Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja: 26-12-2019 Uruchomiony przez szymon (administrator) SAMSUNG (SAMSUNG ELECTRONICS CO., LTD. R510/P510) (27-12-2019 22:15:44) Uruchomiony z C:\Users\szymon\Desktop\FRST\frst Załadowane profile: szymon (Dostępne profile: szymon) Platform: Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) Język: Polski (Polska) Internet Explorer Wersja 9 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe (Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (CyberLink -> ) C:\Program Files\CyberLink\Shared Files\RichVideo.exe (CyberLink -> Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.35.422\GoogleCrashHandler.exe (Hewlett-Packard Company) [Brak podpisu cyfrowego] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company) [Brak podpisu cyfrowego] C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel(R) Corporation) [Brak podpisu cyfrowego] C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) [Brak podpisu cyfrowego] C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SLsvc.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\snmp.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor) C:\Windows\RtHDVCpl.exe (Numedia Soft, Inc. -> ) C:\Program Files\CDBurnerXP\NMSAccessU.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Samsung Electronics Co., Ltd.) [Brak podpisu cyfrowego] C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe (Synaptics Incorporated -> Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (ZTE CORPORATION -> ) C:\Program Files\4G Hostless Modem\MegaFon Internet\CancelAutoPlay_df.exe (ZTE CORPORATION -> ) C:\Program Files\4G Hostless Modem\MegaFon Internet\CheckNDISPort_df.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6111232 2008-04-17] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-10-26] (Synaptics Incorporated -> Synaptics, Inc.) HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [71216 2007-03-14] (CyberLink -> Cyberlink Corp.) HKLM\...\Run: [LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [52256 2007-01-08] (CyberLink -> ) [Brak podpisu cyfrowego] HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [215552 2008-01-21] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Run: [CheckNDISPort01ac00] => C:\Program Files\4G Hostless Modem\MegaFon Internet\CheckNDISPort_df.exe [468736 2015-11-09] (ZTE CORPORATION -> ) HKLM\...\Run: [CancelAutoPlay_df] => C:\Program Files\4G Hostless Modem\MegaFon Internet\CancelAutoPlay_df.exe [447744 2015-11-09] (ZTE CORPORATION -> ) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-15] (AVAST Software s.r.o. -> AVAST Software) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2289664 2008-03-17] (Hewlett-Packard Company) [Brak podpisu cyfrowego] HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\Run: [Skype] => C:\Program Files\Skype\\Phone\Skype.exe [30877280 2014-12-11] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\Run: [AvastBrowserIsDefault] => "C:\Program Files\AVAST Software\Browser\Application\AvastBrowserProtector.exe" --force-protect HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: F - F:\AutoRun.exe /s HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: G - G:\AutoRun.exe HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: H - H:\AutoRun.exe HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {3168420c-9e89-11e2-94fe-d710a21dcda3} - G:\AutoRun.exe /s HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {69300500-c0ce-11de-afea-acbb43663a4d} - G:\AutoRun.exe HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {69300511-c0ce-11de-afea-acbb43663a4d} - G:\AutoRun.exe HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {695d2417-22a7-11de-b8e6-001377988fb5} - F:\AutoRun.exe HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {708d157c-aecf-11e3-8d26-d8e90d368216} - F:\AutoRun.exe /s HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {754f9d29-f955-11e2-bb68-906108090fac} - F:\AutoRun.exe /s HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {7e8d2079-f9fd-11e2-908f-a4a989e715d3} - F:\AutoRun.exe /s HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {7e8d2089-f9fd-11e2-908f-9df2729782e7} - F:\AutoRun.exe HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {8baf0962-22c4-11de-9eb4-001377988fb5} - G:\AutoRun.exe HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {8baf0964-22c4-11de-9eb4-001377988fb5} - F:\AutoRun.exe HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {d8e650d3-58c6-11e6-9adf-001377988fb5} - F:\AutoRun.exe HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {d8e650d7-58c6-11e6-9adf-00a0c6000000} - F:\AutoRun.exe HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {e470a6c5-e855-11e5-8caa-001377988fb5} - F:\AutoRun.exe /s HKU\S-1-5-21-3182861355-789584673-1566108675-1003\...\MountPoints2: {f05c6ab7-22a8-11de-8ca6-001377988fb5} - F:\AutoRun.exe HKLM\Software\Microsoft\Active Setup\Installed Components: [{10880D85-AAD9-4558-ABDC-2AB1552D831F}] -> C:\Program Files\Common Files\LightScribe\LSRunOnce.exe [2008-03-17] (Hewlett-Packard Company -> Hewlett-Packard Company) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe [2019-02-28] (Google Inc -> Google Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files\AVAST Software\Browser\Application\49.0.79.75\Installer\chrmstp.exe [2018-08-19] (AVAST Software s.r.o. -> AVAST Software) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk [2008-07-29] ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.) Startup: C:\Users\szymon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RT-Automatyczne aktualizacje-AKP.lnk [2019-03-05] ShortcutTarget: RT-Automatyczne aktualizacje-AKP.lnk -> C:\Ross-Tech\VCDS-AKP\VCDS.exe (Ross-Tech, LLC -> Ross-Tech, LLC) GroupPolicy: Ograniczenia ? <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {056F2320-8DE4-486F-B0CF-FCD7EC708DD9} - System32\Tasks\{E8A5ECBE-9722-4C07-AA36-9FA670860CAC} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\igfxcpl.cpl -c Intel(R) GMA Driver for Mobile Task: {1F831C91-DFBE-4F39-BD03-FDA36360C9AF} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_156_Plugin.exe [1457664 2019-03-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated) [Brak podpisu cyfrowego] Task: {1F8E01CF-D433-482A-A2B5-CC9244B534D8} - System32\Tasks\AVG\PC Tuneup 2011\Integrator\Start On szymon Logon => C:\Program Files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe Task: {27C8287A-252C-4891-8C7E-BB55E7E0F781} - System32\Tasks\Norton Security Scan for szymon => C:\Program Files\Norton Security Scan\Norton Security Scan\Engine\4.6.2.17\Nss.exe [846928 2018-03-13] (Symantec Corporation -> Symantec Corporation) Task: {408EAC7D-7A65-4493-8CCE-CA1048289018} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation) Task: {435C6376-2B59-43B6-AEDA-97A9DF837CE5} - System32\Tasks\SamsungMagicDoctor => C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe [45056 2007-07-04] (Samsung Electronics Co., Ltd.) [Brak podpisu cyfrowego] Task: {5EE56422-3F69-4CBB-AA32-A2AD788073F3} - System32\Tasks\{4B0605B9-C818-444E-8274-07BD3DEA882F} => C:\Windows\system32\pcalua.exe -a "E:\op-com\op-com\op-com\Before the firmware upgrade using\OPCOM081016_EN\OPCOM081016_EN\DPInst.exe" -d "E:\op-com\op-com\op-com\Before the firmware upgrade using\OPCOM081016_EN\OPCOM081016_EN" Task: {75E9A7A4-45E1-40EA-BE23-CC53F9E439F3} - System32\Tasks\{0DF26784-6926-4AC8-AEC0-FA182434B8B6} => C:\Windows\system32\pcalua.exe -a "E:\op-com\op-com\op-com\Before the firmware upgrade using\OPCOM081016_EN\OPCOM081016_EN\OPCOMUSBUninstall.exe" -d "E:\op-com\op-com\op-com\Before the firmware upgrade using\OPCOM081016_EN\OPCOM081016_EN" Task: {77799886-6B72-410D-89E6-133F708791E2} - System32\Tasks\Microsoft\Windows\RestartManager\{925D4EB2-5BD7-47fc-BBA4-8CD53B67AE9D} => C:\Windows\system32\rmclient.exe [14848 2006-11-02] (Microsoft Windows -> Microsoft Corporation) Task: {799E4337-C5AB-44E5-8A18-40B37510C351} - System32\Tasks\AdwCleaner_onReboot => C:\Users\szymon\Desktop\adwcleaner_7.4.2.exe [7622344 2019-12-27] (Malwarebytes Inc -> Malwarebytes) Task: {7EC01DE6-D30F-4ECB-9AA5-72E6945DD0A1} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => %windir%\system32\rundll32.exe Task: {A3D491D0-BDE0-4257-8658-AD432D7BB398} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.) Task: {A7905D79-B12F-4BB1-B7D1-3E0D00213ADD} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-19] (AVAST Software s.r.o. -> AVAST Software) Task: {B3D4E55F-76C7-47DE-BBE0-C26109EDB806} - System32\Tasks\GoogleUpdateTaskMachineUA1d4e58111ffe3b9 => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.) Task: {BC4C714D-323E-4B04-98FE-3AF24097EE87} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-19] (AVAST Software s.r.o. -> AVAST Software) Task: {BF68538D-E876-4EA4-87EA-5014706BF96A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.) Task: {C29F7C19-2589-45F7-A31E-921530A20AF8} - System32\Tasks\{D5E89D88-FA2D-41C2-98B2-B168850DADAF} => C:\Windows\system32\pcalua.exe -a "C:\Users\szymon\Desktop\op-com\op-com\op-com\Before the firmware upgrade using\OPCOM081016_EN\OPCOM081016_EN\Driver\OPCOMUSBUninstall.exe" -d "C:\Users\szymon\Desktop\op-com\op-com\op-com\Before the firmware upgrade using\OPCOM081016_EN\OPCOM081016_EN\Driver" Task: {D0559160-A845-4FBF-96C6-289209F14C70} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-03-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated) [Brak podpisu cyfrowego] Task: {D2C33EDE-CEA9-4E3C-8FCD-EB737741B655} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_156_pepper.exe [1453056 2019-03-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated) [Brak podpisu cyfrowego] Task: {D4C42357-AC2B-4BE9-AD53-84BEB1611B21} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2762968 2018-11-15] (AVAST Software s.r.o. -> AVAST Software) Task: {DB769959-E816-4F3B-B012-9A884864AE71} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3182861355-789584673-1566108675-1003UA => C:\Users\szymon\AppData\Local\Google\Update\GoogleUpdate.exe Task: {DD9BAEF1-AAF3-4FB0-817F-6DB70AD73AE9} - System32\Tasks\Microsoft\Windows\RestartManager\{F23690A2-5E13-4b45-9B6D-F9370438C0F9} => C:\Windows\system32\rmclient.exe [14848 2006-11-02] (Microsoft Windows -> Microsoft Corporation) Task: {E87FE246-F17C-4A9F-8B57-71281A0BED7D} - System32\Tasks\GoogleUpdateTaskMachineCore1d4e58111bc23f9 => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.) Task: {EDFB3816-6781-42CA-99DB-78DAF233B019} - System32\Tasks\{6FE3A374-6644-4C0C-AC9A-AB67306BBB47} => C:\Program Files\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Software Sarl -> Skype Technologies S.A.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{43553BD0-DE8F-4FB3-B364-7EA653E6E149}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{68B883E5-2578-4F16-BAFC-DFDFE8FDD021}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-3182861355-789584673-1566108675-1003\Software\Microsoft\Internet Explorer\Main,Start Page = SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-09-16] (Oracle America, Inc. -> Oracle Corporation) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-03] (Google Inc -> Google Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-09-16] (Oracle America, Inc. -> Oracle Corporation) BHO: IEPluginBHO Class -> {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} -> C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll [2010-04-21] (GG Network S.A. -> GG Network S.A.