Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 03.05.2018 Uruchomiony przez w (administrator) LAPTOP-87AOFOGT (04-05-2018 01:45:03) Uruchomiony z C:\Users\w\Downloads Załadowane profile: w (Dostępne profile: w) Platform: Windows 10 Home Wersja 1709 16299.309 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igfxCUIService.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (BayHubTech/O2Micro International) C:\Windows\System32\drivers\o2flash.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igfxEM.exe (Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe () C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe (Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdupd.exe (Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe () C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (CyberLink Corp.) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe Brak dostępu do procesu -> ShellExperienceHost.exe (Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe (Spotify Ltd) C:\Users\w\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Facebook) C:\Users\w\AppData\Local\Facebook\Games\FacebookGameroom.exe (CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe (Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe Brak dostępu do procesu -> SearchUI.exe (Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe (Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (GOG.com) C:\ProgramData\GOG.com\Galaxy\temp\desktop-galaxy-updater\GalaxyUpdater.exe (Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe Brak dostępu do procesu -> backgroundTaskHost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.6160\Agent.exe (Microsoft Corporation) C:\Windows\System32\MusNotificationUx.exe (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.112.2.37\OverwolfHelper.exe (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.112.2.37\OverwolfHelper64.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe (Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\0.112.2.37\OverwolfBrowser.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe Brak dostępu do procesu -> PeopleExperienceHost.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (The CefSharp Authors) C:\Users\w\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\0.112.2.37\OverwolfBrowser.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamServiceTmp.exe.old ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16482040 2016-07-01] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1427712 2016-07-01] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1427712 2016-07-01] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1427712 2016-07-01] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-27] (Intel Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-10-04] (COMODO) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-04-14] (AVAST Software) HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (Lenovo(beijing) Limited) HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [628736 2015-06-16] () HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4188736 2017-12-10] (Synaptics Incorporated) HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110008 2015-07-21] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492472 2015-07-21] (CyberLink Corp.) HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2485904 2016-07-23] (Comodo Security Solutions, Inc.) HKLM-x32\...\Run: [Arc] => C:\Program Files (x86)\Arc\ArcLauncher.exe [416376 2018-04-10] (Perfect World Entertainment) HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [144240 2018-02-19] (Check Point Software Technologies Ltd.) HKLM-x32\...\Run: [ZaAntiRansomware] => C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe [4304752 2018-04-23] (Check Point Software Technologies Ltd.) HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3201824 2018-05-02] (Valve Corporation) HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [6410312 2018-04-01] (GOG.com) HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [PhotoMasterImportAgent] => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe [675608 2016-09-22] (CyberLink Corp.) HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3100456 2018-04-04] (Electronic Arts) HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-07-14] (Apple Inc.) HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1092920 2017-02-11] (Apple Inc.) HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-07-14] (Apple Inc.) HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-07-14] (Apple Inc.) HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1208648 2018-04-26] () HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [Innkeeper] => C:\Users\w\AppData\Local\Innkeeper\Update.exe [1888136 2017-01-23] (Innkeeper) HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [Spotify] => C:\Users\w\AppData\Roaming\Spotify\Spotify.exe [22454160 2018-04-01] (Spotify Ltd) HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [Gaijin.Net