1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
358.
359.
360.
361.
362.
363. | Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 17-07-2016 03
Uruchomiony przez Maciek (administrator) MACIEK-KOMPUTER (18-07-2016 16:55:04)
Uruchomiony z C:UsersMaciekDownloads
Załadowane profile: Maciek (Dostępne profile: Maciek)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: FF)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesy (filtrowane) =================
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
(AVAST Software) C:Program FilesAVAST SoftwareAvastAvastSvc.exe
(LSI Corporation) C:Program FilesLSI SoftModemagr64svc.exe
(InterVideo Inc.) C:Program Files (x86)Common FilesInterVideoDeviceServiceDevSvc.exe
(Acer Incorporated) C:Program FilesAcerAcer ePower ManagementePowerSvc.exe
(Acer Incorporated) C:Program Files (x86)AcerRegistrationGregHSRW.exe
(Malwarebytes Corporation) C:Program Files (x86)Malwarebytes Anti-Malwarembamscheduler.exe
(Malwarebytes Corporation) C:Program Files (x86)Malwarebytes Anti-Malwarembamservice.exe
(NewTech Infosystems, Inc.) C:Program Files (x86)NewTech InfosystemsAcer Backup ManagerIScheduleSvc.exe
(Malwarebytes Corporation) C:Program Files (x86)Malwarebytes Anti-Malwarembam.exe
(Microsoft Corporation) C:WindowsSystem32GWXGWX.exe
(Realtek Semiconductor) C:Program FilesRealtekAudioHDARAVCpl64.exe
(Alps Electric Co., Ltd.) C:Program FilesApoint2KApoint.exe
() C:WindowsPLFSetI.exe
(Acer Incorporated) C:Program FilesAcerAcer ePower ManagementePowerTray.exe
(Sony Ericsson Mobile Communications AB) C:Program Files (x86)Sony EricssonSony Ericsson PC CompanionPCCompanion.exe
(BitTorrent, Inc.) C:Program Files (x86)uTorrentuTorrent.exe
(McAfee, Inc.) C:Program FilesMcAfee Security Scan3.11.309SSScheduler.exe
(NewTech Infosystems, Inc.) C:Program Files (x86)NewTech InfosystemsNTI Backup Now 5SchedulerSvc.exe
(Acer) C:Program FilesAcerAcer UpdaterUpdaterService.exe
(Piriform Ltd) C:Program FilesCCleanerCCleaner64.exe
(Microsoft Corp.) C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE
(NewTech Infosystems, Inc.) C:Program Files (x86)NewTech InfosystemsAcer Backup ManagerBackupManagerTray.exe
(Egis Technology Inc.) C:Program Files (x86)EgisTec Egis Software UpdateEgisUpdate.exe
(Microsoft Corp.) C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVCM.EXE
(Dritek System Inc.) C:Program Files (x86)Launch ManagerLManager.exe
(Alps Electric Co., Ltd.) C:Program FilesApoint2KApMsgFwd.exe
(CyberLink Corp.) C:Program Files (x86)Acer Arcade DeluxeAcer Arcade DeluxeArcadeDeluxeAgent.exe
(Alps Electric Co., Ltd.) C:Program FilesApoint2KHidfind.exe
(Alps Electric Co., Ltd.) C:Program FilesApoint2KApntEx.exe
(AVAST Software) C:Program FilesAVAST SoftwareAvastavastui.exe
(Acer Incorporated) C:Program FilesAcerAcer ePower ManagementePowerEvent.exe
(Microsoft Corporation) C:WindowsSystem32dllhost.exe
(Mozilla Corporation) C:Program Files (x86)Mozilla Firefoxfirefox.exe
(Avast Software) C:Program FilesAVAST SoftwareAvastngvboxAvastVBoxSVC.exe
(Adobe Systems, Inc.) C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_22_0_0_209.exe
(Adobe Systems, Inc.) C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_22_0_0_209.exe
==================== Rejestr (filtrowane) ===========================
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
HKLM...Run: [RtHDVCpl] => C:Program FilesRealtekAudioHDARAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM...Run: [Apoint] => C:Program FilesApoint2KApoint.exe [295936 2009-05-22] (Alps Electric Co., Ltd.)
