Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja: 14-05-2017 Uruchomiony przez Michał (administrator) MICHAŁ-KOMPUTER (17-05-2017 14:24:18) Uruchomiony z C:\Users\Michał\Downloads Załadowane profile: Michał (Dostępne profile: Michał) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Język: Polski (Polska) Internet Explorer Wersja 9 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (ASUS) C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Virage Logic Corporation / Sonic Focus) C:\Program Files\ASUS\ASUS Sonic Focus\SonicFocusTray.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe (Atheros Communications) C:\Program Files\Bluetooth Suite\BtvStack.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Atheros) C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe (Atheros Commnucations) C:\Program Files\Bluetooth Suite\AthBtTray.exe () C:\Windows\Samsung\PanelMgr\SSMMgr.exe (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Atheros Commnucations) C:\Program Files\Bluetooth Suite\AdminService.exe (Hewlett-Packard Company) C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Gadwin Systems) C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen32.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (HP) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe (HP) C:\Windows\System32\HPSIsvc.exe (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe () C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe () C:\ProgramData\MobileBrServ\mbbService.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [ATKOSD2] => C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS) HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS) HKLM\...\Run: [HControlUser] => C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11430504 2011-10-17] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1571432 2011-10-14] (Realtek Semiconductor) HKLM\...\Run: [SonicMasterTray] => C:\Program Files\ASUS\ASUS Sonic Focus\SonicFocusTray.exe [984400 2010-07-09] (Virage Logic Corporation / Sonic Focus) HKLM\...\Run: [NUSB3MON] => C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.) HKLM\...\Run: [AtherosBtStack] => C:\Program Files\Bluetooth Suite\BtvStack.exe [490656 2011-03-13] (Atheros Communications) HKLM\...\Run: [AthBtTray] => C:\Program Files\Bluetooth Suite\AthBtTray.exe [302240 2011-03-13] (Atheros Commnucations) HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [747264 2013-12-06] (Advanced Micro Devices, Inc.) HKLM\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [688128 2011-07-05] () HKLM\...\Run: [] => [X] HKLM\...\Run: [HPUsageTrackingLEDM] => C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-10-15] (Hewlett-Packard Company) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-15] (AVAST Software) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes) HKU\S-1-5-21-2475908376-343484318-367755197-1000\...\Run: [Gadwin PrintScreen (32-bit)] => C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen32.exe [11507872 2014-10-15] (Gadwin Systems) HKU\S-1-5-21-2475908376-343484318-367755197-1000\...\Run: [AlcoholAutomount] => C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team) HKU\S-1-5-21-2475908376-343484318-367755197-1000\...\MountPoints2: {19d11f0d-3717-11e7-a792-742f68f8dd08} - F:\HiSuiteDownLoader.exe HKU\S-1-5-21-2475908376-343484318-367755197-1000\...\MountPoints2: {1b8668e9-8924-11e6-8187-742f68f8dd08} - F:\HiSuiteDownLoader.exe HKU\S-1-5-21-2475908376-343484318-367755197-1000\...\MountPoints2: {1b8668fd-8924-11e6-8187-742f68f8dd08} - F:\HiSuiteDownLoader.exe HKU\S-1-5-21-2475908376-343484318-367755197-1000\...\MountPoints2: {c6d8b779-6756-11e5-8bb0-742f68f8dd08} - F:\AutoRun.exe HKU\S-1-5-21-2475908376-343484318-367755197-1000\...\MountPoints2: {f2bdd914-3408-11e7-a4f9-742f68f8dd08} - F:\HiSuiteDownLoader.exe ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-05-15] (AVAST Software) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{092D29F5-1DBC-424B-884D-80E3112E75E8}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{194DFF62-928F-45ED-A35C-ED3FCFAFEE56}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{301364FF-7DBD-490F-A41C-6CB13B02C036}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{442A82B0-6513-40DF-A457-F675A8358A61}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{58A5C936-0EF0-41BD-ABC7-DB176D02D894}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{7E6F44A0-C908-40A6-8FA3-22E459D9FAA2}: [DhcpNameServer] 31.41.80.66 8.8.8.8 Tcpip\..