Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 31-08-2016 Uruchomiony przez Jurek (administrator) JUREK-KOMPUTER (05-09-2016 22:09:14) Uruchomiony z C:\Users\Jurek\Downloads Załadowane profile: Jurek (Dostępne profile: Jurek & Gość) Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: IE) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\Windows\System32\alg.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe (Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe (Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe (Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe (Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe (Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1796200 2011-02-23] (Acer Incorporated) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-01-11] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [RSDTRAY] => "C:\Program Files (x86)\Rising\RSD\popwndexe.exe" HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid} HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid} HKU\S-1-5-21-2809649214-3554048560-1684349070-1000\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent HKU\S-1-5-21-2809649214-3554048560-1684349070-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-08-31] (Electronic Arts) HKU\S-1-5-21-2809649214-3554048560-1684349070-1000\...\MountPoints2: F - F:\AutoRun.exe HKU\S-1-5-21-2809649214-3554048560-1684349070-1000\...\MountPoints2: {05363134-e147-11e0-b9c3-b870f48ba3a2} - HKU\S-1-5-21-2809649214-3554048560-1684349070-1000\...\MountPoints2: {1023e8aa-7798-11e4-8cf4-b870f48ba3a2} - E:\LG_PC_Programs.exe HKU\S-1-5-21-2809649214-3554048560-1684349070-1000\...\MountPoints2: {10f03206-2e00-11e4-871c-b870f48ba3a2} - E:\AutoRun.exe HKU\S-1-5-21-2809649214-3554048560-1684349070-1000\...\MountPoints2: {2a2e8dce-203d-11e2-a1c4-68a3c4f547b9} - F:\AutoRun.exe HKU\S-1-5-21-2809649214-3554048560-1684349070-1000\...\MountPoints2: {2a2e8dd9-203d-11e2-a1c4-68a3c4f547b9} - F:\AutoRun.exe HKU\S-1-5-21-2809649214-3554048560-1684349070-1000\...\MountPoints2: {3e92940c-44bb-11e4-99c4-b870f48ba3a2} - E:\AutoRun.exe HKU\S-1-5-21-2809649214-3554048560-1684349070-1000\...\MountPoints2: {9a1c65bd-9c34-11e1-855c-b870f48ba3a2} - E:\LaunchU3.exe -a HKU\S-1-5-21-2809649214-3554048560-1684349070-1000\...\MountPoints2: {fb6f207a-e86c-11e2-92c1-b870f48ba3a2} - E:\AutoRun.exe HKU\S-1-5-21-2809649214-3554048560-1684349070-1000\...\MountPoints2: {fb6f2088-e86c-11e2-92c1-b870f48ba3a2} - E:\AutoRun.exe HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid} AppInit_DLLs: C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll => Brak pliku AppInit_DLLs: C:\PROGRA~2\BEARSH~2\MediaBar\Datamngr\x64\IEBHO.dll => Brak pliku ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll Brak pliku ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll Brak pliku ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll Brak pliku ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll Brak pliku GroupPolicy: Ograniczenia - Chrome <======= UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{2CB0C26E-9B8F-429E-A677-B69F8E1953B5}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{7919BAC1-5E35-4E32-9B2D-D9C860F854BB}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{A8AA306B-24DC-4279-B388-49A030A2436F}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp120141124 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp120141124 HKU\S-1-5-21-2809649214-3554048560-1684349070-1000\Software\Microsoft\Internet Explorer\Main,Start Page = HKU\S-1-5-21-2809649214-3554048560-1684349070-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.22apple.com/?utm_source=b&ch=sof&uid=ST9500325AS_6VEQFZK4XXXX6VEQFZK4®=1359234689 URLSearchHook: HKU\S-1-5-21-2809649214-3554048560-1684349070-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) URLSearchHook: HKU\S-1-5-21-2809649214-3554048560-1684349070-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.just-browse.info/?l=1&q={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKU\.DEFAULT -> {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = SearchScopes: HKU\S-1-5-21-2809649214-3554048560-1684349070-1000 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23 SearchScopes: HKU\S-1-5-21-2809649214-3554048560-1684349070-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\S-1-5-21-2809649214-3554048560-1684349070-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.just-browse.info/?l=1&q={searchTerms} SearchScopes: HKU\S-1-5-21-2809649214-3554048560-1684349070-1000 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23 BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL => Brak pliku BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2012-02-17] (McAfee, Inc.) BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\mskapbho.dll => Brak pliku BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-03-06] (RealDownloader) BHO-x32: Brak nazwy -> {41ca0640-a64c-4262-8540-36c33ee58961} -> Brak pliku BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2012-02-17] (McAfee, Inc.) BHO-x32: MediaBar -> {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} -> C:\PROGRA~2\BEARSH~2\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll => Brak pliku Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2012-02-17] (McAfee, Inc.) Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2012-02-17] (McAfee, Inc.) Toolbar: HKLM-x32 - Brak nazwy - {37B85A29-692B-4205-9CAD-2626E4993404} - Brak pliku Toolbar: HKLM-x32 - MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~2\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll Brak pliku Toolbar: HKLM-x32 - Brak nazwy - {41ca0640-a64c-4262-8540-36c33ee58961} - Brak pliku Toolbar: HKU\S-1-5-21-2809649214-3554048560-1684349070-1000 -> Brak nazwy - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Brak pliku Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2012-02-17] (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2012-02-17] (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2012-02-17] (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2012-02-17] (McAfee, Inc.) FireFox: ======== FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll [2012-02-17] (McAfee, Inc.) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: @real.com/nppl3260;version=16.0.1.18 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2013-05-02] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-03-06] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-03-06] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-03-06] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=16.0.1.18 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2013-05-02] (RealPlayer) FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-03-06] (RealDownloader) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-06-23] (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml [2010-12-13] FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox => nie znaleziono FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor FF Extension: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor [2012-02-28] [Brak podpisu cyfrowego] FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox => nie znaleziono FF HKLM-x32\...\Firefox\Extensions: [speedanalysis@SpeedAnalysis.com] - C:\Users\Jurek\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com FF Extension: (SpeedAnalysis.com) - C:\Users\Jurek\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com [2013-04-13] [Brak podpisu cyfrowego] FF HKLM-x32\...\Firefox\Extensions: [{DAC3F861-B30D-40dd-9166-F4E75327FAC7}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: (RealDownloader) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-10-23] [Brak podpisu cyfrowego] FF HKU\S-1-5-21-2809649214-3554048560-1684349070-1000\...