Jump to content

1 suspicious file


Recommended Posts

Hello, I would appreciate assistance.


 


An hour ago I downloaded 3 legit FLV capturing programs (the exact culprit is impossible to identify), after which a fake anti-virus program appeared in system tray. I removed it with adwcleaner, as advised on one of the thread on this forum. Then I run CCleaner (the history was deleted and I don't remember the exact name of that fake program). Repeated scans with adwcleaner show the following file:


 


C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\elicpjhcidhpjomhibiffojpinpmmpil (Yes, I also downloaded Video Downloader professional for Chrome)


 


Thank you in advance.


 


 


 


FRST.txt

Addition.txt

Link to post
Share on other sites

Hello and welcome to Malwarebytes,

Please be aware the following P2P/Piracy Warning is a standard opening reply made here at Malwarebytes, we make no accusations but do make you aware of Forum Protocol....

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.


Anyone other than the original starter of this thread please DO NOT follow the instructions and advice posted as replies here, my help and advice is NOT related to your system and will probably cause more harm than good...
 

Next,

 

Please open Malwarebytes Anti-Malware.

  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, click Apply Actions.
  • Wait for the prompt to restart the computer to appear (if applicable), then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.


To get the log from Malwarebytes do the following:

  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have three options:

      Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
      Text file (*.txt)        - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
      XML file (*.xml)      - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…


 

Next,

 

Download AdwCleaner by Xplode onto your Desktop.

  • Double click on Adwcleaner.exe to run the tool.
  • Click on the Scan in the Actions box
  • Please wait fot the scan to finish..
  • When "Waiting for action.Please uncheck elements you want to keep" shows in top line..
  • Click on the Cleaning box.
  • Next click OK on the "Closing Programs" pop up box.
  • Click OK on the Information box & again OK to allow the necessary reboot
  • After restart the AdwCleaner(C*)-Notepad log will appear, please copy/paste it in your next reply. Where * is the number relative to list of scans completed...

 
Next,
 
thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts. (re-enable when done)
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


 

Next,

 

Run FRST one more time, ensure all boxes are checkmarked under "Whitelist" but only Addition.txt under "Optional scan" Select scan, when done post the new logs....
 

Post those logs, also give an update on any remaining issues or concerns....

 

Thank you,

 

Kevin

Link to post
Share on other sites

Note: after the Malwarebytes I turned the computer off manually. Also, my Norton disappeared from the system tray after the Adw scan, which was fixed after a restart. Here are the logs:

 

Malwarebytes Anti-Malware

www.malwarebytes.org

 

 

Error, 2016-01-27 00:34, SYSTEM, OEM-KOMPUTER, Protection, IsLicensed, 13,

Protection, 2016-01-27 00:34, SYSTEM, OEM-KOMPUTER, Protection, Malware Protection, Stopping,

Protection, 2016-01-27 00:34, SYSTEM, OEM-KOMPUTER, Protection, Malware Protection, Stopped,

Error, 2016-01-27 00:37, SYSTEM, OEM-KOMPUTER, Protection, IsLicensed, 13,

Protection, 2016-01-27 00:37, SYSTEM, OEM-KOMPUTER, Protection, Malware Protection, Stopping,

Protection, 2016-01-27 00:37, SYSTEM, OEM-KOMPUTER, Protection, Malware Protection, Stopped,

Error, 2016-01-27 00:41, SYSTEM, OEM-KOMPUTER, Protection, IsLicensed, 13,

Protection, 2016-01-27 00:41, SYSTEM, OEM-KOMPUTER, Protection, Malware Protection, Stopping,

Protection, 2016-01-27 00:41, SYSTEM, OEM-KOMPUTER, Protection, Malware Protection, Stopped,

Error, 2016-01-27 00:58, SYSTEM, OEM-KOMPUTER, Protection, IsLicensed, 13,

Protection, 2016-01-27 00:58, SYSTEM, OEM-KOMPUTER, Protection, Malware Protection, Stopping,

Protection, 2016-01-27 00:58, SYSTEM, OEM-KOMPUTER, Protection, Malware Protection, Stopped,

Update, 2016-01-27 01:27, SYSTEM, OEM-KOMPUTER, Manual, Malware Database, 2016.1.26.6, 2016.1.26.7,

Scan, 2016-01-27 01:44, SYSTEM, OEM-KOMPUTER, Manual, Start: 2016-01-27, 01:27, Czas trwania: 17 min 3 s, Dokładne skanowanie, Zakończono, Wykryto 0 zagrożeń, Wykryto 0 PUP/PUM,

Error, 2016-01-27 09:27, SYSTEM, OEM-KOMPUTER, Protection, IsLicensed, 13,

Protection, 2016-01-27 09:27, SYSTEM, OEM-KOMPUTER, Protection, Malware Protection, Stopping,

Protection, 2016-01-27 09:27, SYSTEM, OEM-KOMPUTER, Protection, Malware Protection, Stopped,

Update, 2016-01-27 14:27, SYSTEM, OEM-KOMPUTER, Manual, Domain Database, 2016.1.26.8, 2016.1.27.1,

Update, 2016-01-27 14:27, SYSTEM, OEM-KOMPUTER, Manual, Malware Database, 2016.1.26.7, 2016.1.27.3,

Scan, 2016-01-27 14:46, SYSTEM, OEM-KOMPUTER, Manual, Start: 2016-01-27, 14:27, Czas trwania: 17 min 26 s, Dokładne skanowanie, Zakończono, Wykryto 0 zagrożeń, Wykryto 1 PUP/PUM,

Error, 2016-01-27 14:49, SYSTEM, OEM-KOMPUTER, Protection, IsLicensed, 13,

Protection, 2016-01-27 14:49, SYSTEM, OEM-KOMPUTER, Protection, Malware Protection, Stopping,

Protection, 2016-01-27 14:49, SYSTEM, OEM-KOMPUTER, Protection, Malware Protection, Stopped,

 

(end)

 

- - -

 

# AdwCleaner v5.031 - Utworzono raport 27/01/2016 o 14:54:46
# Ostatnia aktualizacja 25/01/2016 przez Xplode
# Baza danych : 2016-01-25.3 [serwer]
# System operacyjny : Windows 7 Home Premium Service Pack 1 (x64)
# Nazwa użytkownika : OEM - OEM-KOMPUTER
# Lokalizacja programu : C:\Users\OEM\Desktop\AdwCleaner.exe
# Działanie : Usuń
 
***** [ Usługi ] *****
 
 
***** [ Foldery ] *****
 
 
***** [ Pliki ] *****
 
[-] Plik usunięto : C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\elicpjhcidhpjomhibiffojpinpmmpil
 
***** [ DLLs ] *****
 
 
***** [ Skróty ] *****
 
 
***** [ Zaplanowane zadania ] *****
 
 
***** [ Rejestr ] *****
 
 
***** [ Przeglądarki internetowe ] *****
 
 
*************************
 
:: "Tracing" klucze usunięta
:: Zresetowano ustawienia Winsock
 
########## EOF - C:\AdwCleaner\AdwCleaner[C9].txt - [877 bajty] ##########
 
- - -
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 7 Home Premium x64 
Ran by OEM (Administrator) on 2016-01-27 at 15:07:17,47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 60 
 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\011INIZZ (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0SGGCXFT (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0WPU499N (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1COYF5T8 (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1KAT2CVT (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1XYTUYPG (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3C3JCQ3N (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3G12ZVYC (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3OA56L9H (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4DGBLUWP (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4VIBF996 (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56HCHK37 (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5D4VQLO8 (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6F7GGPQN (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\97QMGLLQ (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9AQH8TZ6 (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9WOSYOFP (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A3257BVZ (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AC8AMU51 (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ANQQEHAN (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C0X5MQCO (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CJNS7G6G (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D2AVPTZ5 (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D3007DDX (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D6SVYM3S (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D75W2E1I (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D7XQEADR (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EO1VFFGE (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EQ3XZMOA (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G17HV4OB (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GJAQP2B5 (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ICCUQKZD (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IKDCVEOC (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JSYAW467 (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KA3WLEVF (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXL1F07J (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6GLY51J (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LGQ7PFJZ (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LX59EIU9 (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O43LVZAE (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O8C3U9XA (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PFLRONLT (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PV7O5T1U (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QWO5QB1W (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SC5OPYJM (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U2A6M1GZ (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U9VK92A6 (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UC4HO7C9 (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UOJ741PH (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VDI9GVLV (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W4A8R3QE (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WL6FVU9F (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X4MOEAI3 (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XA0MV488 (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XOFPNE4I (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XOU0KAHY (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YB3B2PD2 (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YROBU3VA (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YSNLHVZD (Folder) 
Successfully deleted: C:\Users\OEM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZHH9BT6Z (Folder) 
 
 
 
Registry: 0 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2016-01-27 at 15:09:22,95
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
- - -
 
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:25-01-2016
Uruchomiony przez OEM (administrator)  OEM-KOMPUTER (27-01-2016 15:52:21)
Uruchomiony z C:\Users\OEM\Desktop
Załadowane profile: OEM (Dostępne profile: UpdatusUser & OEM)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome)
Tryb startu: Normal
 
==================== Procesy (filtrowane) =================
 
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
 
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\ns.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\ns.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
 
 
==================== Rejestr (filtrowane) ===========================
 
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12445288 2012-01-16] (Realtek Semiconductor)
HKLM-x32\...\Run: [iMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [133400 2011-12-16] (Intel Corporation)
HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-15] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [1667072 2012-02-28] (AimerSoft)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1835027044-2019217713-2648562099-1001\...\Run: [iSUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
HKU\S-1-5-21-1835027044-2019217713-2648562099-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
Startup: C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk [2013-11-17]
ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
 
