Jak widzę nie jestem jedyna z tym problemem. :) Bardzo proszę o pomoc z usunięciem tego syfu. Mam nadzieję, że wgrałam dobre pliki. Proszę o dokładne instrukcje, jestem strasznym laikiem w kwestiach informatycznych. Dzięki.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-12-2015
Ran by Tosia (administrator) on TOSIA-VAIO (14-12-2015 09:29:22)
Running from C:\Users\Tosia\Downloads
Loaded Profiles: Tosia (Available Profiles: boinc_master & Tosia)
Platform: Windows 7 Home Premium (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lavasoft Limited) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sunbelt Software) C:\Program Files (x86)\Ad-Aware Antivirus\Engine\SBAMSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(TFuns LIMITED) C:\ProgramData\BWdMB\WdMan.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSpt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Spotify Ltd) C:\Users\Tosia\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(Lavasoft Limited) C:\Program Files (x86)\Ad-Aware Antivirus\AdAware.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] = & gt; C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] = & gt; C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [IntelWireless] = & gt; C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-05] (Intel(R) Corporation)
HKLM\...\Run: [SBRegRebootCleaner] = & gt; C:\Program Files (x86)\Ad-Aware Antivirus\Engine\SBRC.exe [197968 2011-05-17] (Sunbelt Software)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] = & gt; C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [198032 2011-10-21] (Lavasoft)
HKLM-x32\...\Run: [Ad-Aware Antivirus] = & gt; " C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher " --windows-run
HKLM-x32\...\Run: [AvastUI.exe] = & gt; C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-09-10] (AVAST Software)
HKLM-x32\...\Run: [DivXMediaServer] = & gt; C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] = & gt; C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2772337779-43038806-917675976-1005\...\Run: [Spotify Web Helper] = & gt; C:\Users\Tosia\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2345584 2015-12-10] (Spotify Ltd)
HKU\S-1-5-21-2772337779-43038806-917675976-1005\...\Run: [Spotify] = & gt; C:\Users\Tosia\AppData\Roaming\Spotify\Spotify.exe [8270448 2015-12-10] (Spotify Ltd)
HKU\S-1-5-21-2772337779-43038806-917675976-1005\...\MountPoints2: D - D:\Startme.exe
HKU\S-1-5-21-2772337779-43038806-917675976-1005\...\MountPoints2: {d7c8d9a8-1d43-11e1-ad5c-5442496e397b} - D:\LaunchU3.exe -a
HKU\S-1-5-21-2772337779-43038806-917675976-1005\...\MountPoints2: {e32362fc-1fe5-11e1-bd39-5442496e397b} - G:\setup.exe
ShellIconOverlayIdentifiers: [00avast] - & gt; {472083B0-C522-11CF-8763-00608CC02F24} = & gt; C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-09-10] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 62.179.1.62 62.179.1.63
Tcpip\..\Interfaces\{CCC8C88D-A422-4FA0-ACCA-01CE35144DA7}: [DhcpNameServer] 62.179.1.62 62.179.1.63
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2772337779-43038806-917675976-1005\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
SearchScopes: HKLM - & gt; DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds & ts=1450077958 & z=759d5883dd590b34ca1540dg4z5w4e9ecmbm9t2w4m & from=wpm07173 & uid=HitachiXHTS545050B9SA00_100717PBN475B7E56ANLX & q={searchTerms}
SearchScopes: HKLM - & gt; {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds & ts=1450077958 & z=759d5883dd590b34ca1540dg4z5w4e9ecmbm9t2w4m & from=wpm07173 & uid=HitachiXHTS545050B9SA00_100717PBN475B7E56ANLX & q={searchTerms}
SearchScopes: HKLM - & gt; {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7 & q={searchTerms} & rls=com.microsoft:{language}:{referrer:source?} & ie={inputEncoding} & oe={outputEncoding} & rlz=1I7SNNT
SearchScopes: HKLM-x32 - & gt; {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7 & q={searchTerms} & rls=com.microsoft:{language}:{referrer:source?} & ie={inputEncoding} & oe={outputEncoding} & rlz=1I7SNNT
SearchScopes: HKU\S-1-5-21-2772337779-43038806-917675976-1005 - & gt; {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7 & q={searchTerms} & rls=com.microsoft:{language}:{referrer:source?} & ie={inputEncoding} & oe={outputEncoding} & rlz=1I7SNNT_enPL450PL450
BHO: avast! Online Security - & gt; {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - & gt; C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-10] (AVAST Software)
BHO-x32: No Name - & gt; {5C255C8A-E604-49b4-9D64-90988571CECB} - & gt; No File
BHO-x32: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-06] (Oracle Corporation)
BHO-x32: avast! Online Security - & gt; {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - & gt; C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-10] (AVAST Software)
BHO-x32: Windows Live Sign-in Helper - & gt; {9030D464-4C02-4ABF-8ECC-5164760863C6} - & gt; C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-06] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKU\S-1-5-21-2772337779-43038806-917675976-1005 - & gt; No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-17] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-17] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2013-03-02] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2013-03-02] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2013-03-02] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2013-03-02] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Tosia\AppData\Roaming\Mozilla\Firefox\Profiles\fmoucp14.default
FF DefaultSearchEngine: yoursites123
FF Homepage: www.google.pl
