Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:07-11-2015 Uruchomiony przez Sigon (administrator) SIGON-KOMPUTER (09-11-2015 22:41:11) Uruchomiony z C:\Farbar Załadowane profile: Sigon (Dostępne profile: Sigon) Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe () C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.) HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-12-17] (Intel(R) Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1666849123-2050503175-1494362175-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5585136 2015-03-31] (Disc Soft Ltd) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2014-11-13] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2014-11-13] (NVIDIA Corporation) ==================== Internet (Wszystkie) =========================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224 2012-01-13] (Microsoft Corporation) Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224 2009-07-14] (Microsoft Corporation) Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024 2009-07-14] (Microsoft Corporation) Winsock: Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024 2009-07-14] (Microsoft Corporation) Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424 2013-09-08] (Microsoft Corporation) Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992 2009-07-14] (Microsoft Corporation) Winsock: Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352 2010-11-21] (Microsoft Corporation) Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corp.) Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corp.) Winsock: Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.) Winsock: Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424 2013-09-08] (Microsoft Corporation) Winsock: Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424 2013-09-08] (Microsoft Corporation) Winsock: Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424 2013-09-08] (Microsoft Corporation) Winsock: Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424 2013-09-08] (Microsoft Corporation) Winsock: Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424 2013-09-08] (Microsoft Corporation) Winsock: Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424 2013-09-08] (Microsoft Corporation) Winsock: Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424 2013-09-08] (Microsoft Corporation) Winsock: Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424 2013-09-08] (Microsoft Corporation) Winsock: Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424 2013-09-08] (Microsoft Corporation) Winsock: Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424 2013-09-08] (Microsoft Corporation) Winsock: Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424 2013-09-08] (Microsoft Corporation) Winsock: Catalog5-x64 01 C:\Windows\system32\NLAapi.dll [70656 2012-10-03] (Microsoft Corporation) Winsock: Catalog5-x64 02 C:\Windows\system32\napinsp.dll [68096 2009-07-14] (Microsoft Corporation) Winsock: Catalog5-x64 03 C:\Windows\system32\pnrpnsp.dll [86016 2009-07-14] (Microsoft Corporation) Winsock: Catalog5-x64 04 C:\Windows\system32\pnrpnsp.dll [86016 2009-07-14] (Microsoft Corporation) Winsock: Catalog5-x64 05 C:\Windows\System32\mswsock.dll [327168 2013-09-08] (Microsoft Corporation) Winsock: Catalog5-x64 06 C:\Windows\System32\winrnr.dll [28672 2009-07-14] (Microsoft Corporation) Winsock: Catalog5-x64 07 C:\Windows\system32\wshbth.dll [47104 2010-11-21] (Microsoft Corporation) Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corp.) Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corp.) Winsock: Catalog5-x64 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc.) Winsock: Catalog9-x64 01 C:\Windows\system32\mswsock.dll [327168 2013-09-08] (Microsoft Corporation) Winsock: Catalog9-x64 02 C:\Windows\system32\mswsock.dll [327168 2013-09-08] (Microsoft Corporation) Winsock: Catalog9-x64 03 C:\Windows\system32\mswsock.dll [327168 2013-09-08] (Microsoft Corporation) Winsock: Catalog9-x64 04 C:\Windows\system32\mswsock.dll [327168 2013-09-08] (Microsoft Corporation) Winsock: Catalog9-x64 05 C:\Windows\system32\mswsock.dll [327168 2013-09-08] (Microsoft Corporation) Winsock: Catalog9-x64 06 C:\Windows\system32\mswsock.dll [327168 2013-09-08] (Microsoft Corporation) Winsock: Catalog9-x64 07 C:\Windows\system32\mswsock.dll [327168 2013-09-08] (Microsoft Corporation) Winsock: Catalog9-x64 08 C:\Windows\system32\mswsock.dll [327168 2013-09-08] (Microsoft Corporation) Winsock: Catalog9-x64 09 C:\Windows\system32\mswsock.dll [327168 2013-09-08] (Microsoft Corporation) Winsock: Catalog9-x64 10 C:\Windows\system32\mswsock.dll [327168 2013-09-08] (Microsoft Corporation) Winsock: Catalog9-x64 11 C:\Windows\system32\mswsock.dll [327168 2013-09-08] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 176.111.16.10 176.111.16.10 Tcpip\..