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-03] (Google Inc -> Google Inc.) Toolbar: HKU\S-1-5-21-3182861355-789584673-1566108675-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-03] (Google Inc -> Google Inc.) DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {1E53EA77-34F2-474E-9046-B2B0C86F1821} hxxp://www.eska.pl/streamplayers/OggX.ocx DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Brak pliku Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08] (Skype Technologies SA -> Skype Technologies S.A.) FireFox: ======== FF DefaultProfile: j8o5cyda.default FF ProfilePath: C:\Users\szymon\AppData\Roaming\Mozilla\Firefox\Profiles\j8o5cyda.default [2018-11-10] FF Extension: (Avast SafePrice) - C:\Users\szymon\AppData\Roaming\Mozilla\Firefox\Profiles\j8o5cyda.default\Extensions\sp@avast.com.xpi [2018-08-19] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/sp/update.json] FF Extension: (Avast Online Security) - C:\Users\szymon\AppData\Roaming\Mozilla\Firefox\Profiles\j8o5cyda.default\Extensions\wrc@avast.com.xpi [2018-08-19] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: (Microsoft .NET Framework Assistant) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-14] [Przestarzałe] [Brak podpisu cyfrowego] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_156.dll [2019-03-13] (Adobe Systems Incorporated -> ) [Brak podpisu cyfrowego] FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.) [Brak podpisu cyfrowego] FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google Inc -> Google) FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-09-16] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-09-16] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll [2008-09-10] (RealNetworks, Inc. -> RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll [2008-09-10] (RealNetworks, Inc.) [Brak podpisu cyfrowego] FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3182861355-789584673-1566108675-1003: @tools.google.com/Google Update;version=3 -> C:\Users\szymon\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll [Brak pliku] FF Plugin HKU\S-1-5-21-3182861355-789584673-1566108675-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\szymon\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-10-26] (Unity Technologies SF -> Unity Technologies ApS) Chrome: ======= CHR DefaultProfile: Profile 2 CHR HomePage: Profile 2 -> hxxps://www.google.pl/ CHR StartupUrls: Profile 2 -> "hxxps://www.google.pl/" CHR Profile: C:\Users\szymon\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-11-10] CHR DownloadDir: C:\Users\szymon\Desktop CHR Extension: (Prezentacje) - C:\Users\szymon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15] CHR Extension: (Dokumenty) - C:\Users\szymon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15] CHR Extension: (Dysk Google) - C:\Users\szymon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (YouTube) - C:\Users\szymon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Google Search) - C:\Users\szymon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26] CHR Extension: (Arkusze) - C:\Users\szymon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\szymon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03] CHR Extension: (Gmail) - C:\Users\szymon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-28] CHR Profile: C:\Users\szymon\AppData\Local\Google\Chrome\User Data\Profile 2 [2019-12-27] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\szymon\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-09-30] CHR Profile: C:\Users\szymon\AppData\Local\Google\Chrome\User Data\System Profile [2015-06-28] CHR Extension: (Prezentacje Google) - C:\Users\szymon\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-28] CHR Extension: (Dokumenty Google) - C:\Users\szymon\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-28] CHR Extension: (Dysk Google) - C:\Users\szymon\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-28] CHR Extension: (YouTube) - C:\Users\szymon\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-28] CHR Extension: (Google Search) - C:\Users\szymon\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-28] CHR