Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 01-06-2017 Uruchomiony przez Abc (administrator) ABC-KOMPUTER (02-06-2017 15:30:36) Uruchomiony z C:\Users\Abc\Desktop Załadowane profile: Abc (Dostępne profile: Abc) Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe () C:\Windows\System32\PnkBstrA.exe (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Spotify Ltd) C:\Users\Abc\AppData\Roaming\Spotify\Spotify.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe (Hammer & Chisel, Inc.) C:\Users\Abc\AppData\Local\Discord\app-0.0.297\Discord.exe (Spotify Ltd) C:\Users\Abc\AppData\Roaming\Spotify\SpotifyWebHelper.exe (SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (Spotify Ltd) C:\Users\Abc\AppData\Roaming\Spotify\Spotify.exe (FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Spotify Ltd) C:\Users\Abc\AppData\Roaming\Spotify\Spotify.exe (GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe (Spotify Ltd) C:\Users\Abc\AppData\Roaming\Spotify\Spotify.exe (Hammer & Chisel, Inc.) C:\Users\Abc\AppData\Local\Discord\app-0.0.297\Discord.exe (GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe (GOG.com) C:\Program Files (x86)\GalaxyClient\GOG Galaxy Notifications Renderer.exe (GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe (GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe (Hammer & Chisel, Inc.) C:\Users\Abc\AppData\Local\Discord\app-0.0.297\Discord.exe (SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Opera Software) C:\Windows\Temp\CProgram Files (x86)Opera\installing\installer.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor) HKLM\...\Run: [XFast LAN] => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [1441152 2011-10-19] (cFos Software GmbH) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated) HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [5006536 2016-03-21] (Advanced Micro Devices, Inc.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-09] (AVAST Software) HKLM-x32\...\Run: [XFastUSB] => C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5019360 2013-07-03] (FNet Co., Ltd.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) HKLM-x32\...\Run: [Adobe Creative Cloud] => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM\ DisallowedCertificates: 1916A2AF346D399F50313C393200F14140456616 (Avast Antivirus/Software) <==== UWAGA HKLM\ DisallowedCertificates: 2A83E9020591A55FC6DDAD3FB102794C52B24E70 (Avast Antivirus/Software) <==== UWAGA HKLM\ DisallowedCertificates: 2B84BFBB34EE2EF949FE1CBE30AA026416EB2216 (Avast Antivirus/Software) <==== UWAGA HKLM\ DisallowedCertificates: 305F8BD17AA2CBC483A4C41B19A39A0C75DA39D6 (Avast Antivirus/Software) <==== UWAGA HKLM\ DisallowedCertificates: 367D4B3B4FCBBC0B767B2EC0CDB2A36EAB71A4EB (Avast Antivirus/Software) <==== UWAGA HKLM\ DisallowedCertificates: 3A850044D8A195CD401A680C012CB0A3B5F8DC08 (Avast Antivirus/Software) <==== UWAGA HKLM\ DisallowedCertificates: 40AA38731BD189F9CDB5B9DC35E2136F38777AF4 (Avast Antivirus/Software) <==== UWAGA HKLM\ DisallowedCertificates: 43D9BCB568E039D073A74A71D8511F7476089CC3 (Avast Antivirus/Software) <==== UWAGA HKLM\ DisallowedCertificates: 471C949A8143DB5AD5CDF1C972864A2504FA23C9 (Avast Antivirus/Software) <==== UWAGA HKLM\ DisallowedCertificates: 51C3247D60F356C7CA3BAF4C3F429DAC93EE7B74 (Avast Antivirus/Software) <==== UWAGA HKLM\ DisallowedCertificates: 5DE83EE82AC5090AEA9D6AC4E7A6E213F946E179 (Avast Antivirus/Software) <==== UWAGA HKLM\ DisallowedCertificates: 61793FCBFA4F9008309BBA5FF12D2CB29CD4151A (Avast Antivirus/Software) <==== UWAGA HKLM\ DisallowedCertificates: 637162CC59A3A1E25956FA5FA8F60D2E1C52EAC6 (Avast Antivirus/Software) <==== UWAGA HKLM\ DisallowedCertificates: 63FEAE960BAA91E343CE2BD8B71798C76BDB77D0 (Avast Antivirus/Software) <==== UWAGA HKLM\ DisallowedCertificates: 6431723036FD26DEA502792FA595922493030F97 (Avast Antivirus/Software) <==== UWAGA HKLM\ DisallowedCertificates: 7D7F4414CCEF168ADF6BF40753B5BECD78375931 (Avast Antivirus/Software) <==== UWAGA HKLM\ DisallowedCertificates: 80962AE4D6C5B442894E95A13E4A699E07D694CF (Avast Antivirus/Software) <==== UWAGA HKLM\ DisallowedCertificates: 86E817C81A5CA672FE000F36F878C19518D6F844 (Avast Antivirus/Software) <==== UWAGA HKLM\ DisallowedCertificates: 8E5BD50D6AE686D65252F843A9D4B96D197730AB (Avast Antivirus/Software) <==== UWAGA HKLM\ DisallowedCertificates: 9845A431D51959CAF225322B4A4FE9F223CE6D15 (Avast Antivirus/Software) <==== UWAGA HKLM\ DisallowedCertificates: B533345D06F64516403C00DA03187D3BFEF59156 (Avast Antivirus/Software) <==== UWAGA HKLM\ DisallowedCertificates: B86E791620F759F17B8D25E38CA8BE32E7D5EAC2 (Avast Antivirus/Software) <==== UWAGA HKLM\ DisallowedCertificates: C060ED44CBD881BD0EF86C0BA287DDCF8167478C (Avast Antivirus/Software) <==== UWAGA HKLM\ DisallowedCertificates: CEA586B2CE593EC7D939898337C57814708AB2BE (Avast Antivirus/Software) <==== UWAGA HKLM\ DisallowedCertificates: D018B62DC518907247DF50925BB09ACF4A5CB3AD (Avast Antivirus/Software) <==== UWAGA HKLM\ DisallowedCertificates: F8A54E03AADC5692B850496A4C4630FFEAA29D83 (Avast Antivirus/Software) <==== UWAGA HKLM\ DisallowedCertificates: FA6660A94AB45F6A88C0D7874D89A863D74DEE97 (Avast Antivirus/Software) <==== UWAGA HKU\S-1-5-21-2927547900-2652605247-2470492389-1000\...\Run: [ASRockXTU] => [X] HKU\S-1-5-21-2927547900-2652605247-2470492389-1000\...\Run: [zASRockInstantBoot] => [X] HKU\S-1-5-21-2927547900-2652605247-2470492389-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3048312 2017-05-31] (Electronic Arts) HKU\S-1-5-21-2927547900-2652605247-2470492389-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation) HKU\S-1-5-21-2927547900-2652605247-2470492389-1000\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [4954176 2017-05-24] (GOG.com) HKU\S-1-5-21-2927547900-2652605247-2470492389-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-2927547900-2652605247-2470492389-1000\...\Run: [Spotify] => C:\Users\Abc\AppData\Roaming\Spotify\Spotify.exe [7009904 2017-05-26] (Spotify Ltd) HKU\S-1-5-21-2927547900-2652605247-2470492389-1000\...\Run: [Discord] => C:\Users\Abc\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.) HKU\S-1-5-21-2927547900-2652605247-2470492389-1000\...\Run: [Spotify Web Helper] => C:\Users\Abc\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1560176 2017-05-26] (Spotify Ltd) HKU\S-1-5-21-2927547900-2652605247-2470492389-1000\...\MountPoints2: {6bf423f4-be05-11e5-a018-bc5ff476b824} - G:\startme.exe HKU\S-1-5-21-2927547900-2652605247-2470492389-1000\...\MountPoints2: {9507c843-e3de-11e2-946e-806e6f6e6963} - F:\ASRSetup.exe HKU\S-1-5-21-2927547900-2652605247-2470492389-1000\...\MountPoints2: {c999255d-eb98-11e6-92a2-bc5ff476b824} - G:\HiSuiteDownLoader.exe HKU\S-1-5-21-2927547900-2652605247-2470492389-1000\...\MountPoints2: {c9992574-eb98-11e6-92a2-bc5ff476b824} - G:\HiSuiteDownLoader.exe HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-04-08] (Microsoft Corporation) IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\jumpflip: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\searchinstaller.