FF Plugin: @adobe.com/FlashPlayer - & gt; C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - & gt; C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2012-04-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/GENUINE - & gt; disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - & gt; c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - & gt; C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2012-04-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - & gt; C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - & gt; C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - & gt; C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - & gt; C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2012-04-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - & gt; C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - & gt; C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 - & gt; C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 - & gt; C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - & gt; disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - & gt; c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - & gt; C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-17] (Microsoft Corporation)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - & gt; C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2013-02-14] (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - & gt; C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - & gt; C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - & gt; C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2012-04-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader - & gt; C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2772337779-43038806-917675976-1005: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - & gt; C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2012-04-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2772337779-43038806-917675976-1005: @octoshape.com/Octoshape Streaming Services,version=1.0 - & gt; C:\Users\Tosia\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll [2011-03-23] (Octoshape ApS)
FF Plugin HKU\S-1-5-21-2772337779-43038806-917675976-1005: @unity3d.com/UnityPlayer,version=1.0 - & gt; C:\Users\Tosia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2012-04-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-12-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-12-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-12-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-12-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-12-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Tosia\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2014-05-08] (Octoshape ApS)
FF SearchPlugin: C:\Users\Tosia\AppData\Roaming\Mozilla\Firefox\Profiles\fmoucp14.default\searchplugins\yoursites123.xml [2015-12-14]
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-09-10] [not signed]
FF Extension: Greasemonkey - C:\Users\Tosia\AppData\Roaming\Mozilla\Firefox\Profiles\fmoucp14.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-11-24]
FF Extension: WOT - C:\Users\Tosia\AppData\Roaming\Mozilla\Firefox\Profiles\fmoucp14.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-10]
FF Extension: No Name - C:\Users\Tosia\AppData\Roaming\Mozilla\Firefox\Profiles\fmoucp14.default\Extensions\jid0-GaZOxvWNYcafEsmayJDIG3XXVi8@jetpack.xpi [2015-09-17] [not signed]
FF Extension: sidebar - C:\Users\Tosia\AppData\Roaming\Mozilla\Firefox\Profiles\fmoucp14.default\Extensions\sidebarff@gmail.com [2015-11-07] [not signed]
FF Extension: Adblock Plus - C:\Users\Tosia\AppData\Roaming\Mozilla\Firefox\Profiles\fmoucp14.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sidebarff@gmail.com] - C:\Users\Tosia\AppData\Roaming\Mozilla\Firefox\Profiles\fmoucp14.default\extensions\sidebarff@gmail.com
Chrome:
=======
CHR Profile: C:\Users\Tosia\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-09-10]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Ad-Aware Service; C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [1161072 2012-03-29] (Lavasoft Limited)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-10] (AVAST Software)
S2 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
U2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [252416 2010-05-25] (Sony Corporation) [File not signed]
R2 SBAMSvc; C:\Program Files (x86)\Ad-Aware Antivirus\Engine\SBAMSvc.exe [2804280 2011-05-17] (Sunbelt Software)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
S3 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [851824 2010-06-17] (Sony Corporation)
S3 VUAgent; C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [1250160 2010-06-01] (Sony Corporation)
R2 WdMan; C:\ProgramData\BWdMB\WdMan.exe [333312 2015-12-04] (TFuns LIMITED) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-10] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-10] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-10] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-10] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-09-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-09-10] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-09-10] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-10] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-12-09] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 sbapifs; C:\Windows\System32\DRIVERS\sbapifs.sys [72280 2011-05-11] (Sunbelt Software)
R1 SbFw; C:\Windows\System32\drivers\SbFw.sys [253528 2011-04-05] (Sunbelt Software, Inc.)
S3 SBFWIMCL; C:\Windows\System32\DRIVERS\sbfwim.sys [84568 2011-02-08] (Sunbelt Software, Inc.)
R3 SBFWIMCLMP; C:\Windows\System32\DRIVERS\SBFWIM.sys [84568 2011-02-08] (Sunbelt Software, Inc.)
S3 sbhips; C:\Windows\System32\drivers\sbhips.sys [60504 2011-04-05] (Sunbelt Software, Inc.)
