Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:24-08-2015
Uruchomiony przez User (administrator)  USER-KOMPUTER (25-08-2015 02:39:02)
Uruchomiony z C:\Users\User\Downloads
Załadowane profile: User &  (Dostępne profile: User & Test)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(GG Network S.A.) C:\Program Files (x86)\Gadu-Gadu 10\gg.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\44.0.2403.157\nacl64.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\44.0.2403.157\nacl64.exe


==================== Rejestr (filtrowane) ===========================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-02] (Avast Software s.r.o.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-04-28] (Samsung Electronics Co., Ltd.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1130217176-4031021830-1519301973-1000\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-16] (Google Inc.)
HKU\S-1-5-21-1130217176-4031021830-1519301973-1000\...\Run: [Facebook Update] => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-11-18] (Facebook Inc.)
HKU\S-1-5-21-1130217176-4031021830-1519301973-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1130217176-4031021830-1519301973-1000\...\Run: [GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE] => C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe [813896 2015-08-18] (Google Inc.)
HKU\S-1-5-21-1130217176-4031021830-1519301973-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-16] (Google Inc.)
HKU\S-1-5-21-1130217176-4031021830-1519301973-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Facebook Update] => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-11-18] (Facebook Inc.)
HKU\S-1-5-21-1130217176-4031021830-1519301973-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1130217176-4031021830-1519301973-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE] => C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe [813896 2015-08-18] (Google Inc.)
AppInit_DLLs: C:\ProgramData\Tristip\Alphadax.dll => C:\ProgramData\Tristip\Alphadax.dll Plik nie znaleziono
AppInit_DLLs-x32: C:\ProgramData\Tristip\Quad-Tech.dll => "C:\ProgramData\Tristip\Quad-Tech.dll" Plik nie znaleziono
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wysyłanie do programu OneNote.lnk [2014-10-24]
ShortcutTarget: Wysyłanie do programu OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Brak pliku
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Brak pliku
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Brak pliku
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-01] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.)

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci..)

SearchScopes: HKLM-x32 -> DefaultScope - brak wartości
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-01] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-21] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-03-09] (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-01] (Avast Software s.r.o.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-21] (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 80.72.37.106 8.8.8.8
Tcpip\..\Interfaces\{2C4A114F-454B-4516-BC51-D1C7FF9CF1E8}: [NameServer] 89.108.195.21 89.108.202.21
Tcpip\..\Interfaces\{B6A746C6-CBB4-45AE-85E8-1CCEDC619C22}: [NameServer] 89.108.195.20 89.108.202.20
Tcpip\..\Interfaces\{CEBD8EBD-90F1-4FB4-9B99-44F049010531}: [DhcpNameServer] 80.72.37.106 8.8.8.8
Tcpip\..\Interfaces\{EE1DEB54-B0BB-4099-8FD0-1FDE43B777C8}: [NameServer] 89.108.195.21 89.108.202.21
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\vpxad4g1.default-1422203475958
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser/
FF NetworkProxy: "http", "proxy.uz.zgora.pl"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-04-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-04-18] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1130217176-4031021830-1519301973-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1130217176-4031021830-1519301973-1000: @tools.google.com/Google Update;version=3 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-1130217176-4031021830-1519301973-1000: @tools.google.com/Google Update;version=9 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-1130217176-4031021830-1519301973-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1130217176-4031021830-1519301973-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-1130217176-4031021830-1519301973-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-28]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-20]
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-20]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-20]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-20]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-20]
CHR Extension: (Google Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-20]
CHR Extension: (Bookmark Manager) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-22]
CHR Extension: (Avast Online Security) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-20]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-20]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-20]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-24]
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-24]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-24]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-24]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-24]
CHR Extension: (Hola Better Internet Engine) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\epbfmioobedknooiakdehepogalbgkng [2015-01-29]
CHR Extension: (Google Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-24]
CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-29]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-01-29]
CHR Extension: (Avast Online Security) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-24]
CHR Extension: (Ghostery) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-01-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-24]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-01]
StartMenuInternet: Google Chrome.7UHCOHOCA5VZPBFJSPRUTZRCNM - C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe http://www.istartsurf.com/?type=sc&ts=1440441017&z=fd08ddff55a9051bbd1430eg0z6zbe4z5z0e6t0g6g&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9CC540016

