Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:10-04-2016 01 Uruchomiony przez Olik (administrator) ALEKSANDRA-VAIO (13-04-2016 10:32:03) Uruchomiony z C:\Users\Olik\Downloads Załadowane profile: Olik (Dostępne profile: Olik & Gość) Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE () C:\ProgramData\DatacardService\HWDeviceService64.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwtxapps.exe (Spotify Ltd) C:\Users\Olik\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe (Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_197.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_197.exe (Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe (Raptr Inc.) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_ep64.exe () C:\Users\Olik\Downloads\5eoh83iv.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-04-02] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-04-02] (Realtek Semiconductor) HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1691112 2015-04-30] (Bitdefender) HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [60552 2011-09-20] (Sony Corporation) HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [500736 2011-05-02] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-04-05] (Plays.tv, LLC) HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-04-05] (Raptr, Inc) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-21-746655809-3196509524-1674948232-1018\...\Run: [Agent Portfela Bitdefender] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-04-30] (Bitdefender) HKU\S-1-5-21-746655809-3196509524-1674948232-1018\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd) HKU\S-1-5-21-746655809-3196509524-1674948232-1018\...\Run: [Spotify Web Helper] => C:\Users\Olik\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524336 2016-03-30] (Spotify Ltd) HKU\S-1-5-21-746655809-3196509524-1674948232-1018\...\MountPoints2: {cc3c5a40-ccbd-11e5-9772-5453edaa27ba} - D:\setup.exe HKU\S-1-5-21-746655809-3196509524-1674948232-1018\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-18\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-18\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] () ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Brak pliku ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Brak pliku ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Brak pliku ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender) ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Brak pliku ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Brak pliku ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Brak pliku GroupPolicyUsers\S-1-5-21-746655809-3196509524-1674948232-1018\User: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 62.21.99.94 62.21.99.95 Tcpip\..\Interfaces\{070F1E39-95BC-4348-BC0D-F7FB92EB38AF}: [DhcpNameServer] 62.21.99.94 62.21.99.95 Tcpip\..\Interfaces\{27509A2D-A962-4848-A02B-72F60432A410}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{4D2D6BE5-9A65-4DCF-B8D9-DA84B2E99D40}: [DhcpNameServer] 89.108.202.21 89.108.195.21 Tcpip\..\Interfaces\{9DE6CB59-9B4D-44E0-82B5-4D27581D3B94}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-746655809-3196509524-1674948232-1018\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-746655809-3196509524-1674948232-1018\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-26] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-26] (Oracle Corporation) Toolbar: HKLM - Portfel Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-04-30] (Bitdefender) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.) DPF: HKLM-x32 {55A2C0CD-3DE8-4264-9637-A0B40B05714E} hxxps://col430-sec.mail.live.com/mail/MailMigrationCabFileHolder.aspx?n=1048399425 FireFox: ======== FF ProfilePath: C:\Users\Olik\AppData\Roaming\Mozilla\Firefox\Profiles\qxw1akjz.