==================== Internet (filtrowane) ====================
 
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E5CF8DC7-BAE7-4DDE-94BC-0131D0331B99}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1835027044-2019217713-2648562099-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL => Brak pliku
BHO-x32: Pomocnik logowania za pomocą konta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
 
FireFox:
========
FF ProfilePath: C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\5kck53ah.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [brak pliku]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-04-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [brak pliku]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1835027044-2019217713-2648562099-1001: eagleget.com/EagleGet64 -> C:\Program Files (x86)\EagleGet\npEagleget64.dll [brak pliku]
FF Extension: Flash Video Downloader - YouTube Full HD Download - C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\5kck53ah.default\extensions\artur.dubovoy@gmail.com [2014-08-08] [brak podpisu cyfrowego]
FF Extension: Video DownloadHelper - C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\5kck53ah.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-24]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.4.24\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.4.24\coFFAddon [2016-01-14]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.11.42\coFFPlgn => nie znaleziono
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.4.24\coFFAddon
FF HKU\S-1-5-21-1835027044-2019217713-2648562099-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => nie znaleziono
 
Chrome: 
=======
CHR NewTab: Default -> "chrome-extension://ejbdobdndcjhdmljipngpeoekdinlohe/homePageRedirect.html"
CHR DefaultSearchURL: Default -> hxxp://nortonsafe.search.ask.com/web?q={searchTerms}&o=apn10506&prt=cr
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxp://ss-sym.ask.com/query?q={searchTerms}&sstype=prefix&li=ff
CHR Profile: C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Norton Security Toolbar) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-12-24]
CHR Extension: (Norton Home Page for Chrome) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2015-12-24]
CHR Extension: (Norton Identity Safe) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-31]
CHR Extension: (Norton Safe) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2015-04-21]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\Exts\Chrome.crx [2015-12-24]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <nie znaleziono>
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] -  <nie znaleziono>
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\Exts\Chrome.crx [2015-12-24]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] -  <nie znaleziono>
 
==================== Usługi (filtrowane) ========================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [brak podpisu cyfrowego]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\NS.exe [282016 2015-11-20] (Symantec Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Sterowniki (filtrowane) ==========================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.5.4.24\Definitions\BASHDefs\20160125.001\BHDrvx64.sys [1665608 2015-12-18] (Symantec Corporation)
R1 ccSet_NS; C:\Windows\system32\drivers\NSx64\1605050.00F\ccSetx64.sys [173808 2015-09-23] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-11-12] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [157520 2015-11-12] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.5.4.24\Definitions\IPSDefs\20160126.001\IDSvia64.sys [767224 2015-12-23] (Symantec Corporation)
S3 jakstaVA; C:\Windows\System32\DRIVERS\jaksta_va.sys [103816 2014-12-09] (e2eSoft)
R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtpt64.sys [16384 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbs64.sys [14848 2009-09-29] (LG Electronics Inc.)
R3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmdm64.sys [17408 2009-09-29] (LG Electronics Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-27] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security\NortonData\22.5.4.24\Definitions\VirusDefs\20160126.068\ENG64.SYS [138488 2015-10-16] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security\NortonData\22.5.4.24\Definitions\VirusDefs\20160126.068\EX64.SYS [2148080 2015-10-16] (Symantec Corporation)
S0 prohlp02; C:\Windows\SysWOW64\drivers\prohlp02.sys [95552 2004-01-26] (Protection Technology) [brak podpisu cyfrowego]
S0 sfhlp01; C:\Windows\SysWOW64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [brak podpisu cyfrowego]
S3 SndTAudio; C:\Windows\System32\drivers\SndTAudio.sys [36064 2014-07-28] (Windows ® Win 7 DDK provider)
R3 SRTSP; C:\Windows\System32\Drivers\NSx64\1605050.00F\SRTSP64.SYS [928496 2015-11-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NSx64\1605050.00F\SRTSPX64.SYS [50936 2015-09-23] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NSx64\1605050.00F\SYMEFASI64.SYS [1621232 2015-11-12] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-12-24] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NSx64\1605050.00F\Ironx64.SYS [297720 2015-09-23] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NSx64\1605050.00F\SYMNETS.SYS [577768 2015-11-12] (Symantec Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-11-06] ()
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2009-08-11] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27648 2009-08-11] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2009-08-11] (LG Electronics Inc.)
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
 
==================== NetSvcs (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
 
