:00 - 000005632 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5032.dll 2000-04-03 17:52 - 2000-04-03 17:52 - 000151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RDOCURS.DLL 1998-03-24 21:54 - 1998-03-24 21:54 - 000015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SCP32.DLL 2008-04-28 14:55 - 2010-08-30 08:34 - 000536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2008-06-29 15:24 - 2008-06-29 15:24 - 000311128 _____ C:\Windows\SysWOW64\ssleay32.dll 2012-03-16 00:13 - 2003-01-26 15:41 - 000040960 ____N (vbAccelerator) C:\Windows\SysWOW64\SSubTmr6.dll 2008-06-29 15:24 - 2008-06-29 15:24 - 000168960 _____ C:\Windows\SysWOW64\unrar.dll 1999-11-24 18:40 - 1999-11-24 18:40 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBAME.DLL 2012-03-03 14:32 - 2008-03-13 03:10 - 000445504 ____N (On2.com) C:\Windows\SysWOW64\vp6vfw.dll 2002-08-21 05:13 - 2002-08-21 05:13 - 000189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WISPTIS.EXE 2011-08-27 07:17 - 2011-02-22 21:59 - 000008192 _____ C:\Windows\system32\Drivers\IntelMEFWVer.dll 2018-12-16 12:44 - 2018-12-16 12:44 - 002228534 _____ ( ) C:\Users\Dorota\Downloads\audacity-win-1.2.6.exe 2019-05-29 18:58 - 2019-05-29 18:58 - 024210616 _____ (Audacity Team ) C:\Users\Dorota\Downloads\audacity-win-2.1.0.exe 2019-07-03 22:09 - 2019-07-03 22:10 - 002420224 _____ (Farbar) C:\Users\Dorota\Downloads\FRST64.exe 2016-10-27 20:36 - 2016-10-27 20:36 - 004333752 _____ (GiliSoft.com ) C:\Users\Dorota\Downloads\GiliSoft Secure Disc Creator 6.1.0 [1].exe 2019-05-29 19:24 - 2019-05-29 19:25 - 000527423 _____ ( ) C:\Users\Dorota\Downloads\Lame_v3.99.3_for_Windows.exe 2017-02-24 00:06 - 2016-11-22 15:51 - 015616736 ____N ( ) C:\Users\Dorota\Downloads\Moje_cwiczenia_matematyka_Kl3_cz2.exe 2011-08-02 08:07 - 2011-08-02 08:07 - 000001024 ___RH C:\Users\Public\Documents\NTILiveUpdateV9.dll 2011-08-02 08:05 - 2011-08-02 08:05 - 000001024 ___RH C:\Users\Public\Documents\NTIMMV9Acer.dll 2011-08-02 08:05 - 2011-08-02 08:05 - 000001024 ___RH C:\Users\Public\Documents\NTIMMV9REGET.dll ==================== SigCheck =============================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== BCD ================================ Mened�er rozruchu systemu Windows --------------------------------- Identyfikator {bootmgr} device partition=\Device\HarddiskVolume2 description Windows Boot Manager locale pl-PL inherit {globalsettings} default {current} resumeobject {d1cd73d5-d072-11e0-9929-ae13aeb433eb} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Modu� �aduj�cy rozruchu systemu Windows --------------------------------------- Identyfikator {current} device partition=C: path \Windows\system32\winload.exe description Windows 7 locale pl-PL inherit {bootloadersettings} recoverysequence {d1cd73d7-d072-11e0-9929-ae13aeb433eb} recoveryenabled Yes osdevice partition=C: systemroot \Windows resumeobject {d1cd73d5-d072-11e0-9929-ae13aeb433eb} nx OptIn numproc 4 usefirmwarepcisettings No Modu� �aduj�cy rozruchu systemu Windows --------------------------------------- Identyfikator {d1cd73d7-d072-11e0-9929-ae13aeb433eb} device ramdisk=[C:]\Recovery\d1cd73d7-d072-11e0-9929-ae13aeb433eb\Winre.wim,{d1cd73d8-d072-11e0-9929-ae13aeb433eb} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[C:]\Recovery\d1cd73d7-d072-11e0-9929-ae13aeb433eb\Winre.wim,{d1cd73d8-d072-11e0-9929-ae13aeb433eb} systemroot \windows nx OptIn winpe Yes Wznawianie ze stanu hibernacji ------------------------------ Identyfikator {d1cd73d5-d072-11e0-9929-ae13aeb433eb} device partition=C: path \Windows\system32\winresume.exe description Windows Resume Application locale pl-PL inherit {resumeloadersettings} filedevice partition=C: filepath \hiberfil.sys debugoptionenabled No Modu� testuj�cy pami�� systemu Windows -------------------------------------- Identyfikator {memdiag} device partition=\Device\HarddiskVolume2 path \boot\memtest.exe description Windows Memory Diagnostic locale pl-PL inherit {globalsettings} badmemoryaccess Yes Ustawienia us�ug EMS -------------------- Identyfikator {emssettings} bootems Yes Ustawienia debugera ------------------- Identyfikator {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Uszkodzenia pami�ci RAM ----------------------- Identyfikator {badmemory} Ustawienia globalne ------------------- Identyfikator {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Ustawienia modu�u �aduj�cego rozruchu ------------------------------------- Identyfikator {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Ustawienia funkcji hypervisor ----------------------------- Identyfikator {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Ustawienia modu�u �aduj�cego wznawiania --------------------------------------- Identyfikator {resumeloadersettings} inherit {globalsettings} Opcje urz�dzenia ---------------- Identyfikator {d1cd73d8-d072-11e0-9929-ae13aeb433eb} description Ramdisk Options ramdisksdidevice partition=C: ramdisksdipath \Recovery\d1cd73d7-d072-11e0-9929-ae13aeb433eb\boot.sdi LastRegBack: 2019-07-03 20:56 ==================== Koniec FRST.txt ============================