R1 SBRE; C:\Windows\system32\drivers\SBREdrv.sys [55384 2011-04-29] (Sunbelt Software)
R1 SBRE; C:\Windows\SysWOW64\drivers\SBREdrv.sys [101720 2011-04-29] (Sunbelt Software)
R1 SbTis; C:\Windows\System32\drivers\sbtis.sys [94296 2011-04-05] (Sunbelt Software, Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [File not signed]
U2 MSSQL$DDNI; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-14 09:29 - 2015-12-14 09:33 - 00021142 _____ C:\Users\Tosia\Downloads\FRST.txt
2015-12-14 09:29 - 2015-12-14 09:29 - 00000000 ____D C:\FRST
2015-12-14 09:28 - 2015-12-14 09:28 - 02369536 _____ (Farbar) C:\Users\Tosia\Downloads\FRST64.exe
2015-12-14 09:20 - 2015-12-14 09:20 - 00013954 _____ C:\Users\Tosia\Desktop\AdwCleaner[C1].txt
2015-12-14 09:07 - 2015-12-14 09:13 - 00000000 ____D C:\AdwCleaner
2015-12-14 09:05 - 2015-12-14 09:05 - 01740288 _____ C:\Users\Tosia\Downloads\adwcleaner_5.025.exe
2015-12-14 08:28 - 2015-12-14 08:29 - 00000000 ____D C:\ProgramData\BWdMB
2015-12-14 08:28 - 2015-12-14 08:28 - 00000001 _____ C:\Windows\SysWOW64\us.html
2015-12-14 08:24 - 2015-12-14 08:27 - 00000000 ____D C:\ProgramData\rWdMr
2015-12-12 17:03 - 2015-12-12 17:04 - 00076312 _____ C:\Users\Tosia\Downloads\bilet_21932098.pdf
2015-12-06 10:33 - 2015-12-06 10:33 - 00000000 ____D C:\Users\Tosia\AppData\Roaming\Sun
2015-12-06 10:33 - 2015-12-06 10:33 - 00000000 ____D C:\Users\Tosia\.oracle_jre_usage
2015-12-06 10:26 - 2015-12-06 10:26 - 00003234 _____ C:\Windows\System32\Tasks\{D7798F18-7EDB-4218-B81F-8240AA18234D}
2015-12-05 07:41 - 2015-12-05 09:22 - 00000000 ____D C:\Users\Tosia\Desktop\zdjecia z pena
2015-12-05 07:36 - 2015-12-05 07:38 - 00000000 ____D C:\98cd85262ee69aca3b
2015-12-03 18:03 - 2015-12-03 18:03 - 00000000 ____D C:\Users\Tosia\Downloads\Creedence Clearwater Revival_
2015-11-26 19:07 - 2015-11-26 19:07 - 00834280 _____ C:\Windows\Minidump\112615-18860-01.dmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-14 09:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-14 09:27 - 2009-07-14 05:45 - 00013872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-14 09:27 - 2009-07-14 05:45 - 00013872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-14 09:23 - 2009-07-14 06:13 - 00726316 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-14 09:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-14 09:20 - 2014-11-22 10:51 - 00000000 ____D C:\Users\Tosia\AppData\Roaming\Spotify
2015-12-14 09:18 - 2014-11-22 10:52 - 00000000 ____D C:\Users\Tosia\AppData\Local\Spotify
2015-12-14 09:17 - 2012-04-04 14:05 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-14 09:16 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-14 09:13 - 2014-05-25 20:26 - 00001017 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-14 09:13 - 2014-05-25 20:26 - 00001005 _____ C:\Users\Public\Desktop\do nagrania na kom (7).lnk
2015-12-14 09:13 - 2011-09-17 16:18 - 00001128 _____ C:\Users\Tosia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-14 09:07 - 2013-01-09 11:37 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-14 08:58 - 2012-04-04 14:05 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-13 20:05 - 2011-09-17 16:21 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9AAEBB15-A197-4221-BCDA-3BC8295C99F4}
