Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Firefox redirecting to suspicious webpage.


  • This topic is locked This topic is locked
8 replies to this topic

#1 dziabong

dziabong

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:07:15 PM

Posted 03 October 2017 - 12:04 PM

Hello,

yesterday I googled for my borough office site but when I clicked the appropriate link I got redirected to the suspicious one instead. There was some facebook-looking pop up, and when I closed it I got redirected somewhere else. 

In the browser history I can see:

 

hllp://reward4996.cdn9-network69-server5.club/?utm_medium=NQ3aDvyuBCtafRQJPeFC66tm%2bMNW8T%2baflxP0d0AJGo%3d

hllp://appstoresmobiles.com/away.php

hllp://best.prizedeal2.info/?utm_medium=ccb1966b9d7c2c6b97aced65bb3ff188a3ca62cc&utm_campaign=mainstream&cid=e3672e65-cc0f-41e8-858b-458f4a8a06cd

 

It happened only once. When I googled one more time and clicked the very same link the correct website was displayed,

I tried scanning the system with Avira Scanner but got blue screen after some time (There was something with KERNEL - can't tell precisely, it disappeared too fast). After reboot I scanned again and this time it was successfully ended with no detection.

I have just check again now. This time I was redirected to:
hllp://play1376.cdn7-bignetwork7-server6.top/?utm_medium=NQ3aDvyuBCtafRQJPeFC66tm%2bMNW8T%2baflxP0d0AJGo%3d

 

I noticed this only for the particular site. Maybe the problem is on their side? But still I could have caught something from them.

System data:

 

Windows 7 Home Premium SP1 (32bit)

 

FRST.txt (in Polish unfortunatelly):

 

Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja: 01-10-2017
Uruchomiony przez Olenka (administrator)  OLENKA-KOMPUTER (02-10-2017 23:10:41)
Uruchomiony z C:\Users\Olenka\Downloads
Załadowane profile: Olenka (Dostępne profile: Olenka)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: FF)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Validity Sensors, Inc.) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(K2T.eu, Kaworu) C:\Program Files\K2T\WTW\wtw.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(HP Inc.) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Rejestr (filtrowane) ===========================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000\...\Run: [Google Update] => C:\Users\Olenka\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-28] (Google Inc.)
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000\...\MountPoints2: {15596b56-7eba-11e4-8025-a4badbbdc298} - G:\AutoRun.exe
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000\...\MountPoints2: {402daa4b-1118-11e6-b388-a4badbbdc298} - G:\autorun.exe
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [220672 2010-11-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-08-11]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Olenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WTW.lnk [2014-07-31]
ShortcutTarget: WTW.lnk -> C:\Program Files\K2T\WTW\wtw.exe (K2T.eu, Kaworu)

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{04F01FEF-50E9-474D-9E26-62E81578714A}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{17F19CC7-BC15-4245-9B2F-6751EA717F0D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{98E2EB6A-FAC5-4534-BFFB-973102D6A618}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{F6269725-2D69-4ED9-88FE-85ACDCA0CDBC}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000 -> {CA24DD71-D126-4BE7-879E-A0EDBE0F57D3} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=FXTV5&o=101699&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=^F4&apn_dtid=^YYYYYY^YY^PL&apn_uid=d0089ad1-a506-48de-8e49-b20f7721d76c&apn_sauid=627A9F38-27D8-4AC2-8695-18EC06E86621
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2010-05-28] (Hewlett-Packard Co.)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-19] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-19] (Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2010-05-28] (Hewlett-Packard Co.)
Toolbar: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000 -> Brak nazwy - {D4027C7F-154A-4066-A1AD-4243D8127440} -  Brak pliku
DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/PL/Core/Player/2020PlayerAX_IKEA_Win32.cab

FireFox:
========
FF DefaultProfile: hav2m9gz.default-1421150856454
FF ProfilePath: C:\Users\Olenka\AppData\Roaming\Mozilla\Firefox\Profiles\hav2m9gz.default-1421150856454 [2017-10-02]
FF Extension: (British English Dictionary (Marco Pinto)) - C:\Users\Olenka\AppData\Roaming\Mozilla\Firefox\Profiles\hav2m9gz.default-1421150856454\Extensions\marcoagpinto@mail.telepac.pt [2017-09-26]
FF Extension: (Adblock Plus) - C:\Users\Olenka\AppData\Roaming\Mozilla\Firefox\Profiles\hav2m9gz.default-1421150856454\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-08-11] [Brak podpisu cyfrowego]
FF HKU\S-1-5-21-3580643292-1245026773-3461100310-1000\...\Firefox\Extensions: [wcapturex@deskperience.com] - C:\Program Files\WordWeb\WCaptureMoz
FF Extension: (WordWeb one-click lookup) - C:\Program Files\WordWeb\WCaptureMoz [2014-02-12] [Brak podpisu cyfrowego]
FF HKU\S-1-5-21-3580643292-1245026773-3461100310-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-12] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-19] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3580643292-1245026773-3461100310-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Olenka\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3580643292-1245026773-3461100310-1000: @talk.google.com/O1DPlugin -> C:\Users\Olenka\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3580643292-1245026773-3461100310-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Olenka\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-3580643292-1245026773-3461100310-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Olenka\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-08-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-08-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-08-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-08-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-08-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Olenka\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Olenka\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)

Chrome:
=======
CHR DefaultProfile: Default
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files\WordWeb\wcxChrome.crx [2014-02-12]

==================== Usługi (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [1128432 2017-09-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [490968 2017-09-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [490968 2017-09-20] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1525240 2017-09-20] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [404816 2017-09-13] (Avira Operations GmbH & Co. KG)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321896 2017-07-06] (HP Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [Brak podpisu cyfrowego]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [Brak podpisu cyfrowego]
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [29184 2013-10-11] (Validity Sensors, Inc.)
S4 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [573952 2016-02-29] (Cisco Systems, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Sterowniki (filtrowane) ======================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S3 acsock; C:\Windows\System32\DRIVERS\acsock.sys [112904 2016-02-29] (Cisco Systems, Inc.)
S3 athur; C:\Windows\System32\DRIVERS\athur.sys [1500160 2010-01-05] (Atheros Communications, Inc.)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [46440 2017-06-19] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [130912 2017-09-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [153664 2017-09-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35840 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [59000 2017-03-03] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [23304 2017-06-19] (Avira Operations GmbH & Co. KG)
S3 ffusb2audio; C:\Windows\System32\DRIVERS\ffusb2audio.sys [100600 2012-09-10] (Focusrite Audio Engineering Limited.)
R2 giveio; C:\Windows\system32\giveio.sys [5248 1996-04-03] () [Brak podpisu cyfrowego]
R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [Brak podpisu cyfrowego]
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (Almico Software)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva-6.sys [43888 2015-07-22] (Cisco Systems, Inc.)