HKLM...Run: [PLFSetI] => C:WindowsPLFSetI.exe [200704 2010-04-03] ()
HKLM...Run: [Acer ePower Management] => C:Program FilesAcerAcer ePower ManagementePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM-x32...Run: [BackupManagerTray] => C:Program Files (x86)NewTech InfosystemsAcer Backup ManagerBackupManagerTray.exe [261888 2009-09-25] (NewTech Infosystems, Inc.)
HKLM-x32...Run: [EgisTecLiveUpdate] => C:Program Files (x86)EgisTec Egis Software UpdateEgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32...Run: [LManager] => C:Program Files (x86)Launch ManagerLManager.exe [1094736 2009-11-02] (Dritek System Inc.)
HKLM-x32...Run: [ArcadeDeluxeAgent] => C:Program Files (x86)Acer Arcade DeluxeAcer Arcade DeluxeArcadeDeluxeAgent.exe [419112 2009-10-06] (CyberLink Corp.)
HKLM-x32...Run: [AvastUI.exe] => C:Program FilesAVAST SoftwareAvastAvastUI.exe [6111312 2015-11-06] (AVAST Software)
HKLM-x32...Run: [GrooveMonitor] => C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKUS-1-5-21-3628267-3221919487-2457387961-1000...Run: [Sony Ericsson PC Companion] => C:Program Files (x86)Sony EricssonSony Ericsson PC CompanionPCCompanion.exe [774144 2009-12-08] (Sony Ericsson Mobile Communications AB)
HKUS-1-5-21-3628267-3221919487-2457387961-1000...Run: [uTorrent] => C:Program Files (x86)uTorrentuTorrent.exe [399736 2015-02-06] (BitTorrent, Inc.)
HKUS-1-5-21-3628267-3221919487-2457387961-1000...Run: [siqdglgpfh] => explorer "hxxp://erobiryu.ru/?utm_source=uoua03&utm_content=319d81e55824638bc3ed665af6fcb5c1&utm_term=DF3342F58A4975E51CEA49384237E1C3" <===== UWAGA
HKUS-1-5-21-3628267-3221919487-2457387961-1000...Run: [CCleaner Monitoring] => C:Program FilesCCleanerCCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKUS-1-5-21-3628267-3221919487-2457387961-1000...MountPoints2: {1478fc4d-4c94-11e5-8c97-00262d9c20f6} - E:Setup.exe
HKUS-1-5-21-3628267-3221919487-2457387961-1000...MountPoints2: {19c84979-9fdb-11e4-933e-00262d9c20f6} - E:Startme.exe
HKUS-1-5-21-3628267-3221919487-2457387961-1000...MountPoints2: {b86f8c5f-4ea4-11e3-9a31-00262d9c20f6} - E:Startme.exe
HKUS-1-5-18...RunOnce: [SPReview] => C:WindowsSystem32SPReviewSPReview.exe [301568 2013-03-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:Program FilesAVAST SoftwareAvastashShA64.dll [2015-08-14] (AVAST Software)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:Program Files (x86)EgisTecMyWinLocker 3x64psdprotect.dll [2009-09-11] (Egis Technology Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => Brak pliku
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:Program Files (x86)EgisTecMyWinLocker 3x86psdprotect.dll [2009-09-11] (Egis Technology Inc.)
