wklejto.pl

Dodane przez: ~Anonim (2017-12-30 14:31) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
358.
359.
360.
361.
362.
363.
364.
365.
366.
367.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-12-2017
Ran by zorro (administrator) on ZORRO-PC (29-12-2017 19:02:40)
Running from C:\Users\zorro
Loaded Profiles: zorro & postgres (Available Profiles: zorro & postgres)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Lync\communicator.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Copyright 2017.) C:\Program Files\Zemana AntiMalware\ZAM.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\pg_ctl.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\RSelect\RSelSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Spotify Ltd) C:\Users\zorro\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgemcx.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgrsx.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(Copyright 2017.) C:\Program Files\Zemana AntiMalware\ZAM.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [vProt] => "C:\Program Files\AVG Web TuneUp\vprot.exe"
HKLM\...\Run: [Communicator] => C:\Program Files\Microsoft Lync\communicator.exe [12120616 2016-07-11] (Microsoft Corporation)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [220288 2017-10-31] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6965792 2009-03-13] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-03-13] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [220288 2017-10-31] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [ZAM] => C:\Program Files\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKU\S-1-5-21-3442369939-117093356-1214050614-1000\...\Run: [Spotify Web Helper] => C:\Users\zorro\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104280 2013-04-02] (Spotify Ltd)
HKU\S-1-5-21-3442369939-117093356-1214050614-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [135680 2008-07-03] (Microsoft Corporation)
HKU\S-1-5-21-3442369939-117093356-1214050614-1000\...\MountPoints2: {253d85a6-375d-11e4-a160-001e33d7a75e} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-3442369939-117093356-1214050614-1000\...\MountPoints2: {cf534427-ce49-11e4-97ec-001e33d7a75e} - F:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-3442369939-117093356-1214050614-1000\...\MountPoints2: {dfc2aad3-c665-11e3-821e-001e33d7a75e} - F:\LGAutoRun.exe
AppInit_DLLs: c:\progra~1\google\google~1\goec62~1.dll => c:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [119296 2009-05-04] (Google)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{64F4E812-6015-493E-80CA-22140F12BDA1}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{D9EF0188-7B09-434D-9C21-D10270CC8101}: [DhcpNameServer] 192.168.42.129
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3442369939-117093356-1214050614-1000\Software\Microsoft\Internet Explorer\Main,Start Page = 
SearchScopes: HKLM -> {93105FBE-8C9D-4015-8E1A-EADBB8E426EC} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSHB
SearchScopes: HKLM -> {BCD56E07-8F64-4F8B-8E1F-A9C244EAFACE} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSHB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3442369939-117093356-1214050614-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={17FF905D-698B-4CE4-82A7-8C2816403C1F}&mid=9e8d041ade0147d080c6d15775334ead-43d9ef75d00f700f85b4d854959eebd33a4aecdb&lang=pl&ds=AVG&coid=avgtbavg&cmpid=0215av&pr=fr&d=2015-02-27 13:14:21&v=4.3.5.160&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3442369939-117093356-1214050614-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSHB_enPL462PL462
SearchScopes: HKU\S-1-5-21-3442369939-117093356-1214050614-1000 -> {93105FBE-8C9D-4015-8E1A-EADBB8E426EC} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSHB_enPL462PL462
SearchScopes: HKU\S-1-5-21-3442369939-117093356-1214050614-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={17FF905D-698B-4CE4-82A7-8C2816403C1F}&mid=9e8d041ade0147d080c6d15775334ead-43d9ef75d00f700f85b4d854959eebd33a4aecdb&lang=pl&ds=AVG&coid=avgtbavg&cmpid=0215av&pr=fr&d=2015-02-27 13:14:21&v=4.3.5.160&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3442369939-117093356-1214050614-1000 -> {BCD56E07-8F64-4F8B-8E1F-A9C244EAFACE} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSHB
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Lync\OCHelper.dll [2010-11-03] (Microsoft Corporation)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-11-22] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-11-22] (Oracle Corporation)
BHO: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> D:\aiv\ALLPlayer\Iplex\IplexToALLPlayer.dll [2011-02-09] (ALLCinema Ltd.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-08-06] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
 
FireFox:
========
