wklejto.pl

Dodane przez: ~Anonim (2019-04-02 18:39) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 17.03.2019
Uruchomiony przez Cloud (administrator)  CLOUD-KOMPUTER (02-04-2019 17:26:29)
Uruchomiony z C:\Users\Cloud\Downloads
Załadowane profile: Cloud (Dostępne profile: Cloud & Monika)
Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska)
Internet Explorer Wersja 9 (Domyślna przeglądarka: FF)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Procesy (filtrowane) =================
 
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
 
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Creative Technology Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Arcai.com) [Brak podpisu cyfrowego] C:\Program Files (x86)\arcai.com\aips.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Eastman Kodak Company -> Advent) C:\Program Files (x86)\Advent\AIO\Center\ADAIOHostService.exe
(Eastman Kodak Company -> DSGi) C:\Program Files (x86)\Advent\AIO\StatusMonitor\ADPrinterSDK.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Realtek) [Brak podpisu cyfrowego] C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe
(TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Cisco Video Technologies Israel Ltd. -> Cisco) C:\Users\Cloud\AppData\Local\Cisco\VideoGuardPlayer\VideoGuardMonitor\CiscoVideoGuardMonitor.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Creative Technology -> Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Eastman Kodak Company -> DSGi) C:\Program Files (x86)\Advent\AIO\StatusMonitor\ADStatusMonitor.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Realtek Semiconductor Corp.) [Brak podpisu cyfrowego] C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
(Creative Technology -> Creative Technology Ltd) C:\Windows\SysWOW64\CTxfispi.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() [Brak podpisu cyfrowego] C:\Program Files (x86)\arcai.com\netcut_windows.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Rejestr (filtrowane) ===========================
 
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
 
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [CTxfiHlp] => CTXFIHLP.EXE*
HKLM-x32\...\Run: [ADStatusMonitor] => C:\Program Files (x86)\Advent\AiO\StatusMonitor\ADStatusMonitor.exe [2790816 2012-10-31] (Eastman Kodak Company -> DSGi)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKU\S-1-5-21-1673973377-2233019569-3319646912-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1673973377-2233019569-3319646912-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-1673973377-2233019569-3319646912-1000\...\Run: [VideoGuardMonitor] => C:\Users\Cloud\AppData\Local\Cisco\VideoGuardPlayer\VideoGuardMonitor\CiscoVideoGuardMonitor.exe [2345736 2018-04-17] (Cisco Video Technologies Israel Ltd. -> Cisco)
HKU\S-1-5-21-1673973377-2233019569-3319646912-1000\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [7592008 2019-03-26] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-1673973377-2233019569-3319646912-1000\...\MountPoints2: H - H:\Install.exe
HKU\S-1-5-21-1673973377-2233019569-3319646912-1000\...\MountPoints2: {3039c280-352f-11e4-8d25-806e6f6e6963} - D:\ASRSetup.exe
HKU\S-1-5-21-1673973377-2233019569-3319646912-1000\...\MountPoints2: {76ed0a0c-353e-11e4-a949-806e6f6e6963} - D:\Setup.exe
HKU\S-1-5-21-1673973377-2233019569-3319646912-1000\...\MountPoints2: {9f42a5d9-ccb5-11e5-ae26-002522cc21ea} - I:\LG_PC_Programs.exe
HKU\S-1-5-21-1673973377-2233019569-3319646912-1000\...\MountPoints2: {d01c59d2-3db3-11e4-a9f3-002522cc21ea} - H:\LG_PC_Programs.exe
HKU\S-1-5-21-1673973377-2233019569-3319646912-1000\...\MountPoints2: {dfc9c67f-44a6-11e4-9a39-002522cc21ea} - H:\Install.exe
HKU\S-1-5-21-1673973377-2233019569-3319646912-1000\...\MountPoints2: {f1af8950-4805-11e6-b12f-d784b90ff90f} - I:\LG_PC_Programs.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-09-21] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [MSVideo] => C:\Windows\system32\vfwwdm32.dll [68096 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\system32\ficvdec_x64.dll [652288 2013-05-28] () [Brak podpisu cyfrowego]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-09-21] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [641024 2013-05-28] () [Brak podpisu cyfrowego]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.86\Installer\chrmstp.exe [2019-03-25] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\Users\Cloud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2016-07-18]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [Brak podpisu cyfrowego]
Startup: C:\Users\Cloud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk [2016-07-18]
ShortcutTarget: Samsung Magician.lnk -> C:\Windows\System32\schtasks.exe (Microsoft Windows -> Microsoft Corporation)
GroupPolicy: Ograniczenia ? <==== UWAGA
 
==================== Internet (filtrowane) ====================
 
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{5477ED32-38FE-4388-8369-8688178E4157}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{76344CD0-783D-4713-9865-B63D76174B58}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{C9282106-5A78-4D6B-BDBE-7C3DCC26F1BB}: [DhcpNameServer] 192.168.1.254
 
