wklejto.pl

Dodane przez: ~FRST (2019-05-12 12:06) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
inRezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 11-03-2017
Uruchomiony przez admin76 (administrator)  ADMIN (12-05-2019 11:58:32)
Uruchomiony z E:100 TOOLSFRST64
Załadowane profile: admin76 (Dostępne profile: admin76)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: FF)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Procesy (filtrowane) =================
 
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
 
(Microsoft Corporation) C:Program FilesMicrosoft Security ClientMsMpEng.exe
(AMD) C:WindowsSystem32atiesrxx.exe
(AMD) C:WindowsSystem32atieclxx.exe
(Broadcom Corporation.) C:Program FilesWIDCOMMBluetooth Softwarebtwdins.exe
() C:Program Files (x86)HiSuiteHandSetServiceHuaweiHiSuiteService64.exe
(Intel Corporation) C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe
(Microsoft Corporation) C:Program Files (x86)Design ProgramMSSQL$ELFADPBinnsqlservr.exe
(Nalpeiron Ltd.) C:WindowsSysWOW64NLSSRV32.EXE
(Microsoft Corporation) C:Program FilesMicrosoft Security Clientmsseces.exe
(ArcSoft, Inc.) C:Program Files (x86)ArcSoftMagic-i Visual Effects 2uCamMonitor.exe
(IncrediMail Ltd.) C:Program Files (x86)IncrediMailBinIncMail.exe
(Broadcom Corporation.) C:Program FilesWIDCOMMBluetooth SoftwareBTTray.exe
(Microsoft Corporation) C:Program Files (x86)Microsoft SQL Server80ToolsBinnsqlmangr.exe
(Sony Corporation) C:Program Files (x86)SonyVAIO Event ServiceVESMgr.exe
(Sony Corporation) C:Program FilesSonyVAIO Smart NetworkVSNService.exe
(Sony Corporation) C:Program FilesSonyVAIO Smart NetworkVSNClient.exe
(Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe
(Intel Corporation) C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe
(Microsoft Corporation) C:WindowsSysWOW64dllhost.exe
(Nullsoft, Inc.) C:Program Files (x86)Winampwinampa.exe
(Sony Corporation) C:Program Files (x86)SonyVAIO Event ServiceVESMgrSub.exe
(Microsoft Corporation) C:Program FilesMicrosoft Security ClientNisSrv.exe
(Wondershare) C:Program Files (x86)Common FilesWondershareWondershare Helper CompactWSHelper.exe
(Oracle Corporation) C:Program Files (x86)Common FilesJavaJava Updatejusched.exe
(IncrediMail Ltd.) C:Program Files (x86)IncrediMailBinImApp.exe
(Microsoft Corporation) C:WindowsSysWOW64rundll32.exe
(Malwarebytes) C:Program FilesMalwarebytesAnti-Malwarembamtray.exe
(Intel Corporation) C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe
(Sony Corporation) C:Program FilesSonyVAIO Power ManagementSPMService.exe
(Mozilla Corporation) C:Program FilesMozilla Firefoxfirefox.exe
(Mozilla Corporation) C:Program FilesMozilla Firefoxfirefox.exe
(Mozilla Corporation) C:Program FilesMozilla Firefoxfirefox.exe
(Mozilla Corporation) C:Program FilesMozilla Firefoxfirefox.exe
(Mozilla Corporation) C:Program FilesMozilla Firefoxfirefox.exe
(Mozilla Corporation) C:Program FilesMozilla Firefoxfirefox.exe
(Mozilla Corporation) C:Program FilesMozilla Firefoxfirefox.exe
(C. Ghisler & Co.) C:totalcmdTOTALCMD.EXE
(Oracle Corporation) C:Program Files (x86)Common FilesJavaJava Updatejucheck.exe
(Mozilla Corporation) C:Program FilesMozilla Firefoxfirefox.exe
 