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\searchsettings.exe: [Debugger] tasklist.exe IFEO\searchsettings64.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\umbrella.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe IFEO\websteroids.exe: [Debugger] tasklist.exe IFEO\websteroidsservice.exe: [Debugger] tasklist.exe ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-09] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-09] (AVAST Software) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll -> Brak pliku ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll -> Brak pliku ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll -> Brak pliku ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll -> Brak pliku Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2016-10-10] ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2013-07-05] ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () GroupPolicy: Ograniczenia - Chrome <======= UWAGA GroupPolicy\User: Ograniczenia <======= UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 80.48.126.2 80.48.126.3 Tcpip\..\Interfaces\{18AABF70-9EF1-4C22-8278-E676F7572B18}: [DhcpNameServer] 80.48.126.2 80.48.126.3 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-2927547900-2652605247-2470492389-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms} HKU\S-1-5-21-2927547900-2652605247-2470492389-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006 SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms} SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms} BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2014-05-03] (Sun Microsystems, Inc.) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-04-04] (AVAST Software) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2014-05-03] (Sun Microsystems, Inc.) BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-04-04] (AVAST Software) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-04-05] (Skype Technologies) Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) FireFox: ======== FF DefaultProfile: mlpsxvv9.default FF ProfilePath: C:\Users\Abc\AppData\Roaming\Mozilla\Firefox\Profiles\mlpsxvv9.default [2017-06-01] FF DefaultSearchEngine: Mozilla\Firefox\Profiles\mlpsxvv9.default -> Google FF DefaultSearchUrl: Mozilla\Firefox\Profiles\mlpsxvv9.default -> hxxps://www.google.com/search?bcutc=sp-006 FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\mlpsxvv9.default -> Google FF SelectedSearchEngine: Mozilla\Firefox\Profiles\mlpsxvv9.default -> Google FF Homepage: Mozilla\Firefox\Profiles\mlpsxvv9.default -> hxxps://www.google.com/?bcutc=sp-006 FF Keyword.URL: Mozilla\Firefox\Profiles\mlpsxvv9.default -> hxxps://www.google.com/search?bcutc=sp-006 FF Extension: (Firefox Hotfix) - C:\Users\Abc\AppData\Roaming\Mozilla\Firefox\Profiles\mlpsxvv9.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-01] FF SearchPlugin: C:\Users\Abc\AppData\Roaming\Mozilla\Firefox\Profiles\mlpsxvv9.default\searchplugins\google-avast.xml [2016-09-02] FF SearchPlugin: C:\Users\Abc\AppData\Roaming\Mozilla\Firefox\Profiles\mlpsxvv9.default\searchplugins\nice-.xml [2016-09-01] FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [Brak pliku] FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [Brak pliku] FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2014-05-03] (Sun Microsystems, Inc.) FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll [Brak pliku] FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [Brak pliku] FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [Brak pliku] FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Brak