==================== Usługi (filtrowane) ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S2 appdrvrem01; C:\Windows\System32\appdrvrem01.exe [477352 2013-02-13] (Protection Technology)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [107648 2012-03-09] (Atheros Commnucations) [Brak podpisu cyfrowego]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-01] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-07-01] (Avast Software)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242880 2015-07-02] (Foxit Software Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24376 2015-06-30] (Hewlett-Packard Company)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [339456 2010-11-16] () [Brak podpisu cyfrowego]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [127320 2012-04-18] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [164184 2012-04-18] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [Brak podpisu cyfrowego]
R2 SamsungDeviceConfigurationWinService; C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [31624 2012-02-13] () [Brak podpisu cyfrowego]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [163456 2012-03-09] (Atheros) [Brak podpisu cyfrowego]

===================== Sterowniki (filtrowane) ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [32896 2012-03-19] (Advanced Micro Devices, Inc.)
R1 appdrv01; C:\Windows\System32\Drivers\appdrv01.sys [2218368 2013-02-13] (Protection Technology)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-07-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-07-01] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-01] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-07-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-07-01] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-02] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-07-01] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-07-01] ()
S3 esgiguard; C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] ()
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-01] (Avast Software)

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2015-08-25 02:09 - 2015-08-25 02:09 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-08-25 01:18 - 2015-08-25 02:15 - 00113880 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-25 01:18 - 2015-08-25 02:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-25 01:18 - 2015-08-25 02:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-25 01:18 - 2015-06-18 08:52 - 00109272 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-08-25 01:18 - 2015-06-18 08:52 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-08-25 01:18 - 2015-06-18 08:52 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-08-25 01:16 - 2015-08-25 01:17 - 21547816 _____ (Malwarebytes Corporation ) C:\Users\User\Documents\mbam-setup.exe
2015-08-25 01:06 - 2015-08-25 01:06 - 09084602 _____ (Malwarebytes Corporation ) C:\Users\User\Documents\mbam-setup.exe.crdownload
2015-08-24 23:53 - 2015-08-24 23:53 - 765259004 _____ C:\windows\MEMORY.DMP
2015-08-24 23:53 - 2015-08-24 23:53 - 00282176 _____ C:\windows\Minidump\082415-25833-01.dmp
2015-08-24 23:49 - 2015-08-24 23:49 - 00024851 _____ C:\Users\User\Downloads\gmer1.txt
2015-08-24 23:32 - 2015-08-24 23:32 - 00380416 _____ C:\Users\User\Documents\gmer.exe
2015-08-24 23:30 - 2015-08-24 23:30 - 00054283 _____ C:\Users\User\Downloads\Addition.txt
2015-08-24 23:28 - 2015-08-24 23:28 - 00073149 _____ C:\Users\User\Downloads\Shortcut1.txt
2015-08-24 20:33 - 2015-08-25 01:10 - 00000000 ____D C:\ProgramData\update
2015-08-24 20:33 - 2015-08-24 20:33 - 00000124 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-08-24 20:22 - 2015-08-24 20:22 - 00040238 _____ C:\Users\User\Documents\kurs_html1.zip
2015-08-24 20:22 - 2015-08-24 20:22 - 00000000 ____D C:\Users\User\Documents\kurs_html1
2015-08-24 19:54 - 2015-08-24 19:54 - 00000000 ____D C:\Users\User\AppData\Roaming\Foxit Software
2015-08-24 19:54 - 2015-08-24 19:54 - 00000000 ____D C:\Users\Public\Foxit Software