Agent] => C:\Users\w\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2116168 2018-01-22] (Gaijin Entertainment) HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Blizzard App\Battle.net.exe [1070056 2018-04-25] (Blizzard Entertainment) HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [Spotify Web Helper] => C:\Users\w\AppData\Roaming\Spotify\SpotifyWebHelper.exe [782736 2018-04-01] (Spotify Ltd) HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\MountPoints2: {43f2d813-a6ff-11e7-9c49-a434d951f23d} - "H:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\MountPoints2: {b9d5b559-f62a-11e7-9c5a-a434d951f23d} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\MountPoints2: {f6c3f1ce-e61a-11e6-9c07-a434d951f23d} - "H:\Autorun.exe" Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" Startup: C:\Users\w\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2017-07-05] ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\w\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook) CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{c558577f-8998-4058-b10a-0a841c27b5ea}: [DhcpNameServer] 150.212.1.2 Tcpip\..\Interfaces\{cb4c9ca4-be0d-48e8-a668-2f195eecf157}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <==== UWAGA HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-09-25] (Intel Security) BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-04-20] (Microsoft Corporation) BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-04-26] (McAfee, Inc.) BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-09-25] (Intel Security) BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Arc\Plugins\ArcPluginIE.dll [2018-03-29] (Perfect World Entertainment Inc) BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-04-26] (McAfee, Inc.) Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-09-25] (Intel Security) Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-09-25] (Intel Security) Toolbar: HKU\S-1-5-21-2780740895-2156724078-2569186773-1001 -> True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-09-25] (Intel Security) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-04-26] (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-04-26] (McAfee, Inc.) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-20] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-20] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-20] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-20] (Microsoft Corporation) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-04-26] (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-04-26] (McAfee, Inc.) FireFox: ======== FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-05-04] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-04] (Microsoft Corporation) FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll [2018-03-29] (Perfect World Entertainment Inc) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\w\AppData\Local\Google\Chrome\User Data\Default [2018-05-04] CHR Extension: (Prezentacje) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-04] CHR Extension: (Dokumenty) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-04] CHR Extension: (Dysk Google) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-01] CHR Extension: (YouTube) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-01] CHR Extension: (Avast SafePrice) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-06-10] CHR Extension: (Arkusze) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-04] CHR Extension: (McAfee® WebAdvisor) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-06-10] CHR Extension: (Dokumenty Google offline) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-01] CHR Extension: (Avast Online Security) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-05-04] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-04] CHR Extension: (e-pity - dodatek) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofoeigeaodhbjogdigckajfhjbonaofg [2018-05-04] CHR Extension: (Gmail) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-01] CHR Extension: (Chrome Media Router) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-04] CHR Profile: C:\Users\w\AppData\Local\Google\Chrome\User Data\System Profile [2018-05-04] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [88696 2018-04-10] (Perfect World Entertainment Inc) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7603408 2018-04-14] (AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [313640 2018-04-14] (AVAST Software) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5745672 2018-04-24] () R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [650680 2015-07-29] (Lenovo) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8522416 2018-04-06] (Microsoft Corporation) R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [76952 2016-07-23] (Comodo Security Solutions, Inc.) R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5817256 2016-10-04] (COMODO) S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2271928 2016-10-04] (COMODO) R2 