==================== Jeden miesiąc - utworzone pliki i foldery ========
 
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2016-01-27 15:51 - 2016-01-27 15:51 - 02370560 _____ (Farbar) C:\Users\OEM\Desktop\FRST64.exe
2016-01-27 15:09 - 2016-01-27 15:09 - 00007993 _____ C:\Users\OEM\Downloads\JRT.txt
2016-01-27 15:09 - 2016-01-27 15:09 - 00007993 _____ C:\Users\OEM\Desktop\JRT.txt
2016-01-27 14:58 - 2016-01-27 14:58 - 01600184 _____ (Malwarebytes) C:\Users\OEM\Desktop\JRT.exe
2016-01-27 14:56 - 2016-01-27 14:56 - 00000958 _____ C:\Users\OEM\Downloads\AdwCleaner[C9].txt
2016-01-27 14:52 - 2016-01-27 14:53 - 01507840 _____ C:\Users\OEM\Desktop\AdwCleaner.exe
2016-01-27 14:16 - 2016-01-27 14:16 - 00000000 ____D C:\Users\OEM\Downloads\Back-up copies of movies - unsubtitled
2016-01-27 11:41 - 2016-01-27 11:41 - 00000000 ____D C:\Users\OEM\Downloads\A
2016-01-27 11:16 - 2016-01-27 11:16 - 00033334 _____ C:\Users\OEM\Desktop\Addition.txt
2016-01-27 11:15 - 2016-01-27 15:52 - 00019383 _____ C:\Users\OEM\Desktop\FRST.txt
2016-01-27 11:15 - 2016-01-27 15:52 - 00000000 ____D C:\FRST
2016-01-27 00:59 - 2016-01-27 00:59 - 00001581 _____ C:\Users\OEM\Downloads\AdwCleanerS3.txt
2016-01-27 00:58 - 2016-01-27 15:27 - 00086940 _____ C:\Windows\ntbtlog.txt
2016-01-27 00:52 - 2016-01-27 00:52 - 00002794 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-01-27 00:52 - 2016-01-27 00:52 - 00000000 ____D C:\Program Files\CCleaner
2016-01-27 00:51 - 2016-01-27 00:51 - 06828320 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup514.exe
2016-01-27 00:31 - 2016-01-27 00:31 - 01507840 _____ C:\Users\OEM\Downloads\AdwCleaner (2).exe
2016-01-27 00:18 - 2016-01-27 00:18 - 10145048 _____ C:\Users\OEM\Downloads\flvdownloader_setup.exe
2016-01-27 00:18 - 2016-01-27 00:18 - 00001378 _____ C:\Users\Public\Desktop\FLV Downloader.lnk
2016-01-27 00:18 - 2016-01-27 00:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Downloader
2016-01-27 00:18 - 2016-01-27 00:18 - 00000000 ____D C:\ProgramData\FLV.com FLV Downloader
2016-01-27 00:11 - 2016-01-27 00:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamTransport
2016-01-27 00:11 - 2016-01-27 00:11 - 00000000 ____D C:\Program Files (x86)\StreamTransport
2016-01-27 00:11 - 2009-10-27 19:31 - 03982240 _____ (Adobe Systems, Inc.) C:\Windows\SysWOW64\Flash10d.ocx
2016-01-27 00:10 - 2016-01-27 00:10 - 03331742 _____ ( ) C:\Users\OEM\Downloads\streamtransport_setup_1022171.exe
2016-01-27 00:04 - 2016-01-27 00:04 - 00000024 _____ C:\Windows\GetFLV.ini
2016-01-27 00:03 - 2016-01-27 00:03 - 00000000 ____D C:\Users\OEM\Downloads\gf2setup
2016-01-27 00:03 - 2016-01-27 00:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GetFLV
2016-01-27 00:02 - 2016-01-27 00:02 - 41436142 _____ C:\Users\OEM\Downloads\gf2setup.zip
2016-01-26 17:21 - 2016-01-26 17:21 - 00003464 _____ C:\Users\OEM\AppData\Local\recently-used.xbel
2016-01-26 12:53 - 2016-01-26 12:53 - 00899414 _____ C:\Users\OEM\Downloads\SetupDVDDecrypter_3.5.4.0.exe
2016-01-26 12:49 - 2016-01-26 12:53 - 00000000 ____D C:\Program Files (x86)\FairUse Wizard 3D
2016-01-26 12:49 - 2016-01-26 12:49 - 10674204 _____ (Pantaray Research Ltd.) C:\Users\OEM\Downloads\FU-Setup_LE3DR2.exe
2016-01-26 12:49 - 2016-01-26 12:49 - 00000000 ____D C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FairUse Wizard 3D
2016-01-26 12:41 - 2016-01-26 12:41 - 00000000 ____D C:\Users\OEM\AppData\Roaming\HandBrake Team
2016-01-26 12:41 - 2016-01-26 12:41 - 00000000 ____D C:\Users\OEM\AppData\Roaming\HandBrake
2016-01-26 12:39 - 2016-01-26 12:39 - 17253867 _____ C:\Users\OEM\Downloads\HandBrake-0.10.3-x86_64-Win_GUI.exe
2016-01-26 12:39 - 2016-01-26 12:39 - 00000824 _____ C:\Users\UpdatusUser\Desktop\Handbrake.lnk
2016-01-26 12:39 - 2016-01-26 12:39 - 00000824 _____ C:\Users\OEM\Desktop\Handbrake.lnk
2016-01-26 12:39 - 2016-01-26 12:39 - 00000000 ____D C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
2016-01-26 12:39 - 2016-01-26 12:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2016-01-26 12:39 - 2016-01-26 12:39 - 00000000 ____D C:\Program Files\Handbrake
2016-01-24 16:39 - 2016-01-24 16:39 - 00000000 ____D C:\Users\OEM\Desktop\sprawozdanie za 2015 r co robił Marcin
2016-01-22 02:23 - 2016-01-22 02:23 - 00000000 ____D C:\ProgramData\SMR501
2016-01-21 12:52 - 2016-01-26 12:25 - 00000000 ____D C:\Users\OEM\Downloads\Mars Men
2016-01-20 10:26 - 2016-01-20 10:26 - 00006812 _____ C:\Users\OEM\Downloads\nodes (8).dat
2016-01-19 22:25 - 2015-12-21 12:31 - 17383183 _____ C:\Users\OEM\Downloads\2010 PSIANKOWATE papryka pomidor uprawa polowa.pdf
2016-01-19 20:51 - 2015-03-07 14:01 - 00326555 _____ C:\Users\OEM\Downloads\1425740232-polyversum-etykieta.pdf
2016-01-19 01:17 - 2015-11-01 14:26 - 11539012 _____ C:\Users\OEM\Downloads\KeepVid Video Joiner - v0.14.zip
2016-01-19 00:59 - 2016-01-19 00:59 - 03938971 _____ C:\Users\OEM\Downloads\1 - Video Dailymotion (1).mp4
2016-01-19 00:58 - 2016-01-19 00:58 - 03938971 _____ C:\Users\OEM\Downloads\1 - Video Dailymotion.mp4
2016-01-18 20:42 - 2016-01-24 16:12 - 00000000 ____D C:\Users\OEM\Desktop\annual report 2015a
2016-01-16 08:06 - 2016-01-16 08:07 - 00000000 ____D C:\Users\OEM\Desktop\statut 2015 akt od prof Gaj
2016-01-16 08:05 - 2016-01-18 20:43 - 00000000 ____D C:\Users\OEM\Desktop\działalkność zagraniczna 2015
2016-01-15 18:39 - 2016-01-24 16:37 - 00000000 ____D C:\Users\OEM\Desktop\medal na 200 lat kryczyński
2016-01-15 09:02 - 2016-01-15 09:02 - 00000510 _____ C:\Users\OEM\Downloads\url.htm
2016-01-15 01:15 - 2016-01-15 01:15 - 00000016 _____ C:\Users\OEM\Downloads\4378.download
2016-01-14 15:00 - 2016-01-14 15:01 - 00000000 ____D C:\Users\OEM\Downloads\My Blood, Your Blood
2016-01-13 10:24 - 2015-12-24 00:13 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-01-13 10:24 - 2015-12-23 23:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-01-13 10:24 - 2015-12-12 19:54 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-13 10:24 - 2015-12-12 19:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-01-13 10:24 - 2015-12-12 19:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-01-13 10:24 - 2015-12-12 19:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-01-13 10:24 - 2015-12-12 19:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-01-13 10:24 - 2015-12-12 19:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-13 10:24 - 2015-12-12 19:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-01-13 10:24 - 2015-12-12 19:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-01-13 10:24 - 2015-12-12 19:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-01-13 10:24 - 2015-12-12 19:07 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-01-13 10:24 - 2015-12-12 19:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-01-13 10:24 - 2015-12-12 19:07 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-01-13 10:24 - 2015-12-12 19:03 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-01-13 10:24 - 2015-12-12 19:02 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-01-13 10:24 - 2015-12-12 19:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-13 10:24 - 2015-12-12 19:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-01-13 10:24 - 2015-12-12 19:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-01-13 10:24 - 2015-12-12 19:02 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-01-13 10:24 - 2015-12-12 18:55 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-01-13 10:24 - 2015-12-12 18:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-01-13 10:24 - 2015-12-12 18:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-01-13 10:24 - 2015-12-12 18:44 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-01-13 10:24 - 2015-12-12 18:40 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-01-13 10:24 - 2015-12-12 18:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-01-13 10:24 - 2015-12-12 18:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-01-13 10:24 - 2015-12-12 18:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-01-13 10:24 - 2015-12-12 18:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-01-13 10:24 - 2015-12-12 18:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-01-13 10:24 - 2015-12-12 18:36 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-01-13 10:24 - 2015-12-12 18:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-01-13 10:24 - 2015-12-12 18:35 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-01-13 10:24 - 2015-12-12 18:33 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-01-13 10:24 - 2015-12-12 18:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-01-13 10:24 - 2015-12-12 18:30 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-01-13 10:24 - 2015-12-12 18:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-01-13 10:24 - 2015-12-12 18:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-01-13 10:24 - 2015-12-12 18:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-01-13 10:24 - 2015-12-12 18:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-01-13 10:24 - 2015-12-12 18:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-01-13 10:24 - 2015-12-12 18:23 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-13 10:24 - 2015-12-12 18:22 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-01-13 10:24 - 2015-12-12 18:21 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-01-13 10:24 - 2015-12-12 18:20 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-01-13 10:24 - 2015-12-12 18:19 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-01-13 10:24 - 2015-12-12 18:18 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-13 10:24 - 2015-12-12 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-01-13 10:24 - 2015-12-12 18:12 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-01-13 10:24 - 2015-12-12 18:10 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-01-13 10:24 - 2015-12-12 18:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-01-13 10:24 - 2015-12-12 18:09 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-01-13 10:24 - 2015-12-12 18:08 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-01-13 10:24 - 2015-12-12 18:06 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-13 10:24 - 2015-12-12 18:02 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-01-13 10:24 - 2015-12-12 18:00 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-01-13 10:24 - 2015-12-12 18:00 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-01-13 10:24 - 2015-12-12 18:00 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-01-13 10:24 - 2015-12-12 18:00 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-01-13 10:24 - 2015-12-12 17:54 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-13 10:24 - 2015-12-12 17:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-01-13 10:24 - 2015-12-12 17:41 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-01-13 10:24 - 2015-12-12 17:38 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-01-13 10:24 - 2015-12-12 17:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-01-13 10:24 - 2015-12-11 19:57 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-13 10:24 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-01-13 10:24 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-01-13 10:24 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-01-13 10:24 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-01-13 10:24 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-13 10:24 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-01-13 10:24 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-01-13 10:24 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-13 10:24 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-01-13 10:24 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-01-13 10:24 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-01-13 10:24 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-01-13 10:24 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-01-13 10:24 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-13 10:24 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-01-13 10:24 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-01-13 10:24 - 2015-12-08 22:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-01-13 10:24 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-01-13 10:24 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-01-13 10:24 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-01-13 10:24 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-13 10:24 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-01-13 10:24 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-01-13 10:24 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-01-13 10:24 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-01-13 10:24 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 10:24 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-01-13 10:24 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-01-13 10:24 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-01-13 10:24 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-01-13 10:24 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-01-13 10:24 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-01-13 10:24 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-01-13 10:24 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-01-13 10:24 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-01-13 10:24 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-01-13 10:24 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-01-13 10:24 - 2015-12-08 20:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-13 10:24 - 2015-12-08 20:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-01-13 10:24 - 2015-12-08 20:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-13 