\Firefox\Extensions: [speedanalysis@SpeedAnalysis.com] - C:\Users\Jurek\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com Chrome: ======= CHR Profile: C:\Users\Jurek\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Music App) - C:\Users\Jurek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaikjhckghnoaaaehhmgjcfajoabi [2015-03-15] CHR Extension: (SiteAdvisor) - C:\Users\Jurek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-07-14] CHR Extension: (RealDownloader) - C:\Users\Jurek\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2015-03-15] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Jurek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-27] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2012-02-28] CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-03-06] Opera: ======= OPR StartupUrls: "hxxp://onet.pl/" OPR Session Restore: -> [funkcja włączona] OPR Extension: (Internet Speed Checker) - C:\Users\Jurek\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbglkiiiofelplniblholffbhhjmdhhi [2015-01-18] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-08-31] (Electronic Arts) R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-03-06] () R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [X] S2 CxAudMsg; C:\Windows\system32\CxAudMsg64.exe [X] S2 McAfee SiteAdvisor Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [X] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 USBET; C:\Windows\System32\DRIVERS\ETdrv.sys [6408704 2010-11-29] (Etron) [Brak podpisu cyfrowego] R1 {24616444-765b-4b21-a0d9-3f0c17b29bfe}Gw64; C:\Windows\System32\drivers\{24616444-765b-4b21-a0d9-3f0c17b29bfe}Gw64.sys [48832 2014-11-28] (StdLib) R1 {283007d1-f819-42a1-805d-c4b2324e2541}w64; C:\Windows\System32\drivers\{283007d1-f819-42a1-805d-c4b2324e2541}w64.sys [48824 2015-03-12] (StdLib) R1 {397e3208-0393-47ca-9748-370b27e14021}Gw64; C:\Windows\System32\drivers\{397e3208-0393-47ca-9748-370b27e14021}Gw64.sys [48792 2014-10-19] (StdLib) R1 {4059f7a9-d023-4137-a1c8-01f0f6fe6110}Gw64; C:\Windows\System32\drivers\{4059f7a9-d023-4137-a1c8-01f0f6fe6110}Gw64.sys [48792 2014-10-20] (StdLib) R1 {4b6b588f-fe6d-43d5-96e6-6583434569cd}Gw64; C:\Windows\System32\drivers\{4b6b588f-fe6d-43d5-96e6-6583434569cd}Gw64.sys [48792 2014-10-15] (StdLib) R1 {55825785-0831-456c-8958-bd781398505d}Gw64; C:\Windows\System32\drivers\{55825785-0831-456c-8958-bd781398505d}Gw64.sys [48832 2014-11-26] (StdLib) R1 {5eeb83d0-96ea-4249-942c-beead6847053}Gw64; C:\Windows\System32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gw64.sys [44696 2014-09-22] (StdLib) R1 {71d5e150-c72b-4e5b-a773-e49420251642}Gw64; C:\Windows\System32\drivers\{71d5e150-c72b-4e5b-a773-e49420251642}Gw64.sys [48792 2014-10-22] (StdLib) R1 {770fb547-94ed-427b-b3fd-c329c271e0e0}Gw64; C:\Windows\System32\drivers\{770fb547-94ed-427b-b3fd-c329c271e0e0}Gw64.sys [48832 2014-11-30] (StdLib) R1 {9ba18a1b-2c6c-45d9-9fbe-65697713d97f}Gw64; C:\Windows\System32\drivers\{9ba18a1b-2c6c-45d9-9fbe-65697713d97f}Gw64.sys [48792 2014-10-12] (StdLib) R1 {a55194f7-a37b-4c11-a70f-d4f2b16d2c71}Gw64; C:\Windows\System32\drivers\{a55194f7-a37b-4c11-a70f-d4f2b16d2c71}Gw64.sys [48832 2014-12-01] (StdLib) R1 {b6d2616c-64d9-4cf8-b476-cbd886546a36}Gw64; C:\Windows\System32\drivers\{b6d2616c-64d9-4cf8-b476-cbd886546a36}Gw64.sys [48792 2014-10-15] (StdLib) R1 {c60870f2-8f6e-46c4-b1de-a1d328298cb8}Gw64; C:\Windows\System32\drivers\{c60870f2-8f6e-46c4-b1de-a1d328298cb8}Gw64.sys [48792 2014-10-10] (StdLib) R1 {e168bb47-74a7-440b-bf7d-d17153007d6b}Gw64; C:\Windows\System32\drivers\{e168bb47-74a7-440b-bf7d-d17153007d6b}Gw64.sys [48792 2014-10-11] (StdLib) R1 {efa349b9-003c-4506-9e55-957c1cff853c}Gw64; C:\Windows\System32\drivers\{efa349b9-003c-4506-9e55-957c1cff853c}Gw64.sys [48792 2014-10-23] (StdLib) R1 {f0140d89-3c88-497e-896f-f889e74b42b2}Gw64; C:\Windows\System32\drivers\{f0140d89-3c88-497e-896f-f889e74b42b2}Gw64.sys [48792 2014-10-12] (StdLib) R1 {f06ee1ad-d0c2-4bf7-ada2-fa0fb563c169}Gw64; C:\Windows\System32\drivers\{f06ee1ad-d0c2-4bf7-ada2-fa0fb563c169}Gw64.sys [48792 2014-10-15] (StdLib) R1 {fa50efa5-2c2a-4d8c-b58d-b9548ceccd2b}Gw64; C:\Windows\System32\drivers\{fa50efa5-2c2a-4d8c-b58d-b9548ceccd2b}Gw64.sys [48792 2014-10-10] (StdLib) R1 {fc8e6a5c-9413-4b64-b2fd-0aad0e9e50eb}Gw64; C:\Windows\System32\drivers\{fc8e6a5c-9413-4b64-b2fd-0aad0e9e50eb}Gw64.sys [48792 2014-10-16] (StdLib) R1 {fec0fd95-7a4f-4f0e-93f4-63bcf3ad1706}Gw64; C:\Windows\System32\drivers\{fec0fd95-7a4f-4f0e-93f4-63bcf3ad1706}Gw64.sys [48792 2014-10-13] (StdLib) S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X] S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-09-05 22:05 - 2016-09-05 22:05 - 00037477 _____ C:\Users\Jurek\Downloads\AdwCleanerS0.txt 2016-09-05 21:54 - 2016-09-05 21:54 - 00000000 ____D C:\Users\Jurek\AppData\Roaming\Solvusoft 2016-09-05 21:39 - 2016-09-05 21:52 - 00000000 ____D C:\AdwCleaner 2016-09-05 21:39 - 2016-09-05 21:39 - 03826240 _____ C:\Users\Jurek\Desktop\adwcleaner_6.010.exe 2016-09-01 20:38 - 2016-09-01 20:38 - 00010630 _____ C:\Users\Jurek\Desktop\gmer.txt 2016-09-01 18:28 - 2016-09-01 18:29 - 00144997 _____ C:\Users\Jurek\Downloads\Shortcut.txt 2016-09-01 18:22 - 2016-09-01 18:28 - 00109472 _____ C:\Users\Jurek\Downloads\Addition.txt 2016-09-01 18:19 - 2016-09-05 22:09 - 00021060 _____ C:\Users\Jurek\Downloads\FRST.txt 2016-09-01 18:13 - 2016-09-01 18:37 - 733984768 _____ C:\Users\Jurek\Desktop\Zanim się pojawiłeś.avi 2016-09-01 17:55 - 2016-09-05 21:55 - 00003352 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2809649214-3554048560-1684349070-1000 2016-08-31 22:45 - 2016-08-31 22:45 - 00380928 _____ C:\Users\Jurek\Downloads\yugbsd4m.exe 2016-08-31 22:32 - 2016-09-05 22:09 - 00000000 ____D C:\FRST 2016-08-31 22:29 - 2016-08-31 22:29 - 02397696 _____ (Farbar) C:\Users\Jurek\Downloads\FRST64.exe 2016-08-31 14:16 - 2016-08-31 14:16 - 00002206 _____ C:\Users\Public\Desktop\The Sims™ 3 Zwierzaki.lnk 2016-08-31 13:58 - 2016-08-31 14:21 - 00000000 ____D C:\Program Files (x86)\Origin Games 2016-08-31 13:57 - 2016-08-31 14:18 - 00000000 ____D C:\Users\Jurek\AppData\Local\Origin 2016-08-31 13:35 - 2016-08-31 14:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2016-08-31 13:35 - 2016-08-31 13:35 - 00000989 _____ C:\Users\Public\Desktop\Origin.lnk 2016-08-31 13:34 - 2016-08-31 14:17 - 00000000 ____D C:\Program Files (x86)\Origin 2016-08-31 13:33 - 2016-08-31 13:33 - 00002206 _____ C:\Users\Public\Desktop\The Sims™ 3 Po zmroku.lnk 2016-08-31 13:12 - 2016-08-31 13:12 - 00002288 _____ C:\Users\Public\Desktop\The Sims™ 3 Wymarzone Podróże.lnk 2016-08-31 11:08 - 2016-08-31 11:08 - 00000000 ____D C:\Users\Jurek\Documents\Electronic Arts 2016-08-31 11:05 - 2016-08-31 11:05 - 00002090 _____ C:\Users\Public\Desktop\The Sims™ 3.lnk 2016-08-30 23:36 - 2011-04-05 13:26 - 00252712 _____ (ELAN Microelectronics Corp.) C:\Windows\ETDUninst.dll 2016-08-30 14:57 - 2016-08-30 14:57 - 00003122 _____ C:\Windows\System32\Tasks\{09E6602F-42AE-4F4A-8310-A8B9A3623931} 2016-08-30 14:22 - 2016-08-30 14:22 - 00003094 _____ C:\Windows\System32\Tasks\{16701D5A-2B24-4185-B291-EF40ACD2D43F} 2016-08-30 14:19 - 2016-08-30 14:19 - 00000000 ____D C:\Users\Jurek\AppData\Local\{6F05A601-5B80-46B9-9A16-774315428950} 2016-08-29 17:44 - 2016-08-31 14:35 - 00000000 ____D C:\Users\Jurek\Desktop\Ola 2016-08-26 19:32 - 2016-09-05 21:55 - 00003218 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2809649214-3554048560-1684349070-1000 2016-08-22 17:55 - 2016-08-22 17:55 - 00000000 ____D C:\Users\Jurek\AppData\Local\{D89AEA30-8D38-4625-B026-CAE0B9C6E004} ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-09-05 22:07 - 2013-05-21 10:20 - 00000000 ____D C:\ProgramData\Origin 2016-09-05 22:03 - 2009-07-14 06:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-09-05 22:03 - 2009-07-14 06:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-09-05 22:00 - 2013-05-02 15:19 - 