CPEFR; C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe [2498296 2018-04-11] (Check Point Software Technologies Ltd.) R2 CpSbaCipolla; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [35064 2018-03-20] () R2 CpSbaUpdater; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [35064 2018-03-20] () S2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [163328 2016-01-27] () [Brak podpisu cyfrowego] S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-03-10] (EasyAntiCheat Ltd) S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [665160 2018-05-04] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8109640 2018-05-04] (GOG.com) R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-29] (Lenovo) R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2485904 2016-07-23] (Comodo Security Solutions, Inc.) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-15] (NVIDIA Corporation) S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-09-19] (Hi-Rez Studios) [Brak podpisu cyfrowego] R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-27] (Intel Corporation) R2 ibtsiva.exe; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [135408 2015-09-16] (Intel Corporation) R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [68336 2018-03-19] (Lenovo Group Limited) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation) S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Brak podpisu cyfrowego] R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Brak podpisu cyfrowego] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation) S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [271296 2015-07-17] (Lenovo) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6440736 2018-03-03] (Malwarebytes) R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604824 2018-04-26] (McAfee, Inc.) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.427\McCHSvc.exe [329480 2016-10-13] (McAfee, Inc.) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-08-13] () R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation) S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation) R2 O2FLASH; C:\WINDOWS\System32\drivers\o2flash.exe [82096 2015-05-21] (BayHubTech/O2Micro International) R2 O2FLASH; C:\WINDOWS\SysWOW64\drivers\o2flash.exe [82096 2015-05-21] (BayHubTech/O2Micro International) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2158912 2018-04-04] (Electronic Arts) S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3028808 2018-04-04] (Electronic Arts) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1453896 2018-04-26] (Overwolf LTD) S2 PLAY ONLINE. RunOuc; C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe [246112 2016-08-22] () S2 RealSenseDCM; C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseDCM.exe [3663512 2015-10-15] (Intel(R) Corporation) R2 RemediationService; C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe [17656 2018-03-22] (Check Point Software Technologies Ltd.) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [267328 2017-12-10] (Synaptics Incorporated) R2 TESvc; C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe [196344 2018-04-23] (Check Point Software Technologies Ltd.) S2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2018-03-29] (McAfee, Inc.) S2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2018-03-29] (McAfee, Inc.) S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2018-03-29] (McAfee, Inc.) S2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4202320 2018-02-19] (Check Point Software Technologies Ltd.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation) S2 ZAARUpdateService; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe [45936 2018-04-23] () S3 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2018-02-16] (Check Point Software Technologies, Ltd.) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-08-13] (Intel® Corporation) R2 ZoneAlarm ICM Service; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe [1057648 2018-02-19] (Check Point Software Technologies Ltd.) S2 0097361525215770mcinstcleanup; C:\WINDOWS\TEMP\009736~1.EXE -cleanup -nolog [X] R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [196640 2018-04-14] (AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [227504 2018-03-19] (AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199440 2018-03-19] (AVAST Software) R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343752 2018-03-19] (AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57680 2018-03-19] (AVAST Software) R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [227784 2018-04-14] (AVAST Software) S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-04-14] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [147224 2018-04-14] (AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111352 2018-04-14] (AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84368 2018-04-14] (AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026696 2018-04-14] (AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460520 