\Interfaces\{E4DD5D29-095B-4521-9932-CA155CF64AE9}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{E7F8118F-BE91-4D18-B803-5BEAB51941F4}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{FA266E19-04B8-4D3F-9CDE-82FB1A306523}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{FA5B0923-D6E7-4E13-A730-BE66EE3AB7DA}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Internet Explorer: ================== HKU\S-1-5-21-2475908376-343484318-367755197-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation) BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-04-20] (Oracle Corporation) BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files\Bluetooth Suite\IEPlugIn.dll [2011-03-13] (Atheros Commnucations) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-05-15] (AVAST Software) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-20] (Oracle Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation) Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices) Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices) FireFox: ======== FF DefaultProfile: mr6xse0v.default FF ProfilePath: C:\Users\Michał\AppData\Roaming\Mozilla\Firefox\Profiles\mr6xse0v.default [2017-05-15] FF Extension: (Firefox Hotfix) - C:\Users\Michał\AppData\Roaming\Mozilla\Firefox\Profiles\mr6xse0v.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-09] FF Extension: (Facebook NoMoreSeen) - C:\Users\Michał\AppData\Roaming\Mozilla\Firefox\Profiles\mr6xse0v.default\Extensions\jid1-S5LxNhFnjqd4fg@jetpack.xpi [2016-04-18] FF Extension: (Avast SafePrice) - C:\Users\Michał\AppData\Roaming\Mozilla\Firefox\Profiles\mr6xse0v.default\Extensions\sp@avast.com.xpi [2017-05-15] FF Extension: (Avast Online Security) - C:\Users\Michał\AppData\Roaming\Mozilla\Firefox\Profiles\mr6xse0v.default\Extensions\wrc@avast.com.xpi [2017-05-15] FF Extension: (Adblock Plus) - C:\Users\Michał\AppData\Roaming\Mozilla\Firefox\Profiles\mr6xse0v.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-19] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] () FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-20] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-20] (Oracle Corporation) FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-10] (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-02-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) Chrome: ======= CHR StartupUrls: Default -> "hxxps://www.google.pl/","hxxp://www.mysites123.com/?type=hp&ts=1454524878&z=1de1c34513e80c5596365e5g5z9w0z5w3o3zcbbmdb&from=amt&uid=st500dm002-1bd142_s2aylqlwxxxxs2aylqlw","hxxp://www.yessearches.com/?mode=nnnb&ptid=bbs&uid=7EF94409AEC9504CC7440A2B315D69BC&v=20160121&ts=AHEpB3ImBHAlBU.." CHR DefaultSearchKeyword: Default -> google.pl_ CHR Profile: C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default [2017-05-17] CHR Extension: (Prezentacje Google) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-30] CHR Extension: (Dokumenty Google) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-30] CHR Extension: (Dysk Google) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (ColorZilla) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2017-03-21] CHR Extension: (YouTube) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30] CHR Extension: (Google Search) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Arkusze Google) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-30] CHR Extension: (Dokumenty Google offline) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (AdBlock) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-13] CHR Extension: (Avast Online Security) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-05-16] CHR Extension: (Unseen) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\iicapmagmhahddefgokbabbgieiogjop [2017-03-19] CHR Extension: (AC/DC) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdhieelnnodbhbfhgdjcjfjipgknbpbc [2015-09-30] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09] CHR Extension: (Adblock Pro) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2016-05-15] CHR Extension: (Gmail) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-30] CHR Extension: (Chrome Media Router) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13] CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [276992 