FF ProfilePath: C:\Users\zorro\AppData\Roaming\Mozilla\Firefox\Profiles\5oqm4k83.default [2017-12-29]
FF Homepage: Mozilla\Firefox\Profiles\5oqm4k83.default -> hxxps://mysearch.avg.com/?cid={17FF905D-698B-4CE4-82A7-8C2816403C1F}&mid=9e8d041ade0147d080c6d15775334ead-43d9ef75d00f700f85b4d854959eebd33a4aecdb&lang=pl&ds=AVG&coid=avgtbavg&cmpid=0215av&pr=fr&d=2015-02-27 13:14:21&v=4.2.1.951&pid=wtu&sg=&sap=hp
FF Extension: (AVG Web TuneUp) - C:\Users\zorro\AppData\Roaming\Mozilla\Firefox\Profiles\5oqm4k83.default\Extensions\avg@toolbar.xpi [2016-09-12] [Legacy]
FF Extension: (Iplex to ALLPlayer) - C:\Users\zorro\AppData\Roaming\Mozilla\Firefox\Profiles\5oqm4k83.default\Extensions\IplextoALL@ALLPlayer.org.xpi [2012-01-30] [Legacy] [not signed]
FF Extension: (Youtube Unblocker Remediation) - C:\Users\zorro\AppData\Roaming\Mozilla\Firefox\Profiles\5oqm4k83.default\features\{11d50b49-9e26-41ad-af13-a101eef34a6e}\malware-remediation@mozilla.org.xpi [2016-09-30] [Legacy]
FF SearchPlugin: C:\Users\zorro\AppData\Roaming\Mozilla\Firefox\Profiles\5oqm4k83.default\searchplugins\yahoo-avast.xml [2014-04-17]
FF Extension: (Skype Click to Call) - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-04-11] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-12-15] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: (DivX Plus Web Player HTML5 <video>) - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-17] [Legacy] [not signed]
FF HKU\S-1-5-21-3442369939-117093356-1214050614-1000\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\zorro\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-13] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files\Picasa2\npPicasa2.dll [2008-08-21] (Google, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Picasa2\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll [2012-11-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-11-22] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-07-12] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-07-12] (Google Inc.)
FF Plugin HKU\S-1-5-21-3442369939-117093356-1214050614-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\zorro\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2013-11-06] (Skype Limited)
FF Plugin HKU\S-1-5-21-3442369939-117093356-1214050614-1000: @tools.google.com/Google Update;version=3 -> C:\Users\zorro\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-3442369939-117093356-1214050614-1000: @tools.google.com/Google Update;version=9 -> C:\Users\zorro\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\zorro\AppData\Local\Google\Chrome\User Data\Default [2017-12-29]
CHR Extension: (Slides) - C:\Users\zorro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\zorro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\zorro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\zorro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\zorro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Sheets) - C:\Users\zorro\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\zorro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Cuban Ropa Vieja) - C:\Users\zorro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcbempkceemjmcfgicdofhcmkojdfbjl [2017-12-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\zorro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\zorro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-10-10]
CHR Extension: (The New Hopier) - C:\Users\zorro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdegdkenoilhbfkgfnlippgagocehdai [2017-12-18]
CHR Extension: (Gmail) - C:\Users\zorro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-27]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKU\S-1-5-21-3442369939-117093356-1214050614-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-12-13] (Adobe Systems Incorporated) [File not signed]
R2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [4153408 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [1189720 2017-10-31] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [606360 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 camsvc; C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe [20544 2009-04-17] (TOSHIBA)
R2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [46448 2009-03-11] (TOSHIBA CORPORATION)
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [860160 2008-10-17] (Intel(R) Corporation) [File not signed]
S3 GoogleDesktopManager-092308-165331; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2009-05-04] (Google)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [113624 2017-12-21] (SurfRight B.V.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2006-10-19] (Hewlett-Packard Company) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4563920 2017-11-01] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [235696 2015-12-02] (McAfee, Inc.)