==================== Rejestr (filtrowane) ====================
 
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
 
HKLM...Run: [Apoint] => C:Program FilesApointApoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.)
HKLM...Run: [MSC] => C:Program FilesMicrosoft Security Clientmsseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM-x32...Run: [IAStorIcon] => C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32...Run: [WinampAgent] => C:Program Files (x86)Winampwinampa.exe [74752 2010-11-30] (Nullsoft, Inc.)
HKLM-x32...Run: [StartCCC] => C:Program Files (x86)ATI TechnologiesATI.ACECore-Staticamd64CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32...Run: [Wondershare Helper Compact.exe] => C:Program Files (x86)Common FilesWondershareWondershare Helper CompactWSHelper.exe [1994752 2014-02-20] (Wondershare)
HKLM-x32...Run: [SunJavaUpdateSched] => C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [587288 2017-12-19] (Oracle Corporation)
WinlogonNotifyigfxcui: C:WindowsSYSTEM32igfxdev.dll (Intel Corporation)
HKUS-1-5-21-2509029017-971574737-2187697875-1000...Run: [Flvto YouTube Downloader] => "C:Usersadmin76AppDataLocalFlvto YouTube DownloaderFlvtoYoutubeDownloader.Redesign.exe" /minimize
HKUS-1-5-21-2509029017-971574737-2187697875-1000...Run: [IncrediMail] => C:Program Files (x86)IncrediMailbinIncMail.exe [444424 2016-04-20] (IncrediMail Ltd.)
HKUS-1-5-21-2509029017-971574737-2187697875-1000...MountPoints2: G - G:HiSuiteDownLoader.exe
HKUS-1-5-21-2509029017-971574737-2187697875-1000...MountPoints2: {b557b8c5-57a5-11e9-9d36-c44619b04a4c} - G:HiSuiteDownLoader.exe
HKUS-1-5-21-2509029017-971574737-2187697875-1000...MountPoints2: {d796869a-3a24-11e8-a702-c44619b04a4c} - G:HiSuiteDownLoader.exe
HKUS-1-5-21-2509029017-971574737-2187697875-1000...MountPoints2: {d796869f-3a24-11e8-a702-c44619b04a4c} - G:HiSuiteDownLoader.exe
HKUS-1-5-18...RunOnce: [SPReview] => C:WindowsSystem32SPReviewSPReview.exe [301568 2016-04-17] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:Program FilesWIDCOMMBluetooth SoftwareBtwProximityCP.dll
ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:ProgramDataGGggdriveggdrive-overlay.dll [2014-03-20] (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:ProgramDataGGggdriveggdrive-overlay.dll [2014-03-20] (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:ProgramDataGGggdriveggdrive-overlay.dll [2014-03-20] (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:ProgramDataGGggdriveggdrive-overlay.dll [2014-03-20] (GG Network S.A.)
Startup: C:ProgramDataMicrosoftWindowsStart MenuProgramsStartupBluetooth.lnk [2014-02-23]
ShortcutTarget: Bluetooth.lnk -> C:Program FilesWIDCOMMBluetooth SoftwareBTTray.exe (Broadcom Corporation.)
Startup: C:ProgramDataMicrosoftWindowsStart MenuProgramsStartupService Manager.lnk [2014-04-11]
ShortcutTarget: Service Manager.lnk -> C:Program Files (x86)Microsoft SQL Server80ToolsBinnsqlmangr.exe (Microsoft Corporation)
 
==================== Internet (filtrowane) ====================
 
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
 
TcpipParameters: [DhcpNameServer] 62.179.1.62 62.179.1.63
Tcpip..Interfaces{483DE130-6D5E-479C-B2DA-23476692A940}: [DhcpNameServer] 62.179.1.62 62.179.1.63
Tcpip..Interfaces{9E19C038-DD7B-4829-B255-EDCC2483F5D9}: [DhcpNameServer] 62.179.1.62 62.179.1.63
 
