Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

100% cpu win7 win10


  • This topic is locked This topic is locked
6 replies to this topic

#1 tomaszblee

tomaszblee

  • Members
  • 3 posts
  • OFFLINE
  •  

Posted 22 December 2015 - 05:41 AM

Hi,

1. I did use AdvCleaner, Zemana, Malwarebytes, Combofix several times. My problem apperars even every shows cleen comp.

2. Probably wmiprvse and svhost are cause or important part of cause.
I have 4 core 8 cpu machine. When I give him ( wmiprvse and svhost ) only 1 processor I can work on my comp.

But: webrowsers are slow down, and if I start video (Youtube) it stuck - even reset comp.

3. When I unplug ethernet cable or switch off network card, comp working fine.

 

Problem was in windows 7.

Then I upgrade to windows 10 problem still appear :)

 

Then I unplug card and plug new WiFi card for 10 minutes computer working fine with Firefox browser. Then I launch Chrome. For 1-2 minutes my monitors blink - like changing resolution time - and finnally comp slows down.

 

I'm using comodo firewall and antivir...

 

ps in win 10 task manager shows normal CPU using. I cant see "show everyone process" button like on win7.

 

What to do?

Tom

 



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,506 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:01 AM

Posted 23 December 2015 - 02:22 PM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
attachlogs.png

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.

Click the Add reply button.
===


Wait for further instructions.

Edited by nasdaq, 23 December 2015 - 02:23 PM.


#3 tomaszblee

tomaszblee
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  

Posted 28 December 2015 - 05:04 AM

Hi,

sorry obout lag, but Christmas are important  :guitar:

 

Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:27-12-2015
Uruchomiony przez Jagodziak (2015-12-28 10:56:14)
Uruchomiony z H:\!Backup\! Impresja 2015\Ziemkiewicz\uziemkiewicza.pl\zdjęcia\kod
Windows 10 Pro (X64) (2015-12-21 22:35:05)
Tryb startu: Normal
==========================================================
 
 
==================== Konta użytkowników: =============================
 
Administrator (S-1-5-21-2840183716-262155929-4287739094-500 - Administrator - Disabled) => C:\Users\Administrator
Gość (S-1-5-21-2840183716-262155929-4287739094-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2840183716-262155929-4287739094-1002 - Limited - Enabled)
Jagodziak (S-1-5-21-2840183716-262155929-4287739094-1000 - Administrator - Enabled) => C:\Users\Jagodziak
Konto domyślne (S-1-5-21-2840183716-262155929-4287739094-503 - Limited - Disabled)
Staś (S-1-5-21-2840183716-262155929-4287739094-1007 - Limited - Enabled) => C:\Users\Staś
tomasz (S-1-5-21-2840183716-262155929-4287739094-1005 - Administrator - Enabled) => C:\Users\tomasz
UpdatusUser (S-1-5-21-2840183716-262155929-4287739094-1003 - Limited - Enabled) => C:\Users\UpdatusUser
wymiana (S-1-5-21-2840183716-262155929-4287739094-1004 - Administrator - Enabled)
 
==================== Centrum zabezpieczeń ========================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {F25D0092-CDBE-B303-ADB7-88DE8CDECCF5}
AS: Comodo Defense+ (Enabled - Up to date) {493CE176-EB84-BC8D-9707-B3ACF7598648}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: COMODO Firewall (Enabled) {CA6681B7-87D1-B25B-86E8-21EB720D8B8E}
FW: Privatefirewall (Disabled) {16337F50-A853-219F-6DEC-E7BDA0A7E8E7}
 
==================== Zainstalowane programy ======================
 
(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)
 