S3 MSSQL$MSSMLBIZ; C:\Program Files\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [43044512 2015-04-03] (Microsoft Corporation)
R2 postgresql-8.4; c:\postgreSQL\bin\pg_ctl.exe [66048 2014-07-22] (PostgreSQL Global Development Group) [File not signed]
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-10-17] (Intel(R) Corporation) [File not signed]
R2 RSELSVC; C:\Program Files\TOSHIBA\RSelect\RSelSvc.exe [57344 2009-02-19] (TOSHIBA Corporation) [File not signed]
S4 SQLAgent$MSSMLBIZ; C:\Program Files\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [380064 2015-04-03] (Microsoft Corporation)
S3 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [54136 2011-02-11] (TOSHIBA Corporation)
R2 TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [176128 2009-04-15] (TOSHIBA Corporation) [File not signed]
R2 TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [73728 2009-03-17] (TOSHIBA Corporation) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [134912 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [259328 2017-02-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [207616 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [244992 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [287008 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [197376 2017-04-11] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [47360 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [231680 2016-07-27] (AVG Technologies CZ, s.r.o.)
R0 Avgunivx; C:\Windows\System32\DRIVERS\avgunivx.sys [65280 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [59896 2017-11-29] ()
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [168376 2017-12-18] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [40376 2017-12-29] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [221112 2017-12-29] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [65312 2017-12-29] (Malwarebytes)
R3 PGEffect; C:\Windows\System32\DRIVERS\pgeffect.sys [22272 2009-03-18] (TOSHIBA Corporation)
S4 RsFx0105; C:\Windows\System32\DRIVERS\RsFx0105.sys [238696 2011-09-22] (Microsoft Corporation)
S3 snpstd; C:\Windows\System32\DRIVERS\snpstd.sys [390784 2006-05-03] ()
R1 ZAM; C:\Windows\System32\drivers\zam32.sys [181496 2017-12-22] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard32.sys [181496 2017-12-22] (Zemana Ltd.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-12-29 19:02 - 2017-12-29 19:03 - 000023529 _____ C:\Users\zorro\FRST.txt
2017-12-29 19:02 - 2017-12-29 19:02 - 001752064 _____ (Farbar) C:\Users\zorro\FRST.exe
2017-12-29 18:33 - 2017-12-29 18:33 - 000002875 _____ C:\Users\zorro\Downloads\Fixlog.txt
2017-12-29 18:28 - 2017-12-29 18:33 - 000000989 _____ C:\Users\zorro\Downloads\fixlist.txt
2017-12-28 22:00 - 2017-12-29 18:57 - 000000000 ____D C:\Program Files\trend micro
2017-12-28 22:00 - 2017-12-28 22:00 - 000000000 ____D C:\rsit
2017-12-28 21:55 - 2017-12-28 21:55 - 000089528 _____ C:\Users\zorro\Downloads\OTL.Txt
2017-12-28 21:55 - 2017-12-28 21:55 - 000050962 _____ C:\Users\zorro\Downloads\Extras.Txt
2017-12-28 21:36 - 2017-12-28 21:37 - 000083556 _____ C:\Users\zorro\Downloads\Shortcut.txt
2017-12-28 21:35 - 2017-12-28 21:37 - 000045064 _____ C:\Users\zorro\Downloads\Addition.txt