\Interfaces\{69CE0DD4-7B0E-4D45-BCED-455D104F3298}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{6DC2418E-6989-4151-A607-454B27A2A624}: [DhcpNameServer] 176.111.16.10 176.111.16.10 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm HKU\S-1-5-21-1666849123-2050503175-1494362175-1001\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm HKU\S-1-5-21-1666849123-2050503175-1494362175-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKU\S-1-5-21-1666849123-2050503175-1494362175-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 URLSearchHook: HKU\S-1-5-21-1666849123-2050503175-1494362175-1001 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation) URLSearchHook: HKU\S-1-5-21-1666849123-2050503175-1494362175-1001 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) SearchScopes: HKLM -> DefaultScope - brak wartości SearchScopes: HKLM -> {E3972092-C2EA-46AE-AC2E-C8D41F362280} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox SearchScopes: HKLM-x32 -> DefaultScope - brak wartości SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation) BHO-x32: Brak nazwy -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Brak pliku BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll => Brak pliku Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2014-06-12] (Microsoft Corporation) Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2014-06-12] (Microsoft Corporation) Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\system32\urlmon.dll [2014-06-12] (Microsoft Corporation) Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll [2014-06-12] (Microsoft Corporation) Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll [2010-11-21] (Microsoft Corporation) Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll [2010-11-21] (Microsoft Corporation) Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2014-06-12] (Microsoft Corporation) Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2014-06-12] (Microsoft Corporation) Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2014-06-12] (Microsoft Corporation) Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2014-06-12] (Microsoft Corporation) Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation) Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation) Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation) Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation) Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation) Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2009-07-14] (Microsoft Corporation) Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2009-07-14] (Microsoft Corporation) Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2014-06-12] (Microsoft Corporation) Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2014-06-12] (Microsoft Corporation) Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll [2010-11-10] (Microsoft Corporation) Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2014-06-12] (Microsoft Corporation) Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2014-06-12] (Microsoft Corporation) Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2014-06-12] (Microsoft Corporation) Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2014-06-12] (Microsoft Corporation) Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll [2011-05-03] (Microsoft Corporation) Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll [2011-05-03] (Microsoft Corporation) Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2014-06-12] (Microsoft Corporation) Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2014-06-12] (Microsoft Corporation) Handler-x32: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll [2012-11-10] (Microsoft Corporation) Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2009-07-14] (Microsoft Corporation) Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2009-07-14] (Microsoft Corporation) Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation) Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll [2010-11-10] (Microsoft Corporation) Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2014-06-12] (Microsoft Corporation) Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2014-06-12] (Microsoft Corporation) Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll [2010-11-21] (Microsoft Corporation) Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll [2010-11-21] (Microsoft Corporation) Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2014-06-12] (Microsoft Corporation) Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2014-06-12] (Microsoft Corporation) Handler-x32: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll [2010-11-10] (Microsoft Corporation) Handler-x32: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll [2010-11-10] (Microsoft Corporation) Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation) Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation) Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation) Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation) Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation) Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation) Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL [2006-10-26] (Microsoft Corporation) Filter-x32: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL [2006-10-26] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe Chrome: ======= CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Sigon\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.) CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\PepperFlash\pepflashplayer.dll () CHR Profile: C:\Users\Sigon\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Dokumenty Google) - C:\Users\Sigon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04] CHR Extension: (Dysk Google) - C:\Users\Sigon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26] CHR Extension: (YouTube) - C:\Users\Sigon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-26] CHR Extension: (Adblock Plus) - C:\Users\Sigon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-10-26] CHR