µTorrent (HKU\S-1-5-21-2840183716-262155929-4287739094-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
1.1 (HKLM-x32\...\{87179B53-AFC2-4F12-977D-2FF23293DC8A}_is1) (Version: 1.1 - EASIS GmbH)
Active@ File Recovery 10 (HKLM-x32\...\{3A8E5C1C-EF2D-4B96-88C4-A052FFA1AAC5}_is1) (Version: 10 - LSoft Technologies Inc)
Adibu - Czytam i liczę 4-5 (HKLM-x32\...\Adibu - Czytam i liczę 4-5_is1) (Version:  - CD Projekt)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.16 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.1.3.121 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2014 (HKLM-x32\...\{766255CE-D156-11E3-8DBC-A136EB52ACCF}) (Version: 14.0.0 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2014.1 (HKLM-x32\...\{F2321021-4348-11E4-B1DF-BDB415F23EC4}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Extension Manager CC (HKLM-x32\...\{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}) (Version: 7.3.2 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Muse CC 2014 (HKLM\...\{C62850D7-40DA-4401-897B-1B2275B6FEEC}) (Version: 2014.0.0.328 - Adobe Systems, Incorporated)
Adobe Photoshop Lightroom 5.5 64-bit (HKLM\...\{19BBD0F3-7A31-480D-8A23-19AE28035E9C}) (Version: 5.5.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.1.0 - Adobe Systems Incorporated)
Akeeba eXtract Wizard 3.3 (HKLM-x32\...\{C5A52C02-1618-47DB-8A92-559DE29048EC}_is1) (Version:  - Akeeba Developers)
Alien Skin Blow Up 3 (HKLM\...\Alien Skin Blow Up 3) (Version:  - Alien Skin)
Alien Skin Eye Candy 7 (HKLM\...\Alien Skin Eye Candy 7) (Version:  - Alien Skin)
Android Studio (HKLM-x32\...\Android Studio) (Version: 1.0 - Google Inc.)
AnyToISO (HKLM-x32\...\AnyToISO_is1) (Version: 3.2 - CrystalIdea Software, Inc.)
Apple Mobile Device Support (HKLM\...\{439760BC-7737-4386-9B1D-A90A3E8A22EA}) (Version: 3.4.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Portrait+ 3 (HKLM-x32\...\{40BB5B1A-6008-4348-8C24-116B654C7ECD}) (Version: 3.0.0.400 - ArcSoft)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 2.0.8.0000 - Asmedia Technology)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{0E543634-7E25-4B8F-8D5B-97880E5E5088}) (Version: 2.0.5.0 - Apple Inc.)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Chromodo (HKLM-x32\...\Chromodo) (Version: 45.8.12.391 - Comodo)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco Network Magic (x32 Version: 5.1.8354.0 - Pure Networks) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CLICKBIOSII (HKLM-x32\...\{EBCB111F-4907-4B28-BD03-F5BD901106D2}_is1) (Version: 1.0.123 - MSI)
Color Efex Pro 4 (HKLM-x32\...\Color Efex Pro 4) (Version: 4.0.0.2 - Nik Software, Inc.)
COMODO Antivirus (HKLM\...\{18F14F4B-D8A9-4309-817E-3BC0B7664E53}) (Version: 8.0.0.4344 - COMODO Security Solutions Inc.)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 46.9.15.424 - Comodo)
ControlCenter (HKLM-x32\...\{AF14F0CD-5307-4134-BDFA-15974473C1EE}_is1) (Version: 2.5.060 - MSI)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B865FDD4-E96E-4166-BB69-6E8C207E3E29}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 17.0.491 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.1.843 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 17.0.491 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - EN (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x32 Version: 17.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (HKLM-x32\...\_{C5D9CECB-A66F-473F-B406-5C8C2DCA4DF0}) (Version: 17.0.0.491 - Corel Corporation)
CorelDRAW Graphics Suite X7 (x32 Version: 17.0 - Corel Corporation) Hidden
CrystalDiskInfo 6.1.9a (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.9a - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Diffuse 0.4.8 (HKLM-x32\...\Diffuse_is1) (Version:  - )
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Document Express DjVu Plug-in (HKLM-x32\...\{C61A95AB-DA50-4CDF-8258-96798609DF8E}) (Version: 6.1.34387 - Cuminas Corporation)
DRUKI Gofin 2.2.19.0 (HKLM-x32\...\{852B928B-042E-4555-B59B-3473734906FF}) (Version: 2.2.19.0 - Wydawnictwo Podatkowe GOFIN sp. z o.o.)
EaseUS Partition Master 9.2.2 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
e-Deklaracje Desktop (HKLM-x32\...\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1) (Version: 7.0.2 - Ministerstwo Finansow)
e-Deklaracje Desktop (x32 Version: 7.0.2 - Ministerstwo Finansow) Hidden
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
Firefox Developer Edition 45.0a2 (x86 en-US) (HKLM-x32\...\Firefox Developer Edition 45.0a2 (x86 en-US)) (Version: 45.0a2 - Mozilla)
FontLab Studio 5 (HKLM-x32\...\{F6E36639-10C8-4FAD-AF1F-E84D5B6653D1}) (Version: 5.0 - FontLab)
FREE EML File Viewer version v2.0 (HKLM-x32\...\{6B16A616-C931-4D4B-B1C5-E04F2D4DDD63}_is1) (Version: v2.0 - www.freeviewer.org)
Galeria fotografii (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2593.0 - Google Inc.)
Google Drive (HKLM-x32\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.)
Google Photos Backup (HKU\S-1-5-21-2840183716-262155929-4287739094-1000\...\Google Photos Backup) (Version: 1.1.1.276 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Imagenomic Portraiture 2.3 Plug-in (build 2308) (HKLM\...\ImagenomicPortraiturePlugin) (Version:  - )
Intel® C++ Redistributables for Windows* on Intel® 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel® Network Connections 17.2.154.0 (HKLM\...\PROSetDX) (Version: 17.2.154.0 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation)
iPadian version 1.5 (HKLM-x32\...\{0DB90A1C-2C08-429C-8595-FD9848121D28}_is1) (Version: 1.5 - iPadian, Inc.)
iPadiansupport version 1.5 (HKLM-x32\...\{901455D5-5F85-4160-A986-6466B1B130E0}_is1) (Version: 1.5 - xpadian, Inc.)
ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version:  - isotousb.com)
iTunes (HKLM\...\{BCF07271-A853-4D3A-B668-4B752174CAA8}) (Version: 10.3.1.55 - Apple Inc.)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java SE Development Kit 7 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170250}) (Version: 1.7.0.250 - Oracle)
Java SE Development Kit 7 Update 25 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170250}) (Version: 1.7.0.250 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
K-Lite Codec Pack 10.3.5 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.3.5 - )
Kodi (HKU\S-1-5-21-2840183716-262155929-4287739094-1000\...\Kodi) (Version:  - XBMC-Foundation)
Last.fm Scrobbler 2.1.36 (HKLM-x32\...\LastFM_is1) (Version:  - Last.fm)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Magic ISO Maker 5.5 (HKLM-x32\...\Magic ISO Maker) (Version: 5.5 - )
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version:  - )
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
Malwarebytes Anti-Exploit version 1.8.1.1045 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.1045 - Malwarebytes)
Malwarebytes Anti-Malware wersja 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MediaInfo 0.7.67 (HKLM\...\MediaInfo) (Version: 0.7.67 - MediaArea.net)
MediaMonkey 4.0 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.0 - Ventis Media Inc.)
MICRO WLAN USB ADAPTER (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.5.12.0 - media-tech)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Minecraft1.7.2 (HKLM-x32\...\Minecraft1.7.2) (Version:  - )
MKVToolNix 6.6.0 (HKLM-x32\...\MKVToolNix) (Version: 6.6.0 - Moritz Bunkus)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.25.00.03 - Huawei Technologies Co.,Ltd)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 pl)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.0.5833 - Mozilla)
Mp3tag v2.65a (HKLM-x32\...\Mp3tag) (Version: v2.65a - Florian Heidenreich)
MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.5 - MSI)
MSI Live Update (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.010 - MSI)
MyLanViewer version 4.18.3 (HKLM-x32\...\{2D933C82-63E9-4640-A1EF-08E38F0CF4C2}_is1) (Version: 4.18.3 - S.K. Software)
MySQL Connector C++ 1.1.3 (HKLM\...\{5C7A1ED6-DC5F-4017-B363-3E80644B4BD0}) (Version: 1.1.3 - Oracle and/or its affiliates)
MySQL Connector J (HKLM-x32\...\{4C5FFB59-6222-45CA-9257-EFB93D5E1756}) (Version: 5.1.26 - Oracle Corporation)
MySQL Connector Net 6.7.4 (HKLM-x32\...\{D6952EDA-6AC4-4480-A060-BD6025B15BAD}) (Version: 6.7.4 - Oracle)
MySQL Connector/ODBC 5.2 64bit (community edition) (HKLM\...\{D8053A16-A50E-401C-B162-18119EB7CC33}) (Version: 5.2.5 - Oracle Corporation)
MySQL Documents 5.6 (HKLM-x32\...\{4C102489-D4F3-4324-B573-0802120B1D80}) (Version: 5.6.13 - Oracle Corporation)
MySQL Examples and Samples 5.6 (HKLM-x32\...\{7FC20482-AE94-4DF1-90C1-09EDEC416970}) (Version: 5.6.13 - Oracle Corporation)
MySQL Installer (HKLM-x32\...\{14A17206-6DC0-4896-A3BC-879B743543B8}) (Version: 1.3.2.0 - Oracle Corporation)
MySQL Notifier 1.1.4 (HKLM-x32\...\{D7C3E617-EB02-47B3-8D0E-BF3E00D873D5}) (Version: 1.1.4 - Oracle)
MySQL Server 5.6 (HKLM\...\{0B9D4C33-AC1B-4973-B754-FE9EAB03D327}) (Version: 5.6.13 - Oracle Corporation)
MySQL Utilities (HKLM-x32\...\{09B13753-CEB1-49FE-9933-9CDB664CB6EC}) (Version: 1.3.5 - Oracle)
MySQL Workbench 6.0 CE (HKLM-x32\...\{654A0779-F661-4D7C-B0EB-0DDF3CEDE963}) (Version: 6.0.8 - Oracle Corporation)
NapiProjekt (2.1.1.2314) (HKLM-x32\...\NapiProjekt_is1) (Version:  - )
Nero BurningROM 12 (HKLM-x32\...\{3DAFE920-1B88-4C66-A39B-D743F28AF10D}) (Version: 12.5.01300 - Nero AG)
Network Magic (HKLM-x32\...\Network MagicUninstall) (Version: 5.1.8354.0 - Cisco Systems, Inc.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.1 - Notepad++ Team)
NVIDIA 3D Vision Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Graphics Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
OBS Multiplatform (HKLM-x32\...\OBS Multiplatform) (Version: 0.12.0 - OBS Project)
Obsługa programów Apple (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Ontrack EasyRecovery Professional (HKLM-x32\...\{668CC71A-C2AD-4D56-866D-CF300BD1D5BE}_is1) (Version: 10.0.2.3 - Kroll Ontrack Inc.)
OpenOffice 4.1.0 (HKLM-x32\...\{7EB1185B-6319-42D7-B103-707570BFB0D8}) (Version: 4.10.9764 - Apache Software Foundation)
OpenSubtitlesPlayer V4.X (HKLM-x32\...\OpenSubtitlesPlayer_is1) (Version:  - ALLCinema Ltd.)
Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
Oracle VM VirtualBox 4.2.16 (HKLM\...\{4CC3444D-7279-4E83-984F-18E9A7B2E803}) (Version: 4.2.16 - Oracle Corporation)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
PaperScan 2 Free Edition (HKLM-x32\...\{41E45D65-814E-45C9-898A-5C6A2BADEC77}) (Version: 2.0.29 - ORPALIS)
PaperScan Professional Edition (HKLM-x32\...\{DFAFE2B5-B773-41E5-84FE-EF08906F28FF}) (Version: 1.7 - ORPALIS)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Podstawowe programy Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Prezi (HKLM-x32\...\{BD44409B-A691-4B97-B33D-F07E1DE791F3}) (Version: 5.0.8 - Prezi.com)
Privatefirewall 7.0 (HKLM-x32\...\{E8EA933E-03A2-4E62-9F52-812C72BE2A6B}) (Version: 7.0.30.3 - PWI, Inc.)
Proxy Server Finder (HKLM-x32\...\Proxy Server Finder) (Version:  - )
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
Pure Networks Platform (x32 Version: 11.1.8350.0 - Pure Networks) Hidden
PuTTY release 0.66 (HKLM-x32\...\PuTTY_is1) (Version: 0.66 - Simon Tatham)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7399 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.48 - Piriform)
RegAlyzer (HKLM-x32\...\{296B2D8E-CE82-92AF-B2E8-A646E7CB78A2}_is1) (Version: 1.6.2.16 - Safer-Networking Ltd.)
Rosetta Stone Ltd Services (HKLM-x32\...\{7BB2EF8A-5376-4BAE-96D0-38BE49501F40}) (Version: 3.2.17 - Rosetta Stone Ltd.)
Rosetta Stone TOTALe (HKLM-x32\...\com.rosettastone.rosettastonetotale) (Version: 4.1.15.1 - Rosetta Stone, Ltd)
Rosetta Stone TOTALe (x32 Version: 4.1.1 - Rosetta Stone, Ltd) Hidden
Rosetta Stone TOTALe (x32 Version: 4.1.15.1 - Rosetta Stone, Ltd) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.7 - Seagate Technology)
SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version:  - Seagate Technology)
SkrybotDoMowy (HKLM-x32\...\{4D79E5E6-3D98-4284-B4DC-7376A2087DA2}) (Version: 1.5.3 - www.przepisywanie.pl)
SkyFonts™ (HKLM\...\{05528276-469E-46F8-AFAA-095C53C24D4E}) (Version: 4.11.0.0 - Monotype Inc.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.16 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.16.102 - Skype Technologies S.A.)
Spb Wallet 2.1.2 (HKLM-x32\...\Spb Wallet_is1) (Version:  - Spb Software)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.1.19 - Safer-Networking Ltd.)
SQL Manager for MySQL 5.1.0.27 (HKLM-x32\...\SQL Manager for MySQL 5.1.0.27) (Version:  - )
SQL Manager for SQL Server 3.7.0.2 (HKLM-x32\...\SQL Manager for SQL Server 3.7.0.2) (Version:  - )
StationRipper 2.98.4 (HKU\S-1-5-21-2840183716-262155929-4287739094-1000\...\StationRipper) (Version: 2.98.4 - Ratajik Software)
Stereoscopic Player (HKLM-x32\...\{E477569F-F1F9-4A23-84FF-9715AD5032CB}) (Version: 2.3.0 - 3dtv.at)
Stylizer 6 (HKLM-x32\...\Skybound Stylizer 6) (Version: 6 - Skybound Research Inc.)
SUPER © v2013.build.57+Recorder (2013/07/13) wersja v2013.build (HKLM-x32\...\{8E2A1F92-9B4F-4DF9-8459-B736B0831C69}_is1) (Version: v2013.build.57+Recorder - eRightSoft)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1210 - SUPERAntiSpyware.com)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
THX TruStudio Pro (HKLM-x32\...\{4FA6CB9A-2972-4AAF-A36E-3C40FCC22395}) (Version: 1.04.03 - Creative Technology Limited)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
TP-LINK Wireless Client Utility (HKLM-x32\...\{3BD98AAF-61B5-46E0-A6C8-593C242C7C48}) (Version: 7.0 - TP-LINK)
Tweaking.com - Simple System Tweaker (HKLM-x32\...\Tweaking.com - Simple System Tweaker) (Version: 2.1.0 - Tweaking.com)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.6.3 - Tweaking.com)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.0 - VMware, Inc)
VMware Workstation (Version: 10.0.0 - VMware, Inc.) Hidden
Wally (HKLM-x32\...\Wally) (Version:  - )
WebEx Support Manager for Internet Explorer (HKLM-x32\...\{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}) (Version: 6.5.47 - WebEx Communications Inc.)
WhiteHatBox wersja 2.0 (HKLM-x32\...\{A964F9F1-B238-4893-915A-E2E3AF4EA3A1}_is1) (Version: 2.0 - WhiteHatBox.com)
Winki (HKLM-x32\...\{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1) (Version: 3.2.126 - MSI)
WinRAR 5.00 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WinSCP 5.7.5 (HKLM-x32\...\winscp3_is1) (Version: 5.7.5 - Martin Prikryl)
WinUtilities RegistryDefrag 1.2 (HKLM-x32\...\{FC274982-5AAD-4C20-848D-4424A5074001}_is1) (Version:  - YL Computing, Inc)
WinX DVD Ripper 5.6.2 (HKLM-x32\...\WinX DVD Ripper_is1) (Version:  - Digiarty Software, Inc.)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.18.634 - Zemana Ltd.)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
 