2017-12-28 21:33 - 2017-12-28 21:37 - 000036479 _____ C:\Users\zorro\Downloads\FRST.txt
2017-12-28 21:32 - 2017-12-29 19:02 - 000000000 ____D C:\FRST
2017-12-28 21:19 - 2017-12-28 21:19 - 000602112 _____ (OldTimer Tools) C:\Users\zorro\Downloads\OTL.exe
2017-12-28 21:17 - 2017-12-28 21:17 - 001107968 _____ C:\Users\zorro\Downloads\RSIT.exe
2017-12-23 14:26 - 2017-12-23 14:30 - 077841360 _____ C:\Users\zorro\Downloads\Ace_Stream_Media_3-1-0 (1).exe
2017-12-22 22:20 - 2017-12-22 22:38 - 005503287 _____ C:\Users\zorro\Downloads\adwcleaner_7.0.6.0 (1).exe.opdownload
2017-12-22 21:27 - 2017-12-22 21:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2017-12-22 20:39 - 2017-12-22 20:39 - 008198432 _____ (Malwarebytes) C:\Users\zorro\Downloads\adwcleaner_7.0.6.0.exe
2017-12-22 20:22 - 2017-12-22 20:26 - 000000000 ____D C:\EEK
2017-12-22 20:13 - 2017-12-22 20:20 - 307056376 _____ C:\Users\zorro\Downloads\EmsisoftEmergencyKit.exe
2017-12-22 01:13 - 2017-12-29 19:03 - 000548459 _____ C:\Windows\ZAM.krnl.trace
2017-12-22 01:13 - 2017-12-29 19:03 - 000086674 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-12-22 01:13 - 2017-12-22 01:13 - 000181496 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard32.sys
2017-12-22 01:13 - 2017-12-22 01:13 - 000181496 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam32.sys
2017-12-22 01:13 - 2017-12-22 01:13 - 000001698 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2017-12-22 01:13 - 2017-12-22 01:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-12-22 01:13 - 2017-12-22 01:13 - 000000000 ____D C:\Program Files\Zemana AntiMalware
2017-12-22 01:12 - 2017-12-22 01:12 - 006625600 _____ (Zemana Ltd. ) C:\Users\zorro\Downloads\Zemana.AntiMalware.Setup.exe
2017-12-22 01:12 - 2017-12-22 01:12 - 000000000 ____D C:\Users\zorro\AppData\Local\Zemana
2017-12-21 23:18 - 2017-12-21 23:18 - 000009754 _____ C:\Windows\system32\.crusader
2017-12-21 22:52 - 2017-12-21 22:52 - 000000000 ____D C:\Program Files\HitmanPro
2017-12-21 22:50 - 2017-12-21 23:19 - 000000000 ____D C:\ProgramData\HitmanPro
2017-12-21 22:50 - 2017-12-21 22:50 - 011007936 _____ (SurfRight B.V.) C:\Users\zorro\Downloads\hitmanpro.exe
2017-12-21 21:09 - 2017-12-22 22:01 - 003927160 _____ (Google) C:\Users\zorro\Downloads\chrome_cleanup_tool.exe
2017-12-21 00:50 - 2017-12-26 21:37 - 000000201 _____ C:\Users\zorro\Desktop\New Text Document.txt
2017-12-19 16:13 - 2017-12-28 21:24 - 000000000 ____D C:\AdwCleaner
2017-12-19 16:12 - 2017-12-19 16:13 - 008172032 _____ (Malwarebytes) C:\Users\zorro\Downloads\adwcleaner_7.0.5.0.exe
2017-12-19 02:44 - 2017-12-19 02:44 - 000116424 _____ C:\Users\zorro\AppData\Local\GDIPFONTCACHEV1.DAT
2017-12-19 02:42 - 2017-12-19 02:43 - 000409472 _____ C:\Windows\system32\FNTCACHE.DAT
2017-12-18 23:55 - 2017-12-29 18:31 - 000065312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-12-18 23:55 - 2017-12-29 12:24 - 000040376 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-12-18 23:55 - 2017-12-18 23:55 - 000168376 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2017-12-18 23:54 - 2017-12-29 12:23 - 000221112 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2017-12-18 23:54 - 2017-12-18 23:54 - 000001826 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-12-18 23:54 - 2017-12-18 23:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-12-18 23:54 - 2017-12-18 23:54 - 000000000 ____D C:\ProgramData\MB2Migration