pliku] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-31] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-31] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2927547900-2652605247-2470492389-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Abc\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-06-11] (Unity Technologies ApS) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxps://www.google.com/?bcutc=sp-006 CHR StartupUrls: Default -> "hxxps://www.google.com/?bcutc=sp-006" CHR Profile: C:\Users\Abc\AppData\Local\Google\Chrome\User Data\Default [2017-06-02] CHR Extension: (Adblock Plus) - C:\Users\Abc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-06-01] CHR Extension: (Gmail) - C:\Users\Abc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-21] CHR Extension: (Chrome Media Router) - C:\Users\Abc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13] CHR Extension: (unTabs) - C:\Users\Abc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pphnmcjolbjlahhdegnbnbhjbgnlceid [2017-06-01] CHR HKLM-x32\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-09] (AVAST Software s.r.o.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-09] (AVAST Software) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1530376 2017-04-13] () R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-10-19] (cFos Software GmbH) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [241936 2016-01-30] (EasyAntiCheat Ltd) S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [512576 2017-05-24] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7955008 2017-05-20] (GOG.com) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2155920 2017-05-31] (Electronic Arts) S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3125656 2017-05-31] (Electronic Arts) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2017-03-17] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2017-02-23] () S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Brak podpisu cyfrowego] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S2 e81a9dc1; "C:\Windows\system32\rundll32.exe" "c:\progra~2\gs-ena~1\AssistantSvc.dll",service ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2012-12-03] (Advanced Micro Devices Inc.) R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.) R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [311808 2017-05-09] (AVAST Software s.r.o.) R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [190256 2017-05-09] (AVAST Software s.r.o.) R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334576 2017-05-09] (AVAST Software s.r.o.) R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [49016 2017-05-09] (AVAST Software s.r.o.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-05-09] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32600 2017-05-09] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [128648 2017-05-09] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-05-09] (AVAST Software) R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-05-09] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1007160 2017-05-09] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [569192 2017-05-09] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [158880 2017-05-12] (AVAST Software) R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-05-09] (AVAST Software) S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2016-10-12] (FNet Co., Ltd.) R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2013-07-03] (FNet Co., Ltd.