Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:29-05-2016 02 Uruchomiony przez Sławomir (administrator) SLAWEK (31-05-2016 17:27:53) Uruchomiony z C:\Users\Sławomir\Desktop\POBRANE Załadowane profile: Sławomir (Dostępne profile: Sławomir) Platform: Windows 8.1 (Update) (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe (Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe (Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe (MSI) C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe () C:\ProgramData\ASGVIS\Dongle Utilities\startvrlservice.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe (Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Gaming Center\Dragon Gaming Center.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (MSI) C:\Program Files (x86)\SCM\Radio Manager.exe (MSI) C:\Program Files (x86)\SCM\SCM.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Spotify Ltd) C:\Users\Sławomir\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd) C:\Users\Sławomir\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\Sławomir\AppData\Roaming\Spotify\SpotifyCrashService.exe (Spotify Ltd) C:\Users\Sławomir\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\Sławomir\AppData\Roaming\Spotify\Spotify.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe (Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (MSI) C:\Program Files (x86)\MSI\SUPER CHARGER\SUPER CHARGER.exe (Autodesk Inc.) C:\Users\Sławomir\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-06-25] (NVIDIA Corporation) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-31] (Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-06-25] (Realtek Semiconductor) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2893104 2014-06-25] (ELAN Microelectronics Corp.) HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2014-01-02] (MSI) HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [407720 2014-01-02] (MSI) HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64 HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-17] (Creative Technology Ltd) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.) HKLM-x32\...\Run: [SUPER CHARGER] => C:\Program Files (x86)\MSI\SUPER CHARGER\SUPER CHARGER.exe [1047536 2014-02-21] (MSI) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23745808 2016-05-07] (Dropbox, Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-05-04] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [814608 2016-04-04] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCTray.exe" /regrun HKU\S-1-5-21-4002679962-1221417142-4111111163-1001\...\Run: [Spotify Web Helper] => C:\Users\Sławomir\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-05-28] (Spotify Ltd) HKU\S-1-5-21-4002679962-1221417142-4111111163-1001\...\Run: [Spotify] => C:\Users\Sławomir\AppData\Roaming\Spotify\Spotify.exe [6859888 2016-05-28] (Spotify Ltd) HKU\S-1-5-21-4002679962-1221417142-4111111163-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50670720 2016-03-01] (Skype Technologies S.A.) HKU\S-1-5-21-4002679962-1221417142-4111111163-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x95000000 ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-03-14] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-05-16] ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4 Tcpip\..\Interfaces\{8ECBBD86-6408-460D-8A30-F95E4F007866}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=o400493_1&s=o400493_1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKU\S-1-5-21-4002679962-1221417142-4111111163-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=o400493_1&s=o400493_1 BHO-x32: PDF Architect 3 Helper -> {06E08260-0695-4EC1-A74B-1310D8899D93} -> C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-09-17] (pdfforge GmbH) BHO-x32: Ó¦Óñ¦Ň»Ľü°˛×°˛ĺĽţ -> {50F4150A-48B2-417A-BE4C-C83F580FB904} -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司) Toolbar: HKLM-x32 - PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll [2015-09-17] (pdfforge GmbH) Chrome: ======= CHR HomePage: Default -> hxxp://google.com/ CHR