Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:31-08-2015 Uruchomiony przez Łukasz (administrator) LUKASZ (03-09-2015 21:44:15) Uruchomiony z C:\Users\Łukasz\Desktop Załadowane profile: Łukasz (Dostępne profile: Łukasz & Fifa) Platform: Windows 8 (X64) Język: Polski (Polska) Internet Explorer Wersja 10 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (HP) C:\Windows\System32\HPSIsvc.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe () C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Huawei Technologies Co., Ltd.) C:\Users\Łukasz\AppData\Roaming\PLAY ONLINE\ouc.exe (Spotify Ltd) C:\Users\Łukasz\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-25] (Synaptics Incorporated) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-19] (IDT, Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-09-18] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491632 2012-09-10] (CyberLink Corp.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.) HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2012-09-14] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-02] (Avast Software s.r.o.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation) HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-06-10] (Hewlett-Packard) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3251099109-1845600680-4142008340-1001\...\Run: [HW_OPENEYE_OUC_PLAY ONLINE] => C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe [110592 2009-04-14] (Huawei Technologies Co., Ltd.) HKU\S-1-5-21-3251099109-1845600680-4142008340-1001\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe [3088448 2013-03-06] (Disc Soft Ltd) HKU\S-1-5-21-3251099109-1845600680-4142008340-1001\...\Run: [RGSC] => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent HKU\S-1-5-21-3251099109-1845600680-4142008340-1001\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [2995712 2013-04-14] (ALLPlayer Group Ltd.) HKU\S-1-5-21-3251099109-1845600680-4142008340-1001\...\Run: [Facebook Update] => C:\Users\Łukasz\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-06-23] (Facebook Inc.) HKU\S-1-5-21-3251099109-1845600680-4142008340-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-3251099109-1845600680-4142008340-1001\...\Run: [Spotify Web Helper] => C:\Users\Łukasz\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-26] (Spotify Ltd) HKU\S-1-5-21-3251099109-1845600680-4142008340-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53661824 2015-07-28] (Skype Technologies S.A.) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Brak pliku ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Brak pliku ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Brak pliku ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-02] (Avast Software s.r.o.) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Brak pliku ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Brak pliku ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Brak pliku ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Brak pliku ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Brak pliku ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Brak pliku ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Brak pliku CHR HKLM\SOFTWARE\Policies\Google: Zasada ograniczeń <======= UWAGA CHR HKU\S-1-5-21-3251099109-1845600680-4142008340-1001\SOFTWARE\Policies\Google: Zasada ograniczeń <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci..) Tcpip\Parameters: [DhcpNameServer] 89.108.195.21 89.108.202.21 Tcpip\..\Interfaces\{5D96B227-F65C-4FE1-8581-00D94C965C37}: [DhcpNameServer] 89.108.195.21 89.108.202.21 Tcpip\..\Interfaces\{76E471E9-3FCC-4313-81F1-B79177EA5F48}: [DhcpNameServer] 40.20.1.201 40.20.1.203 40.20.1.202 Tcpip\..\Interfaces\{8E6C26C9-0D55-4368-B1E8-53E0C523C11F}: [DhcpNameServer] 212.2.96.53 212.2.96.54 Tcpip\..