Internet Explorer:
==================
HKU\S-1-5-21-1673973377-2233019569-3319646912-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-gb/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1673973377-2233019569-3319646912-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle America, Inc. -> Oracle Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Cloud\AppData\Roaming\Mozilla\Firefox\Profiles\x9l62r1f.default [2019-02-19]
FF Extension: (British English Dictionary (Updated)) - C:\Users\Cloud\AppData\Roaming\Mozilla\Firefox\Profiles\x9l62r1f.default\Extensions\en-gb@flyingtophat.co.uk [2015-12-05] [Przestarzałe] [Brak podpisu cyfrowego]
FF Extension: (Thumbnail Zoom Plus) - C:\Users\Cloud\AppData\Roaming\Mozilla\Firefox\Profiles\x9l62r1f.default\Extensions\thumbnailZoom@dadler.github.com.xpi [2017-07-26] [Przestarzałe]
FF Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Cloud\AppData\Roaming\Mozilla\Firefox\Profiles\x9l62r1f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-02-19]
FF Extension: (DownThemAll!) - C:\Users\Cloud\AppData\Roaming\Mozilla\Firefox\Profiles\x9l62r1f.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2017-02-10] [Przestarzałe]
FF HKU\S-1-5-21-1673973377-2233019569-3319646912-1000\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Cloud\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi
FF Extension: (Ace Script) - C:\Users\Cloud\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2018-01-24]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-14] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-14] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Brak podpisu cyfrowego]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Brak podpisu cyfrowego]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-12-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1673973377-2233019569-3319646912-1000: @acestream.net/acestreamplugin,version=3.1.0 -> C:\Users\Cloud\AppData\Roaming\ACEStream\player\npace_plugin.dll [2017-01-31] (Innovative Digital Technologies -> Innovative Digital Technologies)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://uk.search.yahoo.com/?type=994519&fr=yo-yhp-ch
CHR StartupUrls: Default -> "hxxps://uk.search.yahoo.com/?type=994519&fr=yo-yhp-ch"
CHR Session Restore: Default -> [funkcja włączona]
CHR Profile: C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default [2019-04-02]
CHR Extension: (Prezentacje) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Dokumenty) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Dysk Google) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-23]
CHR Extension: (YouTube) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Google Search) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-19]
CHR Extension: (Arkusze) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (AdBlock) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-03-23]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Nash Extension) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\onofpnbbkehpmmoabgpcpmigafmmnjhl [2019-03-03]
CHR Extension: (Gmail) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-19]
CHR Extension: (Chrome Media Router) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-28]
CHR HKU\S-1-5-21-1673973377-2233019569-3319646912-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
 
==================== Usługi (filtrowane) ====================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-08-29] (Adobe Systems) [Brak podpisu cyfrowego]
R2 Advent AiO Network Discovery Service; C:\Program Files (x86)\Advent\AIO\Center\ADAIOHostService.exe [395200 2012-10-31] (Eastman Kodak Company -> Advent)
R2 ADVENT AIO Status Monitor Service; C:\Program Files (x86)\Advent\AIO\StatusMonitor\ADPrinterSDK.exe [722336 2012-10-31] (Eastman Kodak Company -> DSGi)
R2 AIPS; C:\Program Files (x86)\arcai.com\aips.exe [2677760 2018-05-11] (Arcai.com) [Brak podpisu cyfrowego]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6875688 2018-06-14] (BattlEye Innovations e.K. -> )
R2 Bonjour Service; C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2017-03-30] (Apple Inc. -> Apple Inc.)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-09-05] (Creative Labs) [Brak podpisu cyfrowego]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [Brak podpisu cyfrowego]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [775296 2018-04-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [791112 2019-03-26] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2019-01-02] (GOG Sp. z o.o. -> GOG.com)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [7770888 2017-05-10] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Realtek11nSU; C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [Brak podpisu cyfrowego]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer -> TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
 
===================== Sterowniki (filtrowane) ======================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-09-27] (Tages SA -> )
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [120416 2017-03-17] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-25] (Disc Soft Ltd -> Disc Soft Ltd)
R3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [65408 2013-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
R3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [94208 2013-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [12223936 2011-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 k57nd60a; C:\Windows\System32\DRIVERS\k57nd60a.sys [412712 2011-02-14] (Broadcom Corporation -> Broadcom Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-09-27] (Tages SA -> )
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [259360 2019-04-02] (Malwarebytes Corporation -> Malwarebytes)
R3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [59240 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (Duodian Online Technology Co. Ltd. -> BigNox Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2018-03-24] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation)
S3 AndnetBus; system32\DRIVERS\lgandnetbus64.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
 
==================== NetSvcs (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
 