==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
CustomCLSID: HKU\S-1-5-21-2840183716-262155929-4287739094-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2840183716-262155929-4287739094-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Jagodziak\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2840183716-262155929-4287739094-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-2840183716-262155929-4287739094-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Jagodziak\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
 
==================== Zaplanowane zadania (filtrowane) =============
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
Task: {0167928E-8719-4AFB-B00D-81BABBE07431} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {05936ED8-CE56-48C1-876B-0B2470268127} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2840183716-262155929-4287739094-1000Core => C:\Users\Jagodziak\AppData\Local\Google\Update\GoogleUpdate.exe [2015-11-16] (Google Inc.)
Task: {05B3A342-981C-4BE5-B789-C31A6F51AC02} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
Task: {06BB2CEA-F02F-48D6-8A7A-E84E461D2DD1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-17] (Adobe Systems Incorporated)
Task: {070168F6-4981-4B59-BF7C-E1ADC9E132F8} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
Task: {0DC0C189-60BA-433E-9145-038013A0732F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
Task: {0FEC0760-F64B-495B-88FE-518FD428F75D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {1AD18424-9A44-46CF-BE5C-B22F1B2ED654} - \WPD\SqmUpload_S-1-5-21-2840183716-262155929-4287739094-1000 -> Brak pliku <==== UWAGA
Task: {244DC9F2-0DF5-48E8-80BA-6DE6ECCF7ED1} - System32\Tasks\{1E22D2B4-E8B0-4D5B-BBF2-6EDF80DC2708} => C:\Program Files (x86)\Proxyfire\proxyfire.exe [2014-03-22] ()
Task: {258EA5F1-FC65-4EC7-91E0-C912BFD22FC1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {26C54850-C6F0-4A00-A54B-361E7627E9EC} - System32\Tasks\{7894B456-AE83-4255-88F1-B7B2768EE9F0} => pcalua.exe -a C:\Users\Jagodziak\Downloads\Setup_MagicISO.exe -d C:\Users\Jagodziak\Desktop
Task: {2B2E4D45-FC7A-4421-9983-5EFF93E806EC} - System32\Tasks\{7B48325B-D4BB-48B0-BD76-DE153A93089E} => pcalua.exe -a "C:\Program Files (x86)\MSI\Live Update\LU5\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7069\Setup.exe" -d C:\Windows\system32
Task: {2C656241-760A-48D5-8905-5AA9CFB49AA5} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {2D8F7606-869D-4201-8FA8-9897CFE5EC10} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {30E917B7-AADB-43E8-A61E-AA8C435E007E} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-09] (COMODO)
Task: {30EDE98C-E066-4A05-90C7-1F483F98F626} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {31EE4E7D-58E6-42FC-9F48-C65A50CC77D9} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {32921C8C-2D4B-4DFB-80AC-606A75B7DED1} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {3788037B-AF2C-47B0-96B0-00E2DF64962B} - System32\Tasks\{8E44AA41-1E20-42AF-B213-12C383CC33E4} => Q:\Gry\Gry\install.exe
Task: {3BA59E25-2C15-478C-8949-3F5EA6D51305} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {3CA71E52-2A9A-4209-BC57-3BAD513D1D50} - System32\Tasks\{F266CBEB-849C-4802-88A6-F22D99A72424} => Q:\Moje dokumenty\Administracja\MSI - płyta główna\Bios\AFUD238S.exe
Task: {3E508E34-2915-4B7B-BAD9-A9D35598899B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
Task: {3F6B9F4B-F78F-4D9B-810A-FAFBFBE69B27} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2013-05-16] (Safer-Networking Ltd.)
Task: {45E4B7A9-2BA4-45BB-B418-490C7C6F5806} - System32\Tasks\{2099CFBD-A131-4564-B5CA-FFDB38F27D00} => F:\SETUP.EXE
Task: {4FC1D61E-9D4F-417E-A255-C3CAE6EF6B63} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
Task: {52DA9515-4364-4A22-959F-D263075B32BE} - System32\Tasks\CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805} => C:\ProgramData\cis2536.exe <==== UWAGA
Task: {534B2B7C-2D23-4C6D-B650-40D8F51C6AA2} - System32\Tasks\{99E1DF6B-11BC-431D-8ACD-CB937288D874} => Q:\Moje dokumenty\Administracja\MSI - płyta główna\Bios\AFUD238S.exe
Task: {53803803-FCBE-4B51-BF45-5F8880953758} - System32\Tasks\{2CFA15D3-C7BA-4521-AE65-CF59DDDFA476} => F:\SETUP.EXE
Task: {5A998AA0-719D-4303-8ADD-8F2AE17D13A0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2840183716-262155929-4287739094-1000UA => C:\Users\Jagodziak\AppData\Local\Google\Update\GoogleUpdate.exe [2015-11-16] (Google Inc.)
Task: {5B4DEF20-CEA6-48C1-8477-A33C61A111C2} - System32\Tasks\{51B52366-9E2C-4358-AC2C-52BB897917CA} => G:\PA d z jagodziaka\Ftproot\ADOBE.CS6.0.MASTER.COLLECTION.WIN.OSX.KEYGEN-XFORCE\ADOBE.CS6.0.MASTER.COLLECTION.WIN.OSX.KEYGEN-XFORCE\Crack-Windows\xf-mccs6.exe
Task: {5F4BAB56-25FF-4542-99A2-E3424B0D4DA4} - System32\Tasks\{A3238E8E-8CE4-42F1-A2AD-F208560FEEBB} => F:\SETUP.EXE
Task: {67C18826-A924-4A77-B34C-F1ACFB33D31F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6A9B8D24-CAC3-4DA2-ADBC-9DC619C751ED} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
Task: {71B92974-7918-4FF3-B5A4-207AABAD2252} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Brak pliku <==== UWAGA
Task: {754F9CA1-3DA6-44F1-8F34-B32E36FDE72C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {7A2AA0BB-DAD4-4C53-88F6-599A7471AB2A} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {7C9F0A88-0414-429D-904B-27DF9BDA5FFF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
Task: {7EEEC2DB-2C49-4045-BA10-890A4B08200B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {83039D07-68BD-4933-A9F5-2B01F3C5A8D0} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {84ACB3A3-F20F-4BCB-9AA5-64031899D8FE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2013-05-16] (Safer-Networking Ltd.)
Task: {85B192FE-FA1C-4D0A-AA54-6BB1734B45DE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-11-16] (Adobe Systems Incorporated)
Task: {86840BC2-AB20-476E-854D-F9314AD29CD7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2013-05-16] (Safer-Networking Ltd.)
Task: {89B45B7F-B095-4FFE-86CF-99B72820254B} - System32\Tasks\{6D016D80-E5FF-4AF4-9F6D-83AAA990E3A5} => F:\SETUP.EXE
Task: {8A2BA2E4-4783-4A54-A4E9-5A7293072F62} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
Task: {8EA473E2-AFB1-4517-A6B1-B88588218654} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {910AC9EF-7F90-47E8-A8F1-40B5C4C95E1E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {9950C103-5254-45F7-9C33-AA49CEE725DC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
Task: {9B7BD9B9-2A3B-4AD8-B80B-E94DB5B9B3E1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
Task: {9D61912D-0F32-494A-A856-CC75EE329C5C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {9DA93B22-DCD3-4038-B322-ABDCB40C0DCF} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-09] (COMODO)
Task: {9E4696DC-A7B4-40F9-851E-FF61A310AD2B} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {9E4F2034-4B90-43D6-8B41-8DCC86783262} - System32\Tasks\{7B3567EE-CD2D-40A2-A6C7-B149191B7882} => Q:\Gry\Gry\install.exe
Task: {9F9E9255-7FFD-4EBF-8CB0-117AB1C7D438} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {A24DD12B-BE78-4E95-A621-6FAB857F8B51} - System32\Tasks\{F21A1939-9B61-4405-9621-0C9BA9661C26} => Q:\bio\AFUD238S.exe
Task: {A2A8ADBC-E55B-496E-8EA1-1DE9B880081B} - System32\Tasks\SUPERAntiSpyware Scheduled Task 3da6a5fe-c804-42b5-85f7-3afc8556ab1b => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2015-12-14] (SUPERAdBlocker.com)
Task: {A46A7864-44A0-459F-BD95-C43D941EF9F1} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {A4DAB622-9F80-4389-8E95-DD5CC6DDAC0E} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-12] (Tweaking.com)
Task: {B037E3D7-5186-4123-B284-4401B3AEB31A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
Task: {B11471A7-5B95-4422-9929-361470EFD13C} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-09] (COMODO)
Task: {B3957D66-6608-430F-8357-A071896B22D3} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B5998A1C-E636-4EFD-86B5-BFA5832854C3} - System32\Tasks\{54538A49-1637-4DE2-92D1-272FD10992AA} => C:\Users\Jagodziak\Downloads\GA-G31M\FLASHSPI.EXE [2008-08-28] ()
Task: {B90A09BB-88DA-46FE-B2E1-C0025B32AA62} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-09] (COMODO)
Task: {BC397578-1055-4FE7-91FF-E5953AC4D935} - System32\Tasks\{9261A0A8-759F-4E4E-A4B0-1D684E172C5C} => pcalua.exe -a C:\Users\Jagodziak\Downloads\GA-G31M\@BIOS\UpdPack.exe -d C:\Users\Jagodziak\Downloads\GA-G31M\@BIOS
Task: {BE02F205-D0C1-4C3A-BEAE-62F20BFABD0F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {BE1C1A1A-BCBC-4931-9096-2C8D01524B90} - System32\Tasks\AdobeAAMUpdater-1.0-tomaszi7-Jagodziak => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-25] (Adobe Systems Incorporated)
Task: {BE68EAD9-82B9-4107-AE6E-EAA4D5BF07B1} - System32\Tasks\{0C9499C5-963C-407C-BFB6-E12C9CD0FE6D} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.0.103/pl/abandoninstall?page=tsProgressBar
Task: {C3F94FF1-54CA-43DE-B0AE-83B8105766B8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {C781084A-D0C2-4C8C-9B5D-24FA4E5A803E} - System32\Tasks\{7C22D93D-27CB-4E2B-BEA3-851BFA84ADFC} => C:\Program Files (x86)\Proxyfire\proxyfire.exe [2014-03-22] ()
Task: {D44BF67A-4E0E-4C0C-AB3F-1A82365ABA77} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {D7BFAAAA-C365-4922-A86F-05C35B73D902} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-09] (COMODO)
Task: {D92C04DB-3D77-4611-91C0-21AA91F9CBB7} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {D97706BA-4157-489B-BC81-B53AC8320AA2} - System32\Tasks\SUPERAntiSpyware Scheduled Task 4b252163-ecc6-47d9-bb9d-352704dba518 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2015-12-14] (SUPERAdBlocker.com)
Task: {DD35F6CE-1604-4936-AC11-778D742EAEE9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-29] (Piriform Ltd)
Task: {E08EAAC2-8DC1-4B2F-A21B-AEE3E6248816} - System32\Tasks\{ACA7A22C-826C-40A0-9521-4AFD0907BDC9} => F:\SETUP.EXE
Task: {E34CD2CA-CC8A-48B8-AD17-99D5BE5A2ECC} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/uninstall.html?aaa=KICMKJOMGMMJLMHMLJJJCNLJOJNMJJCNLMMMIMJMCNOJIMJJLJCNKMNJLJOJIMKMKMOJOJLJNJMMJNJICMIMCNGMCNOMMMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMPMFMFMNMMMOMJNHICMEKMICNJJCKJNBJCMFLOJIJAJLJFIGJOJEJJNKJCMJNNICMJNDJCMPIDJJNMJCMPMFMPMFMPMJNFICMNIJJIIGJPIKJAJKILIBNKJHIKJ"
Task: {E4647388-AD1D-460C-9883-DC22FE2F0908} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {E5DA29CC-CE0F-4AD5-AFA9-75BD4723B7EB} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {EB651990-EE91-41EE-BE81-512D56A08C4F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Brak pliku <==== UWAGA
Task: {F1B75F16-29D8-404A-A589-A513A266AF6A} - System32\Tasks\{2698A2AA-E4AD-42AE-96A7-F6897E9B9C44} => Q:\bio\AFUD238S.exe
Task: {F7C00F7B-B320-4106-BFAE-FCF46D62F143} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {FAFB0410-4F61-4AAB-9E30-9CC27E21DDFA} - System32\Tasks\{D49A68BD-FE6F-449C-ACBF-143866DDC4DE} => \Tomasz-komputer\ftproot\_torrent\Fontlab\FLS5WinFull.exe
 