2013-12-06] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] R2 ASLDRService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [84536 2009-06-15] (ASUS) S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5732136 2017-05-15] (AVAST Software s.r.o.) R2 Atheros Bt&Wlan Coex Agent; C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros) [Brak podpisu cyfrowego] R2 AtherosSvc; C:\Program Files\Bluetooth Suite\adminservice.exe [68768 2011-03-13] (Atheros Commnucations) [Brak podpisu cyfrowego] R2 ATKGFNEXSrv; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2009-12-15] (ASUS) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-15] (AVAST Software) S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team) S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [Brak podpisu cyfrowego] R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP) [Brak podpisu cyfrowego] R2 HuaweiHiSuiteService.exe; C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe [155848 2017-04-11] () [Brak podpisu cyfrowego] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3398608 2017-05-09] (Malwarebytes) R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [242264 2014-11-20] () R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Brak podpisu cyfrowego] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 AiCharger; C:\Windows\System32\DRIVERS\AiCharger.sys [14592 2011-09-20] (ASUSTek Computer Inc.) R3 amdhub30; C:\Windows\System32\DRIVERS\amdhub30.sys [85312 2013-05-28] (Advanced Micro Devices, INC.) R3 amdxhc; C:\Windows\System32\DRIVERS\amdxhc.sys [178496 2013-05-28] (Advanced Micro Devices, INC.) R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [70464 2013-06-27] (Advanced Micro Devices) R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [34624 2013-06-27] (Advanced Micro Devices) R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [50432 2013-09-19] (Advanced Micro Devices) R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [26032 2013-06-02] (Wondershare) R2 ASMMAP; C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [13880 2009-07-02] (ASUS) R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [258288 2017-05-15] (AVAST Software s.r.o.) R0 aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [148696 2017-05-15] (AVAST Software s.r.o.) R0 aswblog; C:\Windows\system32\drivers\aswblogx.sys [268016 2017-05-15] (AVAST Software s.r.o.) R0 aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [41664 2017-05-15] (AVAST Software s.r.o.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34136 2017-05-15] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [31064 2017-05-15] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107928 2017-05-15] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [90336 2017-05-15] (AVAST Software) R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [62152 2017-05-15] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [764576 2017-05-15] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [482608 2017-05-15] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [115152 2017-05-15] (AVAST Software) R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [279800 2017-05-15] (AVAST Software) R3 AthBTPort; C:\Windows\System32\DRIVERS\btath_flt.sys [34976 2011-03-13] (Atheros) R1 ATKWMIACPIIO; C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys [15488 2011-05-25] (ASUS) R3 BTATH_A2DP; C:\Windows\System32\drivers\btath_a2dp.sys [259232 2011-03-13] (Atheros) R3 BTATH_BUS; C:\Windows\System32\DRIVERS\btath_bus.sys [24736 2011-03-13] (Atheros) R3 BTATH_HCRP; C:\Windows\System32\DRIVERS\btath_hcrp.sys [175776 2011-03-13] (Atheros) R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [49312 2011-03-13] (Atheros) R3 BTATH_RCP; C:\Windows\System32\DRIVERS\btath_rcp.sys [141088 2011-03-13] (Atheros) R3 BtFilter; C:\Windows\System32\DRIVERS\btfilter.sys [242336 2011-03-13] (Atheros) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [59904 2017-05-09] () S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [15360 2017-04-11] (Huawei Technologies Co., Ltd.) S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [145664 2015-10-25] (ITE ) R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [161720 2017-05-17] (Malwarebytes) R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [97208 2017-05-17] (Malwarebytes) R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [39360 