Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 02-11-2017 Uruchomiony przez bungar (administrator) KAMIL (11-11-2017 13:55:24) Uruchomiony z C:\Users\bungar\Desktop Załadowane profile: bungar (Dostępne profile: bungar) Platform: Windows 10 Home Wersja 1703 15063.674 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Edge) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (TunnelBear) C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe (Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe (Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe (Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe () C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe (Microsoft Corporation) C:\Windows\vVX1000.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\avgui.exe () C:\Windows\USB Vibration\7906\USB Gamepad.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe (Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe (PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\imstrayicon.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.480.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-03] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-03] (Realtek Semiconductor) HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3777696 2014-01-16] (Dell Inc.) HKLM\...\Run: [VX1000] => C:\Windows\vVX1000.exe [762736 2010-05-20] (Microsoft Corporation) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation) HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-10-31] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [302744 2017-10-20] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [USB Gamepad] => C:\Windows\USB Vibration\7906\USB Gamepad.exe [796784 2008-12-10] () HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-10-31] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567928 2017-11-01] (Dropbox, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe HKU\S-1-5-21-743176339-2179438372-1338448093-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd) HKU\S-1-5-21-743176339-2179438372-1338448093-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4557504 2016-10-06] (Disc Soft Ltd) HKU\S-1-5-21-743176339-2179438372-1338448093-1001\...\MountPoints2: F - "F:\Install.exe" HKU\S-1-5-21-743176339-2179438372-1338448093-1001\...\MountPoints2: {c7ae56e5-a9c9-11e6-8345-b0104163d09a} - "F:\Install.exe" ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{498a8fa3-b675-47d7-9cfc-0b00c8452f63}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{4bab5479-36d1-4cae-a051-99ea076fe767}: [DhcpNameServer] 172.18.11.1 Tcpip\..\Interfaces\{c8de3ade-d033-4b82-89b5-df5a692942bb}: [DhcpNameServer] 81.26.0.10 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-743176339-2179438372-1338448093-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2017-01-06] (Oracle Corporation) BHO-x32: FlashGetBHO -> {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} -> C:\Users\bungar\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll [2012-11-01] (Trend Media Group) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2017-01-06] (Oracle Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\bungar\AppData\Roaming\Mozilla\Firefox\Profiles\hky5ejkv.default-1455975687606 [2017-11-11] FF Extension: (Przelewy24Ext2.3) - C:\Users\bungar\AppData\Roaming\Mozilla\Firefox\Profiles\hky5ejkv.default-1455975687606\Extensions\jid1-AoXeeOB4j7kFdA@jetpack.xpi [2017-11-10] FF Extension: (Safe Browsing Version 4 (temporary add-on)) - C:\Users\bungar\AppData\Roaming\Mozilla\Firefox\Profiles\hky5ejkv.default-1455975687606\Extensions\sbv4-gradual-rollout@mozilla.com.xpi [2017-10-12] FF Extension: (Adblock Plus) - C:\Users\bungar\AppData\Roaming\Mozilla\Firefox\Profiles\hky5ejkv.default-1455975687606\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-11-09] FF Extension: (Greasemonkey) - C:\Users\bungar\AppData\Roaming\Mozilla\Firefox\Profiles\hky5ejkv.default-1455975687606\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2017-10-05] FF Extension: (Fixing the geo timeline) - C:\Users\bungar\AppData\Roaming\Mozilla\Firefox\Profiles\hky5ejkv.default-1455975687606\features\{04171ae7-8c05-4bf4-a529-0b4438779306}\timecop@mozilla.com.xpi [2017-11-10] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll [2017-10-25] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-10-25] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2017-01-06] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2017-01-06] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-08-18] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-743176339-2179438372-1338448093-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\bungar\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-07-14] (Unity Technologies ApS) Chrome: ======= CHR Profile: C:\Users\bungar\AppData\Local\Google\Chrome\User Data\Default [2017-11-11] CHR Extension: (Prezentacje) - C:\Users\bungar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16] CHR Extension: (Dokumenty) - C:\Users\bungar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16] CHR Extension: (Dysk Google) - C:\Users\bungar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-28] CHR Extension: (Link All) - C:\Users\bungar\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbplhdcnpcenkdciibplnkgmiffjfnni [2016-02-28] CHR Extension: (YouTube) - C:\Users\bungar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-28] CHR Extension: (Slinky Elegancki) - C:\Users\bungar\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2016-02-28] CHR Extension: (Adblock Plus) - C:\Users\bungar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-10-05] CHR Extension: (Google Search) - C:\Users\bungar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-28] CHR Extension: (Arkusze) - C:\Users\bungar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-19] CHR Extension: (Dokumenty Google offline) - C:\Users\bungar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-07] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\bungar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-05] CHR Extension: (Gmail) - C:\Users\bungar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-28] CHR Extension: (Chrome Media Router) - C:\Users\bungar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-05] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [282536 2017-10-20] (AVG Technologies CZ, s.r.o.) R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7496672 2017-10-20] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428656 2017-10-31] (AVG Technologies CZ, s.r.o.) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-24] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-24] (Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51016 2017-11-01] (Dropbox, Inc.) R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208760 2017-07-27] (Dell Inc.) R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294584 2017-07-27] (Dell Inc.) R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217464 2017-07-27] (Dell Inc.) R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc.) S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Aviata, Inc.) R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [230248 2017-05-01] (Dell Inc.) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1468608 2016-10-06] (Disc Soft Ltd) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382456 2017-02-16] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation) R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2016-10-24] () R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-03] (Realtek Semiconductor) R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [53208 2017-09-22] (Dell Inc.) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [263264 2017-02-16] (Synaptics Incorporated) R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe [38272 2017-06-13] (TunnelBear) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-23] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 avgbdisk; C:\WINDOWS\system32\drivers\avgbdiska.sys [166624 2017-10-20] (AVG Technologies CZ, s.r.o.) R1 avgbidsdriver; C:\WINDOWS\system32\drivers\avgbidsdrivera.sys [314640 2017-10-20] (AVG Technologies CZ, s.r.o.) R0 avgbidsh; C:\WINDOWS\system32\drivers\avgbidsha.sys [192584 2017-10-20] (AVG Technologies CZ, s.r.o.) R0 avgblog; C:\WINDOWS\system32\drivers\avgbloga.sys [336896 2017-10-20] (AVG Technologies CZ, s.r.o.) R0 avgbuniv; C:\WINDOWS\system32\drivers\avgbuniva.sys [51336 2017-10-20] (AVG Technologies CZ, s.r.o.) S3 avgHwid; C:\WINDOWS\system32\drivers\avgHwid.sys [39424 2017-10-20] (AVG Technologies CZ, s.r.o.) R2 avgMonFlt; C:\WINDOWS\system32\drivers\avgMonFlt.sys [140192 2017-10-20] (AVG Technologies CZ, s.r.o.) R1 avgRdr; C:\WINDOWS\system32\drivers\avgRdr2.sys [102792 2017-10-20] (AVG Technologies CZ, s.r.o.) R0 avgRvrt; C:\WINDOWS\system32\drivers\avgRvrt.sys [76832 2017-10-20] (AVG Technologies CZ, s.r.o.) R1 avgSnx; C:\WINDOWS\system32\drivers\avgSnx.sys [1022288 2017-10-26] (AVG Technologies CZ, s.r.o.) R1 avgSP; C:\WINDOWS\system32\drivers\avgSP.sys [579584 2017-10-20] (AVG Technologies CZ, s.r.o.) R2 avgStm; C:\WINDOWS\system32\drivers\avgStm.sys [193768 2017-10-20] (AVG Technologies CZ, s.r.o.) R0 avgVmm; C:\WINDOWS\system32\drivers\avgVmm.sys [355856 2017-10-20] (AVG Technologies CZ, s.r.o.) R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink) R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32960 2017-06-20] (Dell Inc.) R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32568 2017-06-20] (Dell Computer