2017-12-18 23:54 - 2017-12-18 23:54 - 000000000 ____D C:\Program Files\Malwarebytes
2017-12-18 23:54 - 2017-11-29 09:11 - 000059896 _____ C:\Windows\system32\Drivers\mbae.sys
2017-12-16 02:50 - 2017-12-16 02:50 - 000004749 _____ C:\Users\zorro\AppData\Local\recently-used.xbel
2017-12-16 02:45 - 2017-12-16 02:49 - 004671113 _____ C:\Users\zorro\Downloads\jutub.xcf
2017-12-16 02:28 - 2017-12-16 02:28 - 004659953 _____ C:\Users\zorro\Downloads\jj.xcf
2017-12-16 01:48 - 2017-12-16 01:48 - 000000853 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2017-12-16 01:45 - 2017-12-16 01:48 - 000000000 ____D C:\Program Files\GIMP 2
2017-12-16 01:44 - 2017-12-16 01:43 - 089579672 _____ (The GIMP Team ) C:\Users\zorro\Downloads\GIMP 2.8.22.exe
2017-12-15 22:19 - 2017-12-15 22:19 - 000000000 ____D C:\ProgramData\Package Cache
2017-12-15 22:10 - 2017-12-15 22:10 - 000000000 ____D C:\Program Files\Common Files\FlashIntegro
2017-12-15 22:10 - 2017-12-05 14:42 - 000065720 _____ (Flash-Integro LLC) C:\Windows\system32\mslvddsfilter4.ax
2017-12-15 22:10 - 2011-12-07 18:32 - 000216064 _____ ( ) C:\Windows\system32\Lagarith.dll
2017-12-15 22:10 - 2005-08-01 18:43 - 000245760 _____ () C:\Windows\system32\lame.ax
2017-12-15 22:10 - 2004-12-10 09:03 - 000438272 _____ (On2.com) C:\Windows\system32\vp6vfw.dll
2017-12-15 22:10 - 2004-09-06 15:06 - 000053248 _____ C:\Windows\system32\xvid.ax
2017-12-15 22:10 - 2004-07-03 20:08 - 000139264 _____ C:\Windows\system32\xvidvfw.dll
2017-12-15 22:10 - 2004-02-04 20:11 - 000081920 _____ (fccHandler) C:\Windows\system32\AC3ACM.acm
2017-12-15 22:10 - 2003-05-22 11:26 - 000221215 _____ (DivXNetworks, Inc.) C:\Windows\system32\divxdec.ax
2017-12-15 22:10 - 2003-05-21 22:50 - 001700352 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2017-12-15 22:10 - 2003-05-21 22:50 - 000261632 _____ (MainConcept) C:\Windows\system32\mcdvd_32.dll
2017-12-15 22:10 - 2003-05-21 22:50 - 000156910 _____ C:\Windows\WMSysPr8.prx
2017-12-15 22:10 - 2003-05-21 22:50 - 000082944 _____ (Voxware, Inc.) C:\Windows\system32\vct3216.acm
2017-12-15 22:10 - 2003-05-21 22:50 - 000038912 _____ (NCT Company) C:\Windows\system32\alf2cd.acm
2017-12-15 22:10 - 2003-05-21 22:50 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3a.dll
2017-12-15 22:10 - 2003-03-25 04:49 - 000098304 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\L3CODECX.AX
2017-12-15 22:10 - 2002-08-19 23:41 - 000413760 _____ (Microsoft Corporation) C:\Windows\system32\mpg4c32.dll
2017-12-15 22:10 - 2000-03-14 19:55 - 000013239 _____ (SHARP Corporation) C:\Windows\system32\Scg726.acm
2017-12-11 00:11 - 2017-12-11 00:11 - 000020114 _____ C:\Users\zorro\Downloads\jp3.aup
2017-12-11 00:11 - 2017-12-11 00:11 - 000000000 ____D C:\Users\zorro\Downloads\jp3_data
2017-12-02 16:58 - 2017-12-02 16:58 - 000000000 ____D C:\Users\zorro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\partypoker
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-12-29 19:02 - 2011-12-14 23:51 - 000000000 ____D C:\Users\zorro