StartupUrls: Default -> "hxxp://google.com/","hxxp://www.google.com/","hxxp://www.interia.pl/#utm_source=instalki1&utm_medium=installer&utm_campaign=instalki1&iwa_source=installer_instalki" CHR Profile: C:\Users\Sławomir\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Prezentacje Google) - C:\Users\Sławomir\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-26] CHR Extension: (Dokumenty Google) - C:\Users\Sławomir\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-26] CHR Extension: (Dysk Google) - C:\Users\Sławomir\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-26] CHR Extension: (Vocabla - improve your vocabulary) - C:\Users\Sławomir\AppData\Local\Google\Chrome\User Data\Default\Extensions\bchnamjcpocgphheheekmchilaabjdnb [2016-03-26] CHR Extension: (QuickPin) - C:\Users\Sławomir\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhogoimaoahmedeeahleijnpljdbammj [2016-03-26] CHR Extension: (YouTube) - C:\Users\Sławomir\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-26] CHR Extension: (Vocabla: angielskie słówka) - C:\Users\Sławomir\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdnfmoippfkddcakmbeaglgjcfcfcfmk [2016-03-26] CHR Extension: (Adblock Plus) - C:\Users\Sławomir\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-26] CHR Extension: (Image Downloader) - C:\Users\Sławomir\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2016-04-17] CHR Extension: (Arkusze Google) - C:\Users\Sławomir\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-26] CHR Extension: (Avira Browser Safety) - C:\Users\Sławomir\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-05-12] CHR Extension: (Dokumenty Google offline) - C:\Users\Sławomir\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-26] CHR Extension: (AdBlock) - C:\Users\Sławomir\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-05-27] CHR Extension: (Przycisk Pin It) - C:\Users\Sławomir\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2016-03-26] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Sławomir\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03] CHR Extension: (Gmail) - C:\Users\Sławomir\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-26] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [970656 2016-04-04] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [467016 2016-04-04] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [467016 2016-04-04] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1435704 2016-04-04] (Avira Operations GmbH & Co. KG) R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [276424 2016-05-04] (Avira Operations GmbH & Co. KG) R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [226064 2016-05-04] (Avira Operations GmbH & Co. KG) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-19] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-19] (Dropbox, Inc.) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [99632 2014-06-25] (ELAN Microelectronics Corp.) R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [Brak podpisu cyfrowego] R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-31] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-06-25] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation) R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [451072 2015-10-06] (Rivet Networks) [Brak podpisu cyfrowego] R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [67752 2012-10-25] (Robert McNeel & Associates) R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2014-01-02] (Micro-Star International Co., Ltd.) [Brak podpisu cyfrowego] R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe [162800 2014-02-21] (MSI) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-29] () R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Brak podpisu cyfrowego] R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2012-07-05] (Nalpeiron Ltd.) [Brak podpisu cyfrowego] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-06-25] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-06-25] (NVIDIA Corporation) S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244832 2015-09-17] (pdfforge GmbH) S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [964832 2015-09-17] (pdfforge GmbH) R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [767712 2015-09-17] (pdfforge GmbH) R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Brak podpisu cyfrowego] R2 VRLService; C:\ProgramData\ASGVIS\Dongle Utilities\startvrlservice.exe [209408 2014-09-05] () [Brak podpisu cyfrowego] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [655040 2015-07-08] (Wacom Technology, Corp.) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-29] (Intel® Corporation) S2 QQPCRTP; "C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCRTP.exe" -r [X] S2 QQRepair153c; "C:\Program Files (x86)\Tencent\QQPCMGR\QQRepair153c" [X] S2 QQRepair1567; "C:\Program Files (x86)\Tencent\QQPCMGR\QQRepair1567" [X] S2 QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\QQRepairFixSVC [X] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-04-04] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-04-04] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-04-04] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-04-04] (Avira Operations GmbH & Co. KG) R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [142408 2015-09-16] (Rivet Networks, LLC.) S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.) S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions, Inc.) S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-09-23] (Disc Soft Ltd) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [366864 2016-03-18] (Intel Corporation) R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [157752 2015-09-03] (Qualcomm Atheros, Inc.) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation) R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3446240 2014-06-18] (Intel Corporation) R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\SUPER CHARGER\NTIOLib_X64.sys [13368 2012-10-26] (MSI) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2014-06-25] (NVIDIA Corporation) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2014-06-25] (Realsil Semiconductor Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) R3 WINIO; C:\Program Files (x86)\MSI\Dragon Gaming Center\winio64.sys [15160 2010-06-07] () S2 QQSysMonX64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQSysMonX64.sys [X] S1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\SRepairDrv [X] S3 TFsFlt; system32\Drivers\TFsFltX64.sys [X] S3 TS888x64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TS888x64.sys [X] S1 TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TSDefenseBT64.sys [X] S2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TsNetHlpX64.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-05-31 17:20 - 2016-05-31 17:20 - 00000000 ____D C:\ProgramData\TXQMPC 2016-05-31 17:13 - 2016-05-31 17:13 - 00007969 _____ C:\Users\Sławomir\Desktop\fixlist.txt 2016-05-31 17:12 - 2016-05-31 17:12 - 00000000 _____ C:\Users\Sławomir\Desktop\Nowy dokument tekstowy (2).txt 2016-05-31 16:48 - 2016-05-31 16:48 - 266040255 _____ C:\Users\Sławomir\AppData\Local\ACCCx3_6_0_248.zip.aamdownload 2016-05-31 16:48 - 2016-05-31 16:48 - 00003014 _____ C:\Users\Sławomir\AppData\Local\ACCCx3_6_0_248.zip.aamdownload.aamd 2016-05-29 21:21 - 2016-05-29 21:22 - 00002908 _____ C:\Users\Sławomir\Desktop\Rkill.txt 2016-05-29 21:17 - 2016-05-29 21:07 - 00001306 _____ C:\rkill.com.lnk 2016-05-29 20:32 - 2016-05-29 20:32 - 00001128 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-05-28 16:48 - 2016-05-31 17:11 - 00038520 _____ (Tencent) C:\Windows\SysWOW64\Drivers\TS888x64.sys 2016-05-28 16:48 - 2016-05-28 16:48 - 00321112 _____ C:\Windows\Minidump\052816-39375-01.dmp 2016-05-28 16:04 - 2016-05-28 16:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件 2016-05-28 15:15 - 2016-05-28 16:32 - 00018775 _____ C:\Users\Sławomir\Desktop\gmer C scan.txt 2016-05-28 15:14 - 2016-05-28 15:15 - 00019744 _____ C:\Users\Sławomir\Desktop\gmer quick scan.txt 2016-05-28 15:01 - 2016-05-28 15:01 - 00317048 _____ C:\Windows\Minidump\052816-8093-01.dmp 