Corporation) R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-11-13] (Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-11-13] (Disc Soft Ltd) S3 h647906; C:\WINDOWS\System32\drivers\h647906.sys [62576 2008-12-01] (Your Corporation) S3 IT9135BDA; C:\WINDOWS\System32\Drivers\IT9135BDA.sys [165504 2017-10-28] (ITE ) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation) S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [82072 2015-09-23] (McAfee, Inc.) S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (QUALCOMM Incorporated) S3 qcusbwwan; C:\WINDOWS\System32\drivers\qcusbwwan.sys [557112 2017-03-15] (QUALCOMM Incorporated) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [896744 2015-08-13] (Realtek ) S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [412400 2015-10-19] (Realsil Semiconductor Corporation) S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [66136 2017-02-16] (Synaptics Incorporated) R3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2017-06-13] (The OpenVPN Project) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-11-11 13:55 - 2017-11-11 13:56 - 000021910 _____ C:\Users\bungar\Desktop\FRST.txt 2017-11-11 09:45 - 2017-11-11 09:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2017-11-07 09:33 - 2017-11-07 09:34 - 000430716 _____ C:\WINDOWS\Minidump\110717-31562-01.dmp 2017-11-06 09:49 - 2017-11-06 09:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-11-02 22:38 - 2017-11-02 22:38 - 000000000 ____D C:\Program Files (x86)\PlayReady 2017-11-01 21:09 - 2017-11-04 17:14 - 000000000 ____D C:\ProgramData\ipla 2017-11-01 21:09 - 2017-11-04 13:57 - 000000000 ____D C:\Users\bungar\AppData\Roaming\ipla 2017-11-01 21:09 - 2017-11-01 21:09 - 000001022 _____ C:\Users\Public\Desktop\ipla.lnk 2017-11-01 21:09 - 2017-11-01 21:09 - 000000000 ____D C:\ProgramData\RDRM 2017-11-01 21:09 - 2017-11-01 21:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla 2017-11-01 21:09 - 2017-11-01 21:09 - 000000000 ____D C:\Program Files (x86)\ipla 2017-11-01 21:08 - 2017-11-01 21:08 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll 2017-11-01 21:08 - 2017-11-01 21:08 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll 2017-11-01 12:58 - 2017-11-01 12:58 - 000051016 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2017-11-01 12:58 - 2017-11-01 12:58 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2017-11-01 12:58 - 2017-11-01 12:58 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2017-11-01 12:58 - 2017-11-01 12:58 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2017-10-28 09:56 - 2017-10-28 09:56 - 000165504 _____ (ITE ) C:\WINDOWS\system32\Drivers\IT9135BDA.sys 2017-10-24 19:16 - 2017-10-24 19:16 - 000430724 _____ C:\WINDOWS\Minidump\102417-32890-01.dmp 2017-10-20 08:49 - 2017-10-20 08:49 - 000402608 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-11-11 13:55 - 2017-09-10 18:24 - 000000000 ____D C:\FRST 2017-11-11 13:54 - 2017-09-10 18:23 - 002403328 _____ (Farbar) C:\Users\bungar\Desktop\FRST64.exe 2017-11-11 12:52 - 2017-07-23 15:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-11-11 09:59 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps 2017-11-11 09:59 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-11-11 09:45 - 2017-07-23 16:16 - 000003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task 2017-11-11 09:42 - 2017-07-23 16:16 - 000004206 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3E24DBAC-9BE1-4245-8F22-393DA8499A8F} 2017-11-11 09:39 - 2017-07-23 15:50 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-11-11 09:39 - 2015-03-24 13:29 - 000000000 __SHD C:\Users\bungar\IntelGraphicsProfiles 2017-11-10 22:00 - 2017-07-23 16:13 - 003120638 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-11-10 22:00 - 2017-03-20 04:59 - 001471186 _____ C:\WINDOWS\system32\perfh015.dat 2017-11-10 22:00 - 2017-03-20 04:59 - 000353688 _____ C:\WINDOWS\system32\perfc015.dat 2017-11-10 16:36 - 2017-07-23 15:52 - 000000000 ____D C:\Users\bungar 2017-11-10 08:53 - 2017-07-23 16:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-11-10 00:02 - 2017-03-18 12:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2017-11-09 13:05 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\NDF 2017-11-07 09:33 - 2017-10-02 08:41 - 537906993 _____ C:\WINDOWS\MEMORY.DMP 2017-11-07 09:33 - 2017-08-06 11:26 - 000000000 ____D C:\WINDOWS\Minidump 2017-11-06 20:47 - 2017-06-02 08:43 - 000000955 _____ C:\Users\Public\Desktop\AVG.lnk 2017-11-06 09:51 - 2016-10-24 12:44 - 000000000 ____D C:\Program Files (x86)\Dropbox 2017-11-05 20:07 - 2017-07-25 13:12 - 000003358 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-743176339-2179438372-1338448093-1001 2017-11-05 20:07 - 2015-10-18 16:29 - 000002412 _____ C:\Users\bungar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-11-05 20:07 - 2015-10-18 16:29 - 000000000 ___RD C:\Users\bungar\OneDrive 2017-11-05 08:56 - 2017-07-23 16:16 - 000004282 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update 2017-11-02 09:14 - 2016-02-12 13:18 - 000000000 ____D C:\Users\bungar\Desktop\Uczelnia 2017-11-01 21:05 - 2014-11-04 12:59 - 000000000 ____D C:\Users\bungar\AppData\Local\Packages 2017-10-30 09:11 - 2017-07-23 15:44 - 000398088 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-10-29 20:00 - 2017-07-23 16:16 - 000003258 _____ C:\WINDOWS\System32\Tasks\PCDoctorBackgroundMonitorTask-Retry 2017-10-28 15:40 - 2016-11-15 22:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-10-28 15:40 - 2016-03-04 12:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-10-28 14:48 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2017-10-28 09:57 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF 2017-10-28 08:44 - 2017-07-23 16:16 - 000003992 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1415552896 2017-10-28 08:44 - 2017-06-30 08:02 - 000001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2017-10-28 08:44 - 2014-11-09 18:08 - 000000000 ____D C:\Program Files (x86)\Opera 2017-10-26 20:50 - 2017-06-02 08:47 - 001022288 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgsnx.sys 2017-10-25 22:38 - 2017-07-23 16:16 - 000004634 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2017-10-25 22:38 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-10-25 22:38 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Macromed 2017-10-20 08:49 - 2017-06-02 08:47 - 000579584 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys 2017-10-20 08:49 - 2017-06-02 08:47 - 000355856 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys 2017-10-20 08:49 - 2017-06-02 08:47 - 000336896 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbloga.sys 2017-10-20 08:49 - 2017-06-02 08:47 - 000314640 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdrivera.sys 2017-10-20 08:49 - 2017-06-02 08:47 - 000193768 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys 2017-10-20 08:49 - 2017-06-02 08:47 - 000192584 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsha.sys 2017-10-20 08:49 - 2017-06-02 08:47 - 000166624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbdiska.sys 2017-10-20 08:49 - 2017-06-02 08:47 - 000140192 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys 2017-10-20 08:49 - 2017-06-02 08:47 - 000102792 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys 2017-10-20 08:49 - 2017-06-02 08:47 - 000076832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys 2017-10-20 08:49 - 2017-06-02 08:47 - 000051336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniva.sys 2017-10-20 08:49 - 2017-06-02 08:47 - 000039424 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgHwid.sys 2017-10-20 08:49 - 2016-02-06 15:15 - 000000000 ____D C:\ProgramData\Avg 2017-10-18 07:50 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-10-13 18:02 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache 2017-10-13 01:21 - 2017-03-18 22:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-10-13 01:21 - 2017-03-18 22:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-10-12 18:24 - 2017-06-23 21:52 - 000000000 ____D C:\Program Files (x86)\TunnelBear 2017-10-12 07:57 - 2015-09-10 06:55 - 000000000 __RHD C:\Users\Public\AccountPictures ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-03-31 06:55 - 2015-03-31 06:55 - 000000094 _____ () C:\Users\bungar\AppData\Local\fusioncache.dat 2017-07-23 15:49 - 2017-07-23 15:49 - 000000000 ____H () C:\ProgramData\DP45977C.lfl 2014-09-19 10:01 - 2014-09-19 10:02 - 000000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log 2014-09-19 09:57 - 2014-09-19 09:58 - 000000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log 2014-09-19 09:58 - 2014-09-19 10:00 - 000000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log 2014-09-19 10:00 - 2014-09-19 10:01 - 000000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log 2014-09-19 09:56 - 2014-09-19 09:56 - 000000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log Niektóre pliki w TEMP: ==================== 2017-09-21 19:04 - 2017-10-28 09:56 - 000131072 _____ () C:\Users\bungar\AppData\Local\Temp\DevSetup32.dll 2017-09-21 19:04 - 2017-10-28 09:56 - 000131072 _____ () C:\Users\bungar\AppData\Local\Temp\DevSetup64.dll 2017-10-25 15:11 - 2017-10-28 09:56 - 000098304 _____ () C:\Users\bungar\AppData\Local\Temp\DriverInstall32.exe 2017-09-21 19:04 - 2017-10-28 09:56 - 000098304 _____ () C:\Users\bungar\AppData\Local\Temp\DriverInstall64.exe 2017-10-25 15:11 - 2017-10-28 09:56 - 000016384 _____ () C:\Users\bungar\AppData\Local\Temp\KillProcess.exe ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-11-08 19:51 ==================== Koniec FRST.txt ============================