2015-12-13 12:00 - 2012-04-19 15:43 - 00000944 _____ C:\Windows\Tasks\Ad-Aware Antivirus Scheduled Scan.job
2015-12-11 17:13 - 2011-11-26 04:11 - 00000000 ____D C:\Users\Tosia\AppData\Local\CrashDumps
2015-12-11 11:48 - 2012-05-14 13:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-11 11:48 - 2012-05-14 13:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-10 17:06 - 2012-05-14 13:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-10 17:03 - 2013-07-21 02:01 - 00000000 ____D C:\Windows\system32\MRT
2015-12-10 16:50 - 2012-04-24 13:33 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-10 16:36 - 2012-12-11 22:43 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-12-09 20:08 - 2013-01-09 11:37 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-09 20:07 - 2012-06-26 08:13 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 20:07 - 2011-09-21 12:59 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-06 11:56 - 2013-11-15 15:32 - 00000000 ____D C:\ProgramData\Oracle
2015-12-06 10:36 - 2012-06-12 22:19 - 00000000 ____D C:\Program Files (x86)\Java
2015-12-06 10:35 - 2013-11-15 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-06 10:33 - 2011-09-17 16:12 - 00000000 ____D C:\Users\Tosia
2015-12-06 10:32 - 2015-05-30 17:49 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-12-06 10:32 - 2014-07-26 17:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-12-06 10:12 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-12-04 16:52 - 2012-04-04 14:05 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 16:52 - 2012-04-04 14:05 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-26 19:07 - 2015-09-05 17:05 - 642148162 _____ C:\Windows\MEMORY.DMP
2015-11-26 19:07 - 2014-05-18 10:37 - 00000000 ____D C:\Windows\Minidump
==================== Files in the root of some directories =======
2011-10-18 22:01 - 2014-05-21 19:35 - 0033280 _____ () C:\Users\Tosia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-23 19:22 - 2015-03-25 14:26 - 0005914 _____ () C:\Users\Tosia\AppData\Local\unins000.dat
2015-03-25 14:26 - 2015-03-25 14:26 - 0707744 _____ () C:\Users\Tosia\AppData\Local\unins000.exe
2014-04-23 19:23 - 2015-03-25 14:26 - 0011761 _____ () C:\Users\Tosia\AppData\Local\unins000.msg
2011-10-16 12:56 - 2011-10-16 12:56 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2012-02-28 11:21 - 2012-07-10 18:51 - 0011896 _____ () C:\ProgramData\hpzinstall.log
Some files in TEMP:
====================
C:\Users\Tosia\AppData\Local\Temp\01509a44-db52-4524-8d60-0b37547260ef.dll
C:\Users\Tosia\AppData\Local\Temp\01c59033-6320-41f5-b347-868835570b24.dll
C:\Users\Tosia\AppData\Local\Temp\03f107fd-814d-42a2-b50a-d45aed951875.dll
C:\Users\Tosia\AppData\Local\Temp\0498206d-3674-4075-8fa9-912e1dcd7760.dll
C:\Users\Tosia\AppData\Local\Temp\0512b9f9-5c18-45ad-bbd9-d0845a98fb38.dll
C:\Users\Tosia\AppData\Local\Temp\06e3046e-0c16-407c-953e-b4d3db650180.dll
C:\Users\Tosia\AppData\Local\Temp\0ba0c9d8-dd1e-4f74-b585-8d255096e00e.dll
C:\Users\Tosia\AppData\Local\Temp\0c615241-095c-4d5d-9fa1-1ac13915f558.dll