Extension: (Arkusze Google) - C:\Users\szymon\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-28] CHR Extension: (Google Wallet) - C:\Users\szymon\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-28] CHR Extension: (Gmail) - C:\Users\szymon\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-28] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-03-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated) [Brak podpisu cyfrowego] R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6799632 2018-11-15] (AVAST Software s.r.o. -> AVAST Software) S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-19] (AVAST Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-11-15] (AVAST Software s.r.o. -> AVAST Software) S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-19] (AVAST Software s.r.o. -> AVAST Software) R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [819200 2008-05-23] (Intel(R) Corporation) [Brak podpisu cyfrowego] R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-03-17] (Hewlett-Packard Company) [Brak podpisu cyfrowego] S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation -> Microsoft Corporation) R2 NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2009-07-13] (Numedia Soft, Inc. -> ) R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-05-23] (Intel(R) Corporation) [Brak podpisu cyfrowego] R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2006-12-19] (CyberLink -> ) S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Windows -> Microsoft Corporation) S2 Samsung Update Plus; "C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe" [X] ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AgereSoftModem; C:\Windows\System32\DRIVERS\AGRSM.sys [1161888 2006-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Agere Systems) S3 AMTFLASH; C:\Windows\System32\drivers\AmtFlash.sys [37632 2011-09-07] (Amt-Cartech Ltd -> AMT-Cartech Ltd.) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167480 2018-11-15] (AVAST Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188976 2018-11-15] (AVAST Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [165384 2018-11-15] (AVAST Software s.r.o. -> AVAST Software) R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284256 2018-11-15] (AVAST Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [57904 2018-11-15] (AVAST Software s.r.o. -> AVAST Software) R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [183176 2018-11-26] (AVAST Software s.r.o. -> AVAST Software) S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42736 2018-11-15] (AVAST Software s.r.o. -> AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2018-11-15] (AVAST Software s.r.o. -> AVAST Software) R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [135200 2019-01-18] (AVAST Software s.r.o. -> AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr.sys [70640 2018-11-15] (AVAST Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2018-11-15] (AVAST Software s.r.o. -> AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784552 2019-05-23] (AVAST Software s.r.o. -> AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [397984 2019-05-23] (AVAST Software s.r.o. -> AVAST Software) R3 aswStmXP; C:\Windows\System32\drivers\aswStmXP.sys [146584 2018-11-15] (AVAST Software s.r.o. -> AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310200 2018-11-15] (AVAST Software s.r.o. -> AVAST Software) R3 athr; C:\Windows\System32\DRIVERS\athr.sys [1203712 2009-12-17] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.) S3 btwaudio; C:\Windows\System32\drivers\btwaudio.sys [80424 2008-02-14] (Broadcom Corporation -> Broadcom Corporation.) S3 btwavdt; C:\Windows\System32\drivers\btwavdt.sys [80936 2007-07-15] (Broadcom Corporation -> Broadcom Corporation.) S3 btwrchid; C:\Windows\System32\DRIVERS\btwrchid.sys [16168 2007-07-15] (Broadcom Corporation -> Broadcom