Startup: C:ProgramDataMicrosoftWindowsStart MenuProgramsStartupMcAfee Security Scan Plus.lnk [2016-04-04]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:Program FilesMcAfee Security Scan3.11.309SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Ograniczenia - Chrome <======= UWAGA
==================== Internet (filtrowane) ====================
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
Hosts: 0.0.0.1 mssplus.mcafee.com
TcpipParameters: [DhcpNameServer] 62.179.1.61 62.179.1.63
Tcpip..Interfaces{97265B33-11E5-45D9-96B4-188F0AC7551C}: [DhcpNameServer] 62.179.1.61 62.179.1.63
Internet Explorer:
==================
HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = www.google.com
HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Start Page = www.google.com
HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = hxxp://www.google.com
HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Search Page = www.google.com
HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = www.google.com
HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Default_Page_URL = www.google.com
HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = hxxp://www.google.com
HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Default_Search_URL = www.google.com
HKUS-1-5-21-3628267-3221919487-2457387961-1000SoftwareMicrosoftInternet ExplorerMain,Search Bar = hxxp://www.bing.com
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKUS-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKUS-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:Program Files (x86)Microsoft OfficeOffice12GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:Program Files (x86)Javajre7binssv.dll [2014-11-07] (Oracle Corporation)
BHO-x32: Pomocnik logowania za pomocą konta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:Program Files (x86)Javajre7binjp2ssv.dll [2014-11-07] (Oracle Corporation)
BHO-x32: IEPluginBHO Class -> {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} -> Brak pliku
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:UsersMaciekAppDataRoamingMozillaFirefoxProfilesmujtcb5r.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: webssearches
FF SelectedSearchEngine: webssearches
FF Homepage: hxxps://www.google.pl/?gfe_rd=cr&ei=8MJMVtjIKdiCsAG5qbegAQ&gws_rd=ssl#cns=1&gfe_rd=cr&gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:Windowssystem32MacromedFlashNPSWF64_22_0_0_209.dll [2016-07-18] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:Program FilesMicrosoft Silverlight5.1.50428.0npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:WindowsSysWOW64MacromedFlashNPSWF32_22_0_0_209.dll [2016-07-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:Program Files (x86)Javajre7bindtpluginnpDeployJava1.dll [2014-11-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:Program Files (x86)Javajre7binplugin2npjp2.dll [2014-11-07] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:Program Files (x86)Microsoft Silverlight5.1.50428.0npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:Program Files (x86)AdobeReader 11.0ReaderAIRnppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Browser-Security - C:UsersMaciekAppDataRoamingMozillaFirefoxProfilesmujtcb5r.defaultExtensionsfirefox@browser-security.de.xpi [2016-07-18]
FF Extension: Adblock Plus - C:UsersMaciekAppDataRoamingMozillaFirefoxProfilesmujtcb5r.defaultExtensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM...FirefoxExtensions: [wrc@avast.com] - C:Program FilesAVAST SoftwareAvastWebRepFF
FF Extension: Avast Online Security - C:Program FilesAVAST SoftwareAvastWebRepFF [2016-07-18]
FF HKLM-x32...FirefoxExtensions: [wrc@avast.com] - C:Program FilesAVAST SoftwareAvastWebRepFF
Chrome:
=======
CHR HKLM-x32...ChromeExtension: [gomekmidlodglbbmalcneegieacbdmki] - C:Program FilesAVAST SoftwareAvastWebRepChromeaswWebRepChrome.crx [2016-07-18]
CHR HKLM-x32...ChromeExtension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <Brak Path/update_url>
==================== Usługi (filtrowane) ========================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 avast! Antivirus; C:Program FilesAVAST SoftwareAvastAvastSvc.exe [146600 2015-08-14] (AVAST Software)
R2 Capture Device Service; C:Program Files (x86)Common FilesInterVideoDeviceServiceDevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
S2 Guntony_protect; C:ProgramDataGuntonyprotectprotect.exe [302976 2016-05-12] () [Brak podpisu cyfrowego]
S2 Guntony_update; C:Program Files (x86)GuntonyGuntonybinGuntony_server.exe [473472 2016-05-12] ()
S2 KMService; C:WindowsSysWOW64srvany.exe [8192 2013-09-19] () [Brak podpisu cyfrowego]
R2 MBAMScheduler; C:Program Files (x86)Malwarebytes Anti-Malwarembamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:Program Files (x86)Malwarebytes Anti-Malwarembamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 McComponentHostService; C:Program FilesMcAfee Security Scan3.11.309McCHSvc.exe [293128 2016-03-11] (McAfee, Inc.)