(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2840183716-262155929-4287739094-1000Core.job => C:\Users\Jagodziak\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2840183716-262155929-4287739094-1000UA.job => C:\Users\Jagodziak\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 3da6a5fe-c804-42b5-85f7-3afc8556ab1b.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 4b252163-ecc6-47d9-bb9d-352704dba518.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
 
==================== Skróty =============================
 
(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)
 
==================== Załadowane moduły (filtrowane) ==============
 
2015-10-30 08:17 - 2015-10-30 08:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-11-12 16:15 - 2015-11-16 16:18 - 00020240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2014-12-20 13:50 - 2014-02-15 07:59 - 00239184 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2013-04-15 16:39 - 2015-01-08 23:02 - 00067808 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2015-12-21 19:23 - 2015-12-21 19:23 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-23 00:09 - 2015-12-23 09:50 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-21 19:23 - 2015-12-21 19:23 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-06-13 13:17 - 2015-06-13 13:17 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-12-21 19:23 - 2015-12-21 19:23 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-21 19:23 - 2015-12-21 19:23 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-21 19:23 - 2015-12-21 19:23 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-21 19:23 - 2015-12-21 19:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-21 19:23 - 2015-12-21 19:23 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-12-21 19:23 - 2015-12-21 19:23 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2013-09-04 14:36 - 2010-05-04 10:00 - 00237056 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2014-10-23 20:19 - 2014-10-23 20:19 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2014-10-03 08:19 - 2005-07-18 12:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2013-08-27 11:42 - 2013-08-27 11:42 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2013-05-27 10:15 - 2013-05-16 09:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-05-27 10:15 - 2013-05-16 09:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-05-27 10:15 - 2013-05-16 09:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-05-27 10:15 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-05-27 10:15 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-12-23 00:09 - 2015-12-23 09:50 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2015-12-23 00:09 - 2015-12-23 09:50 - 21845504 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-11-25 20:18 - 2015-11-25 20:18 - 00147136 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2013-12-23 10:10 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files (x86)\Samsung Magician\SAMSUNG_SSD.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-12 23:39 - 2012-09-12 23:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2013-09-03 23:28 - 2013-05-14 05:17 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-01-06 21:53 - 2014-01-06 21:53 - 27379992 _____ () C:\Program Files (x86)\Google\Picasa3\Picasa3i18n.dll
2014-01-06 20:18 - 2014-01-06 20:18 - 00405504 _____ () C:\Program Files (x86)\Google\Picasa3\plugins\CDVDR\CDVDR.yti
2014-01-06 21:30 - 2014-01-06 21:30 - 00430080 _____ () C:\Program Files (x86)\Google\Picasa3\plugins\ytITivo.yti
2014-01-06 19:46 - 2014-01-06 19:46 - 02351104 _____ () C:\Program Files (x86)\Google\Picasa3\plugins\Red.dll
2013-05-25 21:12 - 2013-05-25 21:12 - 00204800 _____ () C:\Users\Jagodziak\AppData\Roaming\Notepad++\plugins\ComparePlugin.dll
2013-05-25 21:12 - 2013-05-25 21:12 - 00098304 _____ () C:\Users\Jagodziak\AppData\Roaming\Notepad++\plugins\FallingBricks.dll
2015-04-24 15:11 - 2015-04-24 15:11 - 02748416 _____ () C:\Users\Jagodziak\AppData\Roaming\Notepad++\plugins\NppFTP.dll
2013-05-25 21:12 - 2013-05-25 21:12 - 00210432 _____ () C:\Users\Jagodziak\AppData\Roaming\Notepad++\plugins\regrexplace.dll
2011-07-18 22:07 - 2011-07-18 22:07 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
2015-12-17 09:22 - 2015-12-16 08:12 - 01643336 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2593.0\libglesv2.dll
2015-12-17 09:22 - 2015-12-16 08:12 - 00081736 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2593.0\libegl.dll
 