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-11-25] (Huawei Technologies Co., Ltd.) R3 ssdevfactory; C:\Windows\System32\DRIVERS\ssdevfactory.sys [40576 2016-06-15] (SteelSeries ApS) R3 sshid; C:\Windows\System32\DRIVERS\sshid.sys [52960 2016-10-05] (SteelSeries ApS) S3 AsrCDDrv; \??\C:\Windows\SysWOW64\Drivers\AsrCDDrv.sys [X] S3 aswHdsKe; \??\C:\Windows\system32\drivers\aswHdsKe.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-06-02 15:30 - 2017-06-02 15:32 - 00028186 _____ C:\Users\Abc\Desktop\FRST.txt 2017-06-02 15:30 - 2017-06-02 15:30 - 00000000 ____D C:\Users\Abc\Desktop\FRST-OlderVersion 2017-06-02 15:30 - 2017-06-02 15:30 - 00000000 ____D C:\ProgramData\SWCUTemp 2017-06-01 20:15 - 2017-06-01 20:15 - 00029516 _____ C:\Users\Abc\Downloads\AdwCleanerC0.txt 2017-06-01 19:33 - 2017-06-01 19:33 - 00380928 _____ C:\Users\Abc\Downloads\o036e5ob.exe 2017-06-01 19:33 - 2017-06-01 19:33 - 00371411 _____ C:\Users\Abc\Downloads\gm.zip 2017-06-01 19:33 - 2017-06-01 19:33 - 00371282 _____ C:\Users\Abc\Downloads\gmer.zip 2017-06-01 19:26 - 2017-06-01 19:26 - 00074800 _____ C:\Users\Abc\Downloads\Shortcut.txt 2017-06-01 19:25 - 2017-06-01 19:26 - 00081692 _____ C:\Users\Abc\Downloads\Addition.txt 2017-06-01 19:24 - 2017-06-01 19:26 - 00037728 _____ C:\Users\Abc\Downloads\FRST.txt 2017-06-01 19:22 - 2017-06-02 15:30 - 02433536 _____ (Farbar) C:\Users\Abc\Desktop\FRST64.exe 2017-06-01 19:22 - 2017-06-02 15:30 - 00000000 ____D C:\FRST 2017-06-01 18:45 - 2017-06-01 18:45 - 01931969 _____ C:\Users\Abc\Downloads\ProcessExplorer.zip 2017-06-01 18:01 - 2017-06-01 18:08 - 00000000 ____D C:\AdwCleaner 2017-06-01 18:00 - 2017-06-01 18:01 - 04110280 _____ C:\Users\Abc\Downloads\adwcleaner_6.047 (1).exe 2017-06-01 18:00 - 2017-06-01 18:00 - 04110280 _____ C:\Users\Abc\Downloads\Niepotwierdzony 696442.crdownload 2017-05-31 19:06 - 2017-05-31 19:06 - 00000000 _____ C:\autoexec.bat 2017-05-31 19:04 - 2017-05-31 19:04 - 05103792 _____ (Enigma Software Group USA, LLC.) C:\Users\Abc\Downloads\SpyHunter-Installer.exe 2017-05-31 18:56 - 2017-05-31 18:56 - 00002277 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-05-31 18:56 - 2017-05-31 18:56 - 00002265 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-05-31 18:55 - 2017-05-31 18:55 - 01130328 _____ (Google Inc.) C:\Users\Abc\Downloads\ChromeSetup.exe 2017-05-31 18:55 - 2017-05-31 18:55 - 00003480 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2017-05-31 18:55 - 2017-05-31 18:55 - 00003352 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2017-05-30 18:53 - 2017-05-30 18:53 - 00000000 ____D C:\Users\Abc\Desktop\Lightroom 2017-05-30 17:27 - 2017-05-30 17:27 - 00524248 _____ ( ) C:\Users\Abc\Downloads\Photoshop_Lightroom_CC_6.5_Crack_Win-Mac (1).exe 2017-05-30 17:26 - 2017-05-30 17:26 - 00524248 _____ ( ) C:\Users\Abc\Downloads\Photoshop_Lightroom_CC_6.5_Crack_Win-Mac.exe 2017-05-26 17:06 - 2017-05-26 17:06 - 00000000 ____D C:\Users\Abc\AppData\Roaming\Trine2 2017-05-21 18:21 - 2017-05-21 18:21 - 00044437 _____ C:\Users\Abc\Downloads\Ed Sheeran - Happier - Dax Andreas Arrangement.pdf 2017-05-12 14:09 - 2017-05-12 14:18 - 00000000 ____D C:\Users\Abc\Desktop\komunia 2017-05-09 19:35 - 2017-05-09 19:35 - 00400456 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2017-05-04 20:20 - 2017-05-04 20:20 - 00000000 ____D C:\USOServerFiles 2017-05-04 20:20 - 2017-05-04 20:20 - 00000000 ____D C:\Users\Abc\Unturned Server Organiser 2017-05-04 20:19 - 2017-05-04 20:19 - 03067984 _____ (Pascal Devant) C:\Users\Abc\Downloads\uso_setup.exe 2017-05-04 19:26 - 2017-05-04 19:26 - 