10:24 - 2015-12-08 20:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-13 10:24 - 2015-12-08 20:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 10:24 - 2015-12-08 20:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-13 10:24 - 2015-12-08 20:07 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-13 10:24 - 2015-12-08 20:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-13 10:24 - 2015-12-08 20:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-13 10:24 - 2015-12-08 20:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-13 10:24 - 2015-12-08 20:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-13 10:24 - 2015-12-08 20:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-13 10:24 - 2015-12-08 20:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-13 10:24 - 2015-12-08 20:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 10:24 - 2015-12-08 20:07 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-13 10:24 - 2015-12-08 20:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-13 10:24 - 2015-12-08 20:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-13 10:24 - 2015-12-08 20:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-13 10:24 - 2015-12-08 20:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-13 10:24 - 2015-12-08 20:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-13 10:24 - 2015-12-08 20:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 10:24 - 2015-12-08 20:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-13 10:24 - 2015-12-08 20:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-13 10:24 - 2015-12-08 20:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-13 10:24 - 2015-12-08 20:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-13 10:24 - 2015-12-08 20:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-13 10:24 - 2015-12-08 20:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-13 10:24 - 2015-12-08 20:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 10:24 - 2015-12-08 20:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-13 10:24 - 2015-12-08 20:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-13 10:24 - 2015-12-08 20:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-13 10:24 - 2015-12-08 20:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-13 10:24 - 2015-12-08 20:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-13 10:24 - 2015-12-08 20:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-13 10:24 - 2015-12-08 20:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-13 10:24 - 2015-12-08 20:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-01-13 10:24 - 2015-12-08 20:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-01-13 10:24 - 2015-12-08 20:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-13 10:24 - 2015-12-08 20:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-01-13 10:24 - 2015-12-08 20:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-01-13 10:24 - 2015-12-08 19:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-13 10:24 - 2015-12-08 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-01-13 10:24 - 2015-12-08 19:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-01-13 10:24 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-13 10:24 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-13 10:24 - 2015-11-14 00:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-01-13 10:24 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-01-13 10:24 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-01-13 10:24 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-01-13 10:23 - 2015-12-30 20:08 - 05572544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-13 10:23 - 2015-12-30 20:08 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-13 10:23 - 2015-12-30 20:08 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-01-13 10:23 - 2015-12-30 20:05 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-13 10:23 - 2015-12-30 20:02 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-01-13 10:23 - 2015-12-30 20:02 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-01-13 10:23 - 2015-12-30 20:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-01-13 10:23 - 2015-12-30 20:02 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-01-13 10:23 - 2015-12-30 20:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-01-13 10:23 - 2015-12-30 20:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-01-13 10:23 - 2015-12-30 20:01 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-01-13 10:23 - 2015-12-30 20:01 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-01-13 10:23 - 2015-12-30 20:01 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-13 10:23 - 2015-12-30 20:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-01-13 10:23 - 2015-12-30 20:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-01-13 10:23 - 2015-12-30 20:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-01-13 10:23 - 2015-12-30 20:01 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-01-13 10:23 - 2015-12-30 20:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-01-13 10:23 - 2015-12-30 19:59 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-01-13 10:23 - 2015-12-30 19:59 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-13 10:23 - 2015-12-30 19:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-01-13 10:23 - 2015-12-30 19:58 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-13 10:23 - 2015-12-30 19:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-01-13 10:23 - 2015-12-30 19:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-01-13 10:23 - 2015-12-30 19:57 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-01-13 10:23 - 2015-12-30 19:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-01-13 10:23 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-01-13 10:23 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-01-13 10:23 - 2015-12-30 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:47 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-01-13 10:23 - 2015-12-30 19:47 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-01-13 10:23 - 2015-12-30 19:44 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-01-13 10:23 - 2015-12-30 19:41 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-01-13 10:23 - 2015-12-30 19:41 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-01-13 10:23 - 2015-12-30 19:41 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-01-13 10:23 - 2015-12-30 19:41 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-01-13 10:23 - 2015-12-30 19:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-01-13 10:23 - 2015-12-30 19:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-01-13 10:23 - 2015-12-30 19:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-01-13 10:23 - 2015-12-30 19:41 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-01-13 10:23 - 2015-12-30 19:40 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-01-13 10:23 - 2015-12-30 19:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-01-13 10:23 - 2015-12-30 19:39 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-01-13 10:23 - 2015-12-30 19:39 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-01-13 10:23 - 2015-12-30 19:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-01-13 10:23 - 2015-12-30 19:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-01-13 10:23 - 2015-12-30 19:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-01-13 10:23 - 2015-12-30 19:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-01-13 10:23 - 2015-12-30 19:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-01-13 10:23 - 2015-12-30 19:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-01-13 10:23 - 2015-12-30 19:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 18:57 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-01-13 10:23 - 2015-12-30 18:50 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-01-13 10:23 - 2015-12-30 18:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-01-13 10:23 - 2015-12-30 18:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-01-13 10:23 - 2015-12-30 18:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-01-13 10:23 - 2015-12-30 18:42 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-01-13 10:23 - 2015-12-30 18:42 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-01-13 10:23 - 2015-12-30 18:41 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-01-13 10:23 - 2015-12-30 18:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-01-13 10:23 - 2015-12-30 18:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-01-13 10:23 - 2015-12-30 18:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-01-13 10:23 - 2015-12-30 18:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-01-13 10:23 - 2015-12-30 18:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-01-13 10:23 - 2015-12-30 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-01-13 10:23 - 2015-12-30 18:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 18:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 18:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 10:23 - 2015-12-30 18:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-01-13 10:23 - 2015-12-08 22:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-01-13 10:23 - 2015-12-08 20:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-13 10:23 - 2015-12-08 18:58 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-01-13 10:23 - 2015-11-17 02:11 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-01-13 10:23 - 2015-11-17 02:08 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-01-13 10:23 - 2015-11-17 02:08 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-01-13 10:23 - 2015-11-17 02:08 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-01-13 10:23 - 2015-11-17 02:08 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-13 10:23 - 2015-11-17 02:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-01-13 10:23 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-11 14:28 - 2016-01-11 17:38 - 00000000 ____D C:\Users\OEM\Downloads\Circles
2016-01-11 14:27 - 2016-01-18 16:05 - 00000000 ____D C:\Users\OEM\Downloads\Bezprizorni
2016-01-10 09:15 - 2016-01-10 09:16 - 00000000 ____D C:\Users\OEM\Documents\EGDownloads
2016-01-10 09:15 - 2016-01-10 09:15 - 00023683 _____ C:\Users\OEM\Downloads\pervy-cinema.html
2016-01-10 09:11 - 2016-01-10 09:11 - 06090996 _____ (EagleGet ) C:\Users\OEM\Downloads\eagleget_setup_2047.exe
2016-01-09 16:09 - 2016-01-11 20:38 - 00000000 ____D C:\Users\OEM\Desktop\prac tech i adiunkt
2016-01-08 22:59 - 2016-01-08 22:59 - 00468639 _____ C:\Users\OEM\Documents\Scan0012.pdf
2016-01-08 22:58 - 2016-01-08 22:58 - 00359332 _____ C:\Users\OEM\Documents\Scan0011.pdf
2016-01-08 22:56 - 2016-01-08 22:56 - 00209601 _____ C:\Users\OEM\Documents\Scan0010.pdf
2016-01-07 13:38 - 2016-01-07 13:38 - 00086390 _____ C:\Users\OEM\Downloads\identyfikacja tlenowa_ (1).docm
2016-01-06 13:43 - 2016-01-06 13:44 - 00000000 ____D C:\Users\OEM\Downloads\Computer King
2016-01-05 18:24 - 2016-01-05 18:24 - 00123902 _____ C:\Users\OEM\Downloads\Polyversum WP (1).pdf
2016-01-05 18:23 - 2016-01-05 18:23 - 00092463 _____ C:\Users\OEM\Downloads\Constans WG (1).pdf
2016-01-05 18:22 - 2016-01-05 18:22 - 00122514 _____ C:\Users\OEM\Downloads\Atilla SP.pdf
2016-01-05 18:22 - 2016-01-05 18:22 - 00083104 _____ C:\Users\OEM\Downloads\ARMICARB SP.pdf
2016-01-05 18:21 - 2016-01-05 18:21 - 00129434 _____ C:\Users\OEM\Downloads\Funguran OH 50 WP.pdf
2016-01-05 18:21 - 2016-01-05 18:21 - 00093196 _____ C:\Users\OEM\Downloads\Dipel WG.pdf
2016-01-05 18:21 - 2016-01-05 18:21 - 00088429 _____ C:\Users\OEM\Downloads\ECODIAN-CP VP.pdf
2016-01-05 18:20 - 2016-01-05 18:20 - 00103884 _____ C:\Users\OEM\Downloads\Novodor SC.pdf
2016-01-05 18:20 - 2016-01-05 18:20 - 00089276 _____ C:\Users\OEM\Downloads\Karbicure_SP_zast. profesjonalne.pdf
2016-01-05 18:18 - 2016-01-05 18:18 - 00123902 _____ C:\Users\OEM\Downloads\Polyversum WP.pdf
2016-01-05 18:18 - 2016-01-05 18:18 - 00107292 _____ C:\Users\OEM\Downloads\Promanal 60 EC.pdf
2016-01-05 18:16 - 2016-01-05 18:16 - 00143436 _____ C:\Users\OEM\Downloads\SpinTor 240 SC (2).pdf
2016-01-05 18:16 - 2016-01-05 18:16 - 00108737 _____ C:\Users\OEM\Downloads\SERENADE_ASO (1).pdf
2016-01-05 18:14 - 2016-01-05 18:14 - 00143436 _____ C:\Users\OEM\Downloads\SpinTor 240 SC (1).pdf
2016-01-05 18:10 - 2016-01-05 18:10 - 00138496 _____ C:\Users\OEM\Downloads\TREOL 770 EC (2).pdf
2016-01-05 17:59 - 2016-01-05 17:59 - 00153840 _____ C:\Users\OEM\Downloads\TIMOREX  Gold 24 EC.pdf
2016-01-05 17:59 - 2016-01-05 17:59 - 00143436 _____ C:\Users\OEM\Downloads\SpinTor 240 SC.pdf
2016-01-05 17:59 - 2016-01-05 17:59 - 00108737 _____ C:\Users\OEM\Downloads\SERENADE_ASO.pdf
2016-01-05 17:58 - 2016-01-05 17:58 - 00138496 _____ C:\Users\OEM\Downloads\TREOL 770 EC.pdf
2016-01-05 17:58 - 2016-01-05 17:58 - 00138496 _____ C:\Users\OEM\Downloads\TREOL 770 EC (1).pdf
2016-01-04 23:59 - 2016-01-04 23:59 - 00001774 _____ C:\Users\OEM\Downloads\ECV2016.ics
2016-01-04 23:59 - 2016-01-04 23:59 - 00001774 _____ C:\Users\OEM\Downloads\ECV2016 (1).ics
2016-01-04 23:47 - 2016-01-04 23:47 - 00027077 _____ C:\Users\OEM\Desktop\contentok.php.html
2016-01-03 00:04 - 2016-01-26 12:59 - 00000000 ____D C:\Users\OEM\Downloads\On the Earth and in the Sky
2016-01-01 09:31 - 2016-01-01 09:31 - 00000000 ____D C:\Users\OEM\Downloads\World War III
2015-12-31 17:38 - 2015-12-31 21:11 - 00000000 ____D C:\Users\OEM\Downloads\Commandos -  1'54'07
2015-12-29 20:25 - 2016-01-18 11:23 - 00000000 ____D C:\Users\OEM\Downloads\Commando Operation - VHSRIP
2015-12-29 09:53 - 2015-12-29 09:53 - 00006812 _____ C:\Users\OEM\Downloads\nodes (7).dat
2015-12-28 16:01 - 2015-12-28 16:01 - 00006812 _____ C:\Users\OEM\Downloads\nodes (6).dat
 