==================== Alternate Data Streams (filtrowane) =========
 
(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)
 
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\WINDOWS\grep.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\MBR.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\NIRCMD.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\PEV.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\sed.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SWREG.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SWSC.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SWXCACLS.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\unins000.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\zip.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\AdobePDF.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\AdobePDFUI.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-core-file-l1-2-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-core-file-l2-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-core-localization-l1-2-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-core-processthreads-l1-1-1.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-core-synch-l1-2-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-core-timezone-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-core-xstate-l2-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-eventing-provider-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\CustomModeApp.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\CustomModeAppv2_0.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\difx64.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyApp.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyAppv2_0.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\GfxUIEx.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Gfxv2_0.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Gfxv4_0.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IccLibDll_x64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ig7icd64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igd10iumd64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igdail64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igdbcl64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igdde64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igdfcl64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igdmd64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igdrcl64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igdumdim64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igdusc64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfx11cmrt64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxcmjit64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxcmrt64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxCoIn_v4276.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxCPL.cpl:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxCUIService.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxCUIServicePS.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxDH.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLib.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLibv2_0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxDI.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxDILib.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxDILibv2_0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxDTCM.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxEM.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLib.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLibv2_0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxexps.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxext.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxHK.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxLHM.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLib.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLibv2_0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxOSP.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxTray.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\iglhcp64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\iglhsip64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IntelOpenCL64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiAAC64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiLogServer64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMCUMD64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMux64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUtils64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiVAD64.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\LogiDPPApp.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\lvcod64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MRT.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MsSpellCheckingFacility.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\NlsData000a.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\NlsData000c.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\NlsLexicons000a.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\NlsLexicons000c.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\OpenCL.DLL:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\PortChanger.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\prm0019.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\anim.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-core-file-l1-2-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-core-file-l2-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-core-localization-l1-2-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-core-synch-l1-2-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerApp.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\ig7icd32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10iumd32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdail32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdbcl32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdde32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdfcl32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmd32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdrcl32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdumdim32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdusc32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfx11cmrt32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmjit32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmrt32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxexps32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhcp32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhsip32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelOpenCL32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\LogiDPPApp.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\NlsData000a.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\NlsData000c.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\NlsLexicons000a.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\NlsLexicons000c.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\opencl.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\unicows.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\W95INF16.DLL:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\W95INF32.DLL:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\wbhelp2.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\wbocx.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\athurx.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\igdkmd64.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\intelaud.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IT9135BDA.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\iwdbus.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbam.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbamchameleon.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mwac.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\teamviewervpn.sys:$CmdTcID
AlternateDataStreams: C:\ProgramData\TEMP:9E00596C
AlternateDataStreams: C:\ProgramData\TEMP:B755D674
AlternateDataStreams: C:\ProgramData\TEMP:D78D6FF7
AlternateDataStreams: C:\Users\Jagodziak\Desktop\cmd.bat:$CmdTcID
AlternateDataStreams: C:\Users\Jagodziak\Desktop\Egipt H264 1920 x 1080 25p.mp4:$CmdZnID
AlternateDataStreams: C:\Users\Jagodziak\Desktop\JRT.exe:$CmdTcID
AlternateDataStreams: C:\Users\Jagodziak\Desktop\nisoz_miejsca_udzielania_swiadczen_z_dn._2015.01.19.xls:$CmdZnID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\1441794447-1001-10548.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\1441794537-1001-12745.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\3E79.tmp:$CmdTcID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\46.0.2490.13_chrome_installer.exe:$CmdTcID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\46.0.2490.13_chrome_installer.exe:$CmdZnID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\AAAAComboFix.exe:$CmdTcID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\AAAAComboFix.exe:$CmdZnID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\AAAWSWComboFix.exe:$CmdTcID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\AAAWSWComboFix.exe:$CmdZnID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\AAA_Rem-VBSworm.exe:$CmdTcID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\AAA_Rem-VBSworm.exe:$CmdZnID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\AdwCleaner (2).exe:$CmdTcID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\AdwCleaner (2).exe:$CmdZnID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\ChromeSetup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\ChromeSetup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\E05C.tmp:$CmdTcID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\flashplayer20_a_installa.exe:$CmdZnID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\google-drive-20151019.48.zip:$CmdZnID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\JRT.exe:$CmdTcID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\JRT.exe:$CmdZnID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\mbae-setup-1.08.1.1044.exe:$CmdTcID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\mbae-setup-1.08.1.1044.exe:$CmdZnID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\msert.exe:$CmdTcID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\msert.exe:$CmdZnID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\outlook.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\plg_system_akgeoip-1.0.6.zip:$CmdZnID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\putty-0.66-installer.exe:$CmdTcID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\putty-0.66-installer.exe:$CmdZnID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\tomaszowce.JPG:$CmdZnID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\ToolRegDefrag.exe:$CmdTcID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\Zemana.AntiMalware.Setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Jagodziak\Downloads\Zemana.AntiMalware.Setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Jagodziak\AppData\Local\f96pWMGdFtB:0HAZwgRtA4Nl7xIPVoTsh
AlternateDataStreams: C:\Users\Staś\Desktop\zyczu-mc.jar:$CmdZnID
AlternateDataStreams: C:\Users\Staś\Downloads\MaxUninstaller_Setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Staś\Downloads\MaxUninstaller_Setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Staś\Downloads\MinecraftInstaller.msi:$CmdZnID
AlternateDataStreams: C:\Users\Staś\Downloads\WRUpgradeTool.exe:$CmdTcID
AlternateDataStreams: C:\Users\Staś\Downloads\WRUpgradeTool.exe:$CmdZnID
 
==================== Tryb awaryjny (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)
 
 
==================== EXE - Powiązania (filtrowane) ===============
 
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)
 
HKU\S-1-5-21-2840183716-262155929-4287739094-1000\Software\Classes\exefile: "%1" %* <===== UWAGA
 
==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)
 
IE restricted site: HKU\S-1-5-21-2840183716-262155929-4287739094-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2840183716-262155929-4287739094-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2840183716-262155929-4287739094-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2840183716-262155929-4287739094-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2840183716-262155929-4287739094-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2840183716-262155929-4287739094-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2840183716-262155929-4287739094-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2840183716-262155929-4287739094-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2840183716-262155929-4287739094-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2840183716-262155929-4287739094-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2840183716-262155929-4287739094-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2840183716-262155929-4287739094-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2840183716-262155929-4287739094-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2840183716-262155929-4287739094-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2840183716-262155929-4287739094-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2840183716-262155929-4287739094-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2840183716-262155929-4287739094-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2840183716-262155929-4287739094-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2840183716-262155929-4287739094-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2840183716-262155929-4287739094-1000\...\123simsen.com -> www.123simsen.com
 
Wykryto więcej niż wyliczono: 7863 witryn.
 
 
==================== Hosts - zawartość: ===============================
 
(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)
 
2015-04-20 13:16 - 2015-12-17 13:24 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
 
==================== Inne obszary ============================
 
(Obecnie brak automatycznej naprawy dla tej sekcji.)
 
HKU\S-1-5-21-2840183716-262155929-4287739094-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Zapora systemu Windows [funkcja włączona]
 
==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==
 
(Obecnie brak automatycznej naprawy dla tej sekcji.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MT4217.lnk => C:\Windows\pss\MT4217.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Jagodziak^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Rejestracja produktu.lnk => C:\Windows\pss\Logitech . Rejestracja produktu.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jagodziak^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ALLUpdate => "C:\Program Files (x86)\OpenSubtitlesPlayer\ALLUpdate.exe" "sleep"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BingSvc => C:\Users\Jagodziak\AppData\Local\Microsoft\BingSvc\BingSvc.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: ControlCenterCount => C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe
MSCONFIG\startupreg: emsisoft anti-malware => "c:\program files\emsisoft anti-malware\a2guard.exe" /d=60
MSCONFIG\startupreg: Fast Boot => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe
MSCONFIG\startupreg: Google Photos Backup => "C:\Users\Jagodziak\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart
MSCONFIG\startupreg: GoogleChromeAutoLaunch_A953E9229D01AF71925BDCF6537E7B07 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesPreload => D:\Program Files\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => D:\Program Files\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Live Update => C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
MSCONFIG\startupreg: Malwarebytes Anti-Exploit => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
MSCONFIG\startupreg: Monotype SkyFonts Rack Up => C:\Program Files\Monotype\SkyFonts\SFC.exe
MSCONFIG\startupreg: Monotype SkyFonts System Extension => C:\Program Files\Monotype\SkyFonts\SkyFonts.exe
MSCONFIG\startupreg: nmapp => "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
MSCONFIG\startupreg: nmctxth => "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
MSCONFIG\startupreg: Privatefirewall => C:\Program Files (x86)\Privacyware\Privatefirewall 7.0\PFGUI.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RoboForm => "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE
MSCONFIG\startupreg: vmware-tray.exe => "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
MSCONFIG\startupreg: Wally => C:\Program Files (x86)\Wally\Wally.exe
MSCONFIG\startupreg: WRSVC => "C:\Program Files\Webroot\WRSA.exe" -ul
MSCONFIG\startupreg: ZAM => "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /minimized
 