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2017-10-02 23:10 - 2017-10-02 23:11 - 000014855 _____ C:\Users\Olenka\Downloads\FRST.txt
2017-10-02 23:09 - 2017-10-02 23:10 - 000000000 ____D C:\FRST
2017-10-02 23:08 - 2017-10-02 23:08 - 001795584 _____ (Farbar) C:\Users\Olenka\Downloads\FRST.exe
2017-10-02 20:51 - 2017-10-02 20:51 - 000131072 _____ C:\Windows\Minidump\100217-33945-01.dmp
2017-09-27 19:42 - 2017-09-27 19:42 - 000603213 _____ C:\Users\Olenka\Downloads\311597280C.pdf
2017-09-18 21:33 - 2017-09-18 21:33 - 000061602 _____ C:\Users\Olenka\Desktop\169.jpeg
2017-09-15 00:26 - 2017-09-16 00:17 - 000015552 _____ C:\Users\Olenka\Desktop\piece.ods
2017-09-13 11:51 - 2017-08-19 17:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-09-13 11:51 - 2017-08-16 17:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-09-13 11:51 - 2017-08-16 16:50 - 002403328 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-09-13 11:51 - 2017-08-16 02:25 - 000347336 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-09-13 11:51 - 2017-08-15 17:10 - 012880896 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-13 11:51 - 2017-08-15 17:10 - 001499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-09-13 11:51 - 2017-08-15 16:01 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-09-13 11:51 - 2017-08-15 16:01 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-09-13 11:51 - 2017-08-15 16:01 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-09-13 11:51 - 2017-08-15 15:58 - 013673984 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-09-13 11:51 - 2017-08-14 19:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2017-09-13 11:51 - 2017-08-14 19:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2017-09-13 11:51 - 2017-08-14 19:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2017-09-13 11:51 - 2017-08-14 19:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2017-09-13 11:51 - 2017-08-13 23:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2017-09-13 11:51 - 2017-08-13 18:54 - 020269056 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-09-13 11:51 - 2017-08-13 18:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-09-13 11:51 - 2017-08-13 18:45 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-09-13 11:51 - 2017-08-13 18:30 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-09-13 11:51 - 2017-08-13 18:29 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-09-13 11:51 - 2017-08-13 18:29 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-09-13 11:51 - 2017-08-13 18:29 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-09-13 11:51 - 2017-08-13 18:28 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-09-13 11:51 - 2017-08-13 18:24 - 002291200 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-09-13 11:51 - 2017-08-13 18:22 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-09-13 11:51 - 2017-08-13 18:21 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-09-13 11:51 - 2017-08-13 18:19 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-09-13 11:51 - 2017-08-13 18:18 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-09-13 11:51 - 2017-08-13 18:17 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-09-13 11:51 - 2017-08-13 18:17 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-09-13 11:51 - 2017-08-13 18:17 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-09-13 11:51 - 2017-08-13 18:10 - 000667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-09-13 11:51 - 2017-08-13 18:01 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-09-13 11:51 - 2017-08-13 18:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-09-13 11:51 - 2017-08-13 18:00 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-09-13 11:51 - 2017-08-13 17:57 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-09-13 11:51 - 2017-08-13 17:53 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-09-13 11:51 - 2017-08-13 17:48 - 004547072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-09-13 11:51 - 2017-08-13 17:46 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-09-13 11:51 - 2017-08-13 17:44 - 000694784 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-09-13 11:51 - 2017-08-13 17:44 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-09-13 11:51 - 2017-08-13 17:43 - 002058752 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-09-13 11:51 - 2017-08-13 17:43 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-09-13 11:51 - 2017-08-13 17:17 - 002767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-09-13 11:51 - 2017-08-13 17:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-09-13 11:51 - 2017-08-13 17:13 - 001314816 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-09-13 11:51 - 2017-08-11 08:24 - 004001000 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2017-09-13 11:51 - 2017-08-11 08:24 - 003945704 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-09-13 11:51 - 2017-08-11 08:24 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-09-13 11:51 - 2017-08-11 08:24 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-09-13 11:51 - 2017-08-11 08:21 - 001310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 001417728 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 001062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000781824 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000377344 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-09-13 11:51 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-09-13 11:51 - 2017-08-11 08:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-09-13 11:51 - 2017-08-11 08:09 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-09-13 11:51 - 2017-08-11 08:09 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-09-13 11:51 - 2017-08-11 08:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-09-13 11:51 - 2017-08-11 08:01 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-09-13 11:51 - 2017-08-11 08:00 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-09-13 11:51 - 2017-08-11 08:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-09-13 11:51 - 2017-08-11 08:00 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-09-13 11:51 - 2017-08-11 08:00 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-09-13 11:51 - 2017-08-11 08:00 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-09-13 11:51 - 2017-08-11 07:58 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-09-13 11:51 - 2017-08-11 07:58 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-09-13 11:51 - 2017-08-11 07:56 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-09-13 11:51 - 2017-08-11 07:56 - 000311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-09-13 11:51 - 2017-08-11 07:56 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-09-13 11:51 - 2017-08-11 07:56 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-09-13 11:51 - 2017-08-11 07:56 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-09-13 11:51 - 2017-08-11 07:56 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-09-13 11:51 - 2017-08-11 07:55 - 000188928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-13 11:51 - 2017-08-11 07:55 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-09-13 11:51 - 2017-08-11 07:55 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-09-13 11:51 - 2017-08-11 07:55 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-09-13 11:51 - 2017-08-11 07:55 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2017-09-13 11:51 - 2017-08-11 07:55 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-09-13 11:51 - 2017-08-11 07:55 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-09-13 11:51 - 2017-08-11 07:55 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-13 11:51 - 2017-08-11 07:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-09-13 11:51 - 2017-08-11 07:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-09-13 11:51 - 2017-07-07 17:10 - 000973312 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2017-09-12 23:35 - 2017-09-15 22:12 - 000000000 ____D C:\Users\Olenka\Desktop\Portfolio
2017-09-12 22:59 - 2017-09-12 23:24 - 000000000 ____D C:\Users\Olenka\Desktop\Płytki
2017-09-12 21:15 - 2017-09-12 21:15 - 000000000 ____D C:\Users\Olenka\Downloads\sjp-20170906
2017-09-12 21:14 - 2017-09-12 21:15 - 007547015 _____ C:\Users\Olenka\Downloads\sjp-20170906.zip
2017-09-02 10:46 - 2017-09-02 10:46 - 000065536 _____ C:\Users\Olenka\Downloads\U_07_94_4589070_0420917P4.pdf

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2017-10-02 23:03 - 2016-11-18 23:21 - 000000000 ____D C:\Users\Olenka\AppData\LocalLow\Mozilla
2017-10-02 20:59 - 2009-07-14 06:34 - 000022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-02 20:59 - 2009-07-14 06:34 - 000022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-02 20:51 - 2015-08-30 11:32 - 000000000 ____D C:\Windows\Minidump
2017-10-02 20:51 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-02 13:38 - 2016-01-13 22:32 - 000000324 _____ C:\Windows\Tasks\HPCeeScheduleForOlenka.job
2017-09-28 11:19 - 2014-08-12 15:37 - 000000000 ____D C:\ProgramData\Package Cache
2017-09-28 11:18 - 2012-11-16 01:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-09-20 21:35 - 2012-11-16 01:23 - 000130912 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2017-09-18 22:09 - 2015-02-09 18:55 - 000000000 ____D C:\Users\Olenka\Documents\My eBooks
2017-09-18 21:49 - 2012-11-16 08:53 - 000740672 _____ C:\Windows\system32\perfh015.dat
2017-09-18 21:49 - 2012-11-16 08:53 - 000156214 _____ C:\Windows\system32\perfc015.dat
2017-09-18 21:49 - 2012-11-16 00:04 - 001670518 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-18 21:49 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2017-09-15 21:14 - 2016-11-20 19:08 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2017-09-15 21:14 - 2012-11-16 01:38 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-09-15 18:50 - 2009-07-14 06:53 - 000032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-09-14 22:03 - 2015-08-08 13:36 - 000000000 ____D C:\Program Files\SpeedFan
2017-09-14 08:58 - 2009-07-14 06:33 - 000375840 _____ C:\Windows\system32\FNTCACHE.DAT
2017-09-12 12:27 - 2015-08-11 19:51 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-09-12 12:27 - 2015-08-11 19:51 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-09-12 12:27 - 2012-11-16 01:39 - 000000000 ____D C:\Windows\system32\Macromed
2017-09-05 09:34 - 2012-11-17 17:12 - 000000000 ____D C:\Users\Olenka\Documents\Moje skanowanie