2016-05-28 15:00 - 2016-05-31 17:10 - 00000143 _____ C:\Windows\wininit.ini 2016-05-28 14:32 - 2016-05-28 14:32 - 00000000 ____D C:\Program Files\Common Files\AV 2016-05-28 14:32 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe 2016-05-28 14:25 - 2016-05-31 17:11 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2016-05-28 14:25 - 2016-05-31 17:10 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2016-05-28 14:25 - 2016-05-28 14:25 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking 2016-05-28 13:59 - 2016-05-31 17:27 - 00000000 ____D C:\FRST 2016-05-28 13:47 - 2016-05-28 13:47 - 00000000 _____ C:\autoexec.bat 2016-05-28 08:37 - 2016-05-29 21:03 - 00000000 ____D C:\Users\Sławomir\Desktop\modele rzuty 2016-05-27 15:25 - 2016-05-27 15:25 - 00000000 ____D C:\Users\Sławomir\AppData\Roaming\Google 2016-05-27 10:42 - 2016-05-27 10:43 - 00000000 ____D C:\ProgramData\Google 2016-05-27 10:42 - 2016-05-27 10:42 - 00000000 ____D C:\Program Files\Google 2016-05-25 16:28 - 2016-05-25 16:28 - 00001160 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2016-05-25 15:00 - 2016-05-28 10:33 - 00000000 ____D C:\VRAY 2016-05-25 14:10 - 2016-05-25 14:10 - 00000000 ____D C:\ProgramData\Nik Software 2016-05-25 14:10 - 2016-05-25 14:10 - 00000000 ____D C:\Program Files\Nik Software 2016-05-25 12:28 - 2016-05-28 10:41 - 00000000 ____D C:\Users\Sławomir\Desktop\vismat 2016-05-24 12:13 - 2016-05-24 12:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chaos Group 2016-05-24 12:12 - 2016-05-24 12:12 - 00000000 ____D C:\Program Files\WIBU-SYSTEMS 2016-05-24 12:12 - 2016-05-24 12:12 - 00000000 ____D C:\Program Files (x86)\WIBU-SYSTEMS 2016-05-24 12:12 - 2016-05-24 12:12 - 00000000 ____D C:\Program Files (x86)\WIBUKEY 2016-05-24 12:06 - 2016-05-24 12:06 - 00002188 _____ C:\Users\Public\Desktop\Style Builder 2015.lnk 2016-05-24 12:06 - 2016-05-24 12:06 - 00002102 _____ C:\Users\Public\Desktop\LayOut 2015.lnk 2016-05-24 12:06 - 2016-05-24 12:06 - 00002013 _____ C:\Users\Public\Desktop\SketchUp 2015.lnk 2016-05-24 12:06 - 2016-05-24 12:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2015 2016-05-24 12:05 - 2016-05-24 12:05 - 00000000 ____D C:\Program Files\SketchUp 2016-05-24 12:04 - 2016-05-24 12:05 - 00000000 ____D C:\Users\Sławomir\Desktop\INSTALKI 2016-05-23 18:08 - 2016-05-28 09:56 - 00000000 ____D C:\Users\Sławomir\Desktop\HR 2016-05-22 18:07 - 2016-05-22 15:08 - 00373792 _____ C:\Users\Sławomir\Documents\KWARTAL2.bak 2016-05-22 15:08 - 2016-05-22 18:07 - 00384216 _____ C:\Users\Sławomir\Documents\KWARTAL2.dwg 2016-05-16 18:54 - 2016-05-16 18:54 - 00000000 ____D C:\Program Files\Common Files\Intel 2016-05-16 18:54 - 2016-05-16 18:54 - 00000000 ____D C:\Program Files (x86)\Cisco 2016-05-16 18:48 - 2016-05-16 18:48 - 00002801 _____ C:\Users\Public\Desktop\Killer Network Manager.lnk 2016-05-16 18:48 - 2016-05-16 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Killer Networking 2016-05-16 18:48 - 2016-05-16 18:48 - 00000000 ____D C:\ProgramData\Killer 2016-05-16 18:48 - 2016-05-16 18:48 - 00000000 ____D C:\Program Files\Killer Networking 2016-05-16 18:20 - 2016-05-16 18:20 - 00000000 ____D C:\Users\Sławomir\AppData\Local\DriverToolkit 2016-05-16 18:20 - 2016-05-16 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit 2016-05-16 18:20 - 2016-05-16 18:20 - 00000000 ____D C:\Program Files (x86)\DriverToolkit 2016-05-15 22:19 - 2016-05-15 22:19 - 00053248 _____ C:\Windows\SysWOW64\unrar.dll 2016-05-15 09:30 - 2016-05-15 09:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-05-12 12:55 - 2016-05-12 14:25 - 00000000 ____D C:\Users\Sławomir\Desktop\BLOKI AUTOCAD 2016-05-12 10:15 - 2016-05-12 10:20 - 00000000 ____D C:\Program Files (x86)\Gabest 2016-05-12 10:14 - 2016-05-12 10:20 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5 2016-05-11 08:59 - 2016-03-16 03:58 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-05-11 08:59 - 2016-03-16 03:58 - 00332632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-05-11 08:59 - 2016-03-14 18:50 - 00316760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys 2016-05-11 08:59 - 2016-03-12 02:49 - 02466136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2016-05-11 08:59 - 2016-03-12 02:47 - 00160160 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL 2016-05-11 08:59 - 2016-03-12 02:47 - 00121912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL 2016-05-11 08:59 - 2016-03-10 19:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dsparse.dll 2016-05-11 08:59 - 2016-03-10 18:55 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll 2016-05-11 08:59 - 2016-03-10 18:52 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll 2016-05-11 08:59 - 2016-03-10 18:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsparse.dll 2016-05-11 08:59 - 2016-03-10 18:42 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll 2016-05-11 08:59 - 2016-03-05 19:44 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll 2016-05-11 08:59 - 2016-03-05 19:04 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll 2016-05-11 08:59 - 2016-02-27 20:28 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2016-05-11 08:59 - 2016-02-27 19:57 - 03273728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll 2016-05-11 08:59 - 2016-02-27 19:19 - 03820544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2016-05-11 08:59 - 2016-02-27 18:32 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2016-05-11 08:44 - 2016-04-22 22:54 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-05-11 08:44 - 2016-04-22 22:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-05-11 08:44 - 2016-04-22 22:14 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-05-11 08:44 - 2016-04-22 22:08 - 06052864 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-05-11 08:44 - 2016-04-22 22:06 - 20349952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-05-11 08:44 - 2016-04-22 22:00 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-05-11 08:44 - 2016-04-22 21:35 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-05-11 08:44 - 2016-04-22 21:29 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-05-11 08:44 - 2016-04-22 21:24 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2016-05-11 08:44 - 2016-04-22 21:23 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-05-11 08:44 - 2016-04-22 21:19 - 15414784 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-05-11 08:44 - 2016-04-22 21:17 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-05-11 08:44 - 2016-04-22 21:14 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-05-11 08:44 - 2016-04-22 21:14 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-05-11 08:44 - 2016-04-22 21:14 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-05-11 08:44 - 2016-04-22 21:12 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-05-11 08:44 - 2016-04-22 20:58 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-05-11 08:44 - 2016-04-22 20:58 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2016-05-11 08:44 - 2016-04-22 20:54 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-05-11 08:44 - 2016-04-22 20:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-05-11 08:44 - 2016-04-22 20:52 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-05-11 08:44 - 2016-04-22 20:52 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-05-11 08:44 - 2016-04-22 20:52 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-05-11 08:44 - 2016-04-22 20:51 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-05-11 08:44 - 2016-04-22 20:40 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-05-11 08:44 - 2016-04-22 20:29 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-05-11 08:44 - 2016-04-22 20:27 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-05-11 08:44 - 2016-04-22 20:24 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-05-11 08:44 - 2016-04-22 20:23 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-05-11 08:44 - 2016-04-11 08:21 - 00074584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys 2016-05-11 08:44 - 2016-04-10 09:48 - 00738096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2016-05-11 08:44 - 2016-04-10 