\Interfaces\{DE8DAA8D-E9AC-4782-8682-2B336E86B63E}: [DhcpNameServer] 89.108.195.21 89.108.202.21 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com SearchScopes: HKLM -> {FDFEEB45-4A6B-4A30-8B24-494E19ECF4A8} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> {FDFEEB45-4A6B-4A30-8B24-494E19ECF4A8} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-3251099109-1845600680-4142008340-1001 -> {FDFEEB45-4A6B-4A30-8B24-494E19ECF4A8} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} Toolbar: HKU\S-1-5-21-3251099109-1845600680-4142008340-1001 -> Brak nazwy - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Brak pliku Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\ypgg7b0j.default-1397574953058 FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-23] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-23] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-07] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-07] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-07-10] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-07-10] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3251099109-1845600680-4142008340-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Łukasz\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-06] Chrome: ======= CHR dev: Chrome dev build wykryto! <======= UWAGA CHR StartupUrls: Default -> "hxxp://search.gboxapp.com/" CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\ppGoogleNaClPluginChrome.dll Brak pliku CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\pdf.dll Brak pliku CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll Brak pliku CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Shockwave for Director) - C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.) CHR Profile: C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Avast Online Security) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-06] CHR Extension: (Screencastify Screen Video Recorder) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmeijimgabbpbgpdklnllpncmdofkcpn [2015-07-27] CHR Extension: (Brak nazwy) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndjggnnohdkheiijjhbklkanjcpibbng [2015-08-05] CHR Extension: (Google Wallet) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-10] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-02] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-02] (Avast Software s.r.o.) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-07-02] (Avast Software) S3 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [580672 2013-03-06] (Disc Soft Ltd) R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [Brak podpisu cyfrowego] R2 HPConnectedRemote; C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-12] (Hewlett-Packard) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [49464 2014-05-21] (Hewlett-Packard Company) R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [Brak podpisu cyfrowego] R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] () R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [655744 2012-09-22] () S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation) S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X] S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X] S3 TrustedInstaller; %SystemRoot%\servicing\TrustedInstaller.exe [X] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-10] (Advanced Micro Devices, Inc.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-07-02] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-07-02] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-02] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-07-02] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-07-02] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-02] (Avast Software s.r.o.) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-07-02] (Avast Software s.r.o.) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-07-02] () S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) R3 dtscsibus; C:\Windows\system32\DRIVERS\dtscsibus.sys [29696 2013-04-29] (Disc Soft Ltd) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-11-04] (Broadcom Corporation) S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated) S3 massfilter_lte; C:\Windows\system32\drivers\massfilter_lte.sys [18456 2012-03-13] (HandSet Incorporated) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.) R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-04] (Realtek Semiconductor Corp.) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-25] (Synaptics Incorporated) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-25] (Synaptics Incorporated) R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-02] (Avast Software) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.) S3 zgdcat; C:\Windows\system32\DRIVERS\zgdcat.sys [130200 2012-03-13] (ZTE Incorporated) S3 zgdcdiag; C:\Windows\system32\DRIVERS\zgdcdiag.sys [130200 2012-03-13] (ZTE Incorporated) S3 zgdcmdm; C:\Windows\system32\DRIVERS\zgdcmdm.sys [130200 2012-03-13] (ZTE Incorporated) S3 zgdcnet; C:\Windows\system32\DRIVERS\zgdcnet.sys [169496 2012-03-13] (ZTE Incorporated) S3 zgdcnmea; C:\Windows\system32\DRIVERS\zgdcnmea.sys [130200 2012-03-13] (ZTE Incorporated) S3 BtAudioBusSrv; \SystemRoot\System32\Drivers\BtAudioBus.sys [X] S3 BthL2caScoIfSrv; \SystemRoot\System32\Drivers\BtL2caScoIf.sys [X] S3 btUrbFilterDrv; \SystemRoot\System32\Drivers\IvtUrbBtFlt.sys [X] S3 EverestDriver; \??\C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [X] S3 ewusbnet; \SystemRoot\system32\DRIVERS\ewusbnet.sys [X] S3 netr28x; \SystemRoot\system32\DRIVERS\netr28x.sys [X] S3 rtbth; \SystemRoot\System32\drivers\rtbth.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-09-03 21:42 - 2015-09-03 21:44 - 00023059 _____ C:\Users\Łukasz\Desktop\FRST.txt 2015-09-03 21:31 - 2015-09-03 21:31 - 00000080 _____ C:\Users\Łukasz\Desktop\sublime_text - skrót.lnk 2015-09-03 21:31 - 2015-09-03 21:31 - 00000080 _____ C:\Users\Łukasz\Desktop\Heroes3 - skrót.lnk 2015-09-03 20:45 - 2015-09-03 20:47 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-09-03 20:44 - 2015-09-03 21:44 - 00000000 ____D C:\FRST 2015-09-03 20:44 - 2015-09-03 21:31 - 00001100 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-09-03 20:44 - 2015-09-03 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-09-03 20:44 - 2015-09-03 20:44 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-09-03 20:44 - 2015-09-03 20:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-09-03 20:44 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-09-03 20:44 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-09-03 20:44 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-09-03 20:42 - 2015-09-03 20:44 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Łukasz\Desktop\mbam-setup-2.1.8.1057.exe 2015-09-03 20:42 - 2015-09-03 20:43 - 02188800 _____ (Farbar) C:\Users\Łukasz\Desktop\FRST64.exe 2015-09-03 20:42 - 2015-09-03 20:42 - 01690624 _____ (Farbar) C:\Users\Łukasz\Desktop\FRST.exe 2015-09-01 23:21 - 2015-09-01 23:21 - 00013707 _____ C:\Users\Łukasz\AppData\Local\recently-used.xbel 2015-08-26 21:35 - 2015-08-26 21:35 - 00000000 _____ C:\autoexec.bat 2015-08-26 21:24 - 2015-08-26 21:25 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Łukasz\Desktop\SpyHunter-Installer.exe 2015-08-05 01:16 - 2015-08-26 04:17 - 00000000 ____D C:\ProgramData\ilcbpflmigifffmllikicikjndkfnfbc ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-09-03 21:39 - 2013-04-26 19:49 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3251099109-1845600680-4142008340-1001 2015-09-03 21:36 - 2015-03-12 23:39 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\Skype 2015-09-03 21:34 - 2014-04-12 16:25 - 00000000 ____D C:\Users\Łukasz\AppData\Local\HTC MediaHub 2015-09-03 21:33 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-09-03 21:32 - 2012-08-04 00:23 - 01236996 _____ C:\Windows\PFRO.log 2015-09-03 21:32 - 2012-07-26 07:26 - 00524288 ___SH C:\Windows\system32\config\BBI 2015-09-03 21:31 - 2015-03-12 23:39 - 00002693 _____ C:\Users\Public\Desktop\Skype.lnk 2015-09-03 21:31 - 2014-11-13 01:49 - 00001772 _____ C:\Users\Łukasz\Desktop\Spotify.lnk 2015-09-03 21:31 - 2014-11-13 01:49 - 00001758 _____ C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2015-09-03 21:31 - 2014-10-28 21:01 - 00001903 _____ C:\Users\Public\Desktop\DxO Optics Pro 8.lnk 2015-09-03 21:31 - 2014-09-21 18:22 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-09-03 21:31 - 2014-07-28 