2015-08-24 19:53 - 2015-08-24 19:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-08-24 19:53 - 2015-08-24 19:53 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2015-08-24 19:50 - 2015-08-24 19:50 - 00000046 _____ C:\Users\Public\Documents\pre_fileassoc.tmp
2015-08-24 19:47 - 2015-08-24 19:48 - 43812432 _____ (Foxit Software Inc. ) C:\Users\User\Documents\FoxitReader720.0722_prom_enu_Setup.exe
2015-08-24 19:38 - 2015-08-24 19:38 - 27652096 _____ C:\Users\User\Downloads\PDF-XChange Viewer 2.5.311.0.msi
2015-08-24 15:47 - 2015-08-24 15:47 - 00000000 ____D C:\Users\User\Documents\Kurs.HTML5
2015-08-24 13:07 - 2015-08-24 13:15 - 00000000 ____D C:\Users\User\Desktop\gazety
2015-08-24 11:09 - 2015-08-24 12:15 - 597808130 _____ C:\Users\User\Documents\Kurs.HTML5.zip
2015-08-23 16:06 - 2015-08-23 16:07 - 00000000 ____D C:\Users\User\Desktop\dokumenty
2015-08-23 16:04 - 2015-08-23 16:06 - 00000000 ____D C:\Users\User\Desktop\pierdoly
2015-08-23 16:04 - 2015-08-23 16:04 - 00000000 ____D C:\Users\User\Desktop\gry
2015-08-23 16:01 - 2015-08-23 16:04 - 00000000 ____D C:\Users\User\Desktop\foty
2015-08-23 15:59 - 2015-08-23 16:01 - 00000000 ____D C:\Users\User\Desktop\programy
2015-08-23 02:48 - 2015-08-23 02:55 - 00000000 ____D C:\Users\User\Documents\zn tow
2015-08-23 02:46 - 2015-08-23 02:46 - 00042150 _____ C:\Users\User\Documents\1 znaki towarowe ohim.ewa.grycuk.xlsx
2015-08-22 16:24 - 2015-08-22 16:24 - 00008562 _____ C:\Users\User\Documents\ohim-przyklad.xlsx
2015-08-21 20:01 - 2015-08-21 20:01 - 00025275 _____ C:\Users\User\Documents\espacenet.ewa.grycuk.xlsx
2015-08-21 19:15 - 2015-08-21 21:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-21 08:56 - 2015-08-22 15:12 - 00000000 ____D C:\Users\User\Documents\1patenty
2015-08-20 19:11 - 2015-08-20 20:02 - 00013591 _____ C:\Users\User\Documents\baza danych firm.xlsx
2015-08-20 18:37 - 2015-08-20 18:37 - 00000165 ____H C:\Users\User\Documents\~$espacenet-przykład.xlsx
2015-08-20 18:35 - 2015-08-20 18:36 - 00008583 _____ C:\Users\User\Documents\espacenet-przykład.xlsx
2015-08-19 12:33 - 2015-08-24 21:10 - 00012300 _____ C:\Users\User\Documents\Raport Celebbutik - cz. 1.xlsx
2015-08-19 12:33 - 2015-08-19 12:33 - 00000165 ____H C:\Users\User\Documents\~$Raport Celebbutik - cz. 1.xlsx
2015-08-18 19:17 - 2015-08-18 19:17 - 00061413 _____ C:\Users\User\Documents\EMEAlinks_audit.xlsx
2015-08-18 11:51 - 2015-08-24 21:10 - 00000905 _____ C:\Users\User\Documents\moje pierdy.txt
2015-08-17 23:39 - 2015-08-18 00:34 - 00014041 ____H C:\Users\User\Documents\~WRL1490.tmp
2015-08-13 22:25 - 2013-08-01 19:58 - 00560016 _____ C:\Users\User\Documents\The_Husband_Secret_Liane_Moriarty(www.ebook-dl.com).mobi
2015-08-13 22:25 - 2013-08-01 19:56 - 00713558 _____ C:\Users\User\Documents\The_Husband_Secret_Liane_Moriarty(www.ebook-dl.com).epub
2015-08-13 22:21 - 2015-08-13 22:24 - 01146450 _____ C:\Users\User\Documents\The_Husband_Secret_Liane_Moriarty(www.ebook-dl.com).zip
2015-08-13 22:17 - 2015-08-13 22:18 - 00751526 _____ C:\Users\User\Documents\The Husband's Secret - Liane Moriarty.mobi
2015-08-13 17:43 - 2012-05-05 09:11 - 00894976 _____ C:\Users\User\Desktop\S J Bolton - Dead Scared (mobi).mobi
2015-08-13 17:42 - 2015-08-13 17:42 - 00691080 _____ C:\Users\User\Desktop\S J Bolton - Dead Scared (mobi).rar
2015-08-12 11:41 - 2015-08-12 11:41 - 09284296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2015-08-25 02:40 - 2015-01-26 22:15 - 00000930 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-08-25 02:39 - 2015-01-24 14:42 - 00027883 _____ C:\Users\User\Downloads\FRST.txt
2015-08-25 02:39 - 2015-01-24 14:40 - 00000000 ____D C:\FRST
2015-08-25 02:38 - 2015-01-24 15:55 - 00072975 _____ C:\Users\User\Downloads\Shortcut.txt
2015-08-25 02:22 - 2012-05-30 01:36 - 01898992 _____ C:\windows\WindowsUpdate.log
2015-08-25 02:20 - 2013-11-18 00:15 - 00000924 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1130217176-4031021830-1519301973-1000UA.job
2015-08-25 02:18 - 2009-07-14 06:45 - 00028848 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-25 02:18 - 2009-07-14 06:45 - 00028848 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-25 02:13 - 2014-11-20 20:45 - 00001054 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1130217176-4031021830-1519301973-1000UA1d004f2359ad1b0.job