==================== Reguły Zapory systemu Windows (filtrowane) ===============
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{D6A72A3F-BEC8-4FC2-B3D3-4892B7C48E8B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0AC18BD5-026D-4503-93B9-EB08F09874CA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{44D3934D-DF6E-4378-A499-9DE9EF0C7D74}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C6EB7414-6864-4B06-BA86-217BB32C66F2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C3DC7DED-24B6-40B3-B82C-723A99CB83BA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4246EDD0-CD4C-4B63-B0F4-B3E4310ED202}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{165AB1DF-864A-4D3A-BDD8-C02D92AFBB2E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BB8CA513-EE55-4B96-BFF9-97381E815496}] => (Block) Q:\adobe muse cc 2014\muse.exe
FirewallRules: [{6D95D682-F85F-404A-AE4F-5B5D2BE9F5C8}] => (Block) Q:\adobe muse cc 2014\muse.exe
FirewallRules: [UDP Query User{888E9AB9-830C-4447-BE37-570728453E22}Q:\adobe muse cc 2014\muse.exe] => (Allow) Q:\adobe muse cc 2014\muse.exe
FirewallRules: [TCP Query User{C28F958C-2BFE-498C-81E6-2208D7CFFDD0}Q:\adobe muse cc 2014\muse.exe] => (Allow) Q:\adobe muse cc 2014\muse.exe
FirewallRules: [UDP Query User{4E66BEFC-AABB-46BC-81C4-2EDF15E36F23}C:\program files\java\jre1.8.0_40\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [TCP Query User{8278C0C0-A058-47B1-937F-FCA8DB464E97}C:\program files\java\jre1.8.0_40\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [{DDE12459-C89C-4140-9FAB-7523AC21559C}] => (Allow) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
FirewallRules: [{AD6311E3-969C-44F2-93F7-88FA43C4834B}] => (Allow) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
FirewallRules: [{80E1BAF3-2786-4F66-9F1D-027A37CBB2AF}] => (Block) D:\Old_Pliki programów (x86)\CorelDRAW Graphics Suite X7\Programs\DIM.EXE
FirewallRules: [{1DC6A817-D629-420C-870F-74C8C08CFC90}] => (Block) D:\Old_Pliki programów (x86)\CorelDRAW Graphics Suite X7\Programs\DIM.EXE
FirewallRules: [{2C1C54F9-36E4-46C9-BACC-A84179BAF009}] => (Block) D:\Old_Pliki programów (x86)\CorelDRAW Graphics Suite X7\Programs\CorelDRW.exe
FirewallRules: [{7BBAE86C-C032-4CC3-A61C-BBCA8B3D33EF}] => (Block) d:\Old_Pliki programów (x86)\CorelDRAW Graphics Suite X7\Programs\CorelPP.exe
FirewallRules: [{CFB33B94-229C-4D8D-9344-89AABDE9B6B0}] => (Block) d:\Old_Pliki programów (x86)\CorelDRAW Graphics Suite X7\Programs\CorelDrw.exe
FirewallRules: [{41FD9A7A-A17E-4F0E-AE21-F0229843DE15}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Dreamweaver CC 2014\Dreamweaver.exe
FirewallRules: [{551C0C8B-6C85-4B9A-8CBC-8E70D7127F99}] => (Block) %ProgramFiles% (x86)\Common Files\Adobe\OOBE\PDApp\P7\adobe_licutil.exe
FirewallRules: [{6D859B78-C5B9-4C76-8150-DEC86A740B17}] => (Block) %ProgramFiles% (x86)\Common Files\Adobe\OOBE\PDApp\P7\adobe_licutil.exe
FirewallRules: [{6CDD08A3-9048-4E5B-9E0C-2CC11DA02F98}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Dreamweaver CC 2014\Dreamweaver.exe
FirewallRules: [{3053C13A-B1B8-472E-BBCC-9E1A2EE8B7D4}] => (Block) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe
FirewallRules: [{E855429E-F3A9-4013-AAD6-A27865D3723E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4D671C05-2EFC-4469-806B-BD4405D61930}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C9DE8F1D-36DE-4F11-AEDB-0B3A2971C9D5}] => (Allow) C:\Users\Jagodziak\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BCE6DDE8-14BC-4C41-A474-8A12C0752501}] => (Allow) C:\Users\Jagodziak\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{339AB94F-FDDB-4A86-B873-7C167D9F95D6}] => (Block) C:\program files (x86)\mylanviewer\mylanviewer.exe
FirewallRules: [{2E3E170F-DCFD-4A98-96EC-C55C3C902924}] => (Block) C:\program files (x86)\mylanviewer\mylanviewer.exe
FirewallRules: [UDP Query User{716CBF17-9075-4B66-A905-2A8397C74B24}C:\program files (x86)\mylanviewer\mylanviewer.exe] => (Allow) C:\program files (x86)\mylanviewer\mylanviewer.exe
FirewallRules: [TCP Query User{480B0D39-F39E-4172-99BF-00CF8543B842}C:\program files (x86)\mylanviewer\mylanviewer.exe] => (Allow) C:\program files (x86)\mylanviewer\mylanviewer.exe
FirewallRules: [{8CE40F64-D7F7-41A6-A689-5BD0D491FCBE}] => (Allow) LPort=67
FirewallRules: [{55193369-D07A-447F-9978-F0EE77302B82}] => (Allow) C:\Program Files (x86)\Firefox Developer Edition\firefox.exe
FirewallRules: [{9C9DCB50-067D-4D7C-954F-0BDAE8A12975}] => (Allow) C:\Program Files (x86)\Firefox Developer Edition\firefox.exe
FirewallRules: [{33377706-745C-4951-85E5-005C233502F8}] => (Block) %ProgramFiles% (x86)\ORPALIS\PaperScan Professional Edition\PaperScan.exe
FirewallRules: [{DB480CF4-4819-45A0-BC62-D330851E1929}] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{C34E5A2F-45C7-4407-8F4C-D7F3D85176FE}] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{93FB558B-6CA2-445C-9E08-5DCC90DC258B}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{79B89731-8990-4E9D-976C-6CA949F125C1}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{98F5E6A4-AF7A-4E13-BA91-FE5BDF4AB099}] => (Block) C:\Program Files (x86)\ORPALIS\PaperScan Professional Edition\PaperScan.exe
FirewallRules: [{8B0FEA2F-3D71-4142-AB81-59116E7E1E64}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop Lightroom 5.5\lightroom.exe
FirewallRules: [{9DE55D04-606B-45DB-BAE9-FB373E15620E}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop Lightroom 5.5\lightroom.exe
FirewallRules: [{8C64388A-1C40-4916-8B9A-DBFF5776B746}] => (Block) %ProgramFiles% (x86)\Rosetta Stone\Rosetta Stone TOTALe\RosettaStoneTOTALe.exe
FirewallRules: [{4F4F2FA3-C09C-487A-8A1A-040BEFDD094A}] => (Block) %ProgramFiles% (x86)\Rosetta Stone\Rosetta Stone TOTALe\Rosetta Stone TOTALe.exe
FirewallRules: [{AD7A1207-FAED-4CAF-851D-A12728678E1A}] => (Block) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
FirewallRules: [{972E3DBB-F07E-4B28-A41C-5FCF7BA1FA93}] => (Block) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
FirewallRules: [{7146A4D2-EC39-42D5-9C63-9E5669F9652E}] => (Block) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdServices.exe
FirewallRules: [{387D9569-D56E-4147-BC0F-DDFC92905812}] => (Block) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdServices.exe
FirewallRules: [{995BFEC9-B01A-42F0-A81E-8845C7B50D92}] => (Block) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [{6AB118B9-C761-4830-876B-E73D600B0EC0}] => (Block) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [UDP Query User{3C9B184C-1191-419C-AF1E-5A3D9B3D22E8}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [TCP Query User{D9152376-3FDE-4D69-9790-B618A562CFD5}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [{4A37E66C-7CFB-4C6B-9FEF-FADF4D42696C}] => (Allow) C:\Program Files (x86)\Prezi\Prezi.exe
FirewallRules: [{5E889357-D6AD-4F78-8F66-8A33014EA79B}] => (Allow) C:\Users\Jagodziak\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{46006EDA-1A62-409C-AB0E-70EE56D64527}] => (Allow) C:\Users\Jagodziak\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8335C6E2-1EE5-48F4-8142-4B25330C7EEC}] => (Block) C:\program files (x86)\ratajik software\stationripper\stationripperconsole.exe
FirewallRules: [{CD7D01A6-F48E-45AC-A350-73C87C293DE2}] => (Block) C:\program files (x86)\ratajik software\stationripper\stationripperconsole.exe
FirewallRules: [UDP Query User{96A4C663-F41A-4E7E-8CD9-35971E95AA08}C:\program files (x86)\ratajik software\stationripper\stationripperconsole.exe] => (Allow) C:\program files (x86)\ratajik software\stationripper\stationripperconsole.exe
FirewallRules: [TCP Query User{D5266612-1044-4E6C-94A5-C17317B493AB}C:\program files (x86)\ratajik software\stationripper\stationripperconsole.exe] => (Allow) C:\program files (x86)\ratajik software\stationripper\stationripperconsole.exe
FirewallRules: [{B880BBAC-92AD-4E93-829E-26154F1063F7}] => (Allow) C:\Program Files (x86)\MySQL\MySQL Workbench 6.0 CE\MySQLWorkbench.exe
FirewallRules: [{C1FD95A4-4D55-46AF-8CB5-6538DF2F0951}] => (Allow) C:\Program Files (x86)\MySQL\MySQL Workbench 6.0 CE\MySQLWorkbench.exe
FirewallRules: [{D42664A6-54E1-4FF3-A5FA-79E50DEC6291}] => (Allow) C:\Program Files (x86)\MySQL\MySQL Workbench 6.0 CE\MySQLWorkbench.exe
FirewallRules: [{37EF0713-BD15-4DF1-B86A-150CF7981963}] => (Allow) C:\Program Files (x86)\MySQL\MySQL Workbench 6.0 CE\MySQLWorkbench.exe
FirewallRules: [{D1D843D2-AD84-4C40-AA05-070E2E84EEA8}] => (Allow) LPort=1900
FirewallRules: [{03A1FA7F-34F1-4916-AB93-59068F8FB149}] => (Allow) LPort=2869
FirewallRules: [{DFBF77BB-465F-44C7-8059-A075ED77C4DF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{ACE3C207-B7F1-4948-9BCD-FD0BDFD34AE8}] => (Allow) C:\Program Files (x86)\eRightSoft\SUPER\SUPER.exe
FirewallRules: [{99AB0B92-2FC3-4539-8666-832C55633AE0}] => (Allow) C:\Program Files (x86)\eRightSoft\SUPER\SUPER.exe
FirewallRules: [{0F538E58-8378-4EC3-9276-20389F97184A}] => (Allow) C:\Program Files (x86)\eRightSoft\SUPER\SUPER.exe
FirewallRules: [{06484490-E87B-4065-8CC6-B9E62BE109B1}] => (Allow) C:\Program Files (x86)\eRightSoft\SUPER\SUPER.exe
FirewallRules: [{F8BD7E91-C62E-4781-AC9F-4EFCD7727BD7}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{5947A13F-49E6-4BD4-97D7-3FDB1D9BAB8C}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [UDP Query User{2DC94BEC-EC50-4387-A40A-C3B77BAA34A6}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{4B9F22B8-9F9D-4EC5-8047-D1742E7BCA94}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{B73C75B9-A09E-4C4A-BD2A-27C293005F37}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{8A92363A-F00F-4121-BBF9-CF86AF9DE5AE}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{84F0F69C-E7CF-4447-A6E7-D266E530763B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{AE6FE1DD-80B8-4EA8-9E49-86C0AC50B03F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6488E696-C5B4-4FDE-9420-A5513CAAD18B}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe
FirewallRules: [{AAB500D2-B85F-4D67-A17D-CFA41DC21E56}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe
FirewallRules: [{A14E66B7-D803-4322-A0C4-684366C47F27}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe
FirewallRules: [{E6A3EA9C-BA5A-4737-B7EC-D423C20688A3}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe
FirewallRules: [{FA2B22B8-6588-4CEA-BBB4-7EA1CA2CE6EA}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{BBB2E8B1-830F-4662-82F5-FFC0A5E2736F}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{C501DB27-344E-41AF-9901-FB35FFE19F08}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{EA9359FF-EF6A-4B64-8246-6784C5B4BA26}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{226EB503-4A90-4416-8C3B-7E567775905C}] => (Allow) LPort=81
FirewallRules: [{A28B6328-0F26-4755-B643-E7DD21A1FF97}] => (Allow) LPort=3307
FirewallRules: [{6603FDCE-4483-4A10-A105-F97D4F2B10BE}] => (Block) C:\users\jagodziak\desktop\mysql-5.6.13-winx64\bin\mysqld.exe
FirewallRules: [{E0884FFE-183F-4805-9238-4D0D17E1439F}] => (Block) C:\users\jagodziak\desktop\mysql-5.6.13-winx64\bin\mysqld.exe
FirewallRules: [UDP Query User{1C21A80C-03C6-4364-8C8F-CABFD61DBB33}C:\users\jagodziak\desktop\mysql-5.6.13-winx64\bin\mysqld.exe] => (Allow) C:\users\jagodziak\desktop\mysql-5.6.13-winx64\bin\mysqld.exe
FirewallRules: [TCP Query User{8AD227B8-182E-4809-B9F7-82D61B48FC05}C:\users\jagodziak\desktop\mysql-5.6.13-winx64\bin\mysqld.exe] => (Allow) C:\users\jagodziak\desktop\mysql-5.6.13-winx64\bin\mysqld.exe
FirewallRules: [{1A1FFB53-AFBA-4F95-A80A-18EA2535052B}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{F540F014-FF51-4792-896E-D62335244F55}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FF359F2B-7490-4873-AE5B-C17F9715128D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B6086357-EBF7-43A7-B9F2-112C97446CCE}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [UDP Query User{3D31CDE5-6F3C-4CEB-9277-338F100738B5}C:\program files (x86)\java\jdk1.7.0_25\bin\java.exe] => (Allow) C:\program files (x86)\java\jdk1.7.0_25\bin\java.exe
FirewallRules: [TCP Query User{8E95D06A-4572-4494-9C0F-EEF8078229EC}C:\program files (x86)\java\jdk1.7.0_25\bin\java.exe] => (Allow) C:\program files (x86)\java\jdk1.7.0_25\bin\java.exe
FirewallRules: [UDP Query User{0AB83286-39F9-49E1-BB44-2C59F70BEE3A}C:\users\jagodziak\appdata\local\android\android-studio\bin\studio64.exe] => (Allow) C:\users\jagodziak\appdata\local\android\android-studio\bin\studio64.exe
FirewallRules: [TCP Query User{06EC48CB-E867-4C60-B0E3-501DC9692F89}C:\users\jagodziak\appdata\local\android\android-studio\bin\studio64.exe] => (Allow) C:\users\jagodziak\appdata\local\android\android-studio\bin\studio64.exe
FirewallRules: [UDP Query User{A3C1EE6F-7B68-42DD-8BF6-B4565EC7F9E0}C:\program files\java\jdk1.7.0_25\jre\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_25\jre\bin\java.exe
FirewallRules: [TCP Query User{0861CC4A-5782-44EB-860A-156627EC85D4}C:\program files\java\jdk1.7.0_25\jre\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_25\jre\bin\java.exe
FirewallRules: [UDP Query User{105571EE-98E2-499B-A595-9CC513F66737}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [TCP Query User{8A6B15BF-FF5C-421B-A262-E8CE451FD577}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [{B015A9C2-FBAD-46A2-A71D-BEA7D9263F05}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{24D17F54-FF50-47EF-BD94-C4D105887979}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{24AA67BF-381A-4E54-A1B4-0EB4280B7A0A}] => (Allow) LPort=7935
FirewallRules: [{62D813D3-5852-443F-9080-7627EB8F2707}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{93FF47FB-7D1E-47D6-8D21-7F4E43320E54}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{CF6D8851-6A32-4E6E-B5A6-8C3FB46DC551}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Punkty Przywracania systemu =========================
 
