Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 20.06.2018
Uruchomiony przez majed (administrator)  ART (06-07-2018 13:29:19)
Uruchomiony z C:\Users\majed\Downloads
Załadowane profile: majed (Dostępne profile: majed)
Platform: Windows 10 Home Insider Preview Wersja 1709 17074.1002 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Opera)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Monect) C:\Program Files (x86)\PC Remote Receiver\MonectServerService.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
() C:\Program Files (x86)\Trust GXT 155 Gaming Mouse\ETGMSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Monect) C:\Program Files (x86)\PC Remote Receiver\PCRemoteReceiver.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.21365.0_x64__8wekyb3d8bbwe\HxTsr.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(FreeDownloadManager.org) C:\Program Files (x86)\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
(Opera Software) C:\Program Files\Opera\54.0.2952.46\opera.exe
(Opera Software) C:\Program Files\Opera\54.0.2952.46\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\54.0.2952.46\opera.exe
() C:\Program Files (x86)\Trust GXT 155 Gaming Mouse\GXT155mon.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Opera Software) C:\Program Files\Opera\54.0.2952.46\opera.exe
(Opera Software) C:\Program Files\Opera\54.0.2952.46\opera.exe
(Opera Software) C:\Program Files\Opera\54.0.2952.46\opera.exe
(Opera Software) C:\Program Files\Opera\54.0.2952.46\opera.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Opera Software) C:\Program Files\Opera\54.0.2952.46\opera.exe
(Opera Software) C:\Program Files\Opera\54.0.2952.46\opera.exe
(Opera Software) C:\Program Files\Opera\54.0.2952.46\opera.exe
(MacPaw Inc.) C:\Program Files\Encrypto\Encrypto.Service.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Opera Software) C:\Program Files\Opera\54.0.2952.46\opera.exe
(Opera Software) C:\Program Files\Opera\54.0.2952.46\opera.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Opera Software) C:\Program Files\Opera\54.0.2952.46\opera.exe
(Opera Software) C:\Program Files\Opera\54.0.2952.46\opera.exe
(Opera Software) C:\Program Files\Opera\54.0.2952.46\opera.exe

==================== Rejestr (filtrowane) ===========================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [634704 2018-01-17] (Microsoft Corporation)
HKLM\...\Run: [CPM2] => C:\Program Files\COMODO\COMODO Programs Manager\CPM.exe [6904128 2011-09-05] (COMODO Security Solutions)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2208448 2018-03-13] (COMODO)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9228800 2017-06-29] (Realtek Semiconductor)
HKLM-x32\...\Run: [GXT155gmmouseRun] => C:\Program Files (x86)\Trust GXT 155 Gaming Mouse\GXT155mon.exe [3310080 2015-05-29] ()
HKLM-x32\...\Run: [ControlCenterCount] => C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe [872448 2012-03-26] (MSI CO.,LTD.)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1022928 2017-07-28] (MSI)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [26123448 2018-03-21] (Micro-Star INT'L CO., LTD.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-01-17] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-01-17] (Microsoft Corporation)
HKU\S-1-5-21-74436285-1844635664-829085385-1001\...\Run: [Free Download Manager] => C:\Program Files (x86)\FreeDownloadManager.ORG\Free Download Manager\fdm.exe [8358400 2018-04-28] (FreeDownloadManager.org)
HKU\S-1-5-21-74436285-1844635664-829085385-1001\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139872 2018-01-05] (Wargaming.net)
HKU\S-1-5-21-74436285-1844635664-829085385-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-74436285-1844635664-829085385-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [36864 2018-01-17] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\PC Remote Receiver\PCRemoteReceiver.exe [2447360 2018-03-05] (Monect)

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{fe3c8c06-bf20-4e66-a83e-48f5ed340497}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-74436285-1844635664-829085385-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gazeta.pl/0,0.html?p=190
BHO-x32: Brak nazwy -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> Brak pliku

FireFox:
========
FF DefaultProfile: 3klncs2g.default
FF ProfilePath: C:\Users\majed\AppData\Roaming\Mozilla\Firefox\Profiles\3klncs2g.default [2018-07-06]
FF user.js: detected! => C:\Users\majed\AppData\Roaming\Mozilla\Firefox\Profiles\3klncs2g.default\user.js [2018-05-05]
FF Extension: (Tails Download and Verify) - C:\Users\majed\AppData\Roaming\Mozilla\Firefox\Profiles\3klncs2g.default\Extensions\dave@tails.boum.org.xpi [2017-11-19] [Przestarzałe]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [2018-06-08] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-06-08] ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)