==================== Pliki w katalogu głównym wybranych folderów =======

2015-08-11 14:39 - 2015-08-24 22:31 - 000003278 _____ () C:\Users\Olenka\AppData\Roaming\ConvAPIPlugin.log
2013-06-15 14:56 - 2013-06-15 22:20 - 000002394 _____ () C:\Users\Olenka\AppData\Roaming\gmshrc
2013-07-03 21:14 - 2014-05-02 16:30 - 000005632 _____ () C:\Users\Olenka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-01-23 00:02 - 2017-01-23 00:02 - 000001475 _____ () C:\Users\Olenka\AppData\Local\recently-used.xbel
2013-12-07 21:58 - 2013-12-07 22:00 - 000009071 _____ () C:\Users\Olenka\AppData\Local\TUCTPrefs.DAT
2012-11-17 16:15 - 2015-08-24 22:31 - 000018247 _____ () C:\ProgramData\hpzinstall.log
2016-02-08 21:00 - 2016-04-07 21:55 - 000002210 _____ () C:\ProgramData\Robinia2016_Error.txt
2014-12-31 12:17 - 2014-12-31 12:17 - 000003072 _____ () C:\ProgramData\wtwLicensing.db

==================== Bamital & volsnap ======================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\Windows\explorer.exe => Plik podpisany cyfrowo
C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo
C:\Windows\system32\services.exe => Plik podpisany cyfrowo
C:\Windows\system32\User32.dll => Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo

LastRegBack: 2017-10-02 09:38

==================== Koniec  FRST.txt ============================
 

Addition.txt:

 

Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x86) Wersja: 01-10-2017
Uruchomiony przez Olenka (02-10-2017 23:11:41)
Uruchomiony z C:\Users\Olenka\Downloads
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2012-11-15 22:08:20)
Tryb startu: Normal
==========================================================


==================== Konta użytkowników: =============================

Administrator (S-1-5-21-3580643292-1245026773-3461100310-500 - Administrator - Disabled)
Gość (S-1-5-21-3580643292-1245026773-3461100310-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3580643292-1245026773-3461100310-1006 - Limited - Enabled)
Olenka (S-1-5-21-3580643292-1245026773-3461100310-1000 - Administrator - Enabled) => C:\Users\Olenka

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AV: Avira Antivirus (Disabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Disabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

32 Bit HP CIO Components Installer (HKLM\...\{A80FA752-C491-4ED9-ABF0-4278563160B2}) (Version: 7.1.8 - Hewlett-Packard) Hidden
6500_E709_eDocs (HKLM\...\{AA787E05-E835-4812-AA3D-4048C8A46587}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
6500_E709_Help (HKLM\...\{F53B432E-BD19-4400-BFA0-2BBD16410F8F}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
6500_E709a (HKLM\...\{C607265F-86AA-4B42-9F9B-D0ED2E4AACA6}) (Version: 140.0.000.000 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Acrobat Reader DC - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 21.0.0.198 - Adobe Systems Incorporated)
Adobe Flash Player 27 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0415-0000-0000000FF1CE}_HOMESTUDENTR_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version:  - Microsoft)
Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0415-0000-0000000FF1CE}_HOMESTUDENTR_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version:  - Microsoft)
Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0415-0000-0000000FF1CE}_HOMESTUDENTR_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version:  - Microsoft)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM\...\{43F410E0-CEBC-45E4-8AAD-D73C33909486}) (Version: 1.2.97.16824 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM\...\{7a4579ba-01bc-4cca-b13c-451f77ab96b6}) (Version: 1.2.97.16824 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.31.27 - Avira Operations GmbH & Co. KG)
bpd_scan (HKLM\...\{0E52A52C-E120-461C-AA1B-21B045BEE842}) (Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (HKLM\...\{3BE02281-FCCF-44BB-8413-AC4A633059EB}) (Version: 140.0.000.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (HKLM\...\{99F67894-9486-413F-94E1-8B12B1606EAB}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (HKLM\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.213.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.03 - Piriform)
Cisco AnyConnect Diagnostics and Reporting Tool (HKLM\...\{23CAC8AE-1191-486D-9CFD-05851D53448D}) (Version: 3.1.14018 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client  (HKLM\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.14018 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM\...\{C706092D-491F-4D29-BB49-FF7B47CD12F2}) (Version: 3.1.14018 - Cisco Systems, Inc.) Hidden
Cisco AnyConnect Start Before Login Module (HKLM\...\{21AAE1F1-2906-4E4A-9861-8EC6CD9FF4A6}) (Version: 3.1.14018 - Cisco Systems, Inc.)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (HKLM\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.213.000 - Hewlett-Packard) Hidden
DocMgr (HKLM\...\{92A51949-EE4C-466D-AAF0-99E74A49A63F}) (Version: 140.0.65.000 - Nazwa firmy) Hidden
DocProc (HKLM\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 140.0.100.000 - Hewlett-Packard) Hidden
e-Deklaracje Desktop (HKLM\...\{3D2D303F-C091-12CB-65F0-F52AE69147A0}) (Version: 8.0.7 - Ministerstwo Finansow) Hidden
e-Deklaracje Desktop (HKLM\...\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1) (Version: 8.0.7 - Ministerstwo Finansow)
Eusing Free Registry Cleaner (HKLM\...\Eusing Free Registry Cleaner) (Version:  - Eusing Software)
Fax (HKLM\...\{9294F169-72EE-4D74-AE92-CA25F64B4FF8}) (Version: 140.0.213.000 - Hewlett-Packard) Hidden
Galeria fotografii (HKLM\...\{207DA277-6A6D-4863-B535-129931D2BB21}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Earth Plug-in (HKLM\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Talk Plugin (HKLM\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
GPBaseService2 (HKLM\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 6500 E709 Series (HKLM\...\{58D79E62-CFC8-4331-8469-3A1B16E1769C}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.4.19.3 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM\...\{CF153513-D2C7-4652-8464-31FDAD2891E9}) (Version: 12.7.27.15 - Hewlett-Packard Company)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
HPProductAssistant (HKLM\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.213.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Java 8 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Komunikator WTW 0.9.26.4200 (HKLM\...\{1DF5019A-68B5-4ba1-8E59-E185C7B7FF11}) (Version: 0.9.26.4200 - K2T.eu)
LibreOffice 3.6 (HKLM\...\{60B2F25C-22CB-4CD9-9168-8C63708DC1A1}) (Version: 3.6.4.3 - The Document Foundation)
LibreOffice 3.6 Help Pack (Polish) (HKLM\...\{681F7407-DFCF-4672-AE55-A566256B890E}) (Version: 3.6.4.3 - The Document Foundation)
MagicDisc 2.7.106 (HKLM\...\MagicDisc 2.7.106) (Version:  - )
MarketResearch (HKLM\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.214.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (Polish) (HKLM\...\{95120000-00AF-0415-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x86) ENU  (HKLM\...\{FF63121D-91C6-42CC-B341-F1AA729728E7}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x86) ENU  (HKLM\...\{D3A80508-CD83-4CA3-8671-914A1BC78B61}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mobipocket Reader 6.2 (HKLM\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com)
Movie Maker (HKLM\...\{2F2363F9-102C-448B-8E3E-02FCFE78A28D}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 55.0.3 (x86 pl) (HKLM\...\Mozilla Firefox 55.0.3 (x86 pl)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
Mozilla Thunderbird 52.3.0 (x86 pl) (HKLM\...\Mozilla Thunderbird 52.3.0 (x86 pl)) (Version: 52.3.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Muve Downloader (HKLM\...\{29850ACF-D3C1-4EEC-84C4-DE795C6207F1}) (Version: 1.5.0 - Muve)
Network (HKLM\...\{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}) (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Notepad++ (HKLM\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
Nowy słownik rosyjsko-polski polsko-rosyjski PWN (HKLM\...\{A606C05A-CB14-41A0-9713-B22F7309BE69}) (Version: 1.00.0000 - WN PWN SA)
Obsługa programów Apple (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Pakiet sterowników systemu Windows - Focusrite USB 2.0 Audio Driver (09/10/2012 2.4.128.0) (HKLM\...\4214A1CFC1A368A5078729BFD4B211F0CDB5CEC5) (Version: 09/10/2012 2.4.128.0 - Focusrite)
Podstawowe programy Windows Live (HKLM\...\{FA12037C-B6FA-4825-86BC-D58AA6A9CC24}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
ProductContext (HKLM\...\{68654483-9629-4CF5-88FF-9FB70B3BECDE}) (Version: 140.0.000.000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Roxio Creator DE 10.3 (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.3 - Roxio)
Scan (HKLM\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.167.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SketchUp 2016 (HKLM\...\{F8F51164-606F-45A2-B706-10B0329BF740}) (Version: 16.1.1450 - Trimble Navigation Limited)
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.17 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.106 - Skype Technologies S.A.)
SmartWebPrinting (HKLM\...\{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}) (Version: 140.0.213.000 - Hewlett-Packard) Hidden
SMPlayer 0.8.3 (HKLM\...\SMPlayer) (Version: 0.8.3 - Ricardo Villalba)
SolutionCenter (HKLM\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.214.000 - Hewlett-Packard) Hidden
Speakout Advanced ActiveBook (HKLM\...\9781408238387-SPKOUTADVAB) (Version:  - Pearson Education)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
Status (HKLM\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.256.000 - Hewlett-Packard) Hidden
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SyncToy 2.1 (x86) (HKLM\...\{A066194B-DC8F-449A-8E0F-B57BDD3A2072}) (Version: 2.1.0 - Microsoft)
Thief GOLD (HKLM\...\{8933CB17-0195-4718-BF7C-0CD0A12382F0}) (Version: 1.37 - Square Enix)
Toolbox (HKLM\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (HKLM\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.213.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VBA (2627.01) (HKLM\...\{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
WebReg (HKLM\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.213.017 - Hewlett-Packard) Hidden
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WordWeb (HKLM\...\WordWeb) (Version: 7 - WordWeb Software)