S3 MWLService; C:Program Files (x86)EgisTecMyWinLocker 3x86\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
R2 WinDefend; C:Program FilesWindows Defendermpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 winzipersvc; C:Program Files (x86)WinZipperwinzipersvc.exe [744528 2016-05-16] () [Brak podpisu cyfrowego] <==== UWAGA
===================== Sterowniki (filtrowane) ==========================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 aswHwid; C:Windowssystem32driversaswHwid.sys [37656 2016-07-18] (AVAST Software)
S1 aswKbd; C:Windowssystem32driversaswKbd.sys [37144 2016-07-18] (AVAST Software)
R2 aswMonFlt; C:Windowssystem32driversaswMonFlt.sys [108304 2016-07-18] (AVAST Software)
R1 aswRdr; C:Windowssystem32driversaswRdr2.sys [103064 2016-07-18] (AVAST Software)
R0 aswRvrt; C:WindowsSystem32DriversaswRvrt.sys [74544 2016-07-18] (AVAST Software)
R1 aswSnx; C:Windowssystem32driversaswSnx.sys [1070904 2016-07-18] (AVAST Software)
R1 aswSP; C:Windowssystem32driversaswSP.sys [473592 2016-07-18] (AVAST Software)
R2 aswStm; C:Windowssystem32driversaswStm.sys [162904 2016-07-18] (AVAST Software)
R0 aswVmm; C:WindowsSystem32DriversaswVmm.sys [290088 2016-07-18] (AVAST Software)
S3 ebdrv; C:Windowssystem32DRIVERSevbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:Windowssystem32driversmbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:Windowssystem32driversMBAMSwissArmy.sys [113880 2016-07-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:Windowssystem32driversmwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 RSUSBSTOR; C:WindowsSysWOW64DriversRtsUStor.sys [225280 2009-09-02] (Realtek Semiconductor Corp.)
S3 s1018bus; C:WindowsSystem32DRIVERSs1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:WindowsSystem32DRIVERSs1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:WindowsSystem32DRIVERSs1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:WindowsSystem32DRIVERSs1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:WindowsSystem32DRIVERSs1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:WindowsSystem32DRIVERSs1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:WindowsSystem32DRIVERSs1018unic.sys [146472 2009-03-25] (MCCI Corporation)
S3 s1029bus; C:WindowsSystem32DRIVERSs1029bus.sys [116264 2009-05-25] (MCCI Corporation)
S3 s1029mdfl; C:WindowsSystem32DRIVERSs1029mdfl.sys [19496 2009-05-25] (MCCI Corporation)
S3 s1029mdm; C:WindowsSystem32DRIVERSs1029mdm.sys [158760 2009-05-25] (MCCI Corporation)
S3 s1029mgmt; C:WindowsSystem32DRIVERSs1029mgmt.sys [139304 2009-05-25] (MCCI Corporation)
S3 s1029nd5; C:WindowsSystem32DRIVERSs1029nd5.sys [34856 2009-05-25] (MCCI Corporation)
S3 s1029obex; C:WindowsSystem32DRIVERSs1029obex.sys [135208 2009-05-25] (MCCI Corporation)
S3 s1029unic; C:WindowsSystem32DRIVERSs1029unic.sys [151592 2009-05-25] (MCCI Corporation)
S4 secdrv; C:WindowsSysWow64Driverssecdrv.sys [20128 2015-10-04] () [Brak podpisu cyfrowego]
==================== NetSvcs (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
==================== Jeden miesiąc - utworzone pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2016-07-18 16:55 - 2016-07-18 16:55 - 00017732 _____ C:UsersMaciekDownloadsFRST.txt