17:33 - 00001813 _____ C:\Users\Łukasz\Desktop\MovieStudioPlatinum120.lnk 2015-09-03 21:31 - 2014-04-15 05:08 - 00000854 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 2.lnk 2015-09-03 21:31 - 2014-04-11 20:08 - 00001151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-09-03 21:31 - 2014-01-22 18:05 - 00001550 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6 (64 Bit).lnk 2015-09-03 21:31 - 2014-01-22 18:04 - 00001069 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk 2015-09-03 21:31 - 2014-01-22 18:03 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk 2015-09-03 21:31 - 2014-01-22 18:03 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk 2015-09-03 21:31 - 2014-01-22 18:03 - 00000985 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk 2015-09-03 21:31 - 2013-12-02 19:04 - 00002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2015-09-03 21:31 - 2013-11-08 17:11 - 00000632 _____ C:\Users\Łukasz\Desktop\Total Commander.lnk 2015-09-03 21:31 - 2013-11-06 19:30 - 00002093 _____ C:\Users\Public\Desktop\Canon MP Navigator EX 3.0.lnk 2015-09-03 21:31 - 2013-08-15 14:16 - 00001200 _____ C:\Users\Łukasz\Desktop\Light Image Resizer 4.lnk 2015-09-03 21:31 - 2013-06-23 17:42 - 00001077 _____ C:\Users\Public\Desktop\Mobile Partner.lnk 2015-09-03 21:31 - 2013-06-09 21:33 - 00001192 _____ C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk 2015-09-03 21:31 - 2013-05-03 22:31 - 00002194 _____ C:\Users\Public\Desktop\Grand Theft Auto IV.lnk 2015-09-03 21:31 - 2013-04-30 18:39 - 00002162 _____ C:\Users\Public\Desktop\Sniper Ghost Warrior 2.lnk 2015-09-03 21:31 - 2013-04-29 22:14 - 00001987 _____ C:\Users\Public\Desktop\DAEMON Tools Ultra.lnk 2015-09-03 21:31 - 2013-04-28 01:08 - 00000820 _____ C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Counter-Strike Source.lnk 2015-09-03 21:31 - 2013-04-28 01:08 - 00000796 _____ C:\Users\Łukasz\Desktop\Counter-Strike Source.lnk 2015-09-03 21:31 - 2013-04-27 18:23 - 00001011 _____ C:\Users\Łukasz\Desktop\Audacity.lnk 2015-09-03 21:31 - 2013-04-27 18:23 - 00001011 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk 2015-09-03 21:31 - 2013-04-26 22:54 - 00000924 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk 2015-09-03 21:31 - 2013-04-26 19:49 - 00001041 _____ C:\Users\Public\Desktop\PLAY ONLINE.lnk 2015-09-03 21:31 - 2013-04-26 19:43 - 00001003 _____ C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-09-03 21:31 - 2013-04-26 19:42 - 00002144 _____ C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk 2015-09-03 21:31 - 2012-11-03 19:06 - 00001103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connected Music powered by Meridian.lnk 2015-09-03 21:31 - 2012-11-03 19:03 - 00001362 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk 2015-09-03 21:31 - 2012-11-03 19:03 - 00001293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk 2015-09-03 21:10 - 2015-03-23 21:56 - 00000000 ____D C:\Users\Łukasz\Desktop\fala 2015-09-03 21:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru 2015-09-03 20:56 - 2013-06-23 17:51 - 00000946 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3251099109-1845600680-4142008340-1001UA.job 2015-09-03 12:21 - 2014-12-17 16:23 - 00000000 ____D C:\Program Files (x86)\Steam 2015-09-03 11:39 - 2013-04-29 22:45 - 00000000 ____D C:\Users\Łukasz\AppData\Local\Adobe 2015-09-02 01:02 - 2013-09-06 23:12 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2015-09-01 23:45 - 2013-04-28 23:44 - 00000000 ____D C:\Users\Łukasz\.gimp-2.8 2015-09-01 17:56 - 2013-06-23 17:51 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3251099109-1845600680-4142008340-1001Core.job 2015-09-01 12:43 - 2013-04-26 19:42 - 02091049 _____ C:\Windows\WindowsUpdate.log 2015-08-28 20:29 - 2013-09-29 01:41 - 00000000 ____D C:\AdwCleaner 2015-08-28 15:13 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent 2015-08-26 21:35 - 2013-04-26 19:42 - 00000000 ____D C:\Users\Łukasz 2015-08-26 04:17 - 2015-07-05 12:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-08-25 17:22 - 2014-12-02 18:22 - 00001548 _____ C:\Windows\SysWOW64\debug.log 2015-08-24 22:14 - 