C:\Users\Tosia\AppData\Local\Temp\0ce7eba0-4536-4d3a-bc75-452a9ab9e597.dll
C:\Users\Tosia\AppData\Local\Temp\0d543aac-eb64-492f-a383-2c61e9c17fe1.dll
C:\Users\Tosia\AppData\Local\Temp\0e30373f-3979-454c-985a-13cf8ed74127.dll
C:\Users\Tosia\AppData\Local\Temp\10e80a37-ee4b-465d-86be-a80e7c0e219d.dll
C:\Users\Tosia\AppData\Local\Temp\10fa4fb3-c3d5-48a5-9ee9-c7c4be5b4f3b.dll
C:\Users\Tosia\AppData\Local\Temp\111e4bf6-5a92-456d-9836-1349bd1843f4.dll
C:\Users\Tosia\AppData\Local\Temp\13520a3c-20b3-427c-8bbd-0e85f7ff12cb.dll
C:\Users\Tosia\AppData\Local\Temp\184e8a02-c1e4-439c-ba7d-92b8c9052da0.dll
C:\Users\Tosia\AppData\Local\Temp\19319d60-4dd7-4287-9fc5-dcb91bfffc90.dll
C:\Users\Tosia\AppData\Local\Temp\1dc4e797-eae0-4151-bde9-f3a071eb7536.dll
C:\Users\Tosia\AppData\Local\Temp\1fd7f38d-0c17-432a-a19c-5776472d289e.dll
C:\Users\Tosia\AppData\Local\Temp\1feb8146-23c9-40a9-a639-a204bd418b19.dll
C:\Users\Tosia\AppData\Local\Temp\208cf3e0-8868-4452-8b97-b0c31ecb5ee0.dll
C:\Users\Tosia\AppData\Local\Temp\20d88b3e-acee-40b6-b876-bdd3e6423e64.dll
C:\Users\Tosia\AppData\Local\Temp\21e59144-bb93-4313-ad49-4d52ee48991b.dll
C:\Users\Tosia\AppData\Local\Temp\2200ec27-5f7a-4fe4-af63-8063a490e149.dll
C:\Users\Tosia\AppData\Local\Temp\22ca43d0-3552-4940-bb47-db6d8b598934.dll
C:\Users\Tosia\AppData\Local\Temp\24058f07-76e5-43d8-815a-b57d03c44c7a.dll
C:\Users\Tosia\AppData\Local\Temp\2702744a-74b1-467a-ac65-9baaad7049de.dll
C:\Users\Tosia\AppData\Local\Temp\28a967fd-9146-4bb1-955a-5098e6fb500b.dll
C:\Users\Tosia\AppData\Local\Temp\28ca1db6-1de9-4e92-b012-b0649a1d80a4.dll
C:\Users\Tosia\AppData\Local\Temp\2ab9e852-464d-498a-801d-7b79f750ef95.dll
C:\Users\Tosia\AppData\Local\Temp\320d55e3-54c6-4193-81d7-853092fd4095.dll
C:\Users\Tosia\AppData\Local\Temp\34499bed-3b1f-4e1c-b123-5af33e0e42c1.dll
C:\Users\Tosia\AppData\Local\Temp\35ae2421-0130-4ed3-bb2d-8dcff77f11d5.dll
C:\Users\Tosia\AppData\Local\Temp\35f8d6b2-52ef-4553-9e91-1c96b057c830.dll
C:\Users\Tosia\AppData\Local\Temp\3908dced-f7c3-411a-9005-0bda5207e2f5.dll
C:\Users\Tosia\AppData\Local\Temp\3adb601f-2c15-4cbe-aabc-d85243882468.dll
C:\Users\Tosia\AppData\Local\Temp\3cc0e5b8-2455-4119-8acc-fd55e22f4325.dll
C:\Users\Tosia\AppData\Local\Temp\3dd7c154-be58-4700-80aa-85c27abb7dbf.dll
C:\Users\Tosia\AppData\Local\Temp\3e3610c1-adf7-4154-a46a-4eb56f0c2eab.dll
C:\Users\Tosia\AppData\Local\Temp\41cb1a07-0489-43a2-8ac5-6073b9a13856.dll
C:\Users\Tosia\AppData\Local\Temp\422b6c32-db53-4ebf-a9e8-66f8a316d721.dll
C:\Users\Tosia\AppData\Local\Temp\4235d360-b148-4de5-b05a-ef74889d0cb7.dll
C:\Users\Tosia\AppData\Local\Temp\43ae5c82-0662-4ba3-9021-1fbbef132fea.dll
C:\Users\Tosia\AppData\Local\Temp\4455da5c-eae8-401c-94a1-c6f29628ca43.dll
C:\Users\Tosia\AppData\Local\Temp\45639db8-1398-40df-b56e-b47bb00717c9.dll
C:\Users\Tosia\AppData\Local\Temp\498d22d3-4c8a-4385-8316-f6dd5d7d8ca6.dll
C:\Users\Tosia\AppData\Local\Temp\4c1b2284-2aa5-424c-87c4-3faeb59d69e5.dll
C:\Users\Tosia\AppData\Local\Temp\4d5173ff-b026-437e-9b83-b184291b4750.dll
C:\Users\Tosia\AppData\Local\Temp\515cd38f-bf1a-4323-b0d6-8b16d3d2ecf7.dll
C:\Users\Tosia\AppData\Local\Temp\51c6c916-c85c-4fa1-bd17-dcc9645a8a52.dll