Internet Explorer:
==================
HKUS-1-5-21-2509029017-971574737-2187697875-1000SoftwareMicrosoftInternet ExplorerMain,Start Page = hxxp://www.msn.com/?pc=U453&ocid=U453DHP&osmkt=pl-pl
HKUS-1-5-21-2509029017-971574737-2187697875-1000SoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE
SearchScopes: HKUS-1-5-21-2509029017-971574737-2187697875-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKUS-1-5-21-2509029017-971574737-2187697875-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:Program Files (x86)Javajre1.8.0_161binssv.dll [2018-02-16] (Oracle Corporation)
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:Program Files (x86)Javajre1.8.0_161binjp2ssv.dll [2018-02-16] (Oracle Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  Brak pliku
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:Program Files (x86)Windows LiveMessengermsgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:Program Files (x86)Windows LiveMessengermsgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: z3t8j2vl.default-1483298636297-1557416730612
FF ProfilePath: C:Usersadmin76AppDataRoamingMozillaFirefoxProfiless1ggrzsz.default-1503139295227 [2019-04-11]
FF ProfilePath: C:Usersadmin76AppDataRoamingMozillaFirefoxProfilesz3t8j2vl.default-1483298636297-1557416730612 [2019-05-12]
FF Homepage: MozillaFirefoxProfilesz3t8j2vl.default-1483298636297-1557416730612 -> hxxps://wpolityce.pl/
hxxp://www.alkoholeminiaturki.fora.pl/
hxxps://translate.google.pl/?hl=pl
FF Extension: (hotfix-update-xpi-intermediate) - C:Usersadmin76AppDataRoamingMozillaFirefoxProfilesz3t8j2vl.default-1483298636297-1557416730612Extensionshotfix-update-xpi-intermediate@mozilla.com.xpi [2019-05-09]
FF Extension: (Baidu Search Update) - C:Usersadmin76AppDataRoamingMozillaFirefoxProfilesz3t8j2vl.default-1483298636297-1557416730612features{7f03e12e-f487-41a7-ad12-e9e7566045f7}baidu-code-update@mozillaonline.com.xpi [2019-05-09]
FF Extension: (Firefox Monitor) - C:Usersadmin76AppDataRoamingMozillaFirefoxProfilesz3t8j2vl.default-1483298636297-1557416730612features{7f03e12e-f487-41a7-ad12-e9e7566045f7}fxmonitor@mozilla.org.xpi [2019-05-09]
FF Extension: (Java Console) - C:Program Files (x86)Mozilla Firefoxextensions{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2018-04-20] [Brak podpisu cyfrowego]
FF Extension: (Firefox Screenshots) - C:Program FilesMozilla Firefoxbrowserfeaturesscreenshots@mozilla.org.xpi [2019-01-30] [Brak podpisu cyfrowego]
FF Extension: (WebCompat Reporter) - C:Program FilesMozilla Firefoxbrowserfeatureswebcompat-reporter@mozilla.org.xpi [2019-03-20] [Brak podpisu cyfrowego]
FF HKLM-x32...ThunderbirdExtensions: [eplgTb@eset.com] - C:Program FilesESETESET NOD32 AntivirusMozilla Thunderbird => nie znaleziono
FF Plugin: @adobe.com/FlashPlayer -> C:Windowssystem32MacromedFlashNPSWF64_32_0_0_171.dll [2019-04-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:Program FilesMicrosoft Silverlight5.1.50901.0npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:Program Files (x86)Common FilesAdobeOOBEPDAppCCMUtilitiesnpAdobeAAMDetect64.dll [Brak pliku]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:WindowsSysWOW64MacromedFlashNPSWF32_32_0_0_171.dll [2019-04-09] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:Program Files (x86)Javajre1.8.0_161bindtpluginnpDeployJava1.dll [2018-02-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:Program Files (x86)Javajre1.8.0_161binplugin2npjp2.dll [2018-02-16] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:Program Files (x86)Microsoft Silverlight5.1.50901.0npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll [2010-04-17] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:Program Files (x86)Real Alternativebrowserpluginsnppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:Program Files (x86)Real Alternativebrowserpluginsnprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:Program Files (x86)GoogleUpdate1.3.34.7npGoogleUpdate3.dll [2019-03-28] (Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:Program Files (x86)GoogleUpdate1.3.34.7npGoogleUpdate3.dll [2019-03-28] (Google LLC)
FF Plugin-x32: Adobe Reader -> C:Program Files (x86)AdobeReader 10.0ReaderAIRnppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:Program Files (x86)mozilla firefoxpluginsnppdf32.dll [2012-07-27] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://wpolityce.pl/","hxxp://www.alkoholeminiaturki.fora.pl/","hxxps://translate.google.pl/?hl=pl","hxxps://www.ebay.de/itm/Jack-Daniel-s-Jack-Daniels-Black-Label-1-14L-40-alte-Flaschenform/123079084734?hash=item1ca815cabe:g:k4YAAOSwbX1a0yEU"
CHR Profile: C:Usersadmin76AppDataLocalGoogleChromeUser DataDefault [2019-04-11]
CHR Extension: (Prezentacje) - C:Usersadmin76AppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2018-04-20]
CHR Extension: (Dokumenty) - C:Usersadmin76AppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2018-04-20]
CHR Extension: (Dysk Google) - C:Usersadmin76AppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2018-04-20]
CHR Extension: (YouTube) - C:Usersadmin76AppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2018-04-20]
CHR Extension: (vGet Cast (DLNA Controller)) - C:Usersadmin76AppDataLocalGoogleChromeUser DataDefaultExtensionsekdjofnchpbfmnfbedalmbdlhbabiapi [2019-03-31]
CHR Extension: (Arkusze) - C:Usersadmin76AppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2018-04-20]
CHR Extension: (Dokumenty Google offline) - C:Usersadmin76AppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-06]
CHR Extension: (vGet Extension (Video Downloader, DLNA)) - C:Usersadmin76AppDataLocalGoogleChromeUser DataDefaultExtensionshniladkejehjfchadikcbjmgjaogciic [2019-03-31]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:Usersadmin76AppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2018-04-20]
CHR Extension: (Gmail) - C:Usersadmin76AppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2018-04-20]
CHR Extension: (Chrome Media Router) - C:Usersadmin76AppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-07]
 