09:48 - 00613624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2016-05-11 08:44 - 2016-04-10 07:37 - 01549144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2016-05-11 08:44 - 2016-04-10 06:21 - 01763376 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2016-05-11 08:44 - 2016-04-10 06:21 - 01489088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2016-05-11 08:44 - 2016-04-10 06:14 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2016-05-11 08:44 - 2016-04-10 01:29 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-05-11 08:44 - 2016-04-10 00:07 - 01097728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2016-05-11 08:44 - 2016-04-09 23:58 - 00534016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll 2016-05-11 08:44 - 2016-04-09 23:50 - 00375296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll 2016-05-11 08:44 - 2016-04-06 23:13 - 00561960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2016-05-11 08:44 - 2016-04-06 23:13 - 00137976 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-05-11 08:44 - 2016-04-06 20:20 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-05-11 08:44 - 2016-04-06 20:19 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-05-11 08:44 - 2016-04-06 20:19 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-05-11 08:44 - 2016-04-06 19:49 - 00120384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-05-11 08:44 - 2016-04-06 19:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2016-05-11 08:44 - 2016-04-06 18:57 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-05-11 08:44 - 2016-04-06 18:52 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-05-11 08:44 - 2016-04-06 18:20 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2016-05-11 08:44 - 2016-04-06 17:48 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-05-11 08:44 - 2016-03-31 08:50 - 01307328 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-05-11 08:44 - 2016-03-31 05:40 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-05-11 08:44 - 2016-03-29 03:42 - 07446368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-05-10 19:51 - 2016-05-10 19:51 - 00000000 ____D C:\Users\Sławomir\AppData\Local\ElevatedDiagnostics 2016-05-10 19:18 - 2016-05-10 19:18 - 00000000 ____D C:\Users\Sławomir\AppData\Local\Avira_Operations_GmbH_&_C 2016-05-10 18:17 - 2016-05-10 18:17 - 00000000 ____D C:\Users\Sławomir\AppData\Roaming\Avira 2016-05-10 18:15 - 2016-05-10 18:15 - 00001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira Phantom VPN.lnk 2016-05-10 18:15 - 2016-05-10 18:15 - 00001066 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk 2016-05-10 18:14 - 2016-04-04 17:07 - 00146712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2016-05-10 18:14 - 2016-04-04 17:07 - 00128664 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2016-05-10 18:14 - 2016-04-04 17:07 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2016-05-10 18:14 - 2016-04-04 17:07 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2016-05-10 18:11 - 2016-05-25 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-05-10 18:11 - 2016-05-10 18:15 - 00000000 ____D C:\ProgramData\Avira 2016-05-10 18:11 - 2016-05-10 18:15 - 00000000 ____D C:\Program Files (x86)\Avira 2016-05-10 09:56 - 2016-05-10 10:04 - 00000065 _____ C:\Users\Sławomir\Desktop\Nowy dokument tekstowy.txt 2016-05-09 10:49 - 2016-05-09 23:05 - 00000000 ____D C:\Users\Sławomir\Desktop\PORTFOLIO behance 2016-05-09 10:46 - 2016-05-31 17:20 - 00000000 ____D C:\Users\Sławomir\AppData\LocalLow\Temp ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-05-31 17:27 - 2016-03-20 15:12 - 00000000 ____D C:\Users\Sławomir\Desktop\POBRANE 2016-05-31 17:27 - 2015-08-19 07:25 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4002679962-1221417142-4111111163-1001 2016-05-31 17:22 - 2015-11-06 22:05 - 00000000 ____D C:\Users\Sławomir\AppData\Local\Spotify 2016-05-31 17:22 - 2015-11-06 22:04 - 00000000 ____D C:\Users\Sławomir\AppData\Roaming\Spotify 2016-05-31 17:22 - 2015-10-19 21:11 - 00000000 ___RD C:\Users\Sławomir\Dropbox 2016-05-31 