00000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2016-09-05 21:59 - 2015-05-16 10:11 - 00003122 _____ C:\Windows\System32\Tasks\DriverDocRunAtStartup 2016-09-05 21:59 - 2015-03-12 19:15 - 00003032 _____ C:\Windows\System32\Tasks\DriverDoc_UPDATES 2016-09-05 21:59 - 2015-03-12 19:14 - 00000278 _____ C:\Windows\Tasks\DriverDoc_UPDATES.job 2016-09-05 21:54 - 2013-05-02 17:06 - 00065536 _____ C:\Windows\system32\Ikeext.etl 2016-09-05 21:54 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-09-05 19:24 - 2011-05-29 17:03 - 00745634 _____ C:\Windows\system32\perfh015.dat 2016-09-05 19:24 - 2011-05-29 17:03 - 00158934 _____ C:\Windows\system32\perfc015.dat 2016-09-05 19:24 - 2009-07-14 07:13 - 00902304 _____ C:\Windows\system32\PerfStringBackup.INI 2016-09-05 19:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2016-09-05 17:56 - 2011-08-15 14:59 - 00003990 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896} 2016-09-03 09:16 - 2014-09-22 20:59 - 00000000 ____D C:\Program Files (x86)\Opera 2016-09-01 20:41 - 2011-08-15 13:00 - 00000000 ____D C:\Users\Jurek\AppData\Roaming\SoftGrid Client 2016-09-01 20:35 - 2011-08-14 20:07 - 00000000 ____D C:\Users\Jurek\AppData\Roaming\Adobe 2016-09-01 17:55 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD 2016-08-31 22:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing 2016-08-31 14:19 - 2013-05-21 10:20 - 00000000 ____D C:\Users\Jurek\AppData\Roaming\Origin 2016-08-31 14:16 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-08-31 14:10 - 2014-07-08 18:42 - 00000000 ____D C:\ProgramData\Package Cache 2016-08-31 14:07 - 2011-08-31 10:26 - 00000000 ____D C:\Program Files (x86)\Electronic Arts 2016-08-31 14:07 - 2011-03-25 06:56 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-08-31 13:35 - 2011-08-31 10:49 - 00000000 ____D C:\ProgramData\Electronic Arts 2016-08-31 00:11 - 2011-12-11 12:33 - 00000000 ____D C:\Program Files (x86)\TV 2016-08-31 00:08 - 2011-08-14 20:07 - 00058904 _____ C:\Users\Jurek\AppData\Local\GDIPFONTCACHEV1.DAT 2016-08-31 00:05 - 2009-07-14 06:45 - 00275968 _____ C:\Windows\system32\FNTCACHE.DAT 2016-08-30 23:58 - 2011-03-25 08:08 - 00000000 ____D C:\ProgramData\BackupManager 2016-08-30 23:57 - 2011-03-25 07:26 - 00000000 ____D C:\Program Files (x86)\Acer 2016-08-30 23:55 - 2014-07-08 18:42 - 00000000 ____D C:\Program Files\Adblock Plus for IE 2016-08-30 23:54 - 2011-03-25 07:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer 2016-08-30 23:51 - 2012-01-18 21:29 - 00000000 ____D C:\Program Files (x86)\ChomikBox 2016-08-30 23:48 - 2011-05-29 16:35 - 00000000 ____D C:\ProgramData\CyberLink 2016-08-30 23:45 - 2011-08-14 22:07 - 00000000 ____D C:\Users\Jurek\AppData\Local\Cyberlink 2016-08-30 23:37 - 2011-09-18 21:43 - 00000000 ____D C:\Program Files (x86)\Canon 2016-08-30 23:30 - 2013-07-21 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CheboMan 2016-08-30 23:21 - 2014-06-04 10:04 - 00000000 ____D C:\Users\Jurek\AppData\Local\GG 2016-08-30 23:21 - 2012-09-21 13:07 - 00002122 _____ C:\Windows\wininit.ini 2016-08-30 23:19 - 2011-08-18 11:36 - 00000000 ____D C:\Program Files (x86)\Google 2016-08-30 23:13 - 2011-09-07 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader 2016-08-30 22:59 - 2013-11-04 21:51 - 00000000 ____D C:\Program Files (x86)\Nokia 2016-08-30 22:57 - 2013-11-04 21:55 - 00000000 ____D C:\ProgramData\Nokia 2016-08-30 22:56 - 2013-11-04 22:09 - 00000000 ____D C:\Users\Jurek\AppData\Roaming\Nokia Suite 2016-08-30 22:56 - 2013-11-04 22:09 - 00000000 ____D C:\Users\Jurek\AppData\Roaming\Nokia 2016-08-30 22:50 - 2009-07-14 07:08 - 00032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-08-30 22:48 - 2011-05-29 16:31 - 00001024 ___RH C:\Users\Public\Documents\NTIMMV9Acer.dll 2016-08-30 18:30 - 2013-01-12 17:00 - 00000000 ____D C:\ProgramData\InstallMate 2016-08-30 18:26 - 2011-08-16 18:28 - 00000000 ____D C:\Users\Jurek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alawar.pl 