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-04-01] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-02-15] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-04-01] () FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-26] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-26] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-02-15] (Adobe Systems) FF Extension: MEGA - C:\Users\Olik\AppData\Roaming\Mozilla\Firefox\Profiles\qxw1akjz.default\Extensions\firefox@mega.co.nz.xpi [2016-04-11] FF Extension: sidebar - C:\Users\Olik\AppData\Roaming\Mozilla\Firefox\Profiles\qxw1akjz.default\Extensions\sidebarff@gmail.com [2015-11-07] [Brak podpisu cyfrowego] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2014-09-04] [Brak podpisu cyfrowego] FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2014-09-04] [Brak podpisu cyfrowego] FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fkmkpnjoioaielnmocemighdcejngela] - C:\Users\Olik\AppData\Local\Google\Chrome\User Data\Default\Extensions\EpuapSign.crx ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2015-04-30] (Bitdefender) S3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd) R2 HPSLPSVC; C:\Users\Olik\AppData\Local\Temp\7zS7559\hpslpsvc64.dll [1039360 2015-09-21] (Hewlett-Packard Co.) [Brak podpisu cyfrowego] R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2000-01-01] (Intel Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2000-01-01] (Intel Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe [237328 2012-03-30] (McAfee, Inc.) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] () R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-04-05] (Plays.tv, LLC) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-01-26] () R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Brak podpisu cyfrowego] R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2015-04-30] (Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-04-30] (Bitdefender) S3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1359408 2013-03-26] (Sony Corporation) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.) R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1306464 2015-04-30] (BitDefender) R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [262544 2015-04-30] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [677104 2015-04-30] (BitDefender) R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2015-04-30] (BitDefender LLC) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC) S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL) S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2015-04-30] (BitDefender SRL) R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-06-26] (Disc Soft Ltd) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160544 2015-04-30] (BitDefender LLC) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2000-01-01] (Intel Corporation) R2 rimssne; C:\Windows\System32\DRIVERS\rimssne64.sys [102912 2012-02-24] (REDC) R2 risdsnxc; C:\Windows\System32\DRIVERS\risdsnxc64.sys [104448 2012-02-23] (REDC) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2015-06-26] (Duplex Secure Ltd.) R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2015-04-30] (BitDefender S.R.L.) S3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] () S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [Brak podpisu cyfrowego] U3 kgqyakog; \??\C:\Users\Olik\AppData\Local\Temp\kgqyakog.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-04-13 10:32 - 2016-04-13 10:39 - 00020550 _____ C:\Users\Olik\Downloads\FRST.txt 2016-04-13 10:28 - 2016-04-13 10:28 - 02375168 _____ (Farbar) C:\Users\Olik\Downloads\FRST64.exe 2016-04-13 10:28 - 2016-04-13 10:28 - 00380928 _____ C:\Users\Olik\Downloads\5eoh83iv.exe 2016-04-13 10:11 - 2016-04-13 10:11 - 00287048 _____ C:\Windows\Minidump\041316-51714-01.dmp 2016-04-13 10:10 - 2016-04-13 10:10 - 609013962 _____ C:\Windows\MEMORY.DMP 2016-04-12 15:43 - 2016-03-26 13:50 - 01045947 _____ C:\Users\Olik\Desktop\Aleksandra Tulińska, CV.pdf 2016-04-08 21:08 - 2016-04-08 21:08 - 00027889 _____ C:\Users\Olik\Downloads\transfer_20160406.pdf 2016-04-08 20:58 - 2016-04-08 20:58 - 00173944 _____ C:\Users\Olik\AppData\Local\GDIPFONTCACHEV1.DAT 2016-04-08 20:53 - 2016-04-08 20:53 - 00029355 _____ C:\Users\Olik\Downloads\transfer_20151126.pdf 2016-04-08 19:39 - 2016-04-08 19:42 - 05273808 _____ C:\Windows\system32\FNTCACHE.DAT 2016-04-06 20:54 - 2016-04-08 21:23 - 00000000 ____D C:\Users\Olik\Desktop\burdel 