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> Brak ścieżki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> Brak ścieżki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> Brak ścieżki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> Brak ścieżki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> Brak ścieżki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> Brak ścieżki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> Brak ścieżki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Olenka\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> Brak ścieżki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> Brak ścieżki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> Brak ścieżki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Olenka\AppData\Local\Google\Update\1.3.33.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Olenka\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Olenka\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Olenka\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> Brak ścieżki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Olenka\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> Brak ścieżki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Olenka\AppData\Local\Google\Update\1.3.31.5\psuser.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> Brak ścieżki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> Brak ścieżki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> Brak ścieżki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Olenka\AppData\Local\Google\Update\1.3.33.3\psuser.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Olenka\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> Brak ścieżki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Olenka\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> Brak ścieżki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Olenka\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Olenka\AppData\Local\Google\Update\1.3.32.7\psuser.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> Brak ścieżki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> Brak ścieżki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> Brak ścieżki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Olenka\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Olenka\AppData\Local\Google\Update\1.3.33.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => Brak pliku
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [ANotepad++] -> {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593} => C:\Program Files\Notepad++\NppShell_05.dll [2012-06-18] ()
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x86.dll [2014-04-15] (Foxit Corporation)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\AntiVir Desktop\shlext.dll [2017-09-20] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-01-10] (Intel Corporation)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\AntiVir Desktop\shlext.dll [2017-09-20] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6_.DEFAULT: [InventorMenu] -> {6FDE7A70-351B-11d6-988B-0010B57A8BB7} =>  -> Brak pliku
ContextMenuHandlers6_S-1-5-21-3580643292-1245026773-3461100310-1000: [InventorMenu] -> {6FDE7A70-351B-11d6-988B-0010B57A8BB7} =>  -> Brak pliku

==================== Zaplanowane zadania (filtrowane) =============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {01B12E92-4095-4774-AA13-30865E46CE1B} - System32\Tasks\HPCeeScheduleForOlenka => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {03FC2BCE-515D-4982-91AE-B39384EEE7F8} - System32\Tasks\Avira SystrayStartTrigger => Avira.SystrayStartTrigger.exe
Task: {0F314A52-72E6-41DC-B519-3FC96535E227} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {16C12FD2-BB94-4631-9A5B-62A6BAB653E7} - System32\Tasks\{A5443917-75E3-4125-B98B-532BF8729801} => D:\Piotrek\Saved Games\Cossacks - Back To War 1.35PL - WWW.KOZACY.ORG up by Ernest\dmcr.exe
Task: {18F15A5D-A0CC-4211-A42D-C476BB2172CF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {1D85E50E-68A4-471E-9216-3ED780F24621} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {341CFC61-38F6-48C0-B6DB-48DCA444C0E3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {4CD97480-D64C-423B-9610-790A75AF404B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {4F240209-23D1-4C1B-BE6C-9C488BB95721} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3580643292-1245026773-3461100310-1000UA => C:\Users\Olenka\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {510FADEC-0D55-4FA1-B6F1-6D3354C86CFE} - System32\Tasks\{6BB58028-3483-46D3-A587-159D67B2455E} => D:\Oleńka\Filmy\robinia2016.exe
Task: {59A55B6D-8F3E-434A-80F8-8D80F980FD93} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {5E6CB129-C904-4138-9352-30A195FCDFE1} - System32\Tasks\{48632AD8-E344-47B7-87AF-1839747EE741} => D:\Piotrek\AA\CATT\CATT9.exe
Task: {605C07D7-2C3F-42B2-8277-6229D72673D4} - System32\Tasks\{638E18B2-BB16-435A-9A04-CCD14BF6AF62} => D:\Piotrek\Saved Games\Cossacks - Back To War 1.35PL - WWW.KOZACY.ORG up by Ernest\dmcr.exe
Task: {8246B510-07EF-4027-961A-6C430599AE1D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-12] (Adobe Systems Incorporated)
Task: {939C33F6-5524-4F30-8200-6DE75B741F65} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {9830C19B-FCFC-48D6-9BDF-D9BC5D67E286} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3580643292-1245026773-3461100310-1000Core => C:\Users\Olenka\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {A7B6951E-2ECF-4A76-92B1-BE899878FE4D} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2017-09-20] (Avira Operations GmbH & Co. KG)
Task: {B87FBAA2-E318-4BDD-8E3B-012713F3A15A} - System32\Tasks\{FD17D450-386E-4857-BB44-B4B605257B24} => D:\Piotrek\Saved Games\Cossacks - Back To War 1.35PL - WWW.KOZACY.ORG up by Ernest\dmln.exe
Task: {BC4DAF93-4AAD-467C-9722-AFDFE4BB4DD9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {C609B159-4F9A-410A-A98D-B3A132A1C5B5} - System32\Tasks\{4BA5BF2D-BB73-427C-BEA6-0CB4C063EBF8} => C:\Windows\system32\pcalua.exe -a C:\Users\Olenka\Desktop\AutodeskDownloadManagerSetup.exe -d C:\Users\Olenka\Desktop
Task: {C6DACA66-5BE3-42CA-9F6B-1A33D9757BBC} - System32\Tasks\{FB726CA4-1454-4775-81A2-BC269FA60DFE} => C:\Program Files\Castle-Combat\main.exe
Task: {CEB51748-8D22-4A6E-8DBA-73B91F175456} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {DF91F70E-AE58-4E31-A041-C9A824252F9A} - System32\Tasks\{6CEFD4D9-CE55-4911-8CF8-209A078716DB} => D:\Piotrek\Saved Games\Cossacks - Back To War 1.35PL - WWW.KOZACY.ORG up by Ernest\dmln.exe
Task: {E577AC3C-1AFE-4C4B-9C12-363E86428F98} - System32\Tasks\{F913CDD5-8C48-490F-BAC6-6536BE4CEBF9} => C:\Program Files\Castle-Combat\main.exe
Task: {EAA221C0-5C51-43E5-AE5F-828A08800983} - System32\Tasks\{5E590EF3-59AB-493E-818B-D888B34BCAA5} => C:\Windows\system32\pcalua.exe -a C:\Users\Olenka\Downloads\Elmer7.0-rev6064-2013-02-15.exe -d C:\Users\Olenka\Downloads
Task: {F10098E2-0661-44A4-9B6F-EA9212A7F6C4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {FF050BC7-053F-4D7C-950C-B8D1DF21535D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-09-15] (HP Inc.)