==================== Usługi (filtrowane) ====================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
S3 ACDaemon; C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [335416 2019-04-09] (Adobe)
S3 GoogleChromeElevationService; C:Program Files (x86)GoogleChromeApplication74.0.3729.131elevation_service.exe [1267696 2019-04-30] (Google Inc.)
R2 HuaweiHiSuiteService64.exe; C:Program Files (x86)HiSuiteHandSetServiceHuaweiHiSuiteService64.exe [190784 2018-12-12] () [Brak podpisu cyfrowego]
S3 IDriverT; C:Program Files (x86)Common FilesInstallShieldDriver11Intel 32IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Brak podpisu cyfrowego]
R2 MBAMService; C:Program FilesMalwarebytesAnti-Malwarembamservice.exe [6562472 2019-02-01] (Malwarebytes)
R2 MsMpSvc; C:Program FilesMicrosoft Security ClientMsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R2 MSSQL$ELFADP; C:Program Files (x86)Design ProgramMSSQL$ELFADPBinnsqlservr.exe [7520337 2002-12-17] (Microsoft Corporation) [Brak podpisu cyfrowego]
S3 MSSQLServerADHelper; C:Program Files (x86)Microsoft SQL Server80ToolsBinnsqladhlp.exe [66112 2002-12-17] (Microsoft Corporation) [Brak podpisu cyfrowego]
R3 NisSrv; C:Program FilesMicrosoft Security ClientNisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
S3 SQLAgent$ELFADP; C:Program Files (x86)Design ProgramMSSQL$ELFADPBinnsqlagent.EXE [311872 2002-12-17] (Microsoft Corporation) [Brak podpisu cyfrowego]
R2 uCamMonitor; C:Program Files (x86)ArcSoftMagic-i Visual Effects 2uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VCFw; C:Program Files (x86)Common FilesSony SharedVAIO Content Folder WatcherVCFw.exe [887000 2011-01-20] (Sony Corporation)
R2 VSNService; C:Program FilesSonyVAIO Smart NetworkVSNService.exe [836608 2010-06-08] (Sony Corporation) [Brak podpisu cyfrowego]
S3 VUAgent; C:Program FilesSonyVAIO Updatevuagent.exe [1642544 2014-02-28] (Sony Corporation)
S3 WinDefend; C:Program FilesWindows Defendermpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
 