2016-08-30 18:26 - 2011-08-16 18:28 - 00000000 ____D C:\Program Files (x86)\Alawar.pl 2016-08-30 14:50 - 2011-08-15 12:19 - 00000000 ____D C:\Program Files (x86)\Turtix Misja Ratunkowa 2016-08-30 14:29 - 2014-07-08 18:42 - 00000000 ____D C:\Users\Jurek\AppData\LocalLow\Adblock Plus for IE 2016-08-30 14:24 - 2012-01-21 22:00 - 00000000 ____D C:\Program Files (x86)\Winamp 2016-08-29 19:29 - 2013-07-14 12:45 - 00000000 ____D C:\Users\Jurek\Desktop\JUREK 2016-08-29 18:23 - 2013-07-14 12:54 - 00000000 ____D C:\Users\Jurek\Documents\Folder 2016-08-29 18:22 - 2013-01-09 21:00 - 00000000 ____D C:\Users\Jurek\Downloads\Nowy folder 2016-08-29 17:39 - 2014-06-04 10:07 - 00000000 ___SD C:\Users\Jurek\GG dysk 2016-08-28 22:15 - 2013-09-27 15:42 - 00000241 _____ C:\Users\Jurek\AppData\Roaming\WB.CFG 2016-08-16 21:10 - 2014-12-14 21:02 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2016-08-09 20:23 - 2014-09-22 21:00 - 00003900 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1411412399 ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-09-19 16:47 - 2015-09-19 16:48 - 6420480 _____ () C:\Program Files (x86)\GUTE051.tmp 2012-06-10 18:13 - 2012-06-10 18:13 - 0000272 _____ () C:\Users\Jurek\AppData\Roaming\.backup.dm 2013-05-26 13:40 - 2013-05-30 12:28 - 0000298 _____ () C:\Users\Jurek\AppData\Roaming\KosztKonfig.xml 2013-05-30 12:28 - 2013-05-30 12:28 - 0000298 _____ () C:\Users\Jurek\AppData\Roaming\KosztKonfig.xml.bak 2012-01-11 18:05 - 2011-11-17 07:38 - 0153088 _____ () C:\Users\Jurek\AppData\Roaming\Other.res 2013-09-27 15:42 - 2016-08-28 22:15 - 0000241 _____ () C:\Users\Jurek\AppData\Roaming\WB.CFG 2011-09-19 19:15 - 2013-11-16 17:37 - 0006656 _____ () C:\Users\Jurek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-07-04 19:21 - 2014-02-04 18:20 - 0007599 _____ () C:\Users\Jurek\AppData\Local\Resmon.ResmonCfg 2012-01-11 21:45 - 2012-01-11 21:45 - 0000000 _____ () C:\Users\Jurek\AppData\Local\{7116CF05-1700-4965-89C2-C349967D44D1} 2011-09-28 16:56 - 2011-09-28 16:56 - 0000000 _____ () C:\Users\Jurek\AppData\Local\{9195DDC2-837B-4E3F-827A-989DFD791ABA} 2011-09-28 16:58 - 2011-09-28 16:58 - 0000000 _____ () C:\Users\Jurek\AppData\Local\{CFA15332-569C-4664-9D4A-AE760CAA06B8} 2011-11-06 22:05 - 2011-11-06 22:05 - 0000000 _____ () C:\Users\Jurek\AppData\Local\{E972B417-0ADF-4159-AB63-DB20FE483C17} 2011-05-29 16:35 - 2011-05-29 16:43 - 0015211 _____ () C:\ProgramData\ArcadeDeluxe5.log 2011-03-25 07:07 - 2010-03-02 23:59 - 0131984 _____ () C:\ProgramData\FullRemove.exe 2016-08-30 23:45 - 2016-08-30 23:47 - 0000032 _____ () C:\ProgramData\PS.log Niektóre pliki w TEMP: ==================== C:\Users\Gość.Jurek-Komputer\AppData\Local\Temp\gg10.upgr.exe C:\Users\Gość.Jurek-Komputer\AppData\Local\Temp\ICReinstall_HoolappSetup.exe C:\Users\Jurek\AppData\Local\Temp\22apple_B_sof_br_2013114191011.exe C:\Users\Jurek\AppData\Local\Temp\9856uninstall.exe C:\Users\Jurek\AppData\Local\Temp\app_d.exe C:\Users\Jurek\AppData\Local\Temp\app_e.exe C:\Users\Jurek\AppData\Local\Temp\ASCSetup.exe C:\Users\Jurek\AppData\Local\Temp\bitool.dll C:\Users\Jurek\AppData\Local\Temp\crpt.exe C:\Users\Jurek\AppData\Local\Temp\dgen.exe C:\Users\Jurek\AppData\Local\Temp\dp.exe C:\Users\Jurek\AppData\Local\Temp\dsrsetup.exe C:\Users\Jurek\AppData\Local\Temp\EAD12D4.exe C:\Users\Jurek\AppData\Local\Temp\EAD12F3.exe C:\Users\Jurek\AppData\Local\Temp\EAD1592.exe C:\Users\Jurek\AppData\Local\Temp\EAD194A.exe C:\Users\Jurek\AppData\Local\Temp\EAD1A43.exe C:\Users\Jurek\AppData\Local\Temp\EAD1C75.exe C:\Users\Jurek\AppData\Local\Temp\EAD1D9D.exe C:\Users\Jurek\AppData\Local\Temp\EAD1E87.exe C:\Users\Jurek\AppData\Local\Temp\EAD1ED5.exe C:\Users\Jurek\AppData\Local\Temp\EAD1F04.exe C:\Users\Jurek\AppData\Local\Temp\EAD20E8.exe C:\Users\Jurek\AppData\Local\Temp\EAD2155.exe C:\Users\Jurek\AppData\Local\Temp\EAD22CB.exe C:\Users\Jurek\AppData\Local\Temp\EAD22CC.exe C:\Users\Jurek\AppData\Local\Temp\EAD231.exe