17:22 - 2015-08-23 20:15 - 00778240 ___SH C:\Users\Sławomir\Desktop\Thumbs.db 2016-05-31 17:22 - 2015-08-19 07:25 - 00000000 __RDO C:\Users\Sławomir\OneDrive 2016-05-31 17:21 - 2016-03-26 11:06 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-05-31 17:21 - 2015-10-19 20:50 - 00001166 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2016-05-31 17:21 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-05-31 17:16 - 2016-03-26 11:06 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-05-31 17:16 - 2015-08-19 07:18 - 00001190 _____ C:\Users\Sławomir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-05-31 17:09 - 2015-08-19 10:48 - 00000000 ____D C:\Users\Sławomir\AppData\Roaming\uTorrent 2016-05-31 16:56 - 2015-11-05 22:35 - 00000000 ____D C:\Users\Sławomir\Desktop\filmy 2016-05-31 16:55 - 2016-03-27 21:58 - 00000000 ____D C:\Users\Sławomir\AppData\LocalLow\uTorrent 2016-05-31 16:50 - 2015-08-19 07:17 - 00000000 ____D C:\Users\Sławomir 2016-05-31 16:50 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-05-31 16:50 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness 2016-05-31 16:48 - 2015-08-26 17:05 - 00000000 ____D C:\Users\Sławomir\AppData\Local\Adobe 2016-05-30 17:32 - 2015-10-11 18:33 - 00000000 ____D C:\Users\Sławomir\AppData\Roaming\Skype 2016-05-30 15:40 - 2015-08-19 11:17 - 00000000 ____D C:\Users\Sławomir\AppData\Roaming\vlc 2016-05-30 12:47 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\LiveKernelReports 2016-05-29 21:23 - 2016-03-26 11:14 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-05-29 20:41 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\System 2016-05-29 20:32 - 2016-03-26 11:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-05-29 20:32 - 2016-03-26 11:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-05-28 16:58 - 2015-09-02 15:18 - 00000000 ____D C:\Users\Sławomir\AppData\Local\CrashDumps 2016-05-28 16:48 - 2016-03-08 17:28 - 00000000 ____D C:\Windows\Minidump 2016-05-28 16:47 - 2016-03-08 17:28 - 2697467689 _____ C:\Windows\MEMORY.DMP 2016-05-28 16:03 - 2014-06-25 19:58 - 00000000 ____D C:\ProgramData\Package Cache 2016-05-28 15:06 - 2015-10-14 16:36 - 00135680 ___SH C:\Users\Sławomir\Downloads\Thumbs.db 2016-05-28 14:26 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2016-05-28 13:42 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp 2016-05-28 13:33 - 2013-08-22 16:44 - 05087224 _____ C:\Windows\system32\FNTCACHE.DAT 2016-05-28 08:41 - 2015-09-06 16:42 - 00000000 ____D C:\Users\Sławomir\Desktop\muzyka 2016-05-28 08:39 - 2015-09-01 20:38 - 00000000 ____D C:\Users\Sławomir\Desktop\erasmus 2016-05-27 10:43 - 2015-08-19 07:37 - 00000000 ____D C:\Users\Sławomir\AppData\Local\Google 2016-05-27 08:33 - 2014-04-30 20:39 - 00715852 _____ C:\Windows\system32\perfh01F.dat 2016-05-27 08:33 - 2014-04-30 20:39 - 00150496 _____ C:\Windows\system32\perfc01F.dat 2016-05-27 08:33 - 2014-04-30 20:00 - 00781366 _____ C:\Windows\system32\perfh019.dat 2016-05-27 08:33 - 2014-04-30 20:00 - 00161902 _____ C:\Windows\system32\perfc019.dat 2016-05-27 08:33 - 2014-04-30 19:36 - 00775938 _____ C:\Windows\system32\prfh0416.dat 2016-05-27 08:33 - 2014-04-30 19:36 - 00159030 _____ C:\Windows\system32\prfc0416.dat 2016-05-27 08:33 - 2014-04-30 19:27 - 00808198 _____ C:\Windows\system32\perfh015.dat 2016-05-27 08:33 - 2014-04-30 19:27 - 00164014 _____ C:\Windows\system32\perfc015.dat 2016-05-27 08:33 - 2014-04-30 19:19 - 00798450 _____ C:\Windows\system32\perfh013.dat 2016-05-27 08:33 - 2014-04-30 19:19 - 00162528 _____ C:\Windows\system32\perfc013.dat 2016-05-27 08:33 - 2014-04-30 18:54 - 00743600 _____ C:\Windows\system32\perfh00E.dat 2016-05-27 08:33 - 2014-04-30 18:54 - 00178186 _____ C:\Windows\system32\perfc00E.dat 2016-05-27 08:33 - 2014-04-30 18:39 - 00409156 _____ C:\Windows\system32\perfh00D.dat 2016-05-27 08:33 - 2014-04-30 18:39 - 00065162 _____ C:\Windows\system32\perfc00D.dat 2016-05-27 08:33 - 2014-04-30 18:31 - 00802432 _____ C:\Windows\system32\perfh00C.dat 2016-05-27 08:33 - 2014-04-30 18:31 - 00159382 _____ C:\Windows\system32\perfc00C.dat 