2016-04-05 18:38 - 2016-04-05 18:38 - 00028182 _____ C:\Users\Olik\Downloads\transfer_20160303(2).pdf 2016-04-05 18:23 - 2016-04-05 18:23 - 00027602 _____ C:\Users\Olik\Downloads\transfer_20160405.pdf 2016-04-05 12:12 - 2016-04-08 17:30 - 00000000 ____D C:\Users\Olik\Desktop\40STKA CANON 2016-04-04 11:38 - 2016-04-04 11:38 - 00047758 _____ C:\Users\Olik\Downloads\zaswiadczenie_zarobki_mobilni_30604.pdf 2016-04-04 11:34 - 2016-04-04 11:34 - 00085877 _____ C:\Users\Olik\Downloads\zaswiadczenie_zarobki_mobilni_26751.pdf 2016-04-03 16:53 - 2016-04-06 21:27 - 00000000 ____D C:\Users\Olik\Desktop\40stka 2016-04-03 16:39 - 2016-04-03 16:40 - 105761592 _____ C:\Users\Olik\Downloads\DNGConverter_7_2.exe 2016-03-28 17:50 - 2016-03-28 17:50 - 00000000 ____D C:\ProgramData\ATI 2016-03-28 17:49 - 2016-04-13 10:21 - 00000000 ____D C:\Users\Olik\AppData\Roaming\PlaysTV 2016-03-28 17:49 - 2016-04-08 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved 2016-03-28 17:47 - 2016-03-28 17:48 - 00000000 ____D C:\Program Files (x86)\Raptr Inc 2016-03-28 17:47 - 2016-03-28 17:47 - 00000000 ____D C:\Users\Olik\AppData\Roaming\library_dir 2016-03-28 17:46 - 2016-04-13 10:22 - 00000000 ____D C:\Users\Olik\AppData\Roaming\Raptr 2016-03-28 17:45 - 2016-04-05 02:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2016-03-28 17:43 - 2016-03-28 17:43 - 00000000 ____D C:\Program Files (x86)\AMD ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-04-13 10:32 - 2013-09-24 19:41 - 00000000 ____D C:\FRST 2016-04-13 10:30 - 2009-07-14 06:45 - 00028848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-04-13 10:30 - 2009-07-14 06:45 - 00028848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-04-13 10:16 - 2013-08-15 11:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-04-13 10:15 - 2015-11-22 13:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-04-13 10:11 - 2012-11-04 09:01 - 00000000 ____D C:\Windows\Minidump 2016-04-13 10:11 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-04-13 09:25 - 2014-08-21 18:32 - 00000000 ____D C:\Users\Olik\AppData\Roaming\Spotify 2016-04-12 19:38 - 2014-08-21 18:32 - 00000000 ____D C:\Users\Olik\AppData\Local\Spotify 2016-04-10 01:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2016-04-08 19:14 - 2015-05-01 03:37 - 00061746 _____ C:\bdlog.txt 2016-04-08 19:03 - 2015-06-27 17:20 - 00000000 ____D C:\Users\Olik\AppData\Roaming\uTorrent 2016-04-08 19:00 - 2015-12-30 23:32 - 00000000 ____D C:\Users\Olik\AppData\Local\CrashDumps 2016-04-06 20:49 - 2014-04-22 18:50 - 00000000 ____D C:\Users\Olik\AppData\Roaming\Skype 2016-04-06 20:46 - 2011-12-07 04:14 - 05803120 _____ C:\Windows\system32\perfh015.dat 2016-04-06 20:46 - 2011-12-07 04:14 - 01926484 _____ C:\Windows\system32\perfc015.dat 2016-04-06 20:46 - 2009-07-14 07:13 - 00006512 _____ C:\Windows\system32\PerfStringBackup.INI 2016-04-05 22:22 - 2011-12-07 01:41 - 00000000 ____D C:\Windows\Panther 2016-04-05 11:20 - 2016-02-13 20:45 - 00000000 ___HD C:\$WINDOWS.~BT 2016-04-05 02:31 - 2016-02-29 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape 0.91 2016-04-05 02:31 - 2016-01-03 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 2016-04-05 02:31 - 2015-06-26 20:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2016-04-05 02:31 - 2015-06-13 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-04-05 02:31 - 2015-05-14 09:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-04-05 02:31 - 2015-03-04 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightworks 2016-04-05 02:31 - 2015-02-19 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2016-04-05 02:31 - 2014-11-23 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2016-04-05 02:31 - 2014-09-26 14:14 - 00000000 ____D C:\ProgramData\Package Cache 2016-04-05 02:31 - 2014-08-21 17:18 - 00000000 ____D C:\Windows\pl 2016-04-05 02:31 - 2014-08-21 17:14 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live 2016-04-05 02:31 - 2014-08-21 17:13 - 00000000 ____D C:\Windows\nl 2016-04-05 02:31 - 2014-08-21 17:13 - 00000000 ____D C:\Windows\fi 2016-04-05 02:31 - 2014-08-21 17:13 - 00000000 ____D C:\Windows\en 2016-04-05 02:31 - 2014-08-21 