2017-05-17] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [220088 2017-05-17] (Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [65824 2017-05-17] (Malwarebytes) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [329384 2015-10-05] (Duplex Secure Ltd.) R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2009-07-29] (Samsung Electronics) [Brak podpisu cyfrowego] U3 a6byhqws; C:\Windows\system32\Drivers\a6byhqws.sys [0 ] (Advanced Micro Devices) <==== UWAGA (zerobajtowy plik/folder) S3 amdiox86; system32\DRIVERS\amdiox86.sys [X] S3 anvsnddrv; system32\drivers\anvsnddrv.sys [X] U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2017-04-11] (Huawei Technologies Co., Ltd.) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-05-17 14:24 - 2017-05-17 14:25 - 00023275 _____ C:\Users\Michał\Downloads\FRST.txt 2017-05-17 14:24 - 2017-05-17 14:24 - 00000000 ____D C:\FRST 2017-05-17 14:23 - 2017-05-17 14:23 - 01770496 _____ (Farbar) C:\Users\Michał\Downloads\FRST.exe 2017-05-17 14:23 - 2017-05-17 14:23 - 00000000 ____D C:\ProgramData\SWCUTemp 2017-05-17 13:57 - 2017-05-17 13:57 - 00000000 ___RD C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2017-05-17 10:45 - 2017-05-17 10:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1 2017-05-16 17:49 - 2017-05-16 17:49 - 00061074 _____ C:\Users\Michał\Downloads\Extras.Txt 2017-05-16 17:47 - 2017-05-16 17:47 - 00109588 _____ C:\Users\Michał\Downloads\OTL.Txt 2017-05-16 17:30 - 2017-05-16 17:30 - 00602112 _____ (OldTimer Tools) C:\Users\Michał\Downloads\OTL.exe 2017-05-15 13:55 - 2017-05-17 10:39 - 00000000 ____D C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LennarDigital 2017-05-15 13:55 - 2017-05-15 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LennarDigital 2017-05-15 13:55 - 2017-05-15 13:55 - 00000000 ____D C:\Program Files\Steinberg 2017-05-15 10:18 - 2017-05-17 14:13 - 00065824 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2017-05-15 10:18 - 2017-05-17 13:58 - 00161720 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys 2017-05-15 10:18 - 2017-05-17 13:58 - 00097208 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2017-05-15 10:18 - 2017-05-17 13:58 - 00039360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2017-05-15 10:17 - 2017-05-17 13:58 - 00220088 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-05-15 10:17 - 2017-05-15 10:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-05-15 10:17 - 2017-05-15 10:17 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-05-15 10:17 - 2017-05-15 10:17 - 00000000 ____D C:\Program Files\Malwarebytes 2017-05-15 10:17 - 2017-05-09 16:37 - 00059904 _____ C:\Windows\system32\Drivers\mbae.sys 2017-05-15 10:16 - 2017-05-15 10:17 - 63035592 _____ (Malwarebytes ) C:\Users\Michał\Downloads\mb3-setup-consumer-3.1.2.1733.exe 2017-05-15 01:25 - 2017-05-15 01:25 - 00002687 _____ C:\Users\Public\Desktop\Skype.lnk 2017-05-15 01:25 - 2017-05-15 01:25 - 00000000 ___RD C:\Program Files\Skype 2017-05-15 01:25 - 2017-05-15 01:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2017-05-15 01:25 - 2017-05-15 01:25 - 00000000 ____D C:\Program Files\Common Files\Skype 2017-05-15 01:15 - 2017-05-15 01:15 - 00001124 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk 2017-05-15 01:15 - 2017-05-15 01:15 - 00001124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2017-05-15 01:14 - 2017-05-15 01:14 - 00031064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2017-05-15 01:13 - 2017-05-15 01:13 - 00000000 ____D C:\Users\Michał\AppData\Roaming\AVAST Software 2017-05-15 01:12 - 2017-05-15 01:12 - 00921280 _____ (Microsoft Corporation) C:\Windows\ucrtbase.dll 2017-05-15 01:12 - 2017-05-15 01:12 - 00482608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2017-05-15 01:12 - 2017-05-15 01:12 - 00330768 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2017-05-15 01:12 - 2017-05-15 01:12 - 00279800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2017-05-15 01:12 - 2017-05-15 01:12 - 00115152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2017-05-15 01:12 - 2017-05-15 01:12 - 00107928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2017-05-15 01:12 - 2017-05-15 01:12 - 00090336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2017-05-15 01:12 - 2017-05-15 01:12 - 00062152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2017-05-15 01:12 - 2017-05-15 01:12 - 