===================== Sterowniki (filtrowane) ======================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
R3 ArcSoftKsUFilter; C:WindowsSystem32DRIVERSArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
S3 ew_usbccgpfilter; C:WindowsSystem32DRIVERSew_usbccgpfilter.sys [18944 2018-12-12] (Huawei Technologies Co., Ltd.)
S3 HTCAND64; C:WindowsSystem32DriversANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [Brak podpisu cyfrowego]
U5 hw_usbdev; C:WindowsSystem32Drivershw_usbdev.sys [116864 2018-12-12] (Huawei Technologies Co., Ltd.)
S3 igfx; C:WindowsSystem32DRIVERSigdkmd64.sys [10326784 2010-06-24] (Intel Corporation) [Brak podpisu cyfrowego]
S3 IntcDAud; C:WindowsSystem32DRIVERSIntcDAud.sys [271872 2010-06-24] (Intel(R) Corporation) [Brak podpisu cyfrowego]
R3 MBAMSwissArmy; C:WindowsSystem32Driversmbamswissarmy.sys [275232 2019-05-12] (Malwarebytes)
R0 MpFilter; C:WindowsSystem32DRIVERSMpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:WindowsSystem32DRIVERSNisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 pwdrvio; C:Windowssystem32pwdrvio.sys [19936 2010-08-16] ()
S3 pwdspio; C:Windowssystem32pwdspio.sys [13280 2010-08-16] ()
U3 axldrpod; ??C:Usersadmin76AppDataLocalTempaxldrpod.sys [X] <==== UWAGA
 
==================== NetSvcs (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
 
==================== Jeden miesiąc - utworzone pliki i foldery ========
 
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2019-05-12 11:46 - 2019-05-12 11:46 - 00275232 _____ (Malwarebytes) C:Windowssystem32Driversmbamswissarmy.sys
2019-05-11 19:13 - 2019-05-11 19:13 - 00000000 ____D C:Usersadmin76AppDataRoamingMicrosoftWindowsStart MenuProgramsUrządzenia interfejsu Bluetooth
2019-05-09 06:43 - 2019-05-10 15:24 - 00000000 ____D C:Program FilesMozilla Firefox
 
==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
 
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2019-05-12 11:58 - 2016-05-12 18:06 - 00000000 ____D C:FRST
2019-05-12 11:53 - 2009-07-14 06:45 - 00009920 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-05-12 11:53 - 2009-07-14 06:45 - 00009920 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-05-12 11:50 - 2016-11-19 12:21 - 00000000 ____D C:Usersadmin76AppDataLocalLowMozilla
2019-05-12 11:45 - 2009-07-14 07:08 - 00000006 ____H C:WindowsTasksSA.DAT
2019-05-12 08:32 - 2019-02-17 08:53 - 00153328 _____ (Malwarebytes) C:Windowssystem32Driversmbae64.sys
2019-05-12 05:29 - 2010-11-28 10:54 - 00003962 _____ C:WindowsSystem32TasksUser_Feed_Synchronization-{B2E47E75-4EF9-4095-A23B-1540A09AAAB5}
2019-05-11 19:22 - 2014-02-23 11:11 - 00000000 ____D C:ProgramDataBtCrashDumps
2019-05-10 15:24 - 2013-02-26 20:55 - 00000000 ____D C:Program Files (x86)Mozilla Maintenance Service
2019-05-09 17:45 - 2017-10-12 18:10 - 00000000 ____D C:Usersadmin76DesktopStare dane programu Firefox
2019-05-07 19:55 - 2010-11-30 18:31 - 00000000 ____D C:Usersadmin76AppDataRoamingWinamp
2019-05-07 05:32 - 2018-04-20 19:16 - 00002223 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk
2019-05-06 21:40 - 2013-07-05 17:09 - 00000000 ____D C:Usersadmin76AppDataRoamingGG
2019-04-30 19:22 - 2013-07-05 17:09 - 00000000 ____D C:Usersadmin76AppDataLocalGG
2019-04-28 06:42 - 2010-07-21 02:14 - 00722166 _____ C:Windowssystem32perfh015.dat
2019-04-28 06:42 - 2010-07-21 02:14 - 00156174 _____ C:Windowssystem32perfc015.dat
2019-04-28 06:42 - 2009-07-14 07:13 - 01633882 _____ C:Windowssystem32PerfStringBackup.INI
2019-04-28 06:42 - 2009-07-14 05:20 - 00000000 ____D C:Windowsinf
 