2017-12-29 18:22 - 2006-11-02 13:47 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2017-12-29 18:22 - 2006-11-02 13:47 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2017-12-29 17:07 - 2014-04-17 21:42 - 000000000 ____D C:\ProgramData\MFAData
2017-12-29 12:24 - 2006-11-02 13:37 - 000000000 ___RD C:\Users\Public\Recorded TV
2017-12-29 12:23 - 2012-06-24 13:12 - 000000000 ____D C:\Users\zorro\Tracing
2017-12-29 12:22 - 2006-11-02 14:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-12-29 03:27 - 2006-11-02 14:01 - 000032644 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-12-28 22:56 - 2014-05-18 16:11 - 000000680 _____ C:\Users\zorro\AppData\Local\d3d9caps.dat
2017-12-28 18:26 - 2016-09-11 17:30 - 000000000 ____D C:\Users\zorro\AppData\Local\PokerStars.EU
2017-12-28 03:24 - 2014-07-10 14:28 - 000000000 ____D C:\Program Files\AVG
2017-12-27 21:26 - 2015-12-14 22:42 - 000000000 ____D C:\ProgramData\Avg
2017-12-27 21:26 - 2014-07-10 14:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2017-12-26 22:25 - 2017-11-16 20:01 - 000000000 ____D C:\Users\zorro\AppData\Roaming\audacity
2017-12-20 11:35 - 2013-02-09 15:59 - 000000000 ____D C:\Users\zorro\Documents\Pliki programu Outlook
2017-12-19 02:44 - 2006-11-02 12:18 - 000000000 ____D C:\Windows\inf
2017-12-18 23:54 - 2014-07-10 13:57 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-12-18 23:54 - 2014-07-10 13:57 - 000000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2017-12-16 02:50 - 2014-04-08 20:18 - 000000000 ____D C:\Users\zorro\AppData\Local\gtk-2.0
2017-12-16 02:50 - 2014-03-25 20:39 - 000000000 ____D C:\Users\zorro\.gimp-2.8
2017-12-13 22:25 - 2012-04-30 08:31 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-12-13 22:25 - 2011-12-20 15:55 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-12-13 22:25 - 2009-05-04 04:25 - 000000000 ____D C:\Windows\system32\Macromed
2017-12-04 00:50 - 2017-11-16 20:08 - 000000000 ____D C:\Users\zorro\Documents\Audacity
2017-12-02 16:58 - 2017-07-20 20:56 - 000000419 _____ C:\Users\zorro\AppData\Roaming\Microsoft\Windows\Start Menu\partypoker.lnk
2017-12-02 16:58 - 2017-02-23 16:14 - 000000419 _____ C:\Users\zorro\Desktop\partypoker.lnk
2017-12-02 16:58 - 2016-09-27 22:58 - 000000000 ____D C:\Users\zorro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
 
==================== Files in the root of some directories =======
 
2017-12-29 19:02 - 2017-12-29 19:02 - 001752064 _____ (Farbar) C:\Users\zorro\FRST.exe
2013-02-08 15:06 - 2013-02-08 15:06 - 000419554 _____ () C:\Users\zorro\AppData\Roaming\satoolbar.exe
2013-02-08 15:06 - 2013-02-08 15:06 - 006312677 _____ (VIO                                                         ) C:\Users\zorro\AppData\Roaming\vio_clean.exe
2017-09-18 17:22 - 2017-09-18 17:22 - 000000552 _____ () C:\Users\zorro\AppData\Local\d3d8caps.dat
2014-05-18 16:11 - 2017-12-28 22:56 - 000000680 _____ () C:\Users\zorro\AppData\Local\d3d9caps.dat
2011-12-21 15:40 - 2017-06-25 09:54 - 000053248 _____ () C:\Users\zorro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-12-16 02:50 - 2017-12-16 02:50 - 000004749 _____ () C:\Users\zorro\AppData\Local\recently-used.xbel
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-12-29 12:29
 
==================== End of FRST.txt ============================
Wygenerowano w 0.048s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!