2018-04-14] (AVAST Software) R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [205976 2018-04-14] (AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380528 2018-04-14] (AVAST Software) R1 CFRMD; C:\WINDOWS\System32\DRIVERS\CFRMD.sys [40224 2016-07-01] (Windows (R) Win 7 DDK provider) R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink) R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [40960 2016-09-08] (COMODO) R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [862648 2016-09-08] (COMODO) R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [54336 2016-09-08] (COMODO) R2 cpbak; C:\WINDOWS\System32\DRIVERS\cpbak.sys [61592 2018-04-11] (Check Point Software Technologies Ltd.) R1 CPEPMon; C:\WINDOWS\System32\DRIVERS\CPEPMon.sys [68280 2017-11-29] (Check Point Software Technologies Ltd.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-12-02] (Disc Soft Ltd) S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-12-02] (Disc Soft Ltd) R1 epnetflt; C:\WINDOWS\system32\drivers\epnetflt.sys [117400 2017-12-10] (Check Point Software Technologies) R1 epregflt; C:\WINDOWS\system32\drivers\epregflt.sys [101552 2017-10-23] (Check Point Software Technologies) R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [122120 2015-09-17] (Intel Corporation) R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [138560 2016-06-15] (COMODO) R3 IntelDFUACPI; C:\WINDOWS\System32\drivers\IntelDFUACPI.sys [36352 2015-10-15] (Intel(R) Corporation) R2 ISWKL; C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\Bin\ISWKL.sys [57024 2016-12-08] (Check Point Software Technologies Ltd.) R3 IXCamera; C:\WINDOWS\system32\DRIVERS\RealSenseDCM.sys [72704 2015-10-15] (Intel(R) Corporation) R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.) R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2017-09-29] (Intel Corporation) R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-01-03] (Riverbed Technology, Inc.) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_dc8ffafad3ea7ddd\nvlddmkm.sys [14190520 2017-02-10] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation) R3 O2FJ2RDR; C:\WINDOWS\System32\drivers\O2FJ2x64.sys [201240 2015-05-21] (BayHubTech/O2Micro ) S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [1849752 2017-09-29] (Microsoft Corporation) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-16] (Realtek ) R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [72768 2017-12-10] (Synaptics Incorporated) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [23040 2018-03-14] (Microsoft Corporation) R1 Vsdatant; C:\WINDOWS\System32\drivers\vsdatant.sys [461240 2018-02-19] (Check Point Software Technologies Ltd.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation) S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation) S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) S3 xhunter1; C:\WINDOWS\xhunter1.sys [37344 2017-08-11] (Wellbia.com Co., Ltd.) U3 iswSvc; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-05-04 01:45 - 2018-05-04 01:48 - 000035989 _____ C:\Users\w\Downloads\FRST.txt 2018-05-04 01:23 - 2018-05-04 01:32 - 000005875 _____ C:\Users\w\Downloads\Fixlog.txt 2018-05-04 01:22 - 2018-05-04 01:22 - 000000000 ____D C:\Users\w\Downloads\FRST-OlderVersion 2018-05-04 01:18 - 2018-05-04 01:18 - 000000000 ____D C:\Users\w\AppData\Roaming\Google 2018-05-03 09:16 - 2018-05-03 09:16 - 003757735 _____ C:\Users\w\Downloads\iMetin.exe 2018-05-03 08:39 - 2018-05-03 08:46 - 1401922710 _____ C:\Users\w\Downloads\iMetin.7z 2018-05-02 11:33 - 2018-05-02 11:33 - 000000000 ____D C:\Users\w\Downloads\Divineclassic 2018-05-02 11:33 - 2018-04-17 14:29 - 000000000 ____D C:\kacu_files 2018-05-02 11:32 - 2018-05-02 11:32 - 005877478 _____ C:\Users\w\Downloads\Divineclassic.rar 2018-05-01 05:58 - 2018-05-01 05:58 - 000000000 ____D C:\Users\w\AppData\Local\CrashReportClient 2018-04-29 12:33 - 2018-05-04 01:45 - 000000000 ____D C:\FRST 2018-04-29 12:32 - 2018-05-04 01:22 - 002405376 _____ (Farbar) C:\Users\w\Downloads\FRST64.exe 2018-04-28 13:57 - 2018-04-28 13:57 - 021052379 _____ C:\Users\w\Downloads\Dark Sand OTS.rar 2018-04-28 13:57 - 2018-04-28 13:57 - 000000000 ____D C:\Users\w\Downloads\Dark Sand OTS 2018-04-28 13:55 - 2018-04-28 13:55 - 000000000 _____ C:\Users\w\Desktop\13096649.txt 2018-04-28 09:51 - 2018-04-28 09:51 - 000000000 ____D C:\Users\w\AppData\Roaming\.divineworld 2018-04-28 09:45 - 2018-04-28 09:45 - 000000000 ____D C:\Users\w\Downloads\DivineWorld Classic - Oficjalny Klient Gry 2018-04-28 09:40 - 2018-04-28 09:41 - 859332175 _____ C:\Users\w\Downloads\DivineWorld Classic - Oficjalny Klient Gry.zip 2018-04-23 15:33 - 2018-04-23 15:33 - 000154776 _____ (Check Point Software Technologies) C:\WINDOWS\system32\Drivers\epklib.sys 2018-04-23 14:38 - 2018-04-23 14:38 - 000268257 _____ C:\WINDOWS\system32\Drivers\cposfw.xml 2018-04-22 20:39 - 2018-04-22 20:39 - 000001080 _____ C:\Users\w\Desktop\Tibia.lnk 2018-04-22 20:39 - 2018-04-22 20:39 - 000000000 ____D