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)

Task: C:\Windows\Tasks\HPCeeScheduleForOlenka.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Skróty & WMI ========================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)


Shortcut: C:\Users\Olenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\K2T\WTW\Forum.lnk -> hxxp://forum.k2t.eu
Shortcut: C:\Users\Olenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\K2T\WTW\Zgłoś błąd.lnk -> hxxp://bugtraq.k2t.eu
Shortcut: C:\Users\Olenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\K2T\WTW\Zgłoś propozycję.lnk -> hxxp://bugtraq.k2t.eu

==================== Załadowane moduły (filtrowane) ==============

2009-08-14 12:16 - 2009-08-14 12:16 - 000022723 _____ () C:\Windows\System32\sse1ml3.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 000260096 _____ () C:\Program Files\Notepad++\NppShell_05.dll
2012-01-10 22:12 - 2012-01-10 22:12 - 000094208 _____ () C:\Windows\System32\IccLibDll.dll
2014-07-31 20:01 - 2016-12-28 12:58 - 000017408 _____ () C:\Program Files\K2T\WTW\libCryptoLayer.module
2014-07-31 20:01 - 2016-12-28 12:58 - 000075776 _____ () C:\Program Files\K2T\WTW\libCryptoWtw.module
2014-07-31 20:01 - 2016-12-28 12:58 - 000443904 _____ () C:\Program Files\K2T\WTW\libSQ3.module
2014-07-31 20:01 - 2016-12-28 12:58 - 000529920 _____ () C:\Program Files\K2T\WTW\libImage.module
2014-07-31 20:01 - 2016-12-28 12:58 - 000080384 _____ () C:\Program Files\K2T\WTW\libZlib.module
2014-07-31 20:01 - 2016-12-28 12:58 - 000105984 _____ () C:\Program Files\K2T\WTW\libExpat.module
2014-07-31 20:01 - 2016-12-28 12:58 - 000384512 _____ () C:\Program Files\K2T\WTW\libLexer.module

==================== Alternate Data Streams (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
AlternateDataStreams: C:\Users\Olenka\Desktop\skan1.jpeg:3or4kl4x13tuuug3Byamue2s4b [89]
AlternateDataStreams: C:\Users\Olenka\Desktop\skan1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Tryb awaryjny (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)


==================== Powiązania plików (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)


==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)

IE trusted site: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000\...\softsystem.pl -> hxxps://vpn.softsystem.pl
IE trusted site: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000\...\softsystem.pl -> vpn.softsystem.pl

==================== Hosts - zawartość: ===============================

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2009-07-14 04:04 - 2016-08-09 10:12 - 000000878 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Inne obszary ============================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKU\S-1-5-21-3580643292-1245026773-3461100310-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Olenka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Zapora systemu Windows [funkcja włączona]

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==

MSCONFIG\Services: SharedAccess => 2
MSCONFIG\Services: vpnagent => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Olenka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: avgnt => "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -autolaunched
MSCONFIG\startupreg: Google Update => "C:\Users\Olenka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