==================== Usługi (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11395096 2018-03-13] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2018-03-13] (COMODO)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [383016 2018-05-16] (EasyAntiCheat Ltd)
R2 Encrypto.Service; C:\Program Files\Encrypto\Encrypto.Service.exe [83160 2015-05-18] (MacPaw Inc.)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [888080 2018-03-07] ()
R2 ETGMGlcsSrv; C:\Program Files (x86)\Trust GXT 155 Gaming Mouse\ETGMSrv.exe [1181544 2012-04-24] ()
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel Corporation)
R2 MonectServerService; C:\Program Files (x86)\PC Remote Receiver\MonectServerService.exe [110592 2018-03-05] (Monect) [Brak podpisu cyfrowego]
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2306232 2018-02-05] (Micro-Star INT'L CO., LTD.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [174032 2017-07-28] (MSI)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation)
S2 OctBroker; C:\WINDOWS\system32\OctBroker.exe [136968 2018-01-17] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2201920 2018-06-12] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3072328 2018-06-12] (Electronic Arts)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [183568 2018-03-07] ()
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [888080 2018-03-07] ()
S3 uSHAREitSvc; C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-09-11] (SHAREit Technologies Co.Ltd)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4243616 2018-01-17] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [92456 2018-01-17] (Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe [473824 2017-05-05] (Wondershare)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Sterowniki (filtrowane) ======================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S3 Acx01000; C:\WINDOWS\System32\drivers\Acx01000.sys [165376 2018-01-17] (Microsoft Corporation)
S3 cdrombus; C:\WINDOWS\System32\Drivers\cdrombus.sys [25088 2015-08-28] (Windows (R) Codename Longhorn DDK provider)
R1 cmdcss; C:\WINDOWS\system32\drivers\cmdcss.sys [126056 2017-03-31] (COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [44056 2018-02-02] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [830448 2018-02-02] (COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50768 2018-02-02] (COMODO)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [55232 2018-07-06] ()
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-09-26] (REALiX(tm))
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [133896 2018-02-02] (COMODO)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2017-09-26] ()
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [62208 2017-03-29] (COMODO)
S3 jrdusbser; C:\WINDOWS\System32\drivers\jrdusbser.sys [123776 2013-06-18] (TCT International Mobile Ltd.) [Brak podpisu cyfrowego]
R3 monectdevices; C:\WINDOWS\System32\drivers\monectdevices.sys [15768 2013-12-03] ()
S3 NTIOLib_1_0_1; C:\Program Files (x86)\MSI\CLICKBIOSII\NTIOLib_X64.sys [14136 2009-10-06] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [13368 2012-11-09] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c1a085cc86772d3f\nvlddmkm.sys [17544792 2018-03-25] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2018-03-24] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [58816 2018-03-24] (NVIDIA Corporation)
R0 OctAgent; C:\WINDOWS\System32\drivers\OctAgent.sys [56144 2018-01-17] (Microsoft Corporation)
S3 qcusbser; C:\WINDOWS\System32\drivers\qcusbser.sys [243712 2015-08-28] (QUALCOMM Incorporated) [Brak podpisu cyfrowego]
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2017-12-25] (Realtek )
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [43008 2018-03-07] ()
R3 usbglcs1100302; C:\WINDOWS\system32\drivers\usbglcs1100302.sys [25600 2014-06-11] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [40832 2018-01-17] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [307024 2018-01-17] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [42496 2018-01-17] (Microsoft Corporation)
S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X]
U2 DiagTrack; Brak ImagePath
U3 dmwappushsvc; Brak ImagePath