==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
 
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2016-01-27 15:51 - 2015-12-03 18:47 - 00000000 ____D C:\Windows\System32\Tasks\Remediation
2016-01-27 15:22 - 2014-06-18 18:28 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-27 15:14 - 2009-07-14 05:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-27 15:14 - 2009-07-14 05:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-27 15:05 - 2012-12-21 15:09 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-27 15:05 - 2012-12-17 13:19 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-27 15:05 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-27 15:00 - 2012-12-21 15:09 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-27 14:54 - 2015-11-07 12:07 - 00000000 ____D C:\AdwCleaner
2016-01-27 14:50 - 2015-11-21 22:35 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-27 14:15 - 2012-12-21 15:40 - 00000000 ____D C:\Users\OEM\AppData\Roaming\vlc
2016-01-27 11:16 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-01-27 10:59 - 2015-12-04 13:33 - 00000000 ____D C:\Users\OEM\AppData\Roaming\uTorrent
2016-01-27 10:59 - 2012-12-29 16:28 - 00000000 ____D C:\ProgramData\eMule
2016-01-27 00:53 - 2014-08-07 00:39 - 00000000 ____D C:\Windows\Minidump
2016-01-27 00:53 - 2012-12-22 17:33 - 00000000 ____D C:\Users\OEM\AppData\Local\CrashDumps
2016-01-27 00:53 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-01-27 00:06 - 2015-10-28 12:22 - 00000000 ____D C:\Program Files (x86)\GetFLV
2016-01-26 19:58 - 2014-05-08 23:10 - 00000000 ____D C:\Users\OEM\.gimp-2.8
2016-01-26 14:27 - 2014-05-09 00:36 - 00000000 ____D C:\Users\OEM\AppData\Local\gtk-2.0
2016-01-25 00:48 - 2015-11-07 13:31 - 00000000 ____D C:\Users\OEM\AppData\Roaming\avidemux
2016-01-23 00:53 - 2013-05-25 00:16 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-01-22 12:30 - 2014-09-04 14:41 - 00000570 _____ C:\Users\OEM\AppData\Roaming\AutoGK.ini
2016-01-22 02:27 - 2013-07-10 00:18 - 00000000 ____D C:\Users\OEM\AppData\Local\NPE
2016-01-22 02:24 - 2014-05-22 15:39 - 00000000 ____D C:\NPE
2016-01-21 12:52 - 2012-12-21 16:11 - 00000000 ____D C:\Users\OEM\AppData\Roaming\dvdcss
2016-01-20 13:22 - 2014-06-18 18:28 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-20 13:22 - 2014-06-18 18:28 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-20 13:22 - 2014-06-18 18:28 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-20 07:48 - 2014-06-15 21:34 - 00000000 ____D C:\Users\OEM\Desktop\zupełnie wszystko
2016-01-18 22:57 - 2015-11-21 22:35 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-18 22:57 - 2014-07-13 23:38 - 00000000 ____D C:\Users\OEM\Downloads\SubtitleWorkshop_6.0_130814_portable
2016-01-16 08:06 - 2010-11-21 13:53 - 00740438 _____ C:\Windows\system32\perfh015.dat
2016-01-16 08:06 - 2010-11-21 13:53 - 00156012 _____ C:\Windows\system32\perfc015.dat
2016-01-16 08:06 - 2009-07-14 06:13 - 01670590 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-15 10:38 - 2015-12-13 14:46 - 00000000 ____D C:\Users\OEM\Downloads\Operation Inchon - VHSRip
2016-01-14 23:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-01-14 16:36 - 2015-08-03 09:19 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-01-14 16:36 - 2015-08-03 09:19 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-14 09:22 - 2009-07-14 05:45 - 05011552 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-14 09:20 - 2014-12-10 17:52 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-14 09:20 - 2014-04-23 17:10 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-01-14 02:49 - 2012-12-20 17:33 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-01-14 02:48 - 2013-08-14 15:46 - 00000000 ____D C:\Windows\system32\MRT
2016-01-14 02:44 - 2012-12-23 14:49 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-01-12 20:35 - 2015-12-11 21:20 - 00000000 ____D C:\Users\OEM\Desktop\rolny wyklady 2015
2016-01-09 10:25 - 2015-06-18 18:08 - 00000000 ____D C:\Users\OEM\Desktop\p Bereda doktorat aktualny
2016-01-04 09:23 - 2012-12-20 16:23 - 00000000 ____D C:\Users\OEM
2016-01-03 20:02 - 2015-12-25 20:50 - 00000000 ____D C:\Users\OEM\Downloads\I'll Be Waiting in Monte Carlo
2015-12-31 17:38 - 2015-12-27 12:30 - 00000000 ____D C:\Users\OEM\Downloads\Zvlastni jednotka
 
==================== Pliki w katalogu głównym wybranych folderów =======
 
2014-09-04 14:41 - 2016-01-22 12:30 - 0000570 _____ () C:\Users\OEM\AppData\Roaming\AutoGK.ini
2015-10-28 16:45 - 2015-10-28 16:45 - 0000046 _____ () C:\Users\OEM\AppData\Roaming\Camdata.ini
2015-10-28 16:45 - 2015-10-28 16:45 - 0000408 _____ () C:\Users\OEM\AppData\Roaming\CamLayout.ini
2015-10-28 16:45 - 2015-10-28 16:45 - 0000408 _____ () C:\Users\OEM\AppData\Roaming\CamShapes.ini
2015-10-28 16:45 - 2015-10-28 16:45 - 0004521 _____ () C:\Users\OEM\AppData\Roaming\CamStudio.cfg
2015-12-10 17:25 - 2015-12-10 17:55 - 0000075 _____ () C:\Users\OEM\AppData\Roaming\GPACgpac_pl.m3u
2013-06-28 13:45 - 2015-10-27 15:35 - 0011776 _____ () C:\Users\OEM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-01-26 17:21 - 2016-01-26 17:21 - 0003464 _____ () C:\Users\OEM\AppData\Local\recently-used.xbel
2015-11-13 10:53 - 2015-11-13 14:20 - 0007627 _____ () C:\Users\OEM\AppData\Local\Resmon.ResmonCfg
2013-11-13 22:37 - 2013-11-13 22:37 - 0000057 _____ () C:\ProgramData\Ament.ini
 
Niektóre pliki w TEMP:
====================
C:\Users\OEM\AppData\Local\Temp\sqlite3.dll
 
 
Niektóre zerobajtowe pliki/foldery:
==========================
C:\Windows\SysWOW64\rundll32.exe
 
==================== Bamital & volsnap =================
 
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
 
C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo
C:\Windows\explorer.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\Windows\system32\services.exe => Plik podpisany cyfrowo
C:\Windows\system32\User32.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo
 
 
LastRegBack: 2016-01-19 00:11
 
==================== Koniec  FRST.txt ============================
 
- - -
Link to post
Share on other sites

Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:25-01-2016

Uruchomiony przez OEM (2016-01-27 15:52:51)

Uruchomiony z C:\Users\OEM\Desktop

Windows 7 Home Premium Service Pack 1 (X64) (2012-12-20 15:23:41)

Tryb startu: Normal

==========================================================

 

 

==================== Konta użytkowników: =============================

 

Administrator (S-1-5-21-1835027044-2019217713-2648562099-500 - Administrator - Disabled)

Gość (S-1-5-21-1835027044-2019217713-2648562099-501 - Limited - Disabled)

OEM (S-1-5-21-1835027044-2019217713-2648562099-1001 - Administrator - Enabled) => C:\Users\OEM

UpdatusUser (S-1-5-21-1835027044-2019217713-2648562099-1000 - Limited - Enabled) => C:\Users\UpdatusUser

 

==================== Centrum zabezpieczeń ========================

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

 

AV: Norton Security (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Norton Security (Disabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}

FW: Norton Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

 

==================== Zainstalowane programy ======================

 

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

 

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )

Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)

Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)

Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)

Aktualizacje NVIDIA 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)

Any Video Converter 5.6.6 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)

Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Auto Gordian Knot 2.55 (HKLM-x32\...\AutoGK) (Version: 2.55 - len0x)

Avidemux 2.6 - 32 bits (32-bit) (HKLM-x32\...\Avidemux 2.6 - 32 bits) (Version: 2.6.10.150607 - )

Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.10.150607 - )

AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

DJIA3520FWUpdateAlert (x32 Version: 2.00.0000 - HP) Hidden

DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version:  - )

FairUse Wizard 3D (HKLM-x32\...\FairUse Wizard 3D) (Version: 1.0 - FairUse Wizard)

FLV.com FLV Downloader 11.1 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-76FAF2D9B362}) (Version: 11.1 - GreenTree Applications SRL)

Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

GetFLV 9.9.128.88 (HKLM-x32\...\GetFLV_is1) (Version:  - GetFLV, Inc.)

GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)

Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden

GRID (HKLM-x32\...\{5A0B7BA5-4682-4273-81C2-69B17E649103}) (Version: 1.30.0000 - Codemasters)

HandBrake 0.10.3 (HKLM-x32\...\HandBrake) (Version: 0.10.3 - )

Heroes Over Europe (HKLM-x32\...\{0101386E-6E51-4544-A66E-26FA06FF1776}) (Version: 1.01 - Ubisoft)

HP Deskjet 3520 series — badanie mające na celu poprawę produktów (HKLM\...\{EF04170D-0CE0-40E7-9F25-3A2BA2425C6E}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Deskjet 3520 series — podstawowe oprogramowanie urządzenia (HKLM\...\{2AF6DE35-EF82-42D5-86CA-9DE53EA29318}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Deskjet 3520 series Pomoc (HKLM-x32\...\{B15746C1-344B-40F8-A54E-85AD2AD8E81E}) (Version: 27.0.0 - Hewlett Packard)

HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)

HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)

HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)

Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)

Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)

Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)

iTunes (HKLM\...\{7FCDABCC-1A1E-4D61-909D-BA9495172774}) (Version: 11.0.3.42 - Apple Inc.)