00034136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2017-05-15 01:12 - 2017-05-15 01:12 - 00002075 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2017-05-15 01:12 - 2017-05-15 01:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2017-05-15 01:12 - 2017-05-15 01:12 - 00000000 ____D C:\Program Files\Common Files\AV 2017-05-15 01:12 - 2017-05-15 01:11 - 00764576 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2017-05-15 01:12 - 2017-05-15 01:11 - 00268016 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswblogx.sys 2017-05-15 01:12 - 2017-05-15 01:11 - 00258288 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdriverx.sys 2017-05-15 01:12 - 2017-05-15 01:11 - 00148696 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidshx.sys 2017-05-15 01:12 - 2017-05-15 01:11 - 00041664 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbunivx.sys 2017-05-15 01:10 - 2017-05-15 10:38 - 00000000 ____D C:\ProgramData\AVAST Software 2017-05-15 01:10 - 2017-05-15 01:14 - 00000000 ____D C:\Program Files\AVAST Software 2017-05-15 01:09 - 2017-05-15 01:10 - 06654960 _____ (AVAST Software) C:\Users\Michał\Downloads\avast_free_antivirus_setup_online.exe 2017-05-12 09:28 - 2017-05-12 09:28 - 00000000 ____D C:\Users\Michał\AppData\Roaming\Google 2017-05-11 19:55 - 2017-05-11 19:55 - 04102600 _____ C:\Users\Michał\Downloads\adwcleaner_6.046.exe 2017-05-10 16:52 - 2017-05-10 16:52 - 00006171 _____ C:\Users\Michał\Documents\codepen_ybvPKr 2.zip 2017-05-08 21:20 - 2017-05-15 01:33 - 00000000 ____D C:\Users\Michał\Documents\ITIL 2017-05-08 20:06 - 2017-05-08 20:06 - 00000949 _____ C:\Users\Public\Desktop\HiSuite.lnk 2017-05-08 20:06 - 2017-05-08 20:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite 2017-05-08 20:06 - 2017-05-08 20:06 - 00000000 ____D C:\Program Files\HiSuite 2017-05-08 20:06 - 2017-04-11 04:17 - 00249856 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbnet.sys 2017-05-08 20:06 - 2017-04-11 04:17 - 00199680 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbmdm.sys 2017-05-08 20:06 - 2017-04-11 04:17 - 00113792 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_cdcacm.sys 2017-05-08 20:06 - 2017-04-11 04:17 - 00102272 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_usbdev.sys 2017-05-08 20:06 - 2017-04-11 04:17 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys 2017-05-08 20:06 - 2017-04-11 04:17 - 00015360 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbccgpfilter.sys 2017-05-07 20:57 - 2017-05-07 20:57 - 00117269 _____ C:\Users\Michał\Documents\rozklad zajec na lato.pdf 2017-04-25 15:26 - 2017-05-15 23:15 - 00000000 ____D C:\Users\Michał\Documents\BootcampFront-End 2017-04-25 15:14 - 2017-04-25 15:14 - 00005920 _____ C:\Users\Michał\Documents\25021.zip 2017-04-25 15:14 - 2017-04-25 15:14 - 00000000 ____D C:\Users\Michał\Documents\25021 2017-04-23 15:06 - 2017-04-23 17:39 - 00000000 ____D C:\Users\Michał\AppData\Roaming\Notepad++ 2017-04-23 15:06 - 2017-04-23 15:06 - 00000977 _____ C:\Users\Public\Desktop\Notepad++.lnk 2017-04-23 15:06 - 2017-04-23 15:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ 2017-04-23 15:06 - 2017-04-23 15:06 - 00000000 ____D C:\Program Files\Notepad++ 2017-04-23 15:02 - 2017-04-23 15:02 - 02982992 _____ C:\Users\Michał\Downloads\npp.7.3.3.Installer.exe 2017-04-22 16:54 - 2017-04-22 16:54 - 00000000 ____D C:\9a6392fee94b5a513ef003 2017-04-22 14:17 - 2017-04-22 14:17 - 00000363 _____ C:\Users\Michał\package.json 2017-04-22 14:16 - 2017-04-22 14:17 - 00000000 ____D C:\Users\Michał\node_modules 2017-04-22 00:16 - 2017-04-26 18:24 - 00000000 ____D C:\Users\Michał\AppData\Roaming\npm-cache 2017-04-22 00:14 - 2017-04-22 00:14 - 00000007 _____ C:\Users\Michał\.node_repl_history 2017-04-22 00:12 - 2017-04-22 00:16 - 00000000 ____D C:\Users\Michał\AppData\Roaming\npm 2017-04-22 00:12 - 2017-04-22 00:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js 2017-04-22 00:12 - 2017-04-22 00:12 - 00000000 ____D C:\Program Files\nodejs 2017-04-22 00:07 - 2017-04-22 00:09 - 11456512 _____ C:\Users\Michał\Downloads\node-v6.10.2-x86.msi 2017-04-20 22:47 - 2017-04-25 15:20 - 00001799 _____ C:\Users\Michał\.viminfo 2017-04-20 00:04 - 2017-04-20 00:04 - 00000000 ____D C:\Program Files\Common Files\Java 2017-04-18 01:11 - 2017-05-13 19:19 - 00012123 _____ C:\Users\Michał\.bash_history 2017-04-17 21:48 - 2017-04-26 17:20 - 00000000 ____D C:\Users\Michał\Documents\GIT 