22-12-2015 10:31:46 Windows Update
 
==================== Wadliwe urządzenia w Menedżerze urządzeń =============
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Błędy w Dzienniku zdarzeń: =========================
 
Dziennik Aplikacja:
==================
Error: (12/28/2015 10:37:54 AM) (Source: SideBySide) (EventID: 79) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla „http://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayName1”.
 
Error: (12/28/2015 09:35:18 AM) (Source: SideBySide) (EventID: 79) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla „http://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayName1”.
 
Error: (12/28/2015 09:25:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: tomaszi7)
Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
 
Error: (12/27/2015 11:01:41 AM) (Source: SideBySide) (EventID: 79) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla „http://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayName1”.
 
Error: (12/26/2015 08:05:41 PM) (Source: SideBySide) (EventID: 79) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla „http://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayName1”.
 
Error: (12/26/2015 05:18:20 PM) (Source: SideBySide) (EventID: 79) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla „http://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayName1”.
 
Error: (12/24/2015 10:55:08 AM) (Source: SideBySide) (EventID: 79) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla „http://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayName1”.
 
Error: (12/22/2015 11:42:53 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.1 - Wystąpił błąd podczas inicjacji infrastruktury dołączania interfejsu API profilowania. Ten proces nie zezwoli na dołączenie profilera. HRESULT: 0x80004005.  Identyfikator procesu (liczba dziesiętna): 9596. Identyfikator komunikatu: [0x2509].
 
Error: (12/22/2015 11:38:02 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.1 - Wystąpił błąd podczas inicjacji infrastruktury dołączania interfejsu API profilowania. Ten proces nie zezwoli na dołączenie profilera. HRESULT: 0x80004005.  Identyfikator procesu (liczba dziesiętna): 9232. Identyfikator komunikatu: [0x2509].
 