LG Bluetooth Drivers (HKLM-x32\...\{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}) (Version: 1.1 - LG Electronics)

LG MC USB Modem driver (HKLM-x32\...\{6059C682-4C5F-4106-8487-943E98225D3B}) (Version: 1.0.0.0000 - LG Electronics)

LG PC Suite II (HKLM-x32\...\{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}) (Version: 2.00.0000 - LG PC Suite)

LG PC Suite II (x32 Version: 2.00.0000 - LG PC Suite) Hidden

LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)

LG USB Modem Driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version: 4.9.5.1 - LG Electronics)

Malwarebytes Anti-Malware wersja 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)

MediaInfo 0.7.62 (HKLM\...\MediaInfo) (Version: 0.7.62 - MediaArea.net)

Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

MKVToolNix 8.2.0 (32bit) (HKLM-x32\...\MKVToolNix) (Version: 8.2.0 - Moritz Bunkus)

Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)

Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.11.42 - Symantec Corporation)

Norton Security (HKLM-x32\...\NS) (Version: 22.5.5.15 - Symantec Corporation)

NVIDIA PhysX (HKLM-x32\...\{5DB65884-C963-4454-AABA-4CA3089281FA}) (Version: 9.09.0720 - NVIDIA Corporation)

NVIDIA Sterownik 3D Vision 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)

NVIDIA Sterownik dźwięku HD 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)

NVIDIA Sterownik graficzny 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)

NVIDIA Sterownik kontrolera 3D Vision 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.97 - NVIDIA Corporation)

Obsługa programów Apple (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)

OpenAL (HKLM-x32\...\OpenAL) (Version:  - )

Panel sterowania NVIDIA 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden

PIT Format 2014 (HKLM-x32\...\PIT Format 2014_is1) (Version:  - Biuro Informatyki Stosowanej FORMAT)

Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)

Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6554 - Realtek Semiconductor Corp.)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)

StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )

Subtitle Edit 3.4.10 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.4.10.1 - Nikse)

Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version:  - )

VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)

VobSub v2.23 (Remove Only) (HKLM-x32\...\VobSub) (Version:  - )

XviD MPEG4 Video Codec (remove only) (HKLM-x32\...\XviD MPEG4 Video Codec) (Version:  - )

YAMB (HKLM-x32\...\YAMB) (Version:  - )

 

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

 

CustomCLSID: HKU\S-1-5-21-1835027044-2019217713-2648562099-1001_Classes\CLSID\{6d4c2238-c1b9-5d67-81d8-2cf6949997db}\InprocServer32 -> C:\Program Files (x86)\EagleGet\npEagleget64.dll => Brak pliku

 

==================== Zaplanowane zadania (filtrowane) =============

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

 

Task: {0494FB61-67CC-4D11-8D82-A5EEE3F6D6D7} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)

Task: {15BA3A34-156E-47BF-97E0-9F5FE000A8E0} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\WSCStub.exe [2016-01-06] (Symantec Corporation)

Task: {2DD42B76-CFC1-4E49-8925-FCFCCA22A08C} - System32\Tasks\{BECF04B8-D55E-4BA1-8E50-6D787330BED7} => pcalua.exe -a "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe"

Task: {2FE21FCE-E60C-4C71-A324-C30DFD928C8B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)

Task: {33165982-F75B-4A98-9ABD-96DDA9E4E10A} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2016-01-06] (Symantec Corporation)

Task: {35C811F9-2877-41E3-AA1F-F9F947F16266} - System32\Tasks\{978AC3FE-9199-4E45-9AA1-DF9DB49C0D94} => pcalua.exe -a "C:\Program Files (x86)\Xilisoft\DVD Creator\Uninstall.exe"

Task: {410EBFFF-F16C-4B14-AABB-0563A32282D0} - System32\Tasks\{5B21E22F-8167-4C12-BFB8-2C13B635C94B} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}\setup.exe" -c -runfromtemp -l0x0015 -removeonly

Task: {4B7505EF-70E6-4776-8634-ED7EC53C46AC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)

Task: {4CBB68B0-33D8-40E2-ADF3-6CF891599445} - System32\Tasks\Norton Security\Norton Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)

Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto

Task: {5B81FD82-7A46-4E91-8006-6AD7E0900B9E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)

Task: {61DC12E8-ABB8-4A28-9662-453317C1044B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)

Task: {620E3AE1-A860-4CF3-8F9C-0C699CD4AB69} - System32\Tasks\{BE7CA3E0-2D1B-44D1-A98A-7A803CFC431C} => C:\Program Files (x86)\Wolfenstein - Enemy Territory\et.exe

Task: {65DEC908-5115-4878-A523-38AC47074474} - System32\Tasks\Norton Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)

Task: {754D7D56-AD75-4983-A1FA-3B9B6C924710} - System32\Tasks\HP Deskjet 3520 series.exe_{CD919A14-4262-4D82-AB3F-63157926F35A} => C:\Program Files\HP\HP Deskjet 3520 series\Bin\HP Deskjet 3520 series.exe [2012-10-17] (Hewlett-Packard Co.)

Task: {80126C92-9AD2-4173-A59C-45BFF786D775} - System32\Tasks\{A537EA25-7E77-41B1-8E3C-333F61A15D49} => pcalua.exe -a C:\Users\OEM\AppData\Roaming\sweet-page\UninstallManager.exe -c  -ptid=cor

Task: {954D8594-CCD4-44A6-8108-3D8C6CF44E5F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)

Task: {AE6416E2-429E-4012-BDCE-C44501748054} - System32\Tasks\{B72EBC15-4790-4E2C-937D-5BB12828F649} => pcalua.exe -a F:\Autorun.exe -d F:\

Task: {B047591C-036D-454E-A088-1601B267D5F7} - System32\Tasks\{13BC6397-56EC-4D64-BFF1-13A4BA006992} => pcalua.exe -a F:\setup.exe -d F:\

Task: {B6EAE4A8-F96C-4ACA-9405-48B2B06A0FE6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {B8260AE3-9C7C-4965-9698-4A4470BC2B37} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated)

Task: {CF3493F4-81D4-4CFF-A995-8A35EF518BEB} - System32\Tasks\{CB4CBE92-E829-47DC-AFA2-44AD81F048AE} => pcalua.exe -a C:\Users\OEM\Downloads\eMule0.50a-Installer.exe -d C:\Users\OEM\Downloads

Task: {D2F1EAC1-820A-4219-91A0-3CA942F5BAB5} - System32\Tasks\HPCustParticipation HP Deskjet 3520 series => C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)

Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc

Task: {DFCF8E59-5E5B-4E8D-8B34-D99D36A28EA3} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)

Task: {E2168146-9E6D-47EB-B7E8-61F44F0FA2B2} - System32\Tasks\{3534A2BB-5BC9-4C24-962D-8DCA09A8F468} => pcalua.exe -a "C:\Users\OEM\Desktop\VirtualDubMod_1_5_10_2_b2542 (1)\VirtualDubMod_1_5_10_2_b2542\VirtualDubMod.exe" -d "C:\Users\OEM\Desktop\VirtualDubMod_1_5_10_2_b2542 (1)\VirtualDubMod_1_5_10_2_b2542"

Task: {EF8451FC-5B4A-45F5-A441-54E1E933D9B7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)

Task: {FE6E255C-4819-46A0-BE7F-E0A7A85FF45D} - System32\Tasks\{7C5A497A-D9A3-46D3-A42E-15F77C068A2E} => pcalua.exe -a F:\Setup.exe -d F:\

 

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)

 

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

 

==================== Skróty =============================

 

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)

 

==================== Załadowane moduły (filtrowane) ==============

 

2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2012-09-28 07:57 - 2011-12-16 09:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

 

==================== Alternate Data Streams (filtrowane) =========

 

(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)

 

AlternateDataStreams: C:\Windows:nlsPreferences

AlternateDataStreams: C:\ProgramData\TEMP:0888F409

AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8

AlternateDataStreams: C:\ProgramData\TEMP:3440EB47

AlternateDataStreams: C:\ProgramData\TEMP:66633281

AlternateDataStreams: C:\ProgramData\TEMP:93433455

 

==================== Tryb awaryjny (filtrowane) ===================

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

 

==================== EXE - Powiązania (filtrowane) ===============

 

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)

 

 

==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)

 

 

==================== Hosts - zawartość: ===============================

 

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

 

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

 

 

==================== Inne obszary ============================

 

(Obecnie brak automatycznej naprawy dla tej sekcji.)

 

HKU\S-1-5-21-1835027044-2019217713-2648562099-1001\Control Panel\Desktop\\Wallpaper -> 

DNS Servers: 192.168.1.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Zapora systemu Windows [funkcja włączona]

 

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==

 

(Obecnie brak automatycznej naprawy dla tej sekcji.)