==================== Reguły Zapory systemu Windows (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [{C1272FF6-ECF5-4675-ACA7-ED9BF6ED4080}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{64AE0EFB-9290-4217-A2CF-F8965F7FD8A9}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{FB561553-B0CC-4FA7-A6A7-DF13D8A73574}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{532E0674-8780-4398-8966-403A0FA9020A}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{5098016E-3F12-494A-83E9-451438982FE7}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{80851CA8-0665-4044-A603-68F98EE3C987}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{8A4A6BE5-405A-4D4B-AEC0-1877BE5B7B8B}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{004B4B27-7095-4248-BF5C-E097D98334BE}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{1B739AAC-85C7-4FC9-A35E-5EAB237FACFA}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{A911228F-E0C7-4F91-8875-2538DE7B2374}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{9CAACBFE-261A-4829-9AB7-49094339E82D}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{FC152B3B-4C63-4503-8FEB-4F64592F2004}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{CB3F775A-AB23-4B9B-B953-EBE3BDF619A9}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{15C2CB27-43C7-41B8-946A-FFF3BA85E991}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{34D88244-575E-47AD-9F79-2508F21EDB34}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{F2B2824E-2411-4CF2-BD6C-866B7DD8311F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{830E7D2B-ABD5-431C-83F5-A4CEB5629303}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe
FirewallRules: [{05353B31-1060-4167-B7EA-F75C4B8BDF49}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [TCP Query User{2AD12AAE-BA36-43C9-8D7D-9DF9BA7DF647}D:\piotrek\saved games\gry_zgrane\kozaki\cew\dmcr.exe] => (Allow) D:\piotrek\saved games\gry_zgrane\kozaki\cew\dmcr.exe
FirewallRules: [UDP Query User{A0C26135-7C26-42BB-B95A-AD42396CC8C9}D:\piotrek\saved games\gry_zgrane\kozaki\cew\dmcr.exe] => (Allow) D:\piotrek\saved games\gry_zgrane\kozaki\cew\dmcr.exe
FirewallRules: [TCP Query User{142ECFF5-4F82-487F-B3A0-50C7A8B5CF83}C:\windows\system32\dplaysvr.exe] => (Allow) C:\windows\system32\dplaysvr.exe
FirewallRules: [UDP Query User{362BB7C5-BCF6-429E-AB11-1C12C89B686F}C:\windows\system32\dplaysvr.exe] => (Allow) C:\windows\system32\dplaysvr.exe
FirewallRules: [{0256BCAF-38C3-4361-A488-3E179F57FCF6}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{DF2A7974-6DDA-423E-91D5-B1D546881688}D:\piotrek\saved games\kozaki_btw_by_plusio\dmcr.exe] => (Allow) D:\piotrek\saved games\kozaki_btw_by_plusio\dmcr.exe
FirewallRules: [UDP Query User{9D98A647-5D4B-4F73-8551-B325876316DA}D:\piotrek\saved games\kozaki_btw_by_plusio\dmcr.exe] => (Allow) D:\piotrek\saved games\kozaki_btw_by_plusio\dmcr.exe
FirewallRules: [TCP Query User{FAA7F288-F168-4237-B8DF-4F6C82AAEAB4}E:\easysetupassistant\wr741n\easysetupassistant.exe] => (Allow) E:\easysetupassistant\wr741n\easysetupassistant.exe
FirewallRules: [UDP Query User{8882F9B7-90BD-4228-968F-2E3B847CCEBF}E:\easysetupassistant\wr741n\easysetupassistant.exe] => (Allow) E:\easysetupassistant\wr741n\easysetupassistant.exe
FirewallRules: [{0726C862-EDD2-47F6-88BF-CCDE3BE1F30B}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{ECD8EB54-D06A-4BF2-845F-E01A4947B0BB}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{834C250F-4DA7-4BAF-A987-379F1CA88FB2}] => (Allow) LPort=2869
FirewallRules: [{9A6C3494-B286-4EB3-8A3C-549C5A64D3F5}] => (Allow) LPort=1900
FirewallRules: [{A215A2AA-C521-40D8-8DBF-DAFF3AC2D969}] => (Allow) C:\Program Files\NapiProjekt\napisy.exe
FirewallRules: [{E8B8CAAA-482B-422E-84AB-80D3ED3B1BD9}] => (Allow) C:\Program Files\NapiProjekt\napisy.exe
FirewallRules: [{E0AA67A3-1461-4DA8-A839-672C04EF153C}] => (Allow) C:\Program Files\Muve\Muve Downloader\Launcher.exe
FirewallRules: [{8B0ABFA0-A6A9-4D1C-81AA-1274E99942FF}] => (Allow) C:\Program Files\Muve\Muve Downloader\Launcher.exe
FirewallRules: [{F9E98CA7-03DA-4513-A6B9-9F98154C3BB6}] => (Allow) C:\Program Files\Muve\Muve Downloader\MuveDownloader.exe
FirewallRules: [{96AB2020-67C0-41B0-92DE-287AD367EA1E}] => (Allow) C:\Program Files\Muve\Muve Downloader\MuveDownloader.exe
FirewallRules: [{622D001D-D86B-4E06-812C-E6C974201ECA}] => (Allow) C:\Program Files\K2T\WTW\wtw.exe
FirewallRules: [{7B0B0163-C423-41D0-81ED-62EFD8D9A15E}] => (Allow) C:\Program Files\K2T\WTW\wtw.exe
FirewallRules: [TCP Query User{F04BBFD8-1575-4441-8ECF-63C6C58D898E}D:\piotrek\saved games\gry_zgrane\scct_gra\system\splintercell3.exe] => (Block) D:\piotrek\saved games\gry_zgrane\scct_gra\system\splintercell3.exe
FirewallRules: [UDP Query User{B6A21772-1931-479B-950B-2E15F00E7B70}D:\piotrek\saved games\gry_zgrane\scct_gra\system\splintercell3.exe] => (Block) D:\piotrek\saved games\gry_zgrane\scct_gra\system\splintercell3.exe
FirewallRules: [TCP Query User{099C2D20-B6EE-4789-9640-68C64C05F3CC}D:\piotrek\saved games\gry_zgrane\scct_gra\versus\system\scct_versus.ex] => (Allow) D:\piotrek\saved games\gry_zgrane\scct_gra\versus\system\scct_versus.ex
FirewallRules: [UDP Query User{7838163B-910C-4E61-BFE8-57282FFE5C92}D:\piotrek\saved games\gry_zgrane\scct_gra\versus\system\scct_versus.ex] => (Allow) D:\piotrek\saved games\gry_zgrane\scct_gra\versus\system\scct_versus.ex
FirewallRules: [{B6C1BCD6-F590-4ED0-A8A9-E63B8337AD28}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B6E7F7E8-1FC4-4E6D-A4DA-BBA7E2F15316}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{84851FC2-62B9-46E7-8DB8-7527D248699B}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{B5CE1F49-42BA-4378-BDFC-21CE2BBB6EAD}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{39A918D2-7143-48B0-8204-D0877D60B6D6}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{51B6697B-8540-4721-8C55-406B31751426}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{D4A28A61-1BAF-4AB6-88DC-CA2719576AFF}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{33113FED-61BB-4740-A081-4F26F583FA78}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{545C7D3F-4798-481A-8F31-457E454D0754}] => (Allow) C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{A5F4512E-5368-49E3-8F3A-80132A367670}] => (Allow) C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{3E70215C-AB53-41FD-8799-6AC67C02A592}] => (Allow) C:\Users\Olenka\AppData\Local\Temp\7zS5FB1\OJ6500vE709_Full_14\setup\hpznui01.exe
FirewallRules: [{F28DBBAB-063D-44F2-BF60-9EC8CED687E3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3BD27622-50AD-4B2F-A846-27E9C0A53AC7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1664C58B-383D-4D63-9E13-AA50F6D61533}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{313F1375-6F44-46A3-8D44-124CF4B29C9C}] => (Allow) C:\Program Files\K2T\WTW\wtw.exe
FirewallRules: [{3FFA860E-6E28-415C-BC4B-A0C9983891F1}] => (Allow) C:\Program Files\K2T\WTW\wtw.exe

==================== Punkty Przywracania systemu =========================


==================== Wadliwe urządzenia w Menedżerze urządzeń =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Officejet 6500 E709a
Description: Officejet 6500 E709a
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Officejet 6500 E709a
Description: Officejet 6500 E709a
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Officejet 6500 E709a
Description: Officejet 6500 E709a
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Officejet 6500 E709a
Description: Officejet 6500 E709a
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Officejet 6500 E709a
Description: Officejet 6500 E709a
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Officejet 6500 E709a
Description: Officejet 6500 E709a
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Officejet 6500 E709a
Description: Officejet 6500 E709a
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Officejet 6500 E709a
Description: Officejet 6500 E709a
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Officejet 6500 E709a
Description: Officejet 6500 E709a
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Officejet 6500 E709a
Description: Officejet 6500 E709a
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Officejet 6500 E709a
Description: Officejet 6500 E709a
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Błędy w Dzienniku zdarzeń: =========================

Dziennik Aplikacja:
==================
Error: (10/02/2017 10:20:13 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: System Windows nie może uzyskać dostępu do pliku  z jednej z następujących przyczyn:
problem z połączeniem sieciowym; problem z dyskiem, na którym jest przechowywany plik; problem ze sterownikami magazynu zainstalowanymi na tym komputerze; brak dysku.
System Windows zamknął program Avira Service Host z powodu tego błędu.

Program: Avira Service Host
Plik:

Wartość błędu jest wyświetlona w sekcji Dodatkowe dane.
Akcja użytkownika
1. Otwórz plik ponownie.
Ta sytuacja może być przejściowym problemem, który sam się rozwiąże po ponownym uruchomieniu programu.
2.
Jeśli nadal nie można uzyskać dostępu do pliku i
    - jest w sieci,
administrator sieci powinien sprawdzić, czy nie ma problemu z siecią i czy można skontaktować się z serwerem.
    - jest na dysku wymiennym, na przykład dyskietce lub dysku CD-ROM, sprawdź, czy cały dysk jest włożony do komputera.
3. Sprawdź i napraw system plików, uruchamiając program CHKDSK. Aby uruchomić program CHKDSK, kliknij przycisk Start, kliknij polecenie Uruchom, wpisz polecenie CMD, a następnie kliknij przycisk OK. W wierszu polecenia wpisz polecenie CHKDSK /F, a następnie naciśnij klawisz ENTER.
4. Jeżeli problem nie ustąpi, przywróć plik z kopii zapasowej.
5. Ustal, czy można otworzyć inne pliki na tym samym dysku. Jeśli nie, dysk może być uszkodzony. Jeśli jest to dysk twardy, skontaktuj się z administratorem komputera lub dostawcą sprzętu
komputerowego, aby uzyskać dalszą pomoc.