2012-12-28 17:22 - 00000032 _____ C:\Windows\0 2015-08-24 22:13 - 2014-04-12 16:17 - 00000000 ____D C:\Program Files (x86)\HTC 2015-08-24 22:11 - 2014-10-17 17:26 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\Octoshape 2015-08-22 17:31 - 2012-11-04 03:20 - 00828664 _____ C:\Windows\system32\perfh015.dat 2015-08-22 17:31 - 2012-11-04 03:20 - 00176570 _____ C:\Windows\system32\perfc015.dat 2015-08-22 17:31 - 2012-07-26 09:28 - 01939776 _____ C:\Windows\system32\PerfStringBackup.INI 2015-08-20 22:27 - 2013-04-27 18:23 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\Audacity 2015-08-17 23:45 - 2014-06-16 20:10 - 00000000 ____D C:\Users\Łukasz\Documents\Movie Studio Platinum 12.0 Projekty 2015-08-10 18:58 - 2015-02-10 01:28 - 00000079 _____ C:\Program Files (x86)\prefs.js 2015-08-09 22:43 - 2015-03-12 23:38 - 00000000 ____D C:\ProgramData\Skype ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-02-10 01:28 - 2015-08-10 18:58 - 0000079 _____ () C:\Program Files (x86)\prefs.js 2015-07-10 16:29 - 2015-07-10 16:29 - 0000020 _____ () C:\Users\Łukasz\AppData\Roaming\appdataFr2.bin 2015-05-27 19:09 - 2015-07-09 23:51 - 0000024 _____ () C:\Users\Łukasz\AppData\Roaming\appdataFr25.bin 2015-03-10 01:39 - 2015-03-22 12:56 - 0000020 _____ () C:\Users\Łukasz\AppData\Roaming\appdataFr3.bin 2015-09-01 23:21 - 2015-09-01 23:21 - 0013707 _____ () C:\Users\Łukasz\AppData\Local\recently-used.xbel 2015-05-08 07:55 - 2015-05-08 07:55 - 0000000 _____ () C:\Users\Łukasz\AppData\Local\Temp.dat 2013-04-29 21:58 - 2013-04-29 22:07 - 0004371 _____ () C:\Users\Łukasz\AppData\Local\unins000.dat 2013-04-29 22:07 - 2013-04-29 22:07 - 0707504 _____ () C:\Users\Łukasz\AppData\Local\unins000.exe 2013-04-29 21:58 - 2013-04-29 22:07 - 0011761 _____ () C:\Users\Łukasz\AppData\Local\unins000.msg 2014-01-27 19:17 - 2014-01-27 19:17 - 0017408 _____ () C:\Users\Łukasz\AppData\Local\WebpageIcons.db 2012-12-28 17:38 - 2012-12-28 17:38 - 0000595 _____ () C:\ProgramData\CyberlinkOutput.txt 2013-04-26 19:45 - 2013-04-26 19:45 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc Niektóre pliki w TEMP: ==================== C:\Users\Łukasz\AppData\Local\Temp\bitool.dll C:\Users\Łukasz\AppData\Local\Temp\FastDownload.exe C:\Users\Łukasz\AppData\Local\Temp\fp_pl_pfs_installer.exe C:\Users\Łukasz\AppData\Local\Temp\ICReinstall_wrar420pl_Downloader.exe C:\Users\Łukasz\AppData\Local\Temp\ipl15FD.tmp.exe C:\Users\Łukasz\AppData\Local\Temp\ipl1732.tmp.exe C:\Users\Łukasz\AppData\Local\Temp\ipl2F0.tmp.exe C:\Users\Łukasz\AppData\Local\Temp\ipl3FD.tmp.exe C:\Users\Łukasz\AppData\Local\Temp\ipl4B0.tmp.exe C:\Users\Łukasz\AppData\Local\Temp\ipl5769.tmp.exe C:\Users\Łukasz\AppData\Local\Temp\ipl68C9.tmp.exe C:\Users\Łukasz\AppData\Local\Temp\ipl75C2.tmp.exe C:\Users\Łukasz\AppData\Local\Temp\ipl7ABE.tmp.exe C:\Users\Łukasz\AppData\Local\Temp\ipl7D3A.tmp.exe C:\Users\Łukasz\AppData\Local\Temp\ipl7D71.tmp.exe C:\Users\Łukasz\AppData\Local\Temp\ipl949A.tmp.exe C:\Users\Łukasz\AppData\Local\Temp\iplA088.tmp.exe C:\Users\Łukasz\AppData\Local\Temp\iplB481.tmp.exe C:\Users\Łukasz\AppData\Local\Temp\iplB735.tmp.exe C:\Users\Łukasz\AppData\Local\Temp\iplBAD5.tmp.exe C:\Users\Łukasz\AppData\Local\Temp\iplD54.tmp.exe C:\Users\Łukasz\AppData\Local\Temp\iplDB63.tmp.exe C:\Users\Łukasz\AppData\Local\Temp\iplFE1D.tmp.exe C:\Users\Łukasz\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\Łukasz\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe C:\Users\Łukasz\AppData\Local\Temp\LiveSupport_setup.exe C:\Users\Łukasz\AppData\Local\Temp\MSETUP4.EXE C:\Users\Łukasz\AppData\Local\Temp\OpenCL.dll C:\Users\Łukasz\AppData\Local\Temp\Quarantine.exe C:\Users\Łukasz\AppData\Local\Temp\setacl.exe C:\Users\Łukasz\AppData\Local\Temp\siinst.exe C:\Users\Łukasz\AppData\Local\Temp\sqlite3.dll C:\Users\Łukasz\AppData\Local\Temp\strings.dll C:\Users\Łukasz\AppData\Local\Temp\t.dll C:\Users\Łukasz\AppData\Local\Temp\uninst1.exe C:\Users\Łukasz\AppData\Local\Temp\vcredist_x64.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2015-08-31 03:00 ==================== Koniec FRST.txt ============================