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2018-07-06 13:29 - 2018-07-06 13:29 - 000015445 _____ C:\Users\majed\Downloads\FRST.txt
2018-07-06 13:24 - 2018-07-06 13:29 - 000000000 ____D C:\FRST
2018-07-06 13:23 - 2018-07-06 13:23 - 002412544 _____ (Farbar) C:\Users\majed\Downloads\FRST64.exe
2018-07-06 13:21 - 2018-07-06 13:21 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-07-06 13:20 - 2018-07-06 13:20 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-07-06 13:20 - 2018-07-06 13:20 - 000000000 ____D C:\Program Files\Realtek
2018-07-06 13:20 - 2017-06-29 18:55 - 003509256 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2018-07-06 13:20 - 2017-06-29 18:55 - 003507688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2018-07-06 13:20 - 2017-06-29 18:55 - 001347136 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2018-07-06 13:20 - 2017-06-29 18:55 - 000691680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2018-07-06 13:20 - 2017-06-29 18:55 - 000642920 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBTHX64.dll
2018-07-06 13:20 - 2017-06-29 18:55 - 000577832 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\MBTHX32.dll
2018-07-06 13:20 - 2017-06-29 18:55 - 000532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2018-07-06 13:20 - 2017-06-29 18:55 - 000410032 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBWrp64.dll
2018-07-06 13:20 - 2017-06-29 18:55 - 000387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2018-07-06 13:20 - 2017-06-29 18:55 - 000343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2018-07-06 13:20 - 2017-06-29 18:55 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2018-07-06 13:20 - 2017-06-29 18:55 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2018-07-06 13:20 - 2017-06-29 18:55 - 000221960 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2018-07-06 13:20 - 2017-06-29 18:55 - 000214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2018-07-06 13:20 - 2017-06-29 18:55 - 000209528 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2018-07-06 13:20 - 2017-06-29 18:55 - 000192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2018-07-06 13:20 - 2017-06-29 18:55 - 000166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2018-07-06 13:20 - 2017-06-29 18:55 - 000110976 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2018-07-06 13:20 - 2017-06-29 18:55 - 000088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2018-07-06 13:20 - 2017-06-29 18:54 - 004059960 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2018-07-06 13:20 - 2017-06-29 18:54 - 000330552 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2018-07-06 13:20 - 2017-06-29 18:52 - 005826560 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2018-07-06 13:20 - 2017-06-29 18:52 - 003677160 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2018-07-06 13:20 - 2017-06-29 18:52 - 003205120 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2018-07-06 13:20 - 2017-06-29 18:51 - 002210304 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2018-07-06 13:20 - 2017-06-29 18:51 - 002050176 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2018-07-06 13:20 - 2017-06-29 18:51 - 000041088 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\Drivers\MBfilt64.sys
2018-07-06 13:20 - 2017-06-29 18:51 - 000023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2018-07-06 13:20 - 2017-06-29 03:05 - 012334923 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2018-07-06 13:19 - 2017-06-29 18:52 - 000574752 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2018-07-06 13:19 - 2017-06-29 18:52 - 000118592 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2018-07-06 13:19 - 2017-06-29 18:50 - 000122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2018-07-06 13:11 - 2016-09-22 14:55 - 002839520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2018-07-06 12:51 - 2018-07-06 12:51 - 000000000 ____D C:\Users\majed\Downloads\Nowy folder