Dodatkowe dane
Wartość błędu: C0000185
Typ dysku: 0

Error: (10/02/2017 10:20:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: Avira.ServiceHost.exe, wersja: 1.2.97.16824, sygnatura czasowa: 0x59b8f2a3
Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000
Kod wyjątku: 0xc0000006
Przesunięcie błędu: 0x0049753a
Identyfikator procesu powodującego błąd: 0x85c
Godzina uruchomienia aplikacji powodującej błąd: 0x01d33baf711db716
Ścieżka aplikacji powodującej błąd: C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
Ścieżka modułu powodującego błąd: unknown
Identyfikator raportu: 18569d25-a7af-11e7-ba95-a4badbbdc298

Error: (10/02/2017 10:20:12 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikacja: Avira.ServiceHost.exe
Wersja architektury: v4.0.30319
Opis: proces został przerwany z powodu nieobsłużonego wyjątku.
Informacje o wyjątku: System.Runtime.InteropServices.SEHException

Error: (10/02/2017 10:20:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: taskhost.exe, wersja: 6.1.7601.18010, sygnatura czasowa: 0x50aee407
Nazwa modułu powodującego błąd: MSVCR80.dll_unloaded, wersja: 0.0.0.0, sygnatura czasowa: 0x4dcddbf3
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x72e62e41
Identyfikator procesu powodującego błąd: 0x540
Godzina uruchomienia aplikacji powodującej błąd: 0x01d33bba815ed5e6
Ścieżka aplikacji powodującej błąd: C:\Windows\system32\taskhost.exe
Ścieżka modułu powodującego błąd: MSVCR80.dll
Identyfikator raportu: 10740e3d-a7af-11e7-ba95-a4badbbdc298

Error: (10/02/2017 10:19:21 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: System Windows nie może uzyskać dostępu do pliku C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AF946EA2-9CD1-4369-8252-CC65016F7522}\mpengine.dll z jednej z następujących przyczyn:
problem z połączeniem sieciowym; problem z dyskiem, na którym jest przechowywany plik; problem ze sterownikami magazynu zainstalowanymi na tym komputerze; brak dysku.
System Windows zamknął program Proces hosta dla usług systemu Windows z powodu tego błędu.

Program: Proces hosta dla usług systemu Windows
Plik: C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AF946EA2-9CD1-4369-8252-CC65016F7522}\mpengine.dll

Wartość błędu jest wyświetlona w sekcji Dodatkowe dane.
Akcja użytkownika
1. Otwórz plik ponownie.
Ta sytuacja może być przejściowym problemem, który sam się rozwiąże po ponownym uruchomieniu programu.
2.
Jeśli nadal nie można uzyskać dostępu do pliku i
    - jest w sieci,
administrator sieci powinien sprawdzić, czy nie ma problemu z siecią i czy można skontaktować się z serwerem.
    - jest na dysku wymiennym, na przykład dyskietce lub dysku CD-ROM, sprawdź, czy cały dysk jest włożony do komputera.
3. Sprawdź i napraw system plików, uruchamiając program CHKDSK. Aby uruchomić program CHKDSK, kliknij przycisk Start, kliknij polecenie Uruchom, wpisz polecenie CMD, a następnie kliknij przycisk OK. W wierszu polecenia wpisz polecenie CHKDSK /F, a następnie naciśnij klawisz ENTER.
4. Jeżeli problem nie ustąpi, przywróć plik z kopii zapasowej.
5. Ustal, czy można otworzyć inne pliki na tym samym dysku. Jeśli nie, dysk może być uszkodzony. Jeśli jest to dysk twardy, skontaktuj się z administratorem komputera lub dostawcą sprzętu
komputerowego, aby uzyskać dalszą pomoc.

Dodatkowe dane
Wartość błędu: C0000185
Typ dysku: 3

Error: (10/02/2017 10:19:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: svchost.exe_WinDefend, wersja: 6.1.7600.16385, sygnatura czasowa: 0x4a5bc100
Nazwa modułu powodującego błąd: mpengine.dll, wersja: 1.1.14202.0, sygnatura czasowa: 0x59c0259d
Kod wyjątku: 0xc0000006
Przesunięcie błędu: 0x004d6015
Identyfikator procesu powodującego błąd: 0xd74
Godzina uruchomienia aplikacji powodującej błąd: 0x01d33bafd056b5f8
Ścieżka aplikacji powodującej błąd: C:\Windows\System32\svchost.exe
Ścieżka modułu powodującego błąd: C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AF946EA2-9CD1-4369-8252-CC65016F7522}\mpengine.dll
Identyfikator raportu: f74d23f8-a7ae-11e7-ba95-a4badbbdc298

Error: (10/02/2017 08:43:45 AM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Input string was not in a correct format.

Error: (09/29/2017 09:41:12 AM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Input string was not in a correct format.

Error: (09/28/2017 05:57:45 PM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Input string was not in a correct format.

Error: (09/27/2017 07:57:34 AM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Input string was not in a correct format.


Dziennik System:
=============
Error: (10/02/2017 10:38:44 PM) (Source: atapi) (EventID: 11) (User: )
Description: Sterownik wykrył błąd kontrolera na \Device\Ide\IdePort0.

Error: (10/02/2017 10:38:44 PM) (Source: atapi) (EventID: 11) (User: )
Description: Sterownik wykrył błąd kontrolera na \Device\Ide\IdePort0.

Error: (10/02/2017 10:20:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Avira Service Host niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (10/02/2017 10:20:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Windows Defender niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (10/02/2017 10:18:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Avira Real-Time Protection z powodu następującego błędu:
Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie.

Error: (10/02/2017 10:18:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Avira Real-Time Protection.

Error: (10/02/2017 10:17:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Avira Real-Time Protection niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (10/02/2017 10:13:19 PM) (Source: volsnap) (EventID: 14) (User: )
Description: Kopie w tle woluminu C: zostały przerwane z powodu usterki We/Wy w woluminie C:.

Error: (10/02/2017 10:11:07 PM) (Source: atapi) (EventID: 11) (User: )
Description: Sterownik wykrył błąd kontrolera na \Device\Ide\IdePort0.

Error: (10/02/2017 10:11:07 PM) (Source: atapi) (EventID: 11) (User: )
Description: Sterownik wykrył błąd kontrolera na \Device\Ide\IdePort0.


==================== Statystyki pamięci ===========================

Procesor: Intel® Core™ i5 CPU M 430 @ 2.27GHz
Procent pamięci w użyciu: 52%
Całkowita pamięć fizyczna: 2998.68 MB
Dostępna pamięć fizyczna: 1418.97 MB
Całkowita pamięć wirtualna: 5995.68 MB
Dostępna pamięć wirtualna: 3942.62 MB

==================== Dyski ================================

Drive c: (System) (Fixed) (Total:39.94 GB) (Free:2.46 GB) NTFS
Drive d: (Pliki) (Fixed) (Total:258.05 GB) (Free:29.35 GB) NTFS

==================== MBR & Tablica partycji ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 8A427EA7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=39.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=258 GB) - (Type=07 NTFS)

==================== Koniec  Addition.txt ============================



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,508 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:15 PM

Posted 04 October 2017 - 07:46 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to a new file.
 
Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

SearchScopes: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000 -> {CA24DD71-D126-4BE7-879E-A0EDBE0F57D3} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=FXTV5&o=101699&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=^F4&apn_dtid=^YYYYYY^YY^PL&apn_uid=d0089ad1-a506-48de-8e49-b20f7721d76c&apn_sauid=627A9F38-27D8-4AC2-8695-18EC06E86621
Toolbar: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000 -> Brak nazwy - {D4027C7F-154A-4066-A1AD-4243D8127440} -  Brak pliku
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Olenka\AppData\Local\Google\Update\1.3.31.5\psuser.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Olenka\AppData\Local\Google\Update\1.3.33.3\psuser.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Olenka\AppData\Local\Google\Update\1.3.32.7\psuser.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => Brak pliku
ContextMenuHandlers6_.DEFAULT: [InventorMenu] -> {6FDE7A70-351B-11d6-988B-0010B57A8BB7} =>  -> Brak pliku
ContextMenuHandlers6_S-1-5-21-3580643292-1245026773-3461100310-1000: [InventorMenu] -> {6FDE7A70-351B-11d6-988B-0010B57A8BB7} =>  -> Brak pliku
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
AlternateDataStreams: C:\Users\Olenka\Desktop\skan1.jpeg:3or4kl4x13tuuug3Byamue2s4b [89]
AlternateDataStreams: C:\Users\Olenka\Desktop\skan1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Firefox:
Reset Default Browsing settings:
https://support.mozilla.org/en-US/kb/reset-firefox-easily-fix-problems?utm_expid=65912487-41.djHNRQY0RhaLvvtvcd0BQA.2&utm_referrer=https%3A%2F%2Fwww.google.ca%2F
===

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.

You can manually check your present version and update as recommended. (You need to check with Internet Explorer) <- Important.
https://www.java.com/en/download/installed.jsp

Be careful not to install malware posing as Java update!
Important read this blog.
http://blog.trendmicro.com/trendlabs-security-intelligence/malware-poses-as-an-update-for-java-0-day-fix/

Quoted from the page.
"In light of the recent events surrounding Java, users must seriously consider their use of Java. Do they really need it? If yes, make sure that users follow the steps we recommended and get the security update directly from the official oracle website." at:
http://www.oracle.com/technetwork/java/javase/downloads/index.html

How to disable Java in your browsers
http://www.infoworld.com/t/web-browsers/how-disable-java-in-your-browsers-210882

If still present after the update you can remove the old versions of Java via the Control Panel > Programs > Programs and Features.
Java 8 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)

Please let me know what problem persists with this computer.

#3 dziabong

dziabong
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:07:15 PM

Posted 04 October 2017 - 11:57 AM

Hello nasdaq!

 

I had to perform fix by newly downloaded FRST because the old one was moved to quarantine by Avira.
 
Unfortunately Avira was updating itself when I was doing fix. It seems that after update it automatically turned on (previously turned off) real time protection and it influenced fixing process. I got the following error:

Attached File  frstError.jpg   22.26KB   0 downloads

And after closing it, Avira informed me that FRST was moved to quarantine again.

In the folder with FRST two files were created Fixlog.txt and FRST,VIR (moved to quarantine by Avira after a while).

I stopped at this point.

Promise to check Avira more carefully  next time...

Rezultat naprawy Farbar Recovery Scan Tool (x86) Wersja: 03-10-2017 01
Uruchomiony przez Olenka (04-10-2017 18:30:58) Run:1
Uruchomiony z C:\Users\Olenka\Downloads
Załadowane profile: Olenka (Dostępne profile: Olenka)
Tryb startu: Normal

==============================================

fixlist - zawartość:
*****************
Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

SearchScopes: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000 -> {CA24DD71-D126-4BE7-879E-A0EDBE0F57D3} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=FXTV5&o=101699&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=^F4&apn_dtid=^YYYYYY^YY^PL&apn_uid=d0089ad1-a506-48de-8e49-b20f7721d76c&apn_sauid=627A9F38-27D8-4AC2-8695-18EC06E86621
Toolbar: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000 -> Brak nazwy - {D4027C7F-154A-4066-A1AD-4243D8127440} -  Brak pliku
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Olenka\AppData\Local\Google\Update\1.3.31.5\psuser.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Olenka\AppData\Local\Google\Update\1.3.33.3\psuser.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Olenka\AppData\Local\Google\Update\1.3.32.7\psuser.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> Brak sciezki do pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => Brak pliku
ContextMenuHandlers6_.DEFAULT: [InventorMenu] -> {6FDE7A70-351B-11d6-988B-0010B57A8BB7} =>  -> Brak pliku
ContextMenuHandlers6_S-1-5-21-3580643292-1245026773-3461100310-1000: [InventorMenu] -> {6FDE7A70-351B-11d6-988B-0010B57A8BB7} =>  -> Brak pliku
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
AlternateDataStreams: C:\Users\Olenka\Desktop\skan1.jpeg:3or4kl4x13tuuug3Byamue2s4b [89]
AlternateDataStreams: C:\Users\Olenka\Desktop\skan1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

End
*****************

Punkt przywracania został pomyślnie utworzony.
Procesy zostały pomyślnie zamknięte.
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CA24DD71-D126-4BE7-879E-A0EDBE0F57D3} => klucz pomyślnie usunięto
HKLM\Software\Classes\CLSID\{CA24DD71-D126-4BE7-879E-A0EDBE0F57D3} => klucz nie znaleziono.
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Wartość pomyślnie usunięto
HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => klucz nie znaleziono.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => klucz pomyślnie usunięto
HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{0000002F-0000-0000-C000-000000000046} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220} => klucz pomyślnie usunięto
HKU\S-1-5-21-3580643292-1245026773-3461100310-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1} => klucz pomyślnie usunięto


 



#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,508 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:15 PM

Posted 04 October 2017 - 12:22 PM

Hi,

Has your redirection been solved?

If not please run the Farbar scan and post a Fresh FRST.txt log for my review.

#5 dziabong

dziabong
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:07:15 PM

Posted 05 October 2017 - 12:14 PM

The redirection problem is gone.

 

Firefox reset, java updated and disabled.

 

 

Thank you very much for your assistance :)



#6 nasdaq

nasdaq

  • Malware Response Team
  • 40,508 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:15 PM

Posted 05 October 2017 - 01:06 PM

Hi,

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/


https://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
Simple and easy ways to keep your computer safe and secure on the Internet.
===

#7 dziabong

dziabong
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:07:15 PM

Posted 05 October 2017 - 01:40 PM

Thank you.

One last thing: Could you make any guesses how this infection could have been caught? And what it was in fact?

 

The computer is not mine. And except those links you provided it would be great if I can tell the owner what might be the exact dangerous practice which caused the problem.



#8 nasdaq

nasdaq

  • Malware Response Team
  • 40,508 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:15 PM

Posted 06 October 2017 - 07:11 AM

This was the culprit.

SearchScopes: HKU\S-1-5-21-3580643292-1245026773-3461100310-1000 -> {CA24DD71-D126-4BE7-879E-A0EDBE0F57D3} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=FXTV5&o=101699&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=^F4&apn_dtid=^YYYYYY^YY^PL&apn_uid=d0089ad1-a506-48de-8e49-b20f7721d76c&apn_sauid=627A9F38-27D8-4AC2-8695-18EC06E86621


Not possible to tell how it got installed.

You may want to replace your HOSTS file (no extension) with this one.

Read about it.

http://winhelp2002.mvps.org/hosts.htm

----

Provide him with the links I posted in post no. 6.

#9 dziabong

dziabong
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:07:15 PM

Posted 06 October 2017 - 03:46 PM

Ok. One more time thanks a lot.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users