2016-07-18 16:54 - 2016-07-18 16:55 - 00000000 ____D C:FRST
2016-07-18 16:53 - 2016-07-18 16:53 - 02391040 _____ (Farbar) C:UsersMaciekDownloadsFRST64.exe
2016-07-18 16:34 - 2016-07-18 16:34 - 00096860 _____ C:UsersMaciekDownloadsExtras.Txt
2016-07-18 16:32 - 2016-07-18 16:32 - 00094834 _____ C:UsersMaciekDownloadsOTL.Txt
2016-07-18 16:12 - 2015-08-14 20:45 - 00115152 _____ (AVAST Software) C:Windowssystem32Driversngv77DD.tmp
2016-07-18 16:11 - 2016-07-18 16:06 - 00037144 _____ (AVAST Software) C:Windowssystem32DriversaswKbd.sys
2016-07-18 16:11 - 2016-07-18 15:58 - 01059656 _____ (AVAST Software) C:Windowssystem32DriversaswAD55.tmp
2016-07-18 16:11 - 2016-07-18 15:58 - 00449992 _____ (AVAST Software) C:Windowssystem32DriversaswBCC5.tmp
2016-07-18 16:11 - 2015-08-14 20:46 - 00274808 _____ (AVAST Software) C:Windowssystem32DriversaswC010.tmp
2016-07-18 16:11 - 2015-08-14 20:46 - 00150672 _____ (AVAST Software) C:Windowssystem32DriversaswC272.tmp
2016-07-18 16:11 - 2015-08-14 20:46 - 00093528 _____ (AVAST Software) C:Windowssystem32DriversaswB513.tmp
2016-07-18 16:11 - 2015-08-14 20:46 - 00090968 _____ (AVAST Software) C:Windowssystem32DriversaswB89E.tmp
2016-07-18 16:11 - 2015-08-14 20:46 - 00065224 _____ (AVAST Software) C:Windowssystem32DriversaswBAC1.tmp
2016-07-18 16:11 - 2015-08-14 20:46 - 00028656 _____ (AVAST Software) C:Windowssystem32DriversaswB707.tmp
2016-07-18 16:10 - 2016-07-18 16:07 - 00390984 _____ (AVAST Software) C:Windowssystem32aswBoot.exe
2016-07-18 16:06 - 2016-07-18 16:06 - 00053208 _____ (AVAST Software) C:WindowsavastSS.scr
2016-07-18 16:05 - 2016-07-18 16:05 - 00601088 _____ (OldTimer Tools) C:UsersMaciekDownloadsOTL 3.2.70.2 [1].exe
2016-07-18 16:04 - 2016-07-18 16:04 - 00990856 _____ ( ) C:UsersMaciekDownloadsOTL 3.2.70.2.exe
2016-07-18 15:58 - 2016-07-18 15:58 - 00001926 _____ C:UsersPublicDesktopAvast Free Antivirus.lnk
2016-07-18 15:58 - 2016-07-18 15:58 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsAVAST Software
2016-07-18 15:57 - 2015-11-06 22:27 - 01059656 _____ (AVAST Software) C:Windowssystem32Driversasw2158.tmp
2016-07-18 15:57 - 2015-11-06 22:27 - 00449992 _____ (AVAST Software) C:Windowssystem32Driversasw34FC.tmp
2016-07-18 15:57 - 2015-08-14 20:46 - 00274808 _____ (AVAST Software) C:Windowssystem32Driversasw37DA.tmp
2016-07-18 15:57 - 2015-08-14 20:46 - 00150672 _____ (AVAST Software) C:Windowssystem32Driversasw3CBB.tmp
2016-07-18 15:57 - 2015-08-14 20:46 - 00093528 _____ (AVAST Software) C:Windowssystem32Driversasw2639.tmp
2016-07-18 15:57 - 2015-08-14 20:46 - 00090968 _____ (AVAST Software) C:Windowssystem32Driversasw2B2A.tmp
2016-07-18 15:57 - 2015-08-14 20:46 - 00065224 _____ (AVAST Software) C:Windowssystem32Driversasw301B.tmp
2016-07-18 15:57 - 2015-08-14 20:46 - 00028656 _____ (AVAST Software) C:Windowssystem32Driversasw287B.tmp
2016-07-18 15:57 - 2015-08-14 20:45 - 00115152 _____ (AVAST Software) C:Windowssystem32DriversngvACB.tmp
2016-07-18 15:00 - 2016-07-18 15:00 - 00000000 ____D C:UsersMaciekAppDataRoamingAVAST Software
2016-07-18 10:42 - 2016-07-19 01:47 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsWindows 7 - Codec Pack