Error: (12/22/2015 11:25:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: tomaszi7)
Description: Aktywacja aplikacji Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2147009280. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
 
 
Dziennik System:
=============
Error: (12/28/2015 10:37:56 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Usługa VMwareHostd zakończyła działanie; wystąpił następujący specyficzny dla niej błąd: 
%%4294967295
 
Error: (12/28/2015 10:37:55 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa NetTcpActivator zależy od usługi NetTcpPortSharing, której nie można uruchomić z powodu następującego błędu: 
%%1058
 
Error: (12/28/2015 10:37:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi SDWSCService z powodu następującego błędu: 
%%14001
 
Error: (12/28/2015 10:37:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi ss_conn_service z powodu następującego błędu: 
%%2
 
Error: (12/28/2015 10:37:53 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Usługa cphs zakończyła działanie; wystąpił następujący błąd: 
%%2147942659
 
Error: (12/28/2015 10:37:53 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 10:27:46 na ‎28.‎12.‎2015 było nieoczekiwane.
 
Error: (12/28/2015 10:27:46 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 10:15:17 na ‎28.‎12.‎2015 było nieoczekiwane.
 
Error: (12/28/2015 09:35:21 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Usługa VMwareHostd zakończyła działanie; wystąpił następujący specyficzny dla niej błąd: 
%%4294967295
 
Error: (12/28/2015 09:35:20 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa NetTcpActivator zależy od usługi NetTcpPortSharing, której nie można uruchomić z powodu następującego błędu: 
%%1058
 
Error: (12/28/2015 09:35:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi SDWSCService z powodu następującego błędu: 
%%14001
 
 
CodeIntegrity:
===================================
  Date: 2015-12-28 10:47:50.464
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-28 10:37:54.136
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-28 10:07:48.005
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-28 10:01:38.951
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-28 09:43:17.802
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-28 09:35:18.330
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-28 09:23:04.419
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-27 23:43:54.715
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-27 21:15:20.478
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-27 19:56:15.479
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Statystyki pamięci =========================== 
 
Procesor: Intel® Core™ i7-3770K CPU @ 3.50GHz
Procent pamięci w użyciu: 26%
Całkowita pamięć fizyczna: 16263.17 MB
Dostępna pamięć fizyczna: 11905.59 MB
Całkowita pamięć wirtualna: 18262.17 MB
Dostępna pamięć wirtualna: 13418.6 MB
 
==================== Dyski ================================
 
Drive c: () (Fixed) (Total:209.15 GB) (Free:32.07 GB) NTFS
Drive d: () (Removable) (Total:3.72 GB) (Free:3.7 GB) FAT32
Drive h: (Seagate Backup Plus Drive) (Fixed) (Total:1863.01 GB) (Free:190.62 GB) NTFS
Drive q: (3tb) (Fixed) (Total:2794.39 GB) (Free:285.88 GB) NTFS
 
==================== MBR & Tablica partycji ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 5CFBC39C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=209.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
 
========================================================
Disk: 1 (Size: 2794.5 GB) (Disk ID: B4961C98)
 
Partition: GPT.
 
========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 58249CE5)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
========================================================
Disk: 3 (Size: 3.7 GB) (Disk ID: BB0028C7)
Partition 1: (Not Active) - (Size=3.7 GB) - (Type=0B)
 
==================== Koniec  Addition.txt ============================

 

Attached Files

  • Attached File  FRST.txt   160.53KB   1 downloads


#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,506 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:01 AM

Posted 28 December 2015 - 09:58 AM

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
GroupPolicyUsers\S-1-5-21-2840183716-262155929-4287739094-1007\User: Ograniczenia <======= UWAGA
GroupPolicyScripts: Ograniczenia <======= UWAGA
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
HKU\S-1-5-21-2840183716-262155929-4287739094-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
HKU\S-1-5-21-2840183716-262155929-4287739094-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-2840183716-262155929-4287739094-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
Toolbar: HKU\S-1-5-21-2840183716-262155929-4287739094-1000 -> Brak nazwy - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Brak pliku
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} -  Brak pliku
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -  Brak pliku
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} -  Brak pliku
FF Plugin-x32: @TrendMicro.com/FFExtension -> C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll [Brak pliku]
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [Brak pliku]
FF HKLM\...\Firefox\Extensions: [tmbepff-7.5@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1136\7.5.1136\firefoxextension => nie znaleziono
FF HKLM-x32\...\Firefox\Extensions: [tmbepff-7.5@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1136\7.5.1136\firefoxextension => nie znaleziono
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension => nie znaleziono
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension => nie znaleziono
FF HKLM-x32\...\Firefox\Extensions: [SpbWalletToolbar@SpbSoftwareHouse.com] - C:\Program Files (x86)\Spb Wallet\toolbar
FF Extension: Spb Wallet Toolbar - C:\Program Files (x86)\Spb Wallet\toolbar [2013-12-14] [Brak podpisu cyfrowego]
FF HKLM-x32\...\Firefox\Extensions: [webrootsecure@webroot.com] - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer => nie znaleziono
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - C:\ProgramData\WRData\PKG\CHROME\CHROME_1.0.0.32.crx <nie znaleziono>
S2 ss_conn_service; "D:\Program Files\USB Drivers\25_escape\conn\ss_conn_service.exe" [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
C:\Program Files (x86)\Spb Wallet
Task: {05B3A342-981C-4BE5-B789-C31A6F51AC02} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
Task: {070168F6-4981-4B59-BF7C-E1ADC9E132F8} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
Task: {0DC0C189-60BA-433E-9145-038013A0732F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
Task: {1AD18424-9A44-46CF-BE5C-B22F1B2ED654} - \WPD\SqmUpload_S-1-5-21-2840183716-262155929-4287739094-1000 -> Brak pliku <==== UWAGA
Task: {3E508E34-2915-4B7B-BAD9-A9D35598899B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
Task: {52DA9515-4364-4A22-959F-D263075B32BE} - System32\Tasks\CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805} => C:\ProgramData\cis2536.exe <==== UWAGA
Task: {6A9B8D24-CAC3-4DA2-ADBC-9DC619C751ED} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
Task: {71B92974-7918-4FF3-B5A4-207AABAD2252} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Brak pliku <==== UWAGA
Task: {7C9F0A88-0414-429D-904B-27DF9BDA5FFF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
Task: {8A2BA2E4-4783-4A54-A4E9-5A7293072F62} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
Task: {9950C103-5254-45F7-9C33-AA49CEE725DC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
Task: {9B7BD9B9-2A3B-4AD8-B80B-E94DB5B9B3E1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
Task: {B037E3D7-5186-4123-B284-4401B3AEB31A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
Task: {EB651990-EE91-41EE-BE81-512D56A08C4F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Brak pliku <==== UWAGA
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\TEMP:9E00596C
AlternateDataStreams: C:\ProgramData\TEMP:B755D674
AlternateDataStreams: C:\ProgramData\TEMP:D78D6FF7
HKU\S-1-5-21-2840183716-262155929-4287739094-1000\Software\Classes\exefile: "%1" %* <===== UWAGA

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Clear cache and browsing history with Microsoft Edge
http://www.techulator.com/resources/14556-How-to-clear-cache-and-browsing-history-with-Microsoft-Edge.aspx

===


CHR dev: Chrome dev build wykryto! <======= UWAGA

Your copy of Chrome has been compromised

Unless you did this yourself, malware has changed your Chrome version into the Development Build. Among other things this allows malware to install any extension it wants.

Clear your Chrome cache and cookies
https://support.google.com/chromebook/answer/183083?hl=en

===

Remove Chrome using the the instructions on this page.
https://support.google.com/chrome/answer/95319?hl=en

Before you do Export your Bookmarks
Chrome will export your bookmarks as a HTML file, which you can then import into another browser.

If you want to save your passwords as well see here: http://www.intowindows.com/how-to-backup-saved-passwords-in-google-chrome-browser/

Re-install Chrome and the Bookmarks.

<<<>>>

What are the remaining issues with this computer?

#5 tomaszblee

tomaszblee
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  

Posted 29 December 2015 - 04:11 AM

Hi,

After I do everything comp works quite fine.  When perform second reset it start very long and shut down itself, next - 3 - time starts very long too. After that start normally but hang when Skype using.

Now is hanging and reseting after login and trying to use Chrome or FF.

Probably no matter what I do.

Last 3 times reseting when try Task Manager and Notepad++ using.


Edited by tomaszblee, 29 December 2015 - 06:08 AM.


#6 nasdaq

nasdaq

  • Malware Response Team
  • 40,506 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:01 AM

Posted 29 December 2015 - 08:36 AM

Skype and Firefox may be damaged.

Let Fix Firefox first.

Remove Firefox using the instructions one this page.
https://support.mozilla.org/en-US/kb/uninstall-firefox-from-your-computer

Before proceeding save your Bookmarks.
https://support.mozilla.org/en-US/kb/export-firefox-bookmarks-to-backup-or-transfer

Install the latest version of the application.

You can then import them to the new version of Firefox.

Firefox Password manager -
Remember, delete and change saved passwords in Firefox
https://support.mozilla.org/en-US/kb/password-manager-remember-delete-change-passwords
<<<>>>

Restart the computer and let me know if Firefox works correcly.

#7 nasdaq

nasdaq

  • Malware Response Team
  • 40,506 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:01 AM

Posted 04 January 2016 - 02:37 PM

Are you still with me?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users