 

MSCONFIG\startupfolder: C:^Users^OEM^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Powiadomienia monitorowania tuszu - HP Deskjet 3520 series.lnk => C:\Windows\pss\Powiadomienia monitorowania tuszu - HP Deskjet 3520 series.lnk.Startup

 

==================== Reguły Zapory systemu Windows (filtrowane) ===============

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

 

FirewallRules: [{0A76C8AF-9C4D-4B13-9F90-EDB0053AFDCF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

FirewallRules: [{DFE036AE-7CE1-4D87-BA02-F2E243042291}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

FirewallRules: [{972A4B66-E91B-4703-ADA6-1E6BE6070A6E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{15E7ABDE-244F-41EB-A81E-B7632FF88615}] => (Allow) LPort=2869

FirewallRules: [{97CA9A55-30CB-4BA7-A037-4D9D7F664AFD}] => (Allow) LPort=1900

FirewallRules: [{95A9AC0F-440B-4F40-A7A5-123C1603A9B5}] => (Allow) C:\Program Files (x86)\Codemasters\GRID\GRID.exe

FirewallRules: [{DCFB0062-CC31-40C1-AAA0-1187B0DA0C37}] => (Allow) C:\Program Files (x86)\Codemasters\GRID\GRID.exe

FirewallRules: [TCP Query User{654B5340-C128-4633-A5A0-BFA8D07E04E4}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe

FirewallRules: [uDP Query User{18441A5F-A020-43FC-883F-A9D84163DEBB}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe

FirewallRules: [{A3D9A05D-C0D8-4657-B319-985090E26206}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

FirewallRules: [{3F20C4C7-3DE3-4B6B-907C-BFE8158F1E3C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

FirewallRules: [{F9330100-52A7-48CA-8B31-856C0325EEBC}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe

FirewallRules: [{3C25861E-DA98-47EF-9C8D-5AB328FA3885}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{C9D2AEEB-A706-4016-B42A-BC1061F07343}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{5D918014-E75C-4946-A446-3365A15A03FA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{4DEAB73A-9C70-4CA1-A0FA-FC8A9D6C97AF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{C12776E8-8FF8-4071-851F-8C9D6D73C384}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe

FirewallRules: [{3A79F055-E2F0-4419-8962-16D5AE3A51F7}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe

FirewallRules: [{107CB6C9-A154-4A81-8B43-F4AE4813F660}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe

FirewallRules: [{65B7DEFE-2B83-446C-89E9-2D518E8F4770}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe

FirewallRules: [{27106AC9-5AE2-475A-B0A7-B253013B7242}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe

FirewallRules: [{57B17F2B-7929-4A26-8EAF-966309A530C6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe

FirewallRules: [{1ACBF22E-F787-4C11-917B-A3D2AAEDB34E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe

FirewallRules: [{B17AE22B-7B54-45FE-A9B8-0F95CA3475A9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe

FirewallRules: [TCP Query User{C4BA2543-C6A8-45C5-B229-F338C2CB5C0D}C:\users\oem\downloads\bittorrent.exe] => (Allow) C:\users\oem\downloads\bittorrent.exe

FirewallRules: [uDP Query User{768102A1-A960-4A3D-A8CB-43B6D2D8C904}C:\users\oem\downloads\bittorrent.exe] => (Allow) C:\users\oem\downloads\bittorrent.exe

FirewallRules: [{437B53F3-342A-4BA7-B50D-89F340D52226}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{FA800182-4CC6-44BC-ACAF-A9F4B03581A1}] => (Allow) LPort=51001

FirewallRules: [{D96B45E0-C724-4C52-A543-C505B3FDB194}] => (Allow) C:\Users\OEM\AppData\Roaming\BitTorrent\BitTorrent.exe

FirewallRules: [{FB146E88-8CD3-44B4-A354-E35DB8F00B30}] => (Allow) C:\Users\OEM\AppData\Roaming\BitTorrent\BitTorrent.exe

FirewallRules: [{3F4D0455-0E4B-431F-A4E5-7306FAE8BD53}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe] => Enabled:Flashget3

 

==================== Punkty Przywracania systemu =========================

 

27-01-2016 15:07:18 JRT Pre-Junkware Removal

 

==================== Wadliwe urządzenia w Menedżerze urządzeń =============

 

 

==================== Błędy w Dzienniku zdarzeń: =========================

 

Dziennik Aplikacja:

==================

Error: (01/27/2016 03:04:41 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Program Explorer.EXE w wersji 6.1.7601.17567 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji.

 

Identyfikator procesu: 874

 

Godzina rozpoczęcia: 01d1590a65d14083

 

Godzina zakończenia: 0

 

Ścieżka aplikacji: C:\Windows\Explorer.EXE

 

Identyfikator raportu: e6444b49-c4fe-11e5-9f08-902b3456f983

 

Error: (01/27/2016 12:58:42 AM) (Source: Windows Search Service) (EventID: 7010) (User: )

Description: Nie można zainicjować indeksu.

 

Szczegóły:

Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

 

Error: (01/27/2016 12:58:42 AM) (Source: Windows Search Service) (EventID: 3058) (User: )

Description: Nie można zainicjować aplikacji.

 

Kontekst: aplikacja Windows

 

Szczegóły:

Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

 

Error: (01/27/2016 12:58:42 AM) (Source: Windows Search Service) (EventID: 3028) (User: )

Description: Nie można zainicjować obiektu programu zbierającego.

 

Kontekst: aplikacja Windows, wykaz SystemIndex

 

Szczegóły:

Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

 

Error: (01/27/2016 12:58:42 AM) (Source: Windows Search Service) (EventID: 3029) (User: )

Description: Nie można zainicjować dodatku typu plug-in w <Search.TripoliIndexer>.

 

Kontekst: aplikacja Windows, wykaz SystemIndex

 

Szczegóły:

Nie można odnaleźć elementu.  (HRESULT : 0x80070490) (0x80070490)

 

Error: (01/27/2016 12:58:34 AM) (Source: Windows Search Service) (EventID: 3029) (User: )

Description: Nie można zainicjować dodatku typu plug-in w <Search.JetPropStore>.

 

Kontekst: aplikacja Windows, wykaz SystemIndex

 

Szczegóły:

Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

 

Error: (01/27/2016 12:58:34 AM) (Source: Windows Search Service) (EventID: 9002) (User: )

Description: Usługa Windows Search nie może załadować informacji z magazynu właściwości.

 

Kontekst: aplikacja Windows, wykaz SystemIndex

 

Szczegóły:

Baza danych indeksów zawartości jest uszkodzona.  (HRESULT : 0xc0041800) (0xc0041800)

 

Error: (01/27/2016 12:58:34 AM) (Source: Windows Search Service) (EventID: 7042) (User: )

Description: Usługa Windows Search jest zatrzymywana, ponieważ wystąpił problem z indeksatorem: The catalog is corrupt.

 

Szczegóły:

Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

 

Error: (01/27/2016 12:58:34 AM) (Source: Windows Search Service) (EventID: 7040) (User: )

Description: Usługa wyszukiwania wykryła uszkodzone pliki danych w indeksie {id=4700}. Usługa podejmie próbę automatycznego rozwiązania tego problemu przez odbudowanie indeksu.

 

Szczegóły:

Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

 

Error: (01/27/2016 12:58:34 AM) (Source: Windows Search Service) (EventID: 9000) (User: )

Description: Usługa Windows Search nie może otworzyć magazynu właściwości aparatu Jet.

 

Szczegóły:

0x%08x (0xc0041800 - Baza danych indeksów zawartości jest uszkodzona.  (HRESULT : 0xc0041800))

 

 

Dziennik System:

=============

Error: (01/27/2016 03:08:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Nie można uruchomić usługi NVIDIA Update Service Daemon z powodu następującego błędu: 

%%1069

 

Error: (01/27/2016 03:08:17 PM) (Source: Service Control Manager) (EventID: 7038) (User: )

Description: Usługa nvUpdatusService nie może zalogować się jako .\UpdatusUser za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: 

%%1330

 

Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC).

 

Error: (01/27/2016 03:07:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Usługa Norton Identity Safe niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

 

Error: (01/27/2016 03:07:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

 

Error: (01/27/2016 03:06:07 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: 

prohlp02

sfhlp01

 

Error: (01/27/2016 02:57:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Nie można uruchomić usługi NVIDIA Update Service Daemon z powodu następującego błędu: 

%%1069

 

Error: (01/27/2016 02:57:45 PM) (Source: Service Control Manager) (EventID: 7038) (User: )

Description: Usługa nvUpdatusService nie może zalogować się jako .\UpdatusUser za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: 

%%1330

 

Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC).

 

Error: (01/27/2016 02:56:52 PM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi NS.

 

Error: (01/27/2016 02:56:22 PM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi NS.

 

Error: (01/27/2016 02:55:41 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: 

prohlp02

sfhlp01

 

 

CodeIntegrity:

===================================

  Date: 2012-09-28 09:16:30.921

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Administrator\Desktop\3DMark2001\PciBus.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2012-09-28 09:16:30.906

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Administrator\Desktop\3DMark2001\PciBus.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

 

==================== Statystyki pamięci =========================== 

 

Procesor: Intel® Core i5-3570 CPU @ 3.40GHz

Procent pamięci w użyciu: 14%

Całkowita pamięć fizyczna: 8139.57 MB

Dostępna pamięć fizyczna: 6935.76 MB

Całkowita pamięć wirtualna: 16277.36 MB

Dostępna pamięć wirtualna: 14580.9 MB

 

==================== Dyski ================================

 

Drive c: () (Fixed) (Total:199.96 GB) (Free:23.41 GB) NTFS

Drive d: () (Fixed) (Total:731.2 GB) (Free:505.15 GB) NTFS

 

==================== MBR & Tablica partycji ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 71D3D2E6)

Partition 1: (Active) - (Size=356 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=200 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=731.2 GB) - (Type=07 NTFS)

 

==================== Koniec  Addition.txt ============================

Link to post
Share on other sites

I was also shown a suggestion to make a back-up copy of my Windows and the problem-solving has displayed this message:

 

Windows

Problem: Video hardware error

Files that could help describe the problem:

WD-20150113-1244.dmp, WD-20141110-0018.dmp,  WD-20150204-0739.dmp, WD-20141128-0013.dmp

sysdata.xml

WERInternalMetadata.xml

    * Display a temporary copy of these files

Warning: If the problem has been caused by a virus or other safery threats, opening a copy of these files may jeopardize the functioning of the computer.