00000000 ____D C:\Users\Abc\AppData\LocalLow\Smartly Dressed Games 2017-05-04 09:27 - 2017-05-04 09:28 - 10865488 _____ C:\Users\Abc\Downloads\seba86mu ModPack (0.9.18.0 v1).exe 2017-05-03 13:49 - 2017-05-03 13:49 - 00000000 _____ C:\Windows\SysWOW64\last.dump ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-06-02 15:31 - 2013-10-31 18:57 - 00000000 ____D C:\Program Files (x86)\Steam 2017-06-02 15:28 - 2013-07-05 11:30 - 00000000 ____D C:\Users\Abc\AppData\Roaming\Origin 2017-06-02 15:27 - 2013-07-05 11:30 - 00000000 ____D C:\ProgramData\Origin 2017-06-02 15:26 - 2016-12-07 18:45 - 00000000 ____D C:\Users\Abc\AppData\Local\Spotify 2017-06-02 15:26 - 2016-12-07 18:44 - 00000000 ____D C:\Users\Abc\AppData\Roaming\Spotify 2017-06-02 15:23 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-06-01 21:44 - 2016-08-25 11:11 - 00065536 _____ C:\Windows\system32\spu_storage.bin 2017-06-01 21:44 - 2009-07-14 06:45 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-06-01 21:44 - 2009-07-14 06:45 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-06-01 20:55 - 2013-08-27 09:32 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2017-06-01 18:07 - 2015-02-04 16:25 - 00000000 ____D C:\Windows\system32\log 2017-06-01 18:07 - 2013-07-03 14:52 - 00000993 _____ C:\Users\Abc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2017-06-01 18:07 - 2013-07-03 14:51 - 00000000 ____D C:\Users\Abc 2017-06-01 18:03 - 2013-10-03 19:42 - 00000000 ____D C:\Users\Abc\AppData\Local\Adobe 2017-06-01 18:01 - 2013-09-26 22:24 - 00003974 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{195460CB-6074-4416-8BFB-50AE7EFF2EEA} 2017-05-31 18:56 - 2013-07-03 15:08 - 00000000 ____D C:\Program Files (x86)\Google 2017-05-31 17:04 - 2016-07-13 16:01 - 00003968 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1468418484 2017-05-31 12:27 - 2013-07-05 11:30 - 00000000 ____D C:\Program Files (x86)\Origin 2017-05-30 21:25 - 2015-10-20 18:14 - 00000000 ____D C:\Program Files\Adobe 2017-05-30 20:53 - 2016-12-16 18:23 - 00000000 ____D C:\Users\Abc\AppData\Roaming\discord 2017-05-30 19:24 - 2015-10-20 18:35 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2017-05-30 19:23 - 2013-07-03 15:10 - 00000000 ____D C:\ProgramData\Adobe 2017-05-30 19:21 - 2013-07-03 15:10 - 00000000 ____D C:\Users\Abc\AppData\Roaming\Adobe 2017-05-30 19:13 - 2013-09-30 09:13 - 00000000 ____D C:\ProgramData\Package Cache 2017-05-30 17:27 - 2014-06-13 15:44 - 00002024 __RSH C:\ProgramData\ntuser.pol 2017-05-29 18:44 - 2016-08-20 13:53 - 00000000 ____D C:\Users\Abc\AppData\Roaming\steelseries-engine-3-client 2017-05-28 19:57 - 2009-07-14 19:55 - 00743488 _____ C:\Windows\system32\perfh015.dat 2017-05-28 19:57 - 2009-07-14 19:55 - 00157590 _____ C:\Windows\system32\perfc015.dat 2017-05-28 19:57 - 2009-07-14 07:13 - 01679418 _____ C:\Windows\system32\PerfStringBackup.INI 2017-05-28 19:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2017-05-27 18:46 - 2016-09-14 20:35 - 00000000 ____D C:\Users\Abc\Documents\ProfileCache 2017-05-27 18:44 - 2016-09-14 20:35 - 00000000 ____D C:\Users\Abc\Documents\The Crew 2017-05-27 18:19 - 2016-09-13 18:37 - 00000000 ____D C:\Users\Abc\AppData\Local\Ubisoft Game Launcher 2017-05-27 17:12 - 2015-08-31 17:53 - 00000000 ____D C:\Users\Abc\AppData\Local\Battle.net 2017-05-27 16:35 - 2015-09-01 18:03 - 00000000 ____D C:\Program Files (x86)\Battle.net 2017-05-26 21:48 - 2013-08-28 11:44 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2017-05-26 21:48 - 2013-08-28 11:44 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.ex0 