==================== Pliki w katalogu głównym wybranych folderów =======
 
2017-04-11 07:13 - 2017-04-11 09:21 - 0002952 _____ () C:Usersadmin76AppDataRoamingdownloads.json
2013-01-28 21:37 - 2013-01-28 21:37 - 0000000 _____ () C:Usersadmin76AppDataRoaminggcstar.log
2012-03-08 18:55 - 2012-03-08 18:55 - 0099384 _____ () C:Usersadmin76AppDataRoaminginst.exe
2014-05-30 15:19 - 2019-03-05 18:55 - 0000000 _____ () C:Usersadmin76AppDataRoamingMediaFolder
2012-03-08 18:55 - 2012-03-08 18:55 - 0007859 _____ () C:Usersadmin76AppDataRoamingpcouffin.cat
2012-03-08 18:55 - 2012-03-08 18:55 - 0001167 _____ () C:Usersadmin76AppDataRoamingpcouffin.inf
2012-03-08 18:55 - 2012-03-08 18:55 - 0000055 _____ () C:Usersadmin76AppDataRoamingpcouffin.log
2012-03-08 18:55 - 2012-03-08 18:55 - 0082816 _____ (VSO Software) C:Usersadmin76AppDataRoamingpcouffin.sys
2011-01-19 17:44 - 2011-01-19 19:04 - 0001057 _____ () C:Usersadmin76AppDataRoamingvso_ts_preview.xml
2011-07-10 10:59 - 2019-04-06 11:52 - 0007168 _____ () C:Usersadmin76AppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-07-02 05:43 - 2012-07-02 05:43 - 0033758 _____ () C:Usersadmin76AppDataLocaldt.dat
2014-03-15 09:59 - 2014-03-15 09:59 - 0000850 _____ () C:Usersadmin76AppDataLocalrecently-used.xbel
2017-01-22 21:47 - 2019-03-05 11:23 - 0007603 _____ () C:Usersadmin76AppDataLocalResmon.ResmonCfg
2010-11-29 20:53 - 2010-11-29 20:53 - 0000056 ____H () C:ProgramDataezsidmv.dat
2019-03-05 18:55 - 2019-03-05 18:55 - 0000000 _____ () C:ProgramDataLibraries
2019-03-05 18:55 - 2019-03-05 18:55 - 0000000 _____ () C:ProgramDataMaster
2019-04-06 11:40 - 2019-04-06 11:40 - 0000016 _____ () C:ProgramDatamntemp
2014-05-30 15:19 - 2019-03-05 18:56 - 0000000 ____H () C:ProgramDataPKP_DLes.DAT
2014-05-30 15:19 - 2019-03-05 18:55 - 0000000 ____H () C:ProgramDataPKP_DLet.DAT
2014-05-30 15:19 - 2019-03-05 18:55 - 0000000 ____H () C:ProgramDataPKP_DLev.DAT
2019-04-06 11:40 - 2019-04-06 11:40 - 0012716 _____ () C:ProgramDatasokqucqi.nri
 
==================== Bamital & volsnap ======================
 
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
 
C:Windowssystem32winlogon.exe => Plik podpisany cyfrowo
C:Windowssystem32wininit.exe => Plik podpisany cyfrowo
C:WindowsSysWOW64wininit.exe => Plik podpisany cyfrowo
C:Windowsexplorer.exe => Plik podpisany cyfrowo
C:WindowsSysWOW64explorer.exe => Plik podpisany cyfrowo
C:Windowssystem32svchost.exe => Plik podpisany cyfrowo
C:WindowsSysWOW64svchost.exe => Plik podpisany cyfrowo
C:Windowssystem32services.exe => Plik podpisany cyfrowo
C:Windowssystem32User32.dll => Plik podpisany cyfrowo
C:WindowsSysWOW64User32.dll => Plik podpisany cyfrowo
C:Windowssystem32userinit.exe => Plik podpisany cyfrowo
C:WindowsSysWOW64userinit.exe => Plik podpisany cyfrowo
C:Windowssystem32rpcss.dll => Plik podpisany cyfrowo
C:Windowssystem32dnsapi.dll => Plik podpisany cyfrowo
C:WindowsSysWOW64dnsapi.dll => Plik podpisany cyfrowo
C:Windowssystem32Driversvolsnap.sys => Plik podpisany cyfrowo
 
LastRegBack: 2019-05-03 14:46
 
==================== Koniec  FRST.txt ============================
Wygenerowano w 0.034s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!