C:\Users\w\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tibia 2018-04-22 20:38 - 2018-04-22 20:39 - 000000000 ____D C:\Users\w\AppData\Local\Tibia 2018-04-22 20:38 - 2018-04-22 20:38 - 005414120 _____ C:\Users\w\Downloads\Tibia_Setup_Simple.exe 2018-04-20 15:46 - 2018-04-20 15:46 - 000000000 ___HD C:\$AV_ASW 2018-04-18 20:24 - 2018-04-18 20:24 - 000000000 ____D C:\Users\w\AppData\LocalLow\uTorrent 2018-04-17 09:58 - 2018-04-17 09:58 - 000000000 _____ C:\Users\w\Desktop\sensitivity 1.56000.txt 2018-04-15 13:24 - 2018-04-15 14:46 - 001113213 _____ C:\Users\w\Desktop\niemiecki.odp 2018-04-14 16:06 - 2018-04-14 16:06 - 000000000 __SHD C:\82ace7d6-0197-474d-bf4b-a2043e72329b 2018-04-14 08:49 - 2018-04-14 08:49 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys 2018-04-14 08:47 - 2018-04-14 08:47 - 000376536 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2018-04-11 20:25 - 2018-04-11 20:25 - 016719292 _____ C:\Users\w\Downloads\Wojciszke - Psychologia spoleczna (1).pdf 2018-04-11 08:17 - 2018-04-11 08:17 - 000061592 _____ (Check Point Software Technologies Ltd.) C:\WINDOWS\system32\Drivers\cpbak.sys 2018-04-10 11:16 - 2018-04-10 11:16 - 016719292 _____ C:\Users\w\Downloads\Wojciszke - Psychologia spoleczna.pdf 2018-04-10 11:12 - 2018-04-10 11:12 - 000081766 _____ C:\Users\w\Downloads\Psychologia społeczna.pdf 2018-04-10 11:12 - 2018-04-10 11:12 - 000081766 _____ C:\Users\w\Downloads\Psychologia społeczna (1).pdf 2018-04-10 11:11 - 2018-04-10 11:11 - 000077301 _____ C:\Users\w\Downloads\pdf 2018-04-08 23:16 - 2018-04-08 23:16 - 000001339 _____ C:\Users\w\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\McAfee WebAdvisor.lnk 2018-04-07 19:16 - 2018-04-07 19:22 - 1249189651 _____ C:\Users\w\Downloads\Semeria.rar 2018-04-07 08:41 - 2018-04-07 08:42 - 1410331657 _____ C:\Users\w\Downloads\ZamoriaPL.rar 2018-04-07 08:36 - 2018-04-07 17:32 - 000000010 _____ C:\Users\w\Desktop\PINy cibul + buff.txt 2018-04-06 09:38 - 2018-04-06 09:44 - 1052196825 _____ C:\Users\w\Downloads\Anastia.pl.rar 2018-04-04 00:39 - 2018-04-04 00:39 - 000001235 _____ C:\Users\Public\Desktop\True Key.lnk ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-05-04 01:48 - 2016-07-01 23:19 - 001474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat 2018-05-04 01:46 - 2016-07-26 13:03 - 000000000 ____D C:\Program Files (x86)\GalaxyClient 2018-05-04 01:45 - 2017-11-23 02:00 - 000000000 ____D C:\Users\w\AppData\Local\Overwolf 2018-05-04 01:45 - 2016-07-26 00:57 - 000000000 ____D C:\Program Files (x86)\Steam 2018-05-04 01:43 - 2017-06-25 15:13 - 000000000 ____D C:\Users\w\AppData\Local\Battle.net 2018-05-04 01:43 - 2016-11-17 00:51 - 000000000 ____D C:\Users\w\AppData\Local\CrashDumps 2018-05-04 01:42 - 2017-06-25 15:14 - 000000000 ____D C:\Program Files (x86)\Blizzard App 2018-05-04 01:41 - 2017-09-27 01:20 - 000000000 ___RD C:\Users\w\iCloudDrive 2018-05-04 01:41 - 2017-01-16 03:37 - 000000000 ____D C:\Users\w\AppData\Roaming\Spotify 2018-05-04 01:41 - 2016-11-20 12:04 - 000379994 _____ C:\WINDOWS\system32\InstallUtil.InstallLog 2018-05-04 01:40 - 2017-12-10 00:52 - 000004218 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{780BF824-1AE8-4D99-A343-321D6909C87C} 2018-05-04 01:32 - 2016-06-01 15:58 - 000000000 __SHD C:\Users\w\IntelGraphicsProfiles 2018-05-04 01:29 - 2017-12-10 00:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-05-04 01:29 - 2016-10-03 18:48 - 000000000 ____D C:\ProgramData\NVIDIA 2018-05-04 01:29 - 2016-08-16 13:41 - 000000008 __RSH C:\ProgramData\ntuser.pol 2018-05-04 01:27 - 2017-09-29 10:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2018-05-04 01:26 - 2017-12-10 00:29 - 000000000 ____D C:\Users\w 2018-05-04 01:25 - 2016-11-16 16:57 - 000000000 ____D C:\Users\w\AppData\LocalLow\Temp 2018-05-04 01:23 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2018-05-04 01:23 - 2015-07-10 13:04 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2018-05-04 01:20 - 2018-03-25 23:36 - 000000000 ___HD C:\SandBlastBackup 2018-05-04 01:13 - 2017-12-10 00:52 - 000003494 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2018-05-04 01:13 - 2017-12-10 00:52 - 000003378 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2018-05-04 01:13 - 2017-12-10 00:52 - 000003270 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2018-05-04 01:13 - 2017-12-10 00:52 - 000003244 _____ C:\WINDOWS\System32\Tasks\Overwolf Updater Task 2018-05-04 01:13 - 2017-12-10 00:52 - 000003120 _____ C:\WINDOWS\System32\Tasks\klcp_update 2018-05-04 01:13 - 2017-12-10 00:52 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2780740895-2156724078-2569186773-1001 2018-05-04 01:13 - 2017-12-10 00:52 - 000002516 _____ C:\WINDOWS\System32\Tasks\{2085FC0F-AFF3-49AE-B38E-87A226517BBE} 2018-05-04 01:13 - 2017-12-10 00:52 - 000002352 _____ C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} 2018-05-04 01:13 - 2017-12-10 00:52 - 000002212 _____ C:\WINDOWS\System32\Tasks\PDVDServ12 Task 2018-05-04 01:13 - 2017-12-10 00:52 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software 