17:13 - 00000000 ____D C:\Windows\da 2016-04-05 02:31 - 2014-08-21 17:13 - 00000000 ____D C:\Windows\cs 2016-04-05 02:31 - 2014-08-21 17:13 - 00000000 ____D C:\Windows\bg 2016-04-05 02:31 - 2014-08-21 17:12 - 00000000 ____D C:\Windows\it 2016-04-05 02:31 - 2014-08-21 17:12 - 00000000 ____D C:\Windows\hu 2016-04-05 02:31 - 2014-08-21 17:12 - 00000000 ____D C:\Windows\fr 2016-04-05 02:31 - 2014-08-21 17:12 - 00000000 ____D C:\Windows\el 2016-04-05 02:31 - 2014-08-21 17:12 - 00000000 ____D C:\Windows\de 2016-04-05 02:31 - 2014-08-21 17:11 - 00000000 ____D C:\Windows\sv 2016-04-05 02:31 - 2014-08-21 17:11 - 00000000 ____D C:\Windows\sl 2016-04-05 02:31 - 2014-08-21 17:11 - 00000000 ____D C:\Windows\sk 2016-04-05 02:31 - 2014-08-21 17:11 - 00000000 ____D C:\Windows\ru 2016-04-05 02:31 - 2014-08-21 17:11 - 00000000 ____D C:\Windows\ro 2016-04-05 02:31 - 2014-08-21 17:10 - 00000000 ____D C:\Windows\uk 2016-04-05 02:31 - 2014-08-21 17:10 - 00000000 ____D C:\Windows\tr 2016-04-05 02:31 - 2014-04-16 23:52 - 00000000 ____D C:\Windows\system32\%LocalAppData% 2016-04-05 02:31 - 2014-04-16 23:43 - 00000000 ____D C:\Windows\SysWOW64\cache 2016-04-05 02:31 - 2014-03-12 16:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2016-04-05 02:31 - 2013-11-27 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ 2016-04-05 02:31 - 2013-07-07 11:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Time Organizer 2016-04-05 02:31 - 2013-04-18 16:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winmail Opener 2016-04-05 02:31 - 2013-03-14 04:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-04-05 02:31 - 2013-02-23 12:16 - 00000000 __RHD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care 2016-04-05 02:31 - 2013-01-29 18:27 - 00000000 ____D C:\Windows\SysWOW64\spool 2016-04-05 02:31 - 2013-01-29 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe 2016-04-05 02:31 - 2013-01-21 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyLanguage 2016-04-05 02:31 - 2013-01-09 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint 2016-04-05 02:31 - 2013-01-09 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-04-05 02:31 - 2012-11-15 12:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chomikuj.pl 2016-04-05 02:31 - 2012-10-14 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-04-05 02:31 - 2012-10-04 00:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7 2016-04-05 02:31 - 2012-09-25 07:56 - 00000000 ____D C:\Windows\SysWOW64\Extensions 2016-04-05 02:31 - 2012-09-24 16:02 - 00000000 ____D C:\Windows\SysWOW64\VAIO Startup Setting Tool 2016-04-05 02:31 - 2012-08-19 03:01 - 00000000 ____D C:\Windows\no 2016-04-05 02:31 - 2012-08-19 02:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home 2016-04-05 02:31 - 2012-08-19 02:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Webcam Suite 2016-04-05 02:31 - 2012-08-19 01:34 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Main 2016-04-05 02:31 - 2012-08-19 01:12 - 00000000 ___HD C:\Windows\system32\WLANProfiles 2016-04-05 02:31 - 2012-08-19 01:11 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless 2016-04-05 02:31 - 2012-08-19 01:10 - 00000000 ____D C:\Windows\SysWOW64\SDA 2016-04-05 02:31 - 2012-08-19 01:02 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2016-04-05 02:31 - 2012-02-24 04:38 - 00000000 ____D C:\Windows\ShellNew 2016-04-05 02:31 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-04-05 02:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\oobe 2016-04-05 02:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy 2016-04-05 02:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF 2016-04-05 02:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system 2016-04-05 02:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Resources 2016-04-05 02:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2016-04-05 02:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports 2016-04-05 02:30 - 2015-04-30 19:40 - 00000000 ____D C:\Program Files\Common Files\Bitdefender 2016-04-05 02:30 - 2014-09-26 14:18 - 00000000 ____D C:\Program Files\AMD 2016-04-05 02:30 - 2014-04-17 00:20 - 00000000 ____D C:\Users\Olik 