2016-07-18 10:41 - 2016-07-19 01:47 - 00000000 ____D C:WindowsSysWOW64Codecs
2016-07-18 10:32 - 2016-07-19 01:47 - 00000000 ____D C:UsersMaciekAppDataRoamingBrowser-Security
2016-07-18 01:14 - 2016-07-18 01:14 - 00410928 _____ C:unp305317123905442723.mdmp
2016-07-18 01:14 - 2016-07-18 01:14 - 00409587 _____ C:unp305317123903258720.mdmp
2016-07-18 01:14 - 2016-07-18 01:14 - 00408717 _____ C:unp305317123904350722.mdmp
2016-07-18 01:14 - 2016-07-18 01:14 - 00405007 _____ C:unp305317123880014679.mdmp
2016-07-13 14:04 - 2016-06-10 23:17 - 02895360 ____N (Microsoft Corporation) C:Windowssystem32iertutil.dll
2016-07-13 14:04 - 2016-06-10 21:44 - 02869248 ____N (Microsoft Corporation) C:Windowssystem32wininet.dll
2016-07-13 14:04 - 2016-06-10 21:30 - 01550848 ____N (Microsoft Corporation) C:Windowssystem32urlmon.dll
2016-07-13 14:04 - 2016-06-10 20:47 - 02287104 ____N (Microsoft Corporation) C:WindowsSysWOW64iertutil.dll
2016-07-13 14:04 - 2016-06-10 19:45 - 02392576 ____N (Microsoft Corporation) C:WindowsSysWOW64wininet.dll
2016-07-13 14:04 - 2016-06-10 19:41 - 01315840 ____N (Microsoft Corporation) C:WindowsSysWOW64urlmon.dll
2016-07-13 14:03 - 2016-06-26 02:27 - 00970240 ____N (Microsoft Corporation) C:Windowssystem32localspl.dll
2016-07-13 14:03 - 2016-06-26 02:27 - 00756736 ____N (Microsoft Corporation) C:Windowssystem32win32spl.dll
2016-07-13 14:03 - 2016-06-26 02:27 - 00166400 ____N (Microsoft Corporation) C:Windowssystem32inetpp.dll
2016-07-13 14:03 - 2016-06-17 20:24 - 00219136 ____N (Microsoft Corporation) C:Windowssystem32aepic.dll
2016-07-13 08:54 - 2016-07-13 08:54 - 00000000 ____D C:UsersMaciekAppDataLocalCEF
2016-07-05 23:00 - 2016-07-05 23:49 - 149964219 _____ C:UsersMaciekDownloadsHolGrHits1.zip
2016-06-30 11:56 - 2016-06-30 11:56 - 00000000 ____D C:ProgramDataW
2016-06-30 11:56 - 2016-06-30 11:56 - 00000000 _____ C:UsersPublicDocumentsreport.dat
==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2016-07-19 01:47 - 2016-04-04 12:25 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMcAfee Security Scan Plus
2016-07-19 01:47 - 2015-11-10 13:37 - 00000000 ____D C:Program FilesMcAfee Security Scan
2016-07-19 01:47 - 2015-07-30 20:40 - 00000000 ____D C:WindowsSystem32TasksAVAST Software
2016-07-19 01:47 - 2012-09-07 15:20 - 00000000 ____D C:Windowssystem32Macromed
2016-07-19 01:47 - 2012-08-08 12:24 - 00000000 ____D C:ProgramDataMcAfee Security Scan
2016-07-19 01:47 - 2009-07-14 05:20 - 00000000 ____D C:Windowsregistration
2016-07-19 01:47 - 2009-07-14 05:20 - 00000000 ____D C:Windowsinf
2016-07-19 01:45 - 2011-05-29 16:23 - 00000000 ____D C:ProgramDataAVAST Software
2016-07-19 01:44 - 2016-05-18 10:53 - 00000000 ____D C:Program Files (x86)Guntony
2016-07-19 01:44 - 2011-05-29 16:23 - 00000000 ____D C:Program FilesAVAST Software
2016-07-18 16:51 - 2015-08-07 21:39 - 00113880 _____ (Malwarebytes Corporation) C:Windowssystem32DriversMBAMSwissArmy.sys
2016-07-18 16:50 - 2015-02-06 11:34 - 00000000 ____D C:UsersMaciekAppDataRoaminguTorrent
2016-07-18 16:34 - 2015-10-27 11:56 - 00003868 _____ C:WindowsSystem32TasksAdobe Flash Player Updater
2016-07-18 16:34 - 2015-10-27 11:56 - 00000930 _____ C:WindowsTasksAdobe Flash Player Updater.job