Extension: (Google Search) - C:\Users\Sigon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Dokumenty Google offline) - C:\Users\Sigon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04] CHR Extension: (Click&Clean) - C:\Users\Sigon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2015-10-27] CHR Extension: (AdBlock) - C:\Users\Sigon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-26] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Sigon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26] CHR Extension: (Gmail) - C:\Users\Sigon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28] CHR Profile: C:\Users\Sigon\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Profile: C:\Users\Sigon\AppData\Local\Google\Chrome\User Data\Profile 2 CHR Extension: (Dokumenty Google) - C:\Users\Sigon\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-09] CHR Extension: (Dysk Google) - C:\Users\Sigon\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-09] CHR Extension: (YouTube) - C:\Users\Sigon\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-09] CHR Extension: (Google Search) - C:\Users\Sigon\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-09] CHR Extension: (Dokumenty Google offline) - C:\Users\Sigon\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-09] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Sigon\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-09] CHR Extension: (Gmail) - C:\Users\Sigon\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-09] StartMenuInternet: Google Chrome - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.) S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-05-11] (BitRaider, LLC) S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-06-02] (BitRaider, LLC) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1277680 2015-03-31] (Disc Soft Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation) R3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] () R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-01] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-02-27] (Electronic Arts) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-11-17] () ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-06-02] (BitRaider) S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] () R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-04-16] (Disc Soft Ltd) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300352 2014-11-13] (NVIDIA Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-01] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-11-08 22:01 - 2015-11-08 22:01 - 00041319 _____ C:\Users\Sigon\Downloads\Addition.txt 2015-11-08 22:01 - 2015-11-08 22:01 - 00025173 _____ C:\Users\Sigon\Downloads\FRST.txt 2015-11-08 20:57 - 2015-11-08 20:57 - 00380416 _____ C:\Users\Sigon\Downloads\z4cfbo9b.exe 2015-11-08 20:51 - 2015-11-09 22:41 - 00000000 ____D C:\FRST 2015-11-08 20:49 - 2015-11-09 22:41 - 00000000 ____D C:\Farbar 2015-10-27 15:55 - 2015-10-27 15:55 - 00000131 _____ C:\Users\Sigon\Downloads\debug.log 2015-10-27 15:49 - 2015-10-27 15:49 - 00282624 _____ C:\Users\Sigon\Downloads\appnhost.msi ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-11-09 22:33 - 2009-07-14 05:45 - 00025008 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-11-09 22:33 - 2009-07-14 05:45 - 00025008 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-11-09 22:32 - 2010-11-21 13:53 - 14567078 _____ C:\Windows\system32\perfh015.dat 2015-11-09 22:32 - 2010-11-21 13:53 - 05062490 _____ C:\Windows\system32\perfc015.dat 2015-11-09 22:32 - 2009-07-14 06:13 - 00006444 _____ C:\Windows\system32\PerfStringBackup.INI 2015-11-09 22:29 - 2011-08-21 02:39 - 01066063 _____ C:\Windows\WindowsUpdate.log 2015-11-09 22:26 - 2014-12-03 16:13 - 00068759 _____ C:\Windows\setupact.log 2015-11-09 22:26 - 2014-01-30 13:22 - 00000008 __RSH C:\ProgramData\ntuser.pol 2015-11-09 22:26 - 2013-12-19 14:53 - 00000000 ____D C:\ProgramData\NVIDIA 2015-11-09 22:26 - 2013-11-03 18:22 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-11-09 22:26 - 2013-04-30 20:15 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-11-09 22:25 - 2014-12-17 12:47 - 00006028 _____ C:\Windows\PFRO.log 2015-11-09 22:24 - 2014-04-04 09:54 - 00000000 ____D C:\Users\Sigon\AppData\LocalLow\Temp 2015-11-09 22:22 - 2014-03-27 15:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tibia 2015-11-09 22:22 - 2009-07-14 04:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2015-11-09 22:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy 2015-11-09 22:05 - 2012-03-19 15:37 - 00000000 ____D C:\Program Files (x86)\Java 2015-11-09 22:03 - 2013-11-03 18:22 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-11-09 21:55 - 2011-08-21 10:04 - 00000000 ____D C:\ProgramData\Adobe 2015-11-09 21:53 - 2011-11-08 11:42 - 00000000 ____D C:\Users\Sigon\AppData\Local\Adobe 2015-11-09 20:58 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2015-11-07 20:07 - 2011-12-14 12:39 - 00000000 ____D C:\Program Files (x86)\Steam 2015-10-27 16:05 - 2013-04-08 16:02 - 00002151 _____ C:\Users\Public\Desktop\Google Chrome.lnk ==================== Pliki w katalogu głównym wybranych folderów ======= 2012-05-29 21:18 - 2015-02-01 22:16 - 0022528 _____ () C:\Users\Sigon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2015-09-01 09:59 ==================== Koniec FRST.txt ============================