2016-04-05 02:30 - 2013-07-05 09:40 - 00000000 ____D C:\Users\Gość 2016-04-05 02:30 - 2012-08-19 01:10 - 00000000 ____D C:\ProgramData\Intel 2016-04-05 02:30 - 2012-08-19 01:07 - 00000000 ____D C:\Program Files (x86)\ATI Technologies 2016-04-05 02:30 - 2012-08-19 01:04 - 00000000 ____D C:\Program Files (x86)\Dolby Home Theater v4 2016-04-05 02:30 - 2012-08-19 01:00 - 00000000 ____D C:\Program Files (x86)\Intel 2016-04-05 02:30 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild 2016-04-05 02:30 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicyUsers 2016-04-05 02:30 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2016-04-05 02:30 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System 2016-04-05 02:30 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2016-04-05 00:50 - 2014-09-26 12:24 - 00000000 ____D C:\AMD 2016-04-04 23:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration 2016-04-04 23:10 - 2015-10-30 18:18 - 00018990 _____ C:\Windows\diagerr.xml 2016-04-04 23:10 - 2015-10-30 18:18 - 00017148 _____ C:\Windows\diagwrn.xml 2016-04-03 16:42 - 2012-08-19 01:43 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-04-02 10:24 - 2014-04-17 00:21 - 00000000 ____D C:\Users\Olik\AppData\Roaming\Adobe 2016-04-01 09:45 - 2015-09-19 19:49 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-04-01 09:45 - 2015-09-19 19:49 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-04-01 09:45 - 2014-04-17 00:21 - 00000000 ____D C:\Users\Olik\AppData\Local\Adobe 2016-03-28 17:09 - 2016-01-12 00:41 - 00000000 ____D C:\Program Files (x86)\Dropbox 2016-03-26 12:59 - 2015-10-25 10:19 - 00000000 ____D C:\Users\Olik\.oracle_jre_usage 2016-03-26 12:57 - 2015-05-14 09:13 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2016-03-26 12:56 - 2014-10-01 01:23 - 00000000 ____D C:\Program Files (x86)\Java 2016-03-24 04:01 - 2015-04-07 03:04 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2016-03-24 04:01 - 2015-04-07 03:03 - 00000000 ___SD C:\Windows\system32\GWX 2016-03-21 21:29 - 2016-02-29 18:52 - 00000000 ____D C:\Program Files\Inkscape 2016-03-21 21:23 - 2016-01-12 00:41 - 00000000 ____D C:\Users\Olik\AppData\Local\Dropbox 2016-03-21 21:22 - 2016-01-12 01:06 - 00000000 ___RD C:\Users\Olik\Dropbox 2016-03-19 04:37 - 2014-04-17 12:53 - 06291456 ____H C:\Users\Olik\AppData\Local\IconCache.db.backup ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-06-27 18:59 - 2015-06-27 18:59 - 0000000 _____ () C:\Users\Olik\AppData\Roaming\3431.tmp 2015-06-27 18:59 - 2015-06-27 18:59 - 0000000 _____ () C:\Users\Olik\AppData\Roaming\77B6.tmp 2015-06-27 18:59 - 2015-06-27 18:59 - 0000000 _____ () C:\Users\Olik\AppData\Roaming\BED4.tmp 2015-10-12 15:07 - 2015-10-22 16:11 - 0000235 _____ () C:\Users\Olik\AppData\Roaming\devices.xml 2015-02-09 18:27 - 2015-03-30 21:59 - 0000132 _____ () C:\Users\Olik\AppData\Roaming\Preferencje Adobe CS5 dla formatu GIF 2014-07-11 16:27 - 2015-06-07 19:37 - 0000132 _____ () C:\Users\Olik\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG 2015-03-19 23:37 - 2015-03-19 23:37 - 0000132 _____ () C:\Users\Olik\AppData\Roaming\Preferencje filtru IllExport CS5 firmy Adobe 2015-10-12 15:07 - 2015-10-22 16:11 - 0000012 _____ () C:\Users\Olik\AppData\Roaming\settings.xml 2014-12-26 01:18 - 2015-02-14 11:58 - 0000101 _____ () C:\Users\Olik\AppData\Roaming\WB.CFG 2014-11-11 13:23 - 2015-06-18 18:49 - 0001496 _____ () C:\Users\Olik\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs 2016-02-29 22:19 - 2016-02-29 22:19 - 0004837 _____ () C:\Users\Olik\AppData\Local\recently-used.xbel 2014-09-30 19:52 - 2014-09-30 19:52 - 0000017 _____ () C:\Users\Olik\AppData\Local\resmon.resmoncfg 2015-04-30 20:07 - 2015-04-30 20:07 - 2984139 _____ () C:\ProgramData\1430416540.bdinstall.bin 2014-11-23 15:10 - 2014-11-23 15:10 - 0000057 _____ () C:\ProgramData\Ament.ini 2014-10-01 10:13 - 2014-10-01 10:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2015-10-12 12:35 - 2015-10-12 12:47 - 0000228 _____ () C:\ProgramData\hpzinstall.log ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-04-08 00:21 ==================== Koniec FRST.txt ============================