2016-07-18 16:34 - 2015-03-02 14:57 - 00796352 _____ (Adobe Systems Incorporated) C:WindowsSysWOW64FlashPlayerApp.exe
2016-07-18 16:34 - 2015-03-02 14:57 - 00142528 _____ (Adobe Systems Incorporated) C:WindowsSysWOW64FlashPlayerCPLApp.cpl
2016-07-18 16:12 - 2011-08-28 19:04 - 00473592 _____ (AVAST Software) C:Windowssystem32Driversaswsp.sys
2016-07-18 16:11 - 2015-08-15 10:27 - 00003922 _____ C:WindowsSystem32Tasksavast! Emergency Update
2016-07-18 16:11 - 2011-08-28 19:04 - 00473592 _____ (AVAST Software) C:Windowssystem32Driversaswsp.sys.146885112122105
2016-07-18 16:07 - 2015-08-14 20:46 - 00162904 _____ (AVAST Software) C:Windowssystem32DriversaswStm.sys
2016-07-18 16:07 - 2015-08-14 20:46 - 00037656 _____ (AVAST Software) C:Windowssystem32DriversaswHwid.sys
2016-07-18 16:07 - 2013-05-24 20:06 - 00290088 _____ (AVAST Software) C:Windowssystem32DriversaswVmm.sys
2016-07-18 16:07 - 2013-05-24 20:06 - 00074544 _____ (AVAST Software) C:Windowssystem32DriversaswRvrt.sys
2016-07-18 16:07 - 2012-04-13 08:57 - 00103064 _____ (AVAST Software) C:Windowssystem32DriversaswRdr2.sys
2016-07-18 16:07 - 2011-08-28 19:04 - 00473592 _____ (AVAST Software) C:Windowssystem32Driversaswsp.sys.146885110930202
2016-07-18 16:07 - 2011-08-28 19:04 - 00108304 _____ (AVAST Software) C:Windowssystem32DriversaswMonFlt.sys
2016-07-18 16:06 - 2011-08-28 19:04 - 01070904 _____ (AVAST Software) C:Windowssystem32DriversaswSnx.sys
2016-07-18 16:00 - 2009-07-14 06:45 - 00025840 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-18 16:00 - 2009-07-14 06:45 - 00025840 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-18 15:49 - 2011-01-28 14:47 - 00000000 ____D C:UsersMaciek
2016-07-18 15:49 - 2009-07-14 07:08 - 00000006 ____H C:WindowsTasksSA.DAT
2016-07-18 10:22 - 2015-08-06 18:19 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsVideoLAN
2016-07-18 10:21 - 2016-05-17 10:27 - 00000000 ____D C:ProgramDataGuntony
2016-07-18 10:21 - 2016-05-17 10:26 - 00000000 ____D C:UsersMaciekAppDataLocalGuntony
2016-07-18 10:21 - 2015-10-12 09:54 - 00000000 ____D C:Program Files (x86)WinZipper
2016-07-18 10:21 - 2015-08-07 21:39 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes Anti-Malware
2016-07-18 10:21 - 2015-08-06 18:19 - 00000000 ____D C:UsersMaciekAppDataRoamingvlc
2016-07-18 10:21 - 2015-07-08 13:19 - 00000000 ____D C:Program Files (x86)Mozilla Firefox
2016-07-18 10:21 - 2015-04-04 17:06 - 00000000 ___SD C:Windowssystem32GWX
2016-07-18 10:21 - 2013-03-27 16:18 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Silverlight
2016-07-18 10:20 - 2011-01-28 15:30 - 00000000 ____D C:UsersMaciekAppDataLocalMozilla
2016-07-18 10:18 - 2012-09-29 02:49 - 00000000 ____D C:Program Files (x86)VideoLAN
2016-07-18 00:51 - 2014-12-11 20:47 - 00000000 ____D C:Windowssystem32appraiser
2016-07-18 00:51 - 2014-05-06 11:42 - 00000000 ___SD C:Windowssystem32CompatTel
2016-07-18 00:51 - 2009-10-28 20:59 - 00000000 ____D C:Program FilesWindows Journal
2016-07-18 00:51 - 2009-07-14 05:20 - 00000000 ____D C:Windowsrescache
2016-07-18 00:50 - 2016-01-14 00:21 - 00000000 ____D C:ProgramDataPackage Cache