C:\Users\Tosia\AppData\Local\Temp\52ac1ad4-9760-4ebf-b3ce-0008b6cf1775.dll
C:\Users\Tosia\AppData\Local\Temp\530680be-16c9-4a7f-849a-b6206b155edf.dll
C:\Users\Tosia\AppData\Local\Temp\532771ef-b625-4ffd-acb0-7c5c00ffb9ae.dll
C:\Users\Tosia\AppData\Local\Temp\53c6b737-ed68-4a7b-be5d-3bddf5263d0d.dll
C:\Users\Tosia\AppData\Local\Temp\555470a5-a871-43d0-a8e3-99b88121f905.dll
C:\Users\Tosia\AppData\Local\Temp\5aecaf96-f815-4796-94c7-b6dad55d4310.dll
C:\Users\Tosia\AppData\Local\Temp\5be62adc-d4b0-494d-af7b-203dbda076d0.dll
C:\Users\Tosia\AppData\Local\Temp\5ce84ea4-5e0f-435e-998a-b521d0e314b5.dll
C:\Users\Tosia\AppData\Local\Temp\5faf32e0-984a-4ab8-9cf3-79bbacb4473f.dll
C:\Users\Tosia\AppData\Local\Temp\66416745-8903-4fa3-b71c-0a47b8048215.dll
C:\Users\Tosia\AppData\Local\Temp\66bae83e-1abb-4806-8d49-b09c9aa474ed.dll
C:\Users\Tosia\AppData\Local\Temp\6709ad98-ea08-4f43-9933-8d97a7033bbf.dll
C:\Users\Tosia\AppData\Local\Temp\6934e40a-e1bf-4fff-bf9e-771a1888f80e.dll
C:\Users\Tosia\AppData\Local\Temp\69d7ac20-220b-44f2-8e7c-472900d57d3c.dll
C:\Users\Tosia\AppData\Local\Temp\6ae011ed-d587-43e4-8370-d60da635a5cf.dll
C:\Users\Tosia\AppData\Local\Temp\6d875662-5fb0-4a45-b695-e026536856ee.dll
C:\Users\Tosia\AppData\Local\Temp\6ea94eb9-9f67-405e-997f-c8a5b2515e86.dll
C:\Users\Tosia\AppData\Local\Temp\7040ed40-b0fa-42c7-a300-7910133f7852.dll
C:\Users\Tosia\AppData\Local\Temp\72451de2-fe5e-46a5-8d6d-6c95059dc4c4.dll
C:\Users\Tosia\AppData\Local\Temp\738b66e2-b933-4104-9f35-c2347d35647e.dll
C:\Users\Tosia\AppData\Local\Temp\744bd18a-dc74-4922-806e-d1269a8b1188.dll
C:\Users\Tosia\AppData\Local\Temp\7909a3df-f57a-4aa1-8509-2fc0410391a2.dll
C:\Users\Tosia\AppData\Local\Temp\7c1fbddf-be5f-42cc-a95e-8687fe4721a3.dll
C:\Users\Tosia\AppData\Local\Temp\7e6a11be-960b-437f-9ec8-268a0b92b15e.dll
C:\Users\Tosia\AppData\Local\Temp\7ea70ff4-389f-4cba-aa2f-6080f89975bd.dll
C:\Users\Tosia\AppData\Local\Temp\7f5298e7-d7b4-4967-9b39-a477c5af5140.dll
C:\Users\Tosia\AppData\Local\Temp\84b4f646-15d3-4c3a-a101-cc17eb30adad.dll
C:\Users\Tosia\AppData\Local\Temp\8765dc10-6c2f-4a67-a7da-29957cec1866.dll
C:\Users\Tosia\AppData\Local\Temp\893bf097-9865-4a3a-844d-5acc322819db.dll
C:\Users\Tosia\AppData\Local\Temp\8c5014df-5848-4db3-8981-5ce4b2a03ee9.dll
C:\Users\Tosia\AppData\Local\Temp\8ca54bf0-e2c7-4cc6-98ba-a06972ff3583.dll
C:\Users\Tosia\AppData\Local\Temp\8f2dc213-1dd0-441a-a7d4-79faaa4bc51a.dll
C:\Users\Tosia\AppData\Local\Temp\8f835ebb-378d-4e51-aa47-a05499ad828e.dll
C:\Users\Tosia\AppData\Local\Temp\980158d3-caba-4843-9cf1-3a75c39121e6.dll
C:\Users\Tosia\AppData\Local\Temp\981f391f-c201-41d8-ac00-353e5471102e.dll
C:\Users\Tosia\AppData\Local\Temp\98e00817-3b6e-48b8-a01f-8db159551402.dll
C:\Users\Tosia\AppData\Local\Temp\99adb935-a4f4-4967-a3c0-557c55343471.dll
C:\Users\Tosia\AppData\Local\Temp\9f34bf69-a46c-48a0-8483-d81447374128.dll
C:\Users\Tosia\AppData\Local\Temp\9f7c7a0d-f1ef-4109-827b-dbdecae57e77.dll
C:\Users\Tosia\AppData\Local\Temp\9fbce130-73d3-4b59-b310-ca80a01d9a81.dll
C:\Users\Tosia\AppData\Local\Temp\9fc6e91f-cbcc-40d6-8bb1-2d2635b510e5.dll
C:\Users\Tosia\AppData\Local\Temp\9fc963fd-50af-4314-a460-467365cd9daf.dll