2017-05-26 21:48 - 2013-07-05 15:09 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr 2017-05-24 14:42 - 2015-05-22 14:11 - 00000000 ____D C:\Program Files (x86)\GalaxyClient 2017-05-12 21:23 - 2015-04-07 10:45 - 00158880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2017-05-12 13:51 - 2014-09-30 13:47 - 00000000 ____D C:\Users\Abc\Documents\Euro Truck Simulator 2 2017-05-12 13:11 - 2017-03-17 17:09 - 00000000 ___RD C:\Program Files (x86)\Skype 2017-05-12 13:11 - 2013-10-31 16:22 - 00000000 ____D C:\ProgramData\Skype 2017-05-10 21:19 - 2013-07-26 20:47 - 00000000 ____D C:\Users\Abc\AppData\Roaming\TS3Client 2017-05-09 19:36 - 2017-02-08 18:55 - 00003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update 2017-05-09 19:35 - 2016-07-12 14:25 - 00032600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2017-05-09 19:35 - 2015-04-07 10:45 - 01007160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2017-05-09 19:35 - 2015-04-07 10:45 - 00569192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2017-05-09 19:35 - 2015-04-07 10:45 - 00339696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2017-05-09 19:35 - 2015-04-07 10:45 - 00128648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2017-05-09 19:35 - 2015-04-07 10:45 - 00101152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2017-05-09 19:35 - 2015-04-07 10:45 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2017-05-09 19:35 - 2015-04-07 10:45 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2017-05-09 19:34 - 2017-02-08 18:55 - 00334576 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys 2017-05-09 19:34 - 2017-02-08 18:55 - 00311808 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys 2017-05-09 19:34 - 2017-02-08 18:55 - 00190256 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys 2017-05-09 19:34 - 2017-02-08 18:55 - 00049016 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys 2017-05-04 17:48 - 2015-11-29 19:37 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-09-20 17:06 - 2015-10-20 21:27 - 0407019 _____ () C:\Users\Abc\AppData\Roaming\1.zip 2015-10-09 14:30 - 2015-10-20 21:27 - 1454471 _____ () C:\Users\Abc\AppData\Roaming\2.txt 2014-05-01 14:20 - 2014-05-01 14:20 - 0000120 _____ () C:\Users\Abc\AppData\Roaming\69dd3a1a.dat 2016-09-13 19:04 - 2016-09-13 19:04 - 0000132 _____ () C:\Users\Abc\AppData\Roaming\Preferencje formatu PNG CS6 firmy Adobe 2015-04-05 12:48 - 2015-04-05 12:48 - 0003584 _____ () C:\Users\Abc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-01-29 17:15 - 2017-01-29 17:17 - 49290112 _____ (Sony) C:\Users\Abc\AppData\Local\pcc.exe 2015-02-27 17:50 - 2015-02-27 17:50 - 0003382 _____ () C:\Users\Abc\AppData\Local\recently-used.xbel 2016-05-02 17:58 - 2016-05-02 17:58 - 0000017 _____ () C:\Users\Abc\AppData\Local\resmon.resmoncfg 2013-07-03 15:09 - 2013-07-03 15:09 - 0000003 _____ () C:\Users\Abc\AppData\Local\user_data.ini Niektóre pliki w TEMP: ==================== 2017-04-08 19:21 - 2017-04-08 19:21 - 0000000 _____ () C:\Users\Abc\AppData\Local\Temp\CIMManifest.exe 2017-03-04 19:13 - 2017-03-09 20:34 - 13977352 _____ (Microsoft Corporation) C:\Users\Abc\AppData\Local\Temp\vcredist_x86.exe 2017-03-17 17:00 - 2017-03-17 17:00 - 14456872 _____ (Microsoft Corporation) C:\Users\Abc\AppData\Local\Temp\vc_redist.x86.exe 2017-01-29 17:17 - 2017-01-29 17:17 - 48843976 _____ (Sony) C:\Users\Abc\AppData\Local\Temp\xcs3E58.tmp.exe ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-05-24 15:18 ==================== Koniec FRST.txt ============================