Link to post
Share on other sites

Oh, I'm sorry:

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Data skanowania: 2016-01-27
Czas skanowania: 14:27
Raport: 
Administrator: Tak
 
Wersja: 2.2.0.1024
Baza szkodliwego oprogramowania: v2016.01.27.03
Baza danych rootkitów: v2016.01.20.01
Licencja: Darmowa
Ochrona przed złośliwym oprogramowaniem: Wyłączony
Ochrona przed szkodliwymi stronami: Wyłączony
Samoobrona: Wyłączony
 
System operacyjny: Windows 7 Service Pack 1
Procesor: x64
System plików: NTFS
Użytkownik: OEM
 
Typ skanowania: Dokładne skanowanie
Wynik: Zakończono
Obiekty przeskanowane: 409399
Czas, który upłynął: 17 min, 26 s
 
Pamięć: Włączony
Autostart: Włączony
System plików: Włączony
Archiwa: Włączony
Rootkity: Włączony
Heurystyka: Włączony
PUP: Włączony
PUM: Włączony
 
Procesy: 0
(Nie wykryto zagrożeń)
 
Moduły: 0
(Nie wykryto zagrożeń)
 
Klucze rejestru: 0
(Nie wykryto zagrożeń)
 
Wartości rejestru: 0
(Nie wykryto zagrożeń)
 
Dane rejestru: 0
(Nie wykryto zagrożeń)
 
Foldery: 0
(Nie wykryto zagrożeń)
 
Pliki: 1
PUP.Optional.OpenCandy, C:\Users\OEM\AppData\Local\Temp\HYD7908.tmp.1453888718\HTA\install.1453888718.zip, Przeniesiono do kwarantanny, [5d42ef4fc9d0f93d66831f163ec41ee2], 
 
Sektory fizyczne: 0
(Nie wykryto zagrożeń)
 
 
(end)
Link to post
Share on other sites

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

 

Next,

 

dr_web_cureit_zpse80d87bf.jpg
Download Dr Web Cureit from here http://www.freedrweb.com/cureit save to your desktop. (Scroll to bottom of page)
 

  • The file will be randomly named
  • Reboot to safe mode <<<<<------------ http://www.computerhope.com/issues/chsafe.htm
  • Run Dr Web
  • Tick the I agree box and select continue
  • Click select objects for scanning


    drwebselect.JPG
     
  • Tick all boxes as shown
  • Click the wrench and select automatically apply actions to threats


    drwebfolders.JPG
     
  • Press start scan
  • The scan will now commence


    drwebscan.JPG
     
  • Once the scan has finished click open report <<<--- Do not miss this step


    drwebscancomplete.JPG
     
  • A notepad will open
  • Select File > Save as..
  • Save it to your desktop

This log will be excessive,  Please attach it to your next reply…

Let me see those logs, also tell me if there are any remaining issues or concerns....

 

 

Thank you,

 

Kevin
 

Fixlist.txt

Link to post
Share on other sites

Well, the system tray icons have returned and these warnings no longer appear.

 

Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja:25-01-2016
Uruchomiony przez OEM (2016-01-27 21:59:27) Run:1
Uruchomiony z C:\Users\OEM\Desktop
Załadowane profile: OEM (Dostępne profile: UpdatusUser & OEM)
Tryb startu: Normal
==============================================
 
fixlist - zawartość:
*****************
Start
CreateRestorePoint:
CloseProcesses:
FF Plugin HKU\S-1-5-21-1835027044-2019217713-2648562099-1001: eagleget.com/EagleGet64 -> C:\Program Files (x86)\EagleGet\npEagleget64.dll [brak pliku]
FF HKU\S-1-5-21-1835027044-2019217713-2648562099-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => nie znaleziono
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
C:\Users\OEM\AppData\Local\Temp\sqlite3.dll
C:\Windows\SysWOW64\rundll32.exe
CustomCLSID: HKU\S-1-5-21-1835027044-2019217713-2648562099-1001_Classes\CLSID\{6d4c2238-c1b9-5d67-81d8-2cf6949997db}\InprocServer32 -> C:\Program Files (x86)\EagleGet\npEagleget64.dll => Brak pliku
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\TEMP:0888F409
AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8
AlternateDataStreams: C:\ProgramData\TEMP:3440EB47
AlternateDataStreams: C:\ProgramData\TEMP:66633281
AlternateDataStreams: C:\ProgramData\TEMP:93433455
Folder: C:\Windows\Minidump
EmptyTemp:
end
 
 
 
*****************
 
Punkt przywracania został pomyślnie utworzony.
Procesy zostały pomyślnie zamknięte.
"HKU\S-1-5-21-1835027044-2019217713-2648562099-1001\Software\MozillaPlugins\eagleget.com/EagleGet64" => klucz pomyślnie usunięto
C:\Program Files (x86)\EagleGet\npEagleget64.dll => nie znaleziono.
HKU\S-1-5-21-1835027044-2019217713-2648562099-1001\Software\Mozilla\SeaMonkey\Extensions\\mozilla_cc2@internetdownloadmanager.com => Wartość pomyślnie usunięto
cleanhlp => serwis pomyślnie usunięto
C:\Users\OEM\AppData\Local\Temp\sqlite3.dll => pomyślnie przeniesiono
C:\Windows\SysWOW64\rundll32.exe => pomyślnie przeniesiono
"HKU\S-1-5-21-1835027044-2019217713-2648562099-1001_Classes\CLSID\{6d4c2238-c1b9-5d67-81d8-2cf6949997db}" => klucz pomyślnie usunięto
C:\Windows => ":nlsPreferences" ADS pomyślnie usunięto.
C:\ProgramData\TEMP => ":0888F409" ADS pomyślnie usunięto.
C:\ProgramData\TEMP => ":0FF263E8" ADS pomyślnie usunięto.
C:\ProgramData\TEMP => ":3440EB47" ADS pomyślnie usunięto.
C:\ProgramData\TEMP => ":66633281" ADS pomyślnie usunięto.
C:\ProgramData\TEMP => ":93433455" ADS pomyślnie usunięto.
 
========================= Folder: C:\Windows\Minidump ========================
 
 
====== Koniec  Folder: ======
 
EmptyTemp: => 427.6 MB danych tymczasowych Usunięto.
 
 
System wymagał restartu.
 
==== Koniec  Fixlog 21:59:44 ====

cureit.log

Link to post
Share on other sites

You have Video Downloader Pro, while you have that app the extension you post will return after it is removed. Is that the only remaining concern, if so we clean up....

 

Download "Delfix by Xplode" and save it to your desktop.

Or use the following if first link is down:

"Delfix link mirror"

If your security program alerts to Delfix either, accept the alert or turn your security off.

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

Make Sure the following items are checked:



  •    
  • Remove disinfection tools
       
  • Purge System Restore <--- this will remove all previous and possibly exploited restore points, a new point relative to system status at present will be created.
       
  • Reset system settings



Now click on "Run" and wait patiently until the tool has completed.

The tool will create a log when it has completed. We don't need you to post this.

Any remnant files/logs from tools we have used can be deleted…
 

Next,

 

Read the following links to fully understand PC Security and Best Practices, you may find them useful....

Answers to Common Security Questions and best Practices

Do I need a Registry Cleaner?

Take care and surf safe

Kevin...  busy.gif
 

 
Link to post
Share on other sites

If AdwCleaner finds that entry at this address C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\elicpjhcidhpjomhibiffojpinpmmpil after removal then i`d recommend we complete a clean install of Chrome....

 

If your Chrome Bookmarks are important do this first:

Go to this link: http://www.wikihow.com/Export-Bookmarks-from-Chrome follow the instructions and Export your Bookmarks from Chrome, save to your Desktop or similar. Note the instructions can also be used to Import the bookmarks.....

Continue for a clean install:

Remove all synced data from Chrome go here: http://www.howtogeek.com/103655/how-to-delete-your-google-chrome-browser-sync-data/ follow those instructions...

Uninstall Chrome: https://support.google.com/chrome/answer/95319?hl=en-GB follow those instructions, ensure the option to "Also delete your browsing data" is selected. <<--- Very important!!

Navigate to C:\Users\Your user name\Appdata\Local  from that folder delete the folder named Google (you will need to show hidden files/folders to see the folder Appdata)


How to show hidden files and folders for windows: http://www.howtogeek.com/howto/windows-vista/show-hidden-files-and-folders-in-windows-vista/

Install Google Chrome from here: https://www.google.com/intl/en_uk/chrome/browser/desktop/index.html

Install Adblock Plus to Chrome: https://chrome.google.com/webstore/detail/adblock-plus/cfhdojbkjhnklbpkdaibdccddilifddb

Let me know the outcome....

 

Thank you,

 

Kevin
 

Link to post
Share on other sites

That is very strange, even if sync is reset to remove all data from Google servers the sync option still shows in the Dashboard list, only this time it shows adjacent "Nothing interesting here" meaning sync is empty....

 

Can you try open Chrome once more, sign into Google account. Now try https://www.google.com/dashboard'>https://www.google.com/dashboard into the address bar, do you see sync in the list?

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.