==================== Jeden miesiąc (utworzone) ========
 
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2019-04-02 17:26 - 2019-04-02 17:26 - 000028138 _____ C:\Users\Cloud\Downloads\FRST.txt
2019-04-02 17:26 - 2019-04-02 17:26 - 000000000 ____D C:\FRST
2019-04-02 17:24 - 2019-04-02 17:25 - 002434048 _____ (Farbar) C:\Users\Cloud\Downloads\FRST64.exe
2019-04-02 17:14 - 2019-04-02 17:14 - 000259360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-04-01 16:55 - 2019-04-01 16:55 - 000788715 _____ C:\Users\Cloud\Downloads\EZY-WU-XHSG-Latest-171989-1554134138983.pdf
2019-03-26 19:34 - 2019-03-26 19:34 - 000202818 _____ C:\Users\Cloud\Downloads\fhp5 (1).pdf
2019-03-26 19:23 - 2019-03-26 19:23 - 000340628 _____ C:\Users\Cloud\Downloads\esn3.pdf
2019-03-26 19:19 - 2019-03-26 19:19 - 000202529 _____ C:\Users\Cloud\Downloads\enotification_25090730_OX285lw.pdf
2019-03-26 19:18 - 2019-03-26 19:20 - 000218423 _____ C:\Users\Cloud\Downloads\dcn7.pdf
2019-03-26 19:01 - 2019-03-26 19:01 - 000616626 _____ C:\Users\Cloud\Downloads\DCN18C_1553623301.pdf
2019-03-14 15:35 - 2019-03-14 15:35 - 390442399 _____ C:\Users\Cloud\Downloads\[Nyan] Mrs. Junkie - 01 [UNC][0AB33933].mkv
2019-03-10 18:47 - 2019-03-27 01:20 - 000000000 ____D C:\Users\Cloud\AppData\Roaming\vlc
2019-03-10 18:46 - 2019-03-10 18:46 - 000001070 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-03-10 18:46 - 2019-03-10 18:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-03-10 18:46 - 2019-03-10 18:46 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2019-03-10 18:42 - 2019-03-10 18:45 - 040477384 _____ C:\Users\Cloud\Downloads\vlc-3.0.6-win32.exe
 
==================== Jeden miesiąc (zmodyfikowane) ========
 
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2019-04-02 17:25 - 2018-01-28 23:29 - 000000000 ____D C:\ProgramData\NVIDIA
2019-04-02 17:21 - 2009-07-14 05:45 - 000014032 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-04-02 17:21 - 2009-07-14 05:45 - 000014032 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-04-02 17:19 - 2009-07-14 18:55 - 000041872 _____ C:\Windows\system32\perfh015.dat
2019-04-02 17:19 - 2009-07-14 18:55 - 000019590 _____ C:\Windows\system32\perfc015.dat
2019-04-02 17:19 - 2009-07-14 06:13 - 000842598 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-02 17:19 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-04-02 17:14 - 2014-12-11 05:48 - 000000000 ____D C:\ProgramData\Advent
2019-04-02 17:14 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-01 20:34 - 2014-09-05 21:46 - 000063004 _____ C:\Windows\system32\BMXStateBkp-{0000000A-00000000-00000001-00001102-00000005-00311102}.rfx
2019-04-01 20:34 - 2014-09-05 21:46 - 000063004 _____ C:\Windows\system32\BMXState-{0000000A-00000000-00000001-00001102-00000005-00311102}.rfx
2019-04-01 20:34 - 2014-09-05 21:46 - 000000788 _____ C:\Windows\system32\DVCState-{0000000A-00000000-00000001-00001102-00000005-00311102}.rfx
2019-04-01 19:56 - 2015-12-25 21:56 - 000000274 _____ C:\Windows\Tasks\UpdateTask.job
2019-04-01 16:55 - 2017-12-28 13:04 - 000000000 ____D C:\Users\Cloud\AppData\Roaming\brave
2019-03-31 17:39 - 2015-09-05 13:38 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-03-31 17:36 - 2014-09-06 14:36 - 000000000 ____D C:\Users\Cloud\AppData\Local\Battle.net
2019-03-28 18:34 - 2014-10-30 17:04 - 000003480 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-28 18:34 - 2014-10-30 17:04 - 000003352 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-26 23:31 - 2017-03-21 18:52 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2019-03-25 22:47 - 2014-10-30 17:05 - 000002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-22 16:04 - 2019-01-02 17:29 - 000000000 ____D C:\Users\Cloud\AppData\Local\Deployment
2019-03-22 14:13 - 2014-09-05 21:06 - 000001425 _____ C:\Users\Cloud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2019-03-03 19:09 - 2014-09-06 14:28 - 000000000 ____D C:\Users\Cloud\AppData\Roaming\uTorrent
 
==================== Pliki w katalogu głównym wybranych folderów =======
 
2019-02-17 12:40 - 2019-02-17 12:40 - 000001991 _____ () C:\Users\Cloud\AppData\Local\recently-used.xbel
2016-04-02 14:16 - 2016-04-02 14:16 - 000007602 _____ () C:\Users\Cloud\AppData\Local\Resmon.ResmonCfg
 
==================== Bamital & volsnap ======================
 
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
 
C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo
C:\Windows\explorer.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\Windows\system32\services.exe => Plik podpisany cyfrowo
C:\Windows\system32\User32.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\system32\dllhost.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\dllhost.exe => Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo
 
LastRegBack: 2018-03-16 14:50
 
==================== Koniec  FRST.txt ============================
Wygenerowano w 0.047s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!