C:\Users\Jurek\AppData\Local\Temp\EAD2358.exe C:\Users\Jurek\AppData\Local\Temp\EAD23B5.exe C:\Users\Jurek\AppData\Local\Temp\EAD2480.exe C:\Users\Jurek\AppData\Local\Temp\EAD24FD.exe C:\Users\Jurek\AppData\Local\Temp\EAD2589.exe C:\Users\Jurek\AppData\Local\Temp\EAD2664.exe C:\Users\Jurek\AppData\Local\Temp\EAD275D.exe C:\Users\Jurek\AppData\Local\Temp\EAD27DD.exe C:\Users\Jurek\AppData\Local\Temp\EAD29AE.exe C:\Users\Jurek\AppData\Local\Temp\EAD2DC3.exe C:\Users\Jurek\AppData\Local\Temp\EAD2E02.exe C:\Users\Jurek\AppData\Local\Temp\EAD2E50.exe C:\Users\Jurek\AppData\Local\Temp\EAD2E6F.exe C:\Users\Jurek\AppData\Local\Temp\EAD2FB6.exe C:\Users\Jurek\AppData\Local\Temp\EAD32F1.exe C:\Users\Jurek\AppData\Local\Temp\EAD3448.exe C:\Users\Jurek\AppData\Local\Temp\EAD368A.exe C:\Users\Jurek\AppData\Local\Temp\EAD368B.exe C:\Users\Jurek\AppData\Local\Temp\EAD369.exe C:\Users\Jurek\AppData\Local\Temp\EAD36A.exe C:\Users\Jurek\AppData\Local\Temp\EAD3774.exe C:\Users\Jurek\AppData\Local\Temp\EAD3BB8.exe C:\Users\Jurek\AppData\Local\Temp\EAD40C6.exe C:\Users\Jurek\AppData\Local\Temp\EAD475B.exe C:\Users\Jurek\AppData\Local\Temp\EAD4836.exe C:\Users\Jurek\AppData\Local\Temp\EAD4A38.exe C:\Users\Jurek\AppData\Local\Temp\EAD4AD4.exe C:\Users\Jurek\AppData\Local\Temp\EAD4C1C.exe C:\Users\Jurek\AppData\Local\Temp\EAD4D06.exe C:\Users\Jurek\AppData\Local\Temp\EAD4D64.exe C:\Users\Jurek\AppData\Local\Temp\EAD51F6.exe C:\Users\Jurek\AppData\Local\Temp\EAD57CF.exe C:\Users\Jurek\AppData\Local\Temp\EAD5C61.exe C:\Users\Jurek\AppData\Local\Temp\EAD5CAF.exe C:\Users\Jurek\AppData\Local\Temp\EAD5DB8.exe C:\Users\Jurek\AppData\Local\Temp\EAD6028.exe C:\Users\Jurek\AppData\Local\Temp\EAD6289.exe C:\Users\Jurek\AppData\Local\Temp\EAD6508.exe C:\Users\Jurek\AppData\Local\Temp\EAD65B4.exe C:\Users\Jurek\AppData\Local\Temp\EAD666.exe C:\Users\Jurek\AppData\Local\Temp\EAD6834.exe C:\Users\Jurek\AppData\Local\Temp\EAD694.exe C:\Users\Jurek\AppData\Local\Temp\EAD6AF2.exe C:\Users\Jurek\AppData\Local\Temp\EAD6F84.exe C:\Users\Jurek\AppData\Local\Temp\EAD6FB3.exe C:\Users\Jurek\AppData\Local\Temp\EAD6FE1.exe C:\Users\Jurek\AppData\Local\Temp\EAD70DB.exe C:\Users\Jurek\AppData\Local\Temp\EAD71E4.exe C:\Users\Jurek\AppData\Local\Temp\EAD7389.exe C:\Users\Jurek\AppData\Local\Temp\EAD7619.exe C:\Users\Jurek\AppData\Local\Temp\EAD7722.exe C:\Users\Jurek\AppData\Local\Temp\EAD7770.exe C:\Users\Jurek\AppData\Local\Temp\EAD777F.exe C:\Users\Jurek\AppData\Local\Temp\EAD7780.exe C:\Users\Jurek\AppData\Local\Temp\EAD783B.exe C:\Users\Jurek\AppData\Local\Temp\EAD7973.exe C:\Users\Jurek\AppData\Local\Temp\EAD8055.exe C:\Users\Jurek\AppData\Local\Temp\EAD8304.exe C:\Users\Jurek\AppData\Local\Temp\EAD83CF.exe C:\Users\Jurek\AppData\Local\Temp\EAD888F.exe C:\Users\Jurek\AppData\Local\Temp\EAD8C57.exe C:\Users\Jurek\AppData\Local\Temp\EAD8E0B.exe C:\Users\Jurek\AppData\Local\Temp\EAD8F24.exe C:\Users\Jurek\AppData\Local\Temp\EAD914.exe C:\Users\Jurek\AppData\Local\Temp\EAD91F2.exe C:\Users\Jurek\AppData\Local\Temp\EAD9211.exe C:\Users\Jurek\AppData\Local\Temp\EAD943.exe C:\Users\Jurek\AppData\Local\Temp\EAD951D.exe C:\Users\Jurek\AppData\Local\Temp\EAD97CB.exe C:\Users\Jurek\AppData\Local\Temp\EAD9A5B.exe C:\Users\Jurek\AppData\Local\Temp\EAD9C1F.exe C:\Users\Jurek\AppData\Local\Temp\EAD9DF3.exe C:\Users\Jurek\AppData\Local\Temp\EADA67B.exe C:\Users\Jurek\AppData\Local\Temp\EADA6D9.exe C:\Users\Jurek\AppData\Local\Temp\EADA7B3.exe C:\Users\Jurek\AppData\Local\Temp\EADAB6B.exe C:\Users\Jurek\AppData\Local\Temp\EADAC07.exe C:\Users\Jurek\AppData\Local\Temp\EADAEC5.exe C:\Users\Jurek\AppData\Local\Temp\EADAF03.exe C:\Users\Jurek\AppData\Local\Temp\EADB07.exe C:\Users\Jurek\AppData\Local\Temp\EADB163.exe C:\Users\Jurek\AppData\Local\Temp\EADB1F0.exe C:\Users\Jurek\AppData\Local\Temp\EADB21F.exe C:\Users\Jurek\AppData\Local\Temp\EADB53A.exe C:\Users\Jurek\AppData\Local\Temp\EADB5D6.exe