C:\Users\Tosia\AppData\Local\Temp\a151a614-c535-428d-9668-dd553a212ffd.dll
C:\Users\Tosia\AppData\Local\Temp\a2d1c847-9fc0-4e22-97e4-77729a9bd35b.dll
C:\Users\Tosia\AppData\Local\Temp\a3131227-566b-43d0-8d69-b0d5e01c385d.dll
C:\Users\Tosia\AppData\Local\Temp\a53ac3c1-b1e9-4538-8acf-eea60913c410.dll
C:\Users\Tosia\AppData\Local\Temp\a768355d-cbf8-4f67-991a-209a828e189f.dll
C:\Users\Tosia\AppData\Local\Temp\a7e0d08a-d78f-43f4-9955-828072b342b2.dll
C:\Users\Tosia\AppData\Local\Temp\a8918148-4328-43ed-be75-8432551aa523.dll
C:\Users\Tosia\AppData\Local\Temp\a8c9e225-96ec-4baf-a537-dd35856a2640.dll
C:\Users\Tosia\AppData\Local\Temp\aafa8cc7-aee2-42b0-8ba0-25c8179cd051.dll
C:\Users\Tosia\AppData\Local\Temp\ab8c88f7-8290-46c7-b134-77b9f06417e0.dll
C:\Users\Tosia\AppData\Local\Temp\ae6440be-212e-4e28-9994-7f266019fe12.dll
C:\Users\Tosia\AppData\Local\Temp\aeb3a7b5-b4f3-4c25-9ae3-15db272aa2eb.dll
C:\Users\Tosia\AppData\Local\Temp\af3a81aa-7c15-4751-a5a7-18aed755f747.dll
C:\Users\Tosia\AppData\Local\Temp\b2321119-dcbe-445f-9d64-945e6513a933.dll
C:\Users\Tosia\AppData\Local\Temp\b48df0ef-42c4-4cf8-8886-eaee3340b6f7.dll
C:\Users\Tosia\AppData\Local\Temp\b5485193-1be8-40c7-9382-5de0de5ed43d.dll
C:\Users\Tosia\AppData\Local\Temp\b71939db-a8d0-4636-be52-ff93e9057078.dll
C:\Users\Tosia\AppData\Local\Temp\b721f630-e7fa-410c-9a85-a8ffdc78f737.dll
C:\Users\Tosia\AppData\Local\Temp\b766e54a-85c3-42de-a808-60d31515c589.dll
C:\Users\Tosia\AppData\Local\Temp\b8de042f-2304-4c85-848c-d6096f7e7a33.dll
C:\Users\Tosia\AppData\Local\Temp\badf0228-be43-4b5b-8ad7-ee5b186c1708.dll
C:\Users\Tosia\AppData\Local\Temp\bbf54960-753f-4ac2-81ef-ec1d4fc1f902.dll
C:\Users\Tosia\AppData\Local\Temp\beab597d-164f-4cd6-a513-a1fa84f97dc7.dll
C:\Users\Tosia\AppData\Local\Temp\c0e2dfa7-f638-416a-979d-c9b9e82c1990.dll
C:\Users\Tosia\AppData\Local\Temp\c347efb8-cf6a-4c50-b857-d7dff5a75a8b.dll
C:\Users\Tosia\AppData\Local\Temp\c4f8c37d-fbfc-4b30-af04-f13d4c0b946e.dll
C:\Users\Tosia\AppData\Local\Temp\c66da6ad-521e-4d63-85f1-0ed65c89de5c.dll
C:\Users\Tosia\AppData\Local\Temp\c6781fa6-39e4-49db-8c17-67b36cd5c564.dll
C:\Users\Tosia\AppData\Local\Temp\c6966212-2945-4eb0-ba70-9a5693ae4f52.dll
C:\Users\Tosia\AppData\Local\Temp\c9a5548b-ae56-4c26-a6a7-e87cdca5c29a.dll
C:\Users\Tosia\AppData\Local\Temp\c9f46165-a28a-4291-b08b-6838896a7555.dll
C:\Users\Tosia\AppData\Local\Temp\cb66e526-084c-4b25-9021-54e036a4f3e2.dll
C:\Users\Tosia\AppData\Local\Temp\cd3d66bf-ba98-44ed-9687-4b6981e4160c.dll
C:\Users\Tosia\AppData\Local\Temp\cf92a51d-5843-44a2-bab3-43ef7b4fae6c.dll
C:\Users\Tosia\AppData\Local\Temp\d3703a5e-a634-44a4-a1f4-6066344796bc.dll
C:\Users\Tosia\AppData\Local\Temp\d3ed8d8c-876f-468c-bc18-72d62ef4421f.dll
C:\Users\Tosia\AppData\Local\Temp\d3f96a43-66fa-461c-a388-d121a7673cd2.dll
C:\Users\Tosia\AppData\Local\Temp\d528889d-f80c-428f-8112-cd492e3c0e15.dll
C:\Users\Tosia\AppData\Local\Temp\d5a4bc18-c664-4f96-8503-0fafdadfa995.dll
C:\Users\Tosia\AppData\Local\Temp\d655e7e6-3d74-4c75-a399-9607bd950f5d.dll
C:\Users\Tosia\AppData\Local\Temp\d6bfea08-d631-47d8-9ff1-f169926f8d3a.dll
C:\Users\Tosia\AppData\Local\Temp\d74029d4-f6e0-4197-83c1-d9d9a35327e4.dll