2018-07-06 12:49 - 2018-07-06 12:50 - 264424269 _____ (Realtek Semiconductor Corp.) C:\Users\majed\Downloads\0009-64bit_Win7_Win8_Win81_Win10_R282.exe
2018-07-06 12:19 - 2018-07-06 12:19 - 000001136 _____ C:\WINDOWS\system32\.crusader
2018-07-06 12:15 - 2018-07-06 12:20 - 000055232 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2018-07-06 12:07 - 2018-07-06 12:07 - 000272536 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-07-06 11:53 - 2018-07-06 11:53 - 011576808 _____ (SurfRight B.V.) C:\Users\majed\Downloads\HitmanPro_x64.exe
2018-07-06 11:01 - 2018-07-06 11:01 - 000003990 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1505423432
2018-07-06 11:01 - 2018-07-06 11:01 - 000001165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk
2018-07-05 22:41 - 2018-07-05 22:42 - 007395536 _____ (Malwarebytes) C:\Users\majed\Desktop\AdwCleaner (1).exe
2018-07-05 20:49 - 2018-07-05 20:49 - 000112946 _____ C:\Users\majed\Downloads\formularzwyplata (1).pdf
2018-07-05 20:44 - 2018-07-05 20:44 - 000112946 _____ C:\Users\majed\Downloads\formularzwyplata.pdf
2018-07-05 15:18 - 2018-07-05 15:19 - 000000000 ____D C:\Users\majed\OneDrive\Documents\Nowy folder (4)
2018-06-28 11:39 - 2018-06-28 11:39 - 000003372 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-74436285-1844635664-829085385-1001
2018-06-28 11:39 - 2018-06-28 11:39 - 000002410 _____ C:\Users\majed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-06-27 12:59 - 2018-06-27 12:59 - 000000000 ____D C:\Users\majed\AppData\Local\Ashampoo
2018-06-27 12:37 - 2018-06-27 12:37 - 001303488 _____ C:\Users\majed\Downloads\BLP0019822336.zip
2018-06-27 12:01 - 2018-06-27 12:01 - 000001574 _____ C:\Users\Public\Desktop\1-Click-Optimizer (WO2018).lnk
2018-06-27 12:01 - 2018-06-27 12:01 - 000001346 _____ C:\Users\Public\Desktop\Ashampoo WinOptimizer 2018.lnk
2018-06-27 12:01 - 2018-06-27 12:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2018-06-27 12:01 - 2018-06-27 12:01 - 000000000 ____D C:\Program Files (x86)\Ashampoo
2018-06-27 09:22 - 2018-06-27 09:22 - 007395536 _____ (Malwarebytes) C:\Users\majed\Desktop\AdwCleaner.exe
2018-06-26 10:42 - 2018-06-26 10:42 - 000000000 ____D C:\Users\majed\Desktop\Moje dane
2018-06-25 23:26 - 2018-06-25 23:26 - 002381230 _____ C:\Users\majed\Downloads\frC1B6.pdf
2018-06-23 21:02 - 2018-06-23 21:02 - 000068464 _____ C:\Users\majed\Downloads\121112450030_2018623205957247.pdf
2018-06-21 17:05 - 2018-06-21 17:05 - 000099764 _____ C:\Users\majed\Downloads\67030602277_2018_05_40526_1529471921076.pdf
2018-06-12 12:36 - 2018-06-12 12:36 - 000000000 ____D C:\Program Files (x86)\M3 Software
2018-06-12 12:35 - 2018-06-12 12:35 - 008565585 _____ C:\Users\majed\Downloads\M3DataRecoveryHome568-ov76jt.zip
2018-06-11 11:02 - 2018-06-11 11:02 - 000100039 _____ C:\Users\majed\Downloads\67030602277_2018_04_40526_1526364584079.pdf
2018-06-10 23:06 - 2018-06-10 23:12 - 631403829 _____ C:\Users\majed\Downloads\lq1b5e5f3d3b45401f3de906168237f50d4e650c3cecb4336b6fb8f962273cf12c.mp4
2018-06-08 11:41 - 2018-06-08 11:41 - 000004678 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-06-06 12:41 - 2018-06-06 12:41 - 000000825 _____ C:\Users\majed\Desktop\World of Tanks.lnk
2018-06-06 12:41 - 2018-06-06 12:41 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2018-06-06 12:41 - 2018-06-06 12:41 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2018-06-06 12:41 - 2018-06-06 12:41 - 000000000 ____D C:\Users\majed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2018-06-06 12:40 - 2018-06-06 12:40 - 004759760 _____ (Wargaming.net ) C:\Users\majed\Desktop\WoT_internet_install_eu_bm02lyfzwsbz.exe