Corporation.) R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [393368 2017-12-05] (Symantec Corporation -> Symantec Corporation) S3 FTD2XX; C:\Windows\System32\Drivers\OPCOMUSB.sys [57800 2009-10-22] (Future Technology Devices International Ltd -> FTDI Ltd.) S3 FTDIBUS; C:\Windows\System32\drivers\opcomusb.sys [57800 2009-10-22] (Future Technology Devices International Ltd -> FTDI Ltd.) S4 iteatapi; C:\Windows\system32\drivers\iteatapi.sys [35944 2006-11-02] (Microsoft Windows -> Integrated Technology Express, Inc.) S4 iteraid; C:\Windows\system32\drivers\iteraid.sys [35944 2006-11-02] (Microsoft Windows -> Integrated Technology Express, Inc.) R2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2007-05-23] (Microsoft Windows Hardware Compatibility Publisher -> SAMSUNG ELECTRONICS CO., LTD.) S4 Mraid35x; C:\Windows\system32\drivers\mraid35x.sys [33384 2006-11-02] (Microsoft Windows -> LSI Logic Corporation) S4 ntrigdigi; C:\Windows\system32\drivers\ntrigdigi.sys [20608 2006-11-02] (Microsoft Windows -> N-trig Innovative Technologies) S3 RT-USB; C:\Windows\System32\drivers\RT-USB.SYS [80256 2014-05-12] (Ross-Tech, LLC -> Ross-Tech LLC) S3 slabbus; C:\Windows\System32\DRIVERS\slabbus.sys [55312 2005-08-16] (MCCI) [Brak podpisu cyfrowego] S3 slabser; C:\Windows\System32\DRIVERS\slabser.sys [89808 2005-08-16] (MCCI) [Brak podpisu cyfrowego] S4 uliahci; C:\Windows\system32\drivers\uliahci.sys [238648 2008-01-21] (Microsoft Windows -> ULi Electronics Inc.) S4 UlSata; C:\Windows\system32\drivers\ulsata.sys [98408 2006-11-02] (Microsoft Windows -> Promise Technology, Inc.) S4 ulsata2; C:\Windows\system32\drivers\ulsata2.sys [115816 2008-01-21] (Microsoft Windows -> Promise Technology, Inc.) R3 VMC326; C:\Windows\System32\Drivers\VMC326.sys [238464 2008-09-03] (Vimicro Corporation) [Brak podpisu cyfrowego] R3 yukonwlh; C:\Windows\System32\DRIVERS\yk60x86.sys [298496 2007-12-28] (Microsoft Windows Hardware Compatibility Publisher -> Marvell) S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 massfilter_lte; \??\C:\Windows\system32\drivers\massfilter_lte.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] S3 zgdcat; system32\DRIVERS\zgdcat.sys [X] S3 zgdcdiag; system32\DRIVERS\zgdcdiag.sys [X] S3 zgdcmdm; system32\DRIVERS\zgdcmdm.sys [X] S3 zgdcnet; system32\DRIVERS\zgdcnet.sys [X] S3 zgdcnmea; system32\DRIVERS\zgdcnmea.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) =================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-12-27 22:12 - 2019-12-27 22:12 - 000004764 _____ C:\Users\szymon\Desktop\AdwCleaner[S14].txt 2019-12-27 22:10 - 2019-12-27 22:10 - 000004942 _____ C:\Users\szymon\Desktop\AdwCleaner[C16].txt 2019-12-27 22:10 - 2019-12-27 22:10 - 000003079 _____ C:\Users\szymon\Desktop\AdwCleaner[C15].txt 2019-12-27 21:54 - 2019-12-27 21:54 - 000003100 _____ C:\Windows\system32\Tasks\AdwCleaner_onReboot 2019-12-27 21:38 - 2019-12-27 21:38 - 007622344 _____ (Malwarebytes) C:\Users\szymon\Desktop\adwcleaner_7.4.2.exe 2019-12-27 21:06 - 2019-12-27 21:06 - 000039153 _____ C:\Users\szymon\Desktop\FRST.txt 2019-12-27 19:58 - 2019-12-27 20:08 - 000000000 ____D C:\Users\szymon\Desktop\FRST 2019-12-27 15:25 - 2019-12-27 15:25 - 008237744 _____ (Malwarebytes) C:\Users\szymon\Desktop\AdwCleaner.exe 2019-12-27 15:08 - 2019-12-27 15:08 - 000000000 __SHD C:\found.002 2019-12-27 13:45 - 2019-12-27 13:45 - 000000000 ____D C:\Users\szymon\Desktop\z3 zdjecia 2019-12-21 11:42 - 2019-12-21 11:42 - 000000981 _____ C:\Users\szymon\Desktop\Faultcodes_2004_Vectra-C S_Silnik__Z 19 DTH_201912211142.txt 2019-12-08 22:16 - 2019-12-08 22:16 - 000040648 _____ C:\Users\szymon\Desktop\potw_przek_przel_20191208_221616.pdf 2019-12-06 19:19 - 2019-12-06 19:19 - 000131072 _____ C:\Users\szymon\Desktop\WinOLS (Audi A6 (tun_v2)cs- 358127) 2019-11-29 19:24 - 2019-11-29 19:24 - 000040148 _____ C:\Users\szymon\Desktop\potw_przek_przel_20191129_192438.pdf ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-12-27 22:16 - 2014-12-11 18:55 - 000000000 ____D C:\FRST 2019-12-27 22:01 - 2009-04-03 13:59 - 000000000 ____D C:\Users\szymon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite 2019-12-27 22:01 - 2006-11-02 13:58 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-12-27 22:01 - 2006-11-02 13:45 - 000004384 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2019-12-27 22:01 - 2006-11-02 13:45 - 000004384 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2019-12-27 21:56 - 2008-07-30 00:52 - 000000012 _____ C:\Windows\bthservsdp.dat 2019-12-27 21:56 - 2006-11-02 13:58 - 000032530 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2019-12-27 21:54 - 2008-07-29 09:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2019-12-27 21:54 - 2008-07-29 09:05 - 000000000 ____D C:\Program Files\Samsung 2019-12-27 21:44 - 2008-07-29 09:06 - 000000000 ____D C:\Program Files\CyberLink 2019-12-27 18:30 - 2015-11-04 18:06 - 000000000 ____D C:\AdwCleaner 2019-12-27 17:26 - 2014-12-12 20:20 - 000000000 ____D C:\Users\szymon\Desktop\usuwanie 2019-12-27 16:51 - 2011-08-03 20:44 - 000000000 ____D C:\Users\szymon\AppData\Local\CrashDumps 2019-12-27 16:04 - 2013-04-11 18:56 - 000003726 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{0B81091C-FE3D-4AF1-B177-69CD7C3C4D2A} 2019-12-27 15:34 - 2009-10-12 14:38 - 004252220 _____ C:\Windows\ntbtlog.txt 2019-12-27 13:48 - 2009-04-03 14:50 - 000044544 _____ C:\Users\szymon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2019-12-26 14:32 - 2019-03-31 08:35 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software 2019-12-26 14:32 - 2019-03-28 17:12 - 000003472 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA1d4e58111ffe3b9 2019-12-26 14:32 - 2019-03-28 17:12 - 000003344 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore1d4e58111bc23f9 2019-12-26 14:32 - 2017-09-30 19:05 - 000004174 _____ C:\Windows\system32\Tasks\Norton Security Scan for szymon 2019-12-26 14:32 - 2017-06-14 23:51 - 000003678 _____ C:\Windows\system32\Tasks\Java Platform SE Auto Updater 2019-12-26 14:32 - 2014-07-24 20:28 - 000003426 _____ C:\Windows\system32\Tasks\{D5E89D88-FA2D-41C2-98B2-B168850DADAF} 2019-12-26 14:32 - 2014-07-24 18:16 - 000003314 _____ C:\Windows\system32\Tasks\{0DF26784-6926-4AC8-AEC0-FA182434B8B6} 2019-12-26 14:32 - 2014-07-24 18:12 - 000003292 _____ C:\Windows\system32\Tasks\{4B0605B9-C818-444E-8274-07BD3DEA882F} 2019-12-26 14:32 - 2010-03-10 01:01 - 000003036 _____ C:\Windows\system32\Tasks\{E8A5ECBE-9722-4C07-AA36-9FA670860CAC} 2019-12-26 14:32 - 2009-04-07 19:33 - 000002872 _____ C:\Windows\system32\Tasks\{6FE3A374-6644-4C0C-AC9A-AB67306BBB47} 2019-12-24 23:59 - 2018-11-10 16:04 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update ==================== Pliki w katalogu głównym wybranych folderów ======== 2012-08-21 21:23 - 2012-08-21 21:23 - 000000032 ____H () C:\Program Files\reqtt.dll 2014-09-01 09:18 - 2014-09-01 09:18 - 000001248 _____ () C:\Users\szymon\AppData\Roaming\CFBEDSDX 2014-09-01 09:18 - 2014-09-01 09:18 - 000001248 _____ () C:\Users\szymon\AppData\Roaming\MXPUWBDF 2014-09-01 09:18 - 2014-09-01 09:18 - 000002086 _____ () C:\Users\szymon\AppData\Roaming\SM 2009-04-12 23:02 - 2009-04-12 23:02 - 000024206 _____ () C:\Users\szymon\AppData\Roaming\UserTile.png 2014-09-01 09:18 - 2014-09-01 09:18 - 000002086 _____ () C:\Users\szymon\AppData\Roaming\WGPYQE 2009-12-10 11:39 - 2012-03-05 19:01 - 000001356 _____ () C:\Users\szymon\AppData\Local\d3d9caps.dat 2009-04-03 14:50 - 2019-12-27 13:48 - 000044544 _____ () C:\Users\szymon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2010-04-24 08:28 - 2010-04-24 08:30 - 000002432 _____ () C:\Users\szymon\AppData\Local\TempBm5688.html ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2019-12-27 22:08 ==================== Koniec FRST.txt ========================