2017-04-17 21:39 - 2017-04-17 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git 2017-04-17 21:39 - 2017-04-17 21:39 - 00000000 ____D C:\ProgramData\Git 2017-04-17 21:39 - 2017-04-17 21:39 - 00000000 ____D C:\Program Files\Git 2017-04-17 21:11 - 2017-04-17 21:12 - 37356048 _____ (The Git Development Community ) C:\Users\Michał\Downloads\Git-2.12.2.2-32-bit.exe ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-05-17 14:09 - 2016-05-09 09:33 - 00000000 ____D C:\Users\Michał\AppData\Roaming\AIMP 2017-05-17 14:05 - 2009-07-14 06:34 - 00014592 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-05-17 14:05 - 2009-07-14 06:34 - 00014592 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-05-17 13:57 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-05-17 10:45 - 2015-09-30 18:46 - 00000000 ____D C:\Program Files\VstPlugins 2017-05-15 20:50 - 2017-04-09 20:16 - 00000000 ____D C:\Users\Michał\Documents\BPMN 2017-05-15 10:40 - 2015-09-29 16:49 - 01676900 _____ C:\Windows\system32\PerfStringBackup.INI 2017-05-15 10:40 - 2009-07-14 10:07 - 00743216 _____ C:\Windows\system32\perfh015.dat 2017-05-15 10:40 - 2009-07-14 10:07 - 00156784 _____ C:\Windows\system32\perfc015.dat 2017-05-15 10:40 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf 2017-05-15 01:25 - 2015-10-19 16:10 - 00000000 ____D C:\ProgramData\Skype 2017-05-13 17:40 - 2015-10-19 16:10 - 00000000 ____D C:\Users\Michał\AppData\Roaming\Skype 2017-05-12 00:15 - 2015-09-30 21:22 - 00002147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-05-12 00:15 - 2015-09-30 21:22 - 00002135 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-05-11 19:59 - 2015-09-29 17:09 - 00000000 ____D C:\AdwCleaner 2017-05-11 11:32 - 2015-09-30 22:29 - 00000000 ____D C:\Program Files\AIMP3 2017-05-09 21:46 - 2015-09-29 19:20 - 00803320 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2017-05-09 21:46 - 2015-09-29 19:20 - 00144888 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2017-05-09 21:46 - 2015-09-29 19:20 - 00000000 ____D C:\Windows\system32\Macromed 2017-05-08 20:07 - 2016-10-03 06:47 - 00000000 ____D C:\Users\Michał\AppData\Local\Hisuite 2017-04-28 12:08 - 2015-09-29 16:46 - 00000000 ____D C:\Users\Michał 2017-04-22 16:53 - 2015-09-29 19:37 - 00000000 ____D C:\ProgramData\Package Cache 2017-04-20 00:04 - 2016-12-11 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-04-20 00:04 - 2016-12-11 22:46 - 00000000 ____D C:\ProgramData\Oracle 2017-04-20 00:04 - 2016-12-11 22:46 - 00000000 ____D C:\Program Files\Java 2017-04-20 00:03 - 2016-12-11 22:47 - 00095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll ==================== Pliki w katalogu głównym wybranych folderów ======= 2016-10-06 00:06 - 2016-10-06 00:06 - 0003584 _____ () C:\Users\Michał\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini Niektóre pliki w TEMP: ==================== 2013-08-06 08:59 - 2013-08-06 08:59 - 0047720 _____ () C:\Users\Michał\AppData\Local\Temp\AxSFADownloader.exe 2015-10-25 17:15 - 2015-10-25 17:43 - 0131072 _____ () C:\Users\Michał\AppData\Local\Temp\DevSetup32.dll 2015-10-25 17:15 - 2015-10-25 17:43 - 0131072 _____ () C:\Users\Michał\AppData\Local\Temp\DevSetup64.dll 2015-10-25 17:15 - 2015-10-25 17:43 - 0098304 _____ () C:\Users\Michał\AppData\Local\Temp\DriverInstall32.exe 2015-10-25 17:15 - 2015-10-25 17:43 - 0098304 _____ () C:\Users\Michał\AppData\Local\Temp\DriverInstall64.exe 2015-11-16 14:07 - 2015-11-16 14:08 - 15318370 _____ (BSRSoft) C:\Users\Michał\AppData\Local\Temp\InstallBSRVista_v5.exe 2017-01-24 12:59 - 2017-01-24 12:59 - 0739904 _____ (Oracle Corporation) C:\Users\Michał\AppData\Local\Temp\jre-8u121-windows-au.exe 2017-04-20 00:02 - 2017-04-20 00:02 - 0739904 _____ (Oracle Corporation) C:\Users\Michał\AppData\Local\Temp\jre-8u131-windows-au.exe 2015-10-25 17:15 - 2015-10-25 17:43 - 0016384 _____ () C:\Users\Michał\AppData\Local\Temp\KillProcess.exe 2015-08-14 14:29 - 2015-07-29 22:08 - 0681097 _____ (SQLite Development Team) C:\Users\Michał\AppData\Local\Temp\sqlite3.dll 2016-10-17 11:39 - 2016-10-17 11:39 - 0201944 _____ (MAGIX AG) C:\Users\Michał\AppData\Local\Temp\unwise.exe 2017-04-22 16:53 - 2017-04-22 16:53 - 14456872 _____ (Microsoft Corporation) C:\Users\Michał\AppData\Local\Temp\vc_redist.x86.exe ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-12-08 12:00 ==================== Koniec FRST.txt ============================