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2018-07-06 13:29 - 2017-11-16 11:23 - 001474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2018-07-06 13:27 - 2018-03-10 22:34 - 000000000 ____D C:\Users\majed\AppData\Roaming\monect
2018-07-06 13:27 - 2018-01-29 13:57 - 000000000 ____D C:\Users\majed\AppData\Roaming\XnView
2018-07-06 13:27 - 2018-01-21 01:44 - 000000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2018-07-06 13:27 - 2017-11-20 11:56 - 000000000 ____D C:\ProgramData\HitmanPro
2018-07-06 13:27 - 2017-09-14 23:05 - 000000000 ____D C:\Program Files\Opera
2018-07-06 13:25 - 2018-01-21 01:46 - 007007614 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-07-06 13:25 - 2018-01-18 02:06 - 003434808 _____ C:\WINDOWS\system32\perfh015.dat
2018-07-06 13:25 - 2018-01-18 02:06 - 000966200 _____ C:\WINDOWS\system32\perfc015.dat
2018-07-06 13:20 - 2018-01-19 04:51 - 000000000 ___HD C:\Program Files (x86)\Temp
2018-07-06 13:20 - 2018-01-17 12:43 - 000000000 ____D C:\WINDOWS\INF
2018-07-06 13:19 - 2018-05-27 02:10 - 000000000 ____D C:\Users\majed\Desktop\Nowy folder (3)
2018-07-06 13:19 - 2018-04-28 18:19 - 000000000 ____D C:\Users\majed\AppData\Local\Free Download Manager
2018-07-06 13:19 - 2018-04-17 08:54 - 000000000 ____D C:\ProgramData\NVIDIA
2018-07-06 13:19 - 2018-01-21 01:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-07-06 13:19 - 2018-01-19 04:54 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-07-06 13:18 - 2018-01-17 12:35 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-07-06 13:18 - 2018-01-17 11:00 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-07-06 13:02 - 2018-01-17 12:45 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-07-06 12:54 - 2017-09-14 23:34 - 000000000 ____D C:\Users\majed\AppData\Local\ElevatedDiagnostics
2018-07-06 12:40 - 2018-01-17 12:45 - 000000000 ____D C:\WINDOWS\registration
2018-07-06 12:38 - 2017-09-14 22:58 - 000000000 ____D C:\Users\majed\AppData\Local\CrashDumps
2018-07-06 12:20 - 2018-01-21 01:39 - 000000000 ____D C:\Users\majed
2018-07-06 12:07 - 2018-01-20 20:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-07-06 11:37 - 2017-09-15 12:00 - 000000000 ____D C:\Users\majed\AppData\Roaming\Comodo
2018-07-05 22:42 - 2017-09-26 15:16 - 000000000 ____D C:\Users\majed\AppData\LocalLow\IObit
2018-07-05 22:42 - 2017-09-26 15:16 - 000000000 ____D C:\ProgramData\IObit
2018-07-05 22:42 - 2017-09-26 15:16 - 000000000 ____D C:\Program Files (x86)\IObit
2018-07-05 22:42 - 2017-09-26 15:15 - 000000000 ____D C:\Users\majed\AppData\Roaming\IObit
2018-07-05 22:40 - 2018-01-17 12:45 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-07-04 23:53 - 2018-01-17 12:45 - 000000000 ___HD C:\Program Files\WindowsApps
2018-07-01 21:55 - 2017-09-17 11:30 - 000000000 ____D C:\Users\majed\AppData\Roaming\GG
2018-07-01 13:32 - 2017-11-06 16:32 - 000000000 ____D C:\Users\majed\AppData\Local\Packages
2018-06-28 11:39 - 2017-09-14 22:29 - 000000000 ___RD C:\Users\majed\OneDrive
2018-06-27 12:01 - 2018-01-28 02:31 - 000000000 ____D C:\ProgramData\Ashampoo
2018-06-27 10:19 - 2018-03-08 20:54 - 000000000 ____D C:\Program Files (x86)\Origin
2018-06-27 10:19 - 2017-11-24 19:48 - 000000000 ____D C:\Program Files (x86)\Steam
2018-06-27 10:19 - 2017-09-15 11:50 - 000000000 ____D C:\ProgramData\Comodo
2018-06-27 10:07 - 2018-02-17 11:19 - 000000000 _____ C:\Recovery.txt
2018-06-26 10:52 - 2017-11-05 11:48 - 000000000 ____D C:\Users\majed\AppData\Roaming\MPC-HC
2018-06-10 00:25 - 2017-09-17 11:30 - 000000000 ____D C:\Users\majed\AppData\Local\GG
2018-06-08 18:11 - 2017-12-14 23:37 - 000000000 ____D C:\ProgramData\ALLPlayer
2018-06-08 18:11 - 2017-12-14 23:37 - 000000000 ____D C:\Program Files (x86)\ALLPlayer
2018-06-08 11:41 - 2018-01-17 12:45 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-06-08 11:41 - 2018-01-17 12:45 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-06-06 13:57 - 2018-05-16 11:31 - 000000000 ____D C:\Users\majed\AppData\Roaming\Wargaming.net
2018-06-06 12:41 - 2018-05-16 11:32 - 000000000 ____D C:\Games

==================== Pliki w katalogu głównym wybranych folderów =======

2017-10-20 18:52 - 2017-10-20 18:52 - 000000048 _____ () C:\Program Files (x86)\6mx25l4tcc.dat
2018-03-10 22:39 - 2018-03-10 22:39 - 001740517 _____ () C:\Users\majed\AppData\Roaming\﻿JPEG_20180310_213813_643571181.jpg
2018-03-25 04:30 - 2018-03-25 04:30 - 002357829 _____ () C:\Users\majed\AppData\Roaming\﻿JPEG_20180325_042918_1462385099.jpg
2018-04-29 16:35 - 2018-04-29 16:35 - 000002557 _____ () C:\Users\majed\AppData\Local\recently-used.xbel
2017-11-20 12:08 - 2017-11-20 12:08 - 000000017 _____ () C:\Users\majed\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo
C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo

LastRegBack: 2018-07-01 15:49

==================== Koniec  FRST.txt ============================