2016-07-18 00:50 - 2015-02-22 16:48 - 00000000 ____D C:Program Files (x86)Microsoft SQL Server Compact Edition
2016-07-18 00:50 - 2013-12-16 09:20 - 00000000 ____D C:UsersMaciekDownloadsMedal of Honor Vanguard
2016-07-18 00:50 - 2013-03-27 16:16 - 00000000 ____D C:Program FilesMicrosoft Silverlight
2016-07-18 00:50 - 2013-03-27 16:16 - 00000000 ____D C:Program Files (x86)Microsoft Silverlight
2016-07-18 00:50 - 2009-07-14 05:20 - 00000000 ____D C:Windowsservicing
2016-07-18 00:50 - 2009-07-14 05:20 - 00000000 ____D C:Program FilesCommon FilesMicrosoft Shared
2016-07-18 00:49 - 2015-08-07 21:39 - 00000000 ____D C:Program Files (x86)Malwarebytes Anti-Malware
2016-07-18 00:46 - 2009-10-28 20:12 - 00000000 ____D C:WindowsSysWOW64Macromed
2016-07-17 23:56 - 2016-06-10 17:54 - 00000000 ____D C:UsersMaciekDownloadsHollywood's Greatest Hits, Vol. 1
2016-07-14 16:04 - 2012-08-25 17:44 - 00000000 ____D C:WindowsSun
2016-07-14 15:54 - 2013-09-22 16:58 - 00000000 ____D C:WindowsMinidump
2016-07-14 15:52 - 2015-02-15 16:12 - 00000000 ____D C:UsersMaciekAppDataRoamingMedia Player Classic
==================== Pliki w katalogu głównym wybranych folderów =======
2009-10-29 06:21 - 2009-02-10 21:23 - 0192484 _____ () C:Program Files (x86)Common FilesAcer GameZone online.ico
2014-07-10 08:16 - 2014-07-10 08:16 - 2174976 _____ (Advanced Micro Devices Inc.) C:Program Files (x86)Common Filesatimpenc.dll
2015-01-30 20:18 - 2015-11-16 11:57 - 0011776 _____ () C:UsersMaciekAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-04-03 12:46 - 2010-04-03 12:49 - 0007815 _____ () C:ProgramDataArcadeDeluxe3.log
2009-10-29 06:22 - 2009-07-18 03:57 - 0036136 _____ (Oberon Media) C:ProgramDataFullRemove.exe
2011-04-25 14:33 - 2011-04-25 14:33 - 0000351 _____ () C:ProgramDatahpzinstall.log
2015-10-02 14:08 - 2015-11-26 11:24 - 0000098 _____ () C:ProgramData{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Pliki do przeniesienia lub usunięcia:
====================
C:ProgramData{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Niektóre pliki w TEMP:
====================
C:UsersMaciekAppDataLocalTempodk_setup.exe
==================== Bamital & volsnap =================
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
C:Windowssystem32winlogon.exe => Plik podpisany cyfrowo
C:Windowssystem32wininit.exe => Plik podpisany cyfrowo
C:WindowsSysWOW64wininit.exe => Plik podpisany cyfrowo
C:Windowsexplorer.exe => Plik podpisany cyfrowo
C:WindowsSysWOW64explorer.exe => Plik podpisany cyfrowo
C:Windowssystem32svchost.exe => Plik podpisany cyfrowo
C:WindowsSysWOW64svchost.exe => Plik podpisany cyfrowo
C:Windowssystem32services.exe => Plik podpisany cyfrowo
C:Windowssystem32User32.dll => Plik podpisany cyfrowo
C:WindowsSysWOW64User32.dll => Plik podpisany cyfrowo
C:Windowssystem32userinit.exe => Plik podpisany cyfrowo
C:WindowsSysWOW64userinit.exe => Plik podpisany cyfrowo
C:Windowssystem32rpcss.dll => Plik podpisany cyfrowo
C:Windowssystem32dnsapi.dll => Plik podpisany cyfrowo
C:WindowsSysWOW64dnsapi.dll => Plik podpisany cyfrowo
C:Windowssystem32Driversvolsnap.sys => Plik podpisany cyfrowo
LastRegBack: 2016-07-13 15:07
==================== Koniec FRST.txt ============================ |