2016-05-27 08:33 - 2014-04-30 18:23 - 00427404 _____ C:\Windows\system32\perfh00B.dat 2016-05-27 08:33 - 2014-04-30 18:23 - 00081986 _____ C:\Windows\system32\perfc00B.dat 2016-05-27 08:33 - 2014-04-30 18:02 - 00542830 _____ C:\Windows\system32\perfh008.dat 2016-05-27 08:33 - 2014-04-30 18:02 - 00089394 _____ C:\Windows\system32\perfc008.dat 2016-05-27 08:33 - 2014-03-18 12:03 - 09024378 _____ C:\Windows\system32\PerfStringBackup.INI 2016-05-27 08:33 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf 2016-05-26 19:41 - 2015-08-19 07:18 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2016-05-26 19:41 - 2015-08-19 07:18 - 00000000 ___SD C:\Windows\system32\GWX 2016-05-25 14:10 - 2015-08-19 07:18 - 00000000 ____D C:\Users\Sławomir\AppData\Roaming\Adobe 2016-05-24 12:14 - 2015-10-26 22:34 - 00000000 ____D C:\ProgramData\ASGVIS 2016-05-22 14:30 - 2016-03-17 12:54 - 00000000 ____D C:\Users\Sławomir\Desktop\rower 2016-05-19 11:12 - 2015-10-21 12:03 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-05-16 19:33 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache 2016-05-16 18:55 - 2014-06-25 19:52 - 00000000 ____D C:\ProgramData\Intel 2016-05-16 18:54 - 2014-06-25 19:58 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless 2016-05-16 18:54 - 2014-06-25 19:45 - 00000000 ____D C:\Program Files (x86)\Intel 2016-05-16 18:53 - 2014-06-25 19:47 - 00000000 ____D C:\Program Files\Intel 2016-05-16 18:48 - 2014-06-25 19:52 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-05-16 18:47 - 2014-06-25 19:55 - 00000000 ____D C:\ProgramData\Downloaded Installations 2016-05-16 18:26 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF 2016-05-15 09:30 - 2015-10-19 20:50 - 00000000 ____D C:\Program Files (x86)\Dropbox 2016-05-13 10:16 - 2016-03-26 11:06 - 00002231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-05-13 10:16 - 2016-03-26 11:06 - 00002219 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-05-13 10:15 - 2016-01-12 19:49 - 00000000 ____D C:\Windows\system32\appraiser 2016-05-12 21:43 - 2015-10-21 12:03 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2016-05-11 22:08 - 2013-08-22 17:38 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-05-11 22:08 - 2013-08-22 17:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-05-11 17:55 - 2016-01-05 13:29 - 00000000 ____D C:\Users\Sławomir\Desktop\dyplom magisterski 2016-05-11 13:11 - 2016-03-26 11:06 - 00004042 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-05-11 13:11 - 2016-03-26 11:06 - 00003806 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-05-11 09:07 - 2015-10-28 13:19 - 00000000 ____D C:\Windows\system32\MRT 2016-05-11 09:07 - 2014-04-30 18:58 - 00000000 ____D C:\Windows\system32\Drivers\lt-LT 2016-05-11 09:07 - 2014-04-30 18:15 - 00000000 ____D C:\Windows\system32\Drivers\et-EE 2016-05-11 09:07 - 2014-03-18 11:45 - 00000000 ____D C:\Program Files\Windows Journal 2016-05-11 09:07 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\lt-LT 2016-05-11 09:07 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\et-EE 2016-05-11 09:07 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\lt-LT 2016-05-11 09:07 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\et-EE 2016-05-11 09:02 - 2015-10-28 13:19 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-05-08 12:20 - 2015-11-02 15:02 - 00000000 ____D C:\Program Files (x86)\Steam ==================== Pliki w katalogu głównym wybranych folderów ======= 2016-05-31 16:48 - 2016-05-31 16:48 - 266040255 _____ () C:\Users\Sławomir\AppData\Local\ACCCx3_6_0_248.zip.aamdownload 2016-05-31 16:48 - 2016-05-31 16:48 - 0003014 _____ () C:\Users\Sławomir\AppData\Local\ACCCx3_6_0_248.zip.aamdownload.aamd 2016-03-14 15:47 - 2016-05-31 17:09 - 0001902 _____ () C:\ProgramData\hpzinstall.log 2015-09-07 14:04 - 2015-09-07 14:04 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc Niektóre pliki w TEMP: ==================== C:\Users\Sławomir\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-05-20 08:18 ==================== Koniec FRST.txt ============================