2018-05-04 00:38 - 2017-12-10 00:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-05-03 09:58 - 2017-09-27 00:36 - 000000000 ____D C:\Users\w\AppData\Roaming\FLV and Media Player 2018-05-03 09:29 - 2017-12-31 20:19 - 000000000 ____D C:\Users\w\AppData\Roaming\EasyAntiCheat 2018-05-03 09:23 - 2017-01-16 03:37 - 000000000 ____D C:\Users\w\AppData\Local\Spotify 2018-05-03 08:11 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization 2018-05-02 02:27 - 2017-03-02 19:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2018-05-02 01:01 - 2016-10-04 00:05 - 000000000 ____D C:\Program Files (x86)\McAfee 2018-05-01 22:06 - 2017-11-23 02:05 - 000000000 ____D C:\Program Files (x86)\Overwolf 2018-05-01 02:55 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-04-29 12:04 - 2017-11-15 00:01 - 000000000 ____D C:\Users\w\AppData\Roaming\TS3Client 2018-04-27 21:27 - 2016-07-01 23:00 - 000002314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-04-27 21:27 - 2016-07-01 23:00 - 000002273 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-04-26 20:29 - 2016-06-01 16:01 - 000002406 _____ C:\Users\w\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-04-26 20:29 - 2016-06-01 16:01 - 000000000 ___RD C:\Users\w\OneDrive 2018-04-26 01:18 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps 2018-04-22 20:55 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-04-22 20:46 - 2016-07-01 23:59 - 000000000 ____D C:\WINDOWS\system32\MRT 2018-04-22 20:37 - 2017-10-11 14:32 - 136971704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe 2018-04-22 20:37 - 2016-07-01 23:59 - 136971704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2018-04-21 18:46 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\NDF 2018-04-21 18:32 - 2017-12-31 20:08 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios 2018-04-21 18:32 - 2017-12-10 00:52 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update 2018-04-20 23:05 - 2017-09-29 15:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-04-20 16:40 - 2016-12-07 19:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Narzędzia pakietu Microsoft Office 2016 2018-04-20 16:40 - 2015-12-18 05:04 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2018-04-20 15:46 - 2017-02-24 01:12 - 000000000 ____D C:\Users\w\AppData\Roaming\uTorrent 2018-04-18 19:27 - 2016-12-10 23:43 - 000000000 ____D C:\ProgramData\Origin 2018-04-18 18:54 - 2017-11-26 15:24 - 000000000 ____D C:\Users\w\AppData\Local\Innkeeper 2018-04-18 18:52 - 2017-11-25 14:39 - 000000000 ____D C:\Users\w\AppData\Local\SquirrelTemp 2018-04-16 21:12 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2018-04-16 21:10 - 2016-10-03 23:35 - 000000000 ____D C:\Program Files (x86)\Arc 2018-04-16 16:45 - 2017-12-10 00:30 - 000000000 ____D C:\Users\w\AppData\Local\Packages 2018-04-14 08:49 - 2016-10-04 00:09 - 000147224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2018-04-14 08:47 - 2017-11-22 01:33 - 000196640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys 2018-04-14 08:47 - 2016-10-04 00:09 - 000460520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2018-04-14 08:47 - 2016-10-04 00:09 - 000380528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2018-04-14 08:47 - 2016-10-04 00:09 - 000205976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2018-04-14 08:47 - 2016-10-04 00:09 - 000111352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2018-04-14 08:47 - 2016-10-04 00:09 - 000084368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2018-04-14 08:47 - 2016-10-04 00:09 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2018-04-14 08:46 - 2017-12-17 11:56 - 000227784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys 2018-04-14 08:46 - 2016-10-04 00:09 - 001026696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2018-04-11 02:37 - 2017-12-10 00:52 - 000004646 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2018-04-11 02:37 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2018-04-11 02:37 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Macromed 2018-04-10 21:08 - 2017-06-25 15:39 - 000000000 ____D C:\Program Files (x86)\Hearthstone 2018-04-08 23:15 - 2016-11-25 18:27 - 000000000 ____D C:\Program Files\TrueKey 2018-04-06 16:20 - 2017-12-28 15:16 - 000000000 ____D C:\WINDOWS\Minidump 2018-04-04 00:39 - 2016-11-25 18:40 - 000001249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk 2018-04-04 00:32 - 2016-12-10 23:44 - 000000000 ____D C:\Program Files (x86)\Origin ==================== Pliki w katalogu głównym wybranych folderów ======= 2017-08-23 23:25 - 2017-08-23 23:25 - 000155674 _____ () C:\Users\w\AppData\Roaming\DMGR_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt 2016-08-22 21:58 - 2016-08-22 21:58 - 000000000 _____ () C:\Users\w\AppData\Roaming\fastboot.log 2017-10-29 19:54 - 2017-10-29 19:54 - 000000000 ___SH () C:\Users\w\AppData\Local\LumaEmu ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2018-05-03 13:16 ==================== Koniec FRST.txt ============================