C:\Users\Jurek\AppData\Local\Temp\EADB73D.exe C:\Users\Jurek\AppData\Local\Temp\EADB94F.exe C:\Users\Jurek\AppData\Local\Temp\EADBA1A.exe C:\Users\Jurek\AppData\Local\Temp\EADBAC6.exe C:\Users\Jurek\AppData\Local\Temp\EADBCC9.exe C:\Users\Jurek\AppData\Local\Temp\EADBF48.exe C:\Users\Jurek\AppData\Local\Temp\EADC11C.exe C:\Users\Jurek\AppData\Local\Temp\EADC1B8.exe C:\Users\Jurek\AppData\Local\Temp\EADC206.exe C:\Users\Jurek\AppData\Local\Temp\EADC207.exe C:\Users\Jurek\AppData\Local\Temp\EADC4F.exe C:\Users\Jurek\AppData\Local\Temp\EADC8CA.exe C:\Users\Jurek\AppData\Local\Temp\EADCACD.exe C:\Users\Jurek\AppData\Local\Temp\EADCB0B.exe C:\Users\Jurek\AppData\Local\Temp\EADCFA.exe C:\Users\Jurek\AppData\Local\Temp\EADD29.exe C:\Users\Jurek\AppData\Local\Temp\EADD3F1.exe C:\Users\Jurek\AppData\Local\Temp\EADD45E.exe C:\Users\Jurek\AppData\Local\Temp\EADD4CB.exe C:\Users\Jurek\AppData\Local\Temp\EADD5C5.exe C:\Users\Jurek\AppData\Local\Temp\EADE723.exe C:\Users\Jurek\AppData\Local\Temp\EADEAF.exe C:\Users\Jurek\AppData\Local\Temp\EADEED0.exe C:\Users\Jurek\AppData\Local\Temp\EADF2E5.exe C:\Users\Jurek\AppData\Local\Temp\EADF334.exe C:\Users\Jurek\AppData\Local\Temp\EADF4BA.exe C:\Users\Jurek\AppData\Local\Temp\EADF6FB.exe C:\Users\Jurek\AppData\Local\Temp\EADF873.exe C:\Users\Jurek\AppData\Local\Temp\EADF9D8.exe C:\Users\Jurek\AppData\Local\Temp\EADFD8.exe C:\Users\Jurek\AppData\Local\Temp\EADFEA8.exe C:\Users\Jurek\AppData\Local\Temp\EADFF16.exe C:\Users\Jurek\AppData\Local\Temp\EADFF17.exe C:\Users\Jurek\AppData\Local\Temp\GetCC.dll C:\Users\Jurek\AppData\Local\Temp\gg10.upgr.exe C:\Users\Jurek\AppData\Local\Temp\ggdrive-menu.exe C:\Users\Jurek\AppData\Local\Temp\ggdrive-overlay.exe C:\Users\Jurek\AppData\Local\Temp\guninst.exe C:\Users\Jurek\AppData\Local\Temp\ICReinstall_FlvtoConverterSetupV0.7.3.exe C:\Users\Jurek\AppData\Local\Temp\ICReinstall_Malavida_Download_Manager.exe C:\Users\Jurek\AppData\Local\Temp\ICReinstall_RingtonesMakerSetup.exe C:\Users\Jurek\AppData\Local\Temp\incredibar_install.exe C:\Users\Jurek\AppData\Local\Temp\installstats.exe C:\Users\Jurek\AppData\Local\Temp\install_flashplayer13x32ax_gtbd_chrd_dn_aaa_aih.exe C:\Users\Jurek\AppData\Local\Temp\libcurl-4.dll C:\Users\Jurek\AppData\Local\Temp\libeay32.dll C:\Users\Jurek\AppData\Local\Temp\libwinpthread-1.dll C:\Users\Jurek\AppData\Local\Temp\lowproc.exe C:\Users\Jurek\AppData\Local\Temp\mgsqlite3.dll C:\Users\Jurek\AppData\Local\Temp\mgxoschk.dll C:\Users\Jurek\AppData\Local\Temp\MgxVistaTools.dll C:\Users\Jurek\AppData\Local\Temp\msvcr120.dll C:\Users\Jurek\AppData\Local\Temp\NOSEventMessages.dll C:\Users\Jurek\AppData\Local\Temp\res.dll C:\Users\Jurek\AppData\Local\Temp\SCC.dll C:\Users\Jurek\AppData\Local\Temp\SendMsg.dll C:\Users\Jurek\AppData\Local\Temp\Shortcut_Shortcut_sweetimsetup (1).exe C:\Users\Jurek\AppData\Local\Temp\Shortcut_sweetimsetup (1).exe C:\Users\Jurek\AppData\Local\Temp\Shortcut_sweetimsetup.exe C:\Users\Jurek\AppData\Local\Temp\SkypeSetup.exe C:\Users\Jurek\AppData\Local\Temp\SmartbarExeInstaller.exe C:\Users\Jurek\AppData\Local\Temp\Sqlite3.dll C:\Users\Jurek\AppData\Local\Temp\starter.exe C:\Users\Jurek\AppData\Local\Temp\stubhelper.dll C:\Users\Jurek\AppData\Local\Temp\uninst1.exe C:\Users\Jurek\AppData\Local\Temp\UninstallEADM.dll C:\Users\Jurek\AppData\Local\Temp\vbmz6.exe C:\Users\Jurek\AppData\Local\Temp\vcredist_x86.exe C:\Users\Jurek\AppData\Local\Temp\zlib1.dll C:\Users\Jurek\AppData\Local\Temp\_9CEA.exe C:\Users\Jurek\AppData\Local\Temp\{2E6C5E96-DDE1-41E5-AA06-AE542DDD5348}-36.0.1985.143_35.0.1916.153_chrome_updater.exe C:\Users\Jurek\AppData\Local\Temp\{595C0BDF-2FF1-4AA5-BCB2-D82A66C31356}-22.0.1229.94_chrome_installer.exe C:\Users\Jurek\AppData\Local\Temp\{734DEB88-B90F-4251-BCCD-FDE0EA121860}-46.0.2490.80_46.0.2490.71_chrome_updater.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-08-30 21:50 ==================== Koniec FRST.txt ============================