2015-08-25 02:04 - 2014-01-05 15:16 - 00000478 _____ C:\windows\Tasks\SDMsgUpdate (Local).job
2015-08-25 02:04 - 2014-01-05 15:16 - 00000470 _____ C:\windows\Tasks\SDMsgUpdate (TE).job
2015-08-25 02:04 - 2012-05-29 09:47 - 00000828 _____ C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-08-25 02:03 - 2010-11-21 05:47 - 01125466 _____ C:\windows\PFRO.log
2015-08-25 02:03 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-08-25 02:03 - 2009-07-14 06:51 - 00076627 _____ C:\windows\setupact.log
2015-08-25 02:00 - 2012-08-17 18:03 - 00000000 ____D C:\Users\User\AppData\Local\Adobe
2015-08-25 02:00 - 2012-08-16 13:56 - 00001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-25 02:00 - 2012-08-16 13:56 - 00001134 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-25 02:00 - 2012-08-15 18:34 - 00001425 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-25 01:18 - 2012-08-15 20:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-25 01:13 - 2014-07-28 16:05 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2015-08-25 01:06 - 2013-11-05 22:50 - 00000000 ____D C:\AdwCleaner
2015-08-24 23:53 - 2015-01-24 03:24 - 00000000 ____D C:\windows\Minidump
2015-08-24 23:20 - 2013-11-18 00:15 - 00000902 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1130217176-4031021830-1519301973-1000Core.job
2015-08-24 23:19 - 2015-01-29 23:28 - 00000000 ____D C:\Users\User\Downloads\FRST-OlderVersion
2015-08-24 23:19 - 2015-01-24 14:36 - 02186752 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2015-08-24 21:43 - 2012-08-16 17:22 - 00002499 _____ C:\Users\User\Desktop\Ewa - Chrome.lnk
2015-08-24 21:33 - 2013-07-01 17:44 - 00000000 ____D C:\Users\Test
2015-08-24 21:33 - 2012-08-15 18:57 - 00000000 ____D C:\windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-08-24 21:32 - 2009-07-14 05:20 - 00000000 ____D C:\windows\registration
2015-08-24 21:07 - 2014-11-16 12:09 - 00000000 __SHD C:\Users\User\AppData\Local\EmieBrowserModeList
2015-08-24 21:07 - 2014-04-13 11:38 - 00000000 __SHD C:\Users\User\AppData\Local\EmieUserList
2015-08-24 21:07 - 2014-04-13 11:38 - 00000000 __SHD C:\Users\User\AppData\Local\EmieSiteList
2015-08-24 19:40 - 2013-07-01 17:45 - 00001449 _____ C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-24 13:26 - 2015-01-09 13:25 - 00000000 ____D C:\Users\User\Downloads\ksiazki
2015-08-24 10:00 - 2012-05-29 09:47 - 00000830 _____ C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-08-23 21:13 - 2014-11-20 20:45 - 00001002 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1130217176-4031021830-1519301973-1000Core1d004f231db71b4.job
2015-08-23 16:08 - 2012-11-22 21:16 - 00000000 ____D C:\Users\User\Desktop\studia
2015-08-23 10:06 - 2012-05-30 01:19 - 07389734 _____ C:\windows\system32\perfh015.dat
2015-08-23 10:06 - 2012-05-30 01:19 - 02485318 _____ C:\windows\system32\perfc015.dat
2015-08-23 10:06 - 2009-07-14 07:13 - 00006496 _____ C:\windows\system32\PerfStringBackup.INI
2015-08-21 21:31 - 2012-08-16 13:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-20 20:59 - 2012-08-15 18:30 - 00000000 ____D C:\Users\User\AppData\Roaming\Atheros
2015-08-20 20:45 - 2009-07-14 06:45 - 00620304 _____ C:\windows\system32\FNTCACHE.DAT
2015-08-18 11:43 - 2015-02-10 13:37 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps
2015-08-13 22:10 - 2012-08-15 18:30 - 00000000 ____D C:\Users\User\Documents\Bluetooth Folder
2015-08-13 14:50 - 2015-01-30 03:31 - 00000000 ____D C:\Users\User\AppData\Roaming\GG
2015-08-12 11:46 - 2015-01-26 22:15 - 00003868 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-08-12 11:45 - 2015-01-26 22:15 - 00778440 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-08-12 11:45 - 2015-01-26 22:15 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-01 14:05 - 2012-09-06 14:11 - 00002799 _____ C:\Users\User\Documents\filmy.txt
2015-07-31 19:12 - 2012-08-15 18:35 - 00159728 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT

==================== Pliki w katalogu głównym wybranych folderów =======

2015-07-19 18:50 - 2015-07-19 19:14 - 0000347 _____ () C:\ProgramData\hpzinstall.log
2015-04-22 20:43 - 2015-04-22 20:43 - 0000115 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2015-08-24 20:33 - 2015-08-24 20:33 - 0000124 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Pliki do przeniesienia lub usunięcia:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


Niektóre pliki w TEMP:
====================
C:\Users\User\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap =================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\windows\system32\winlogon.exe => Plik podpisany cyfrowo
C:\windows\system32\wininit.exe => Plik podpisany cyfrowo
C:\windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo
C:\windows\explorer.exe => Plik podpisany cyfrowo
C:\windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\windows\system32\svchost.exe => Plik podpisany cyfrowo
C:\windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\windows\system32\services.exe => Plik podpisany cyfrowo
C:\windows\system32\User32.dll => Plik podpisany cyfrowo
C:\windows\SysWOW64\User32.dll => Plik podpisany cyfrowo
C:\windows\system32\userinit.exe => Plik podpisany cyfrowo
C:\windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\windows\system32\rpcss.dll => Plik podpisany cyfrowo
C:\windows\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo


LastRegBack: 2015-08-23 10:38

==================== Koniec  FRST.txt ============================