C:\Users\Tosia\AppData\Local\Temp\d8d12d9a-59c4-4c65-88d5-514edb92c379.dll
C:\Users\Tosia\AppData\Local\Temp\daf7fd12-e431-4ca9-942a-db5efd50a4d1.dll
C:\Users\Tosia\AppData\Local\Temp\ddd32a0b-5ef3-4cc7-b70f-ce23cffcc974.dll
C:\Users\Tosia\AppData\Local\Temp\df6e575e-0b02-4ce1-8baf-fa176a4dc2b0.dll
C:\Users\Tosia\AppData\Local\Temp\dfc2e509-ace1-4cd3-9b93-dd05fc7375e7.dll
C:\Users\Tosia\AppData\Local\Temp\e260baf4-cfc0-44b2-b978-fb16d93c8eac.dll
C:\Users\Tosia\AppData\Local\Temp\e2a43a05-ebdd-4492-8d53-c7f18b9faacc.dll
C:\Users\Tosia\AppData\Local\Temp\e64c8807-724c-4bf4-a13f-ce69c05b97f3.dll
C:\Users\Tosia\AppData\Local\Temp\e65b9aa5-e353-470d-b2b6-510eea6ab96d.dll
C:\Users\Tosia\AppData\Local\Temp\e9a8adeb-4a15-4c2d-ac5b-9b984117bc4b.dll
C:\Users\Tosia\AppData\Local\Temp\e9c07901-09b2-4682-9c8d-21ff5ebf70ac.dll
C:\Users\Tosia\AppData\Local\Temp\ec6c1e86-1a68-4e01-b493-784e3e10fd51.dll
C:\Users\Tosia\AppData\Local\Temp\ed21fbbe-49f5-4ded-9e9d-8ea6a1f8c820.dll
C:\Users\Tosia\AppData\Local\Temp\ee0ca42f-b5b5-4626-a4e9-69fdde247cf8.dll
C:\Users\Tosia\AppData\Local\Temp\ee2aabe6-eaec-4079-bc91-9912168b7939.dll
C:\Users\Tosia\AppData\Local\Temp\efa15494-bbd3-45e3-9936-018eddeb3036.dll
C:\Users\Tosia\AppData\Local\Temp\efdbb9e7-9ad7-4134-9c37-526263f22ab2.dll
C:\Users\Tosia\AppData\Local\Temp\f41e49b5-8634-46b6-8c64-352cc567f5f7.dll
C:\Users\Tosia\AppData\Local\Temp\f58b6f71-0708-4a40-996c-cac8e3a2b07c.dll
C:\Users\Tosia\AppData\Local\Temp\f67a50e0-6e81-47f4-802a-0b989e181a43.dll
C:\Users\Tosia\AppData\Local\Temp\f745f762-7ec4-4a5c-b23e-be2afebc6999.dll
C:\Users\Tosia\AppData\Local\Temp\fd2b18b2-0f12-41b0-9ecf-78de5334803e.dll
C:\Users\Tosia\AppData\Local\Temp\fe82c858-1542-4bc9-b599-f90733410df4.dll
C:\Users\Tosia\AppData\Local\Temp\fe9de572-732c-4507-b115-d8512d4d144f.dll
C:\Users\Tosia\AppData\Local\Temp\fedf83d3-cb75-4479-adc9-0c9a1bd0cbe5.dll
C:\Users\Tosia\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Tosia\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Tosia\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe = & gt; File is digitally signed
C:\Windows\system32\wininit.exe = & gt; File is digitally signed
C:\Windows\SysWOW64\wininit.exe = & gt; File is digitally signed
C:\Windows\explorer.exe = & gt; File is digitally signed
C:\Windows\SysWOW64\explorer.exe = & gt; File is digitally signed
C:\Windows\system32\svchost.exe = & gt; File is digitally signed
C:\Windows\SysWOW64\svchost.exe = & gt; File is digitally signed
C:\Windows\system32\services.exe = & gt; File is digitally signed
C:\Windows\system32\User32.dll = & gt; File is digitally signed
C:\Windows\SysWOW64\User32.dll = & gt; File is digitally signed
C:\Windows\system32\userinit.exe = & gt; File is digitally signed
C:\Windows\SysWOW64\userinit.exe = & gt; File is digitally signed
C:\Windows\system32\rpcss.dll = & gt; File is digitally signed
C:\Windows\system32\dnsapi.dll = & gt; File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll = & gt; File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys = & gt; File is digitally signed
LastRegBack: 2015-11-25 19:00
==================== End of FRST.txt ============================