Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 04-11-2016 Uruchomiony przez Matii (administrator) MATEUSZ-PC (12-11-2016 08:05:43) Uruchomiony z C:\Users\Matii\Desktop Załadowane profile: Matii (Dostępne profile: Matii & Administrator) Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Opera) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe (Amazon Inc.) C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfwsa.exe (Distromatic) C:\Program Files (x86)\Amazon Browser Settings\AmznSearchProtect.exe (Auslogics) C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe (Distromatic) C:\Program Files (x86)\Amazon Browser Settings\updater.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe (SlimWare Utilities, Inc.) C:\Program Files\SlimService\SlimServiceFactory.exe (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe (SPAMfighter ApS) C:\Program Files (x86)\Fighters\FighterSuiteService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (Auslogics) D:\Program Files (x86)\Auslogics\Driver Updater\DriverUpdater.exe (Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe (Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe (Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe (Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe (Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\CleanPlus64.exe (Oracle Corporation) C:\Program Files\Java\jre1.8.0_111\bin\javaw.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [XeroxEndeavorBackgroundTask] => C:\Windows\system32\xrWCbgnd.dll [58368 2009-07-14] (Xerox Corporation) HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [218896 2016-09-13] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [218896 2016-09-13] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [1894824 2016-10-24] (QIHU 360 SOFTWARE CO. LIMITED) HKU\S-1-5-21-3711038172-3324225246-920108456-1007\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd) ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Mateusz\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] () ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Mateusz\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] () ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Mateusz\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] () ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Brak pliku ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Mateusz\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Mateusz\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Mateusz\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () GroupPolicy: Ograniczenia - Chrome <======= UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{49CA1132-7ACF-4642-A97C-D8EEC548519B}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{959CB288-6617-491B-A8A9-81E8EBD1E6D1}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131051309758420000&GUID=00000000-0000-0000-0000-000000000000 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131051309758640000&GUID=00000000-0000-0000-0000-000000000000 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-3711038172-3324225246-920108456-1007\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.amazon.com/gp/bit/amazonserp/ref=bit_bds-p17_serp_ie_us_display?ie=UTF8&tagbase=bds-p17&tbrId=v1_abb-channel-17_30671af4_1201_1403_20161108_PL_ie_sp_ SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\S-1-5-21-3711038172-3324225246-920108456-1007 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKU\S-1-5-21-3711038172-3324225246-920108456-1007 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKU\S-1-5-21-3711038172-3324225246-920108456-1007 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxps://www.amazon.com/gp/bit/amazonserp/ref=bit_bds-p17_serp_ie_us_display?ie=UTF8&tagbase=bds-p17&tbrId=v1_abb-channel-17_30671af4_1201_1403_20161108_PL_ie_ds_&tag=bds-p17-serp-us-ie-20&query={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-10-22] (Oracle Corporation) BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2016-09-28] (Qihu 360 Software Co., Ltd.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-22] (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-08] (Oracle Corporation) BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2016-10-24] (Qihu 360 Software Co., Ltd.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-08] (Oracle Corporation) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\SKYPE4~1.DLL [2016-02-01] (Skype Technologies) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: 0y3kxfzb.default FF ProfilePath: C:\Users\Matii\AppData\Roaming\Mozilla\Firefox\Profiles\0y3kxfzb.default [2016-11-11] FF Homepage: Mozilla\Firefox\Profiles\0y3kxfzb.default -> hxxp://www.wp.pl/?dp=20161107 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-18] () FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-22] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-22] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-18] () FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-08] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-08] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-06] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-06] (Google Inc.) FF Plugin-x32: @vividas.com/npVividasPlayer -> C:\Program Files (x86)\Vividas\Player\npVividasPlayer.dll [Brak pliku] Chrome: ======= CHR dev: Chrome dev build wykryto! <======= UWAGA CHR Profile: C:\Users\Matii\AppData\Local\Google\Chrome\User Data\Default [2016-11-11] CHR Extension: (Prezentacje Google) - C:\Users\Matii\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-18] CHR Extension: (Dokumenty Google) - C:\Users\Matii\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-18] CHR Extension: (Dysk Google) - C:\Users\Matii\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-18] CHR Extension: (YouTube) - C:\Users\Matii\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-18] CHR Extension: (Arkusze Google) - C:\Users\Matii\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-18] CHR Extension: (Dokumenty Google offline) - C:\Users\Matii\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-24] CHR Extension: (Skype) - C:\Users\Matii\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-11-10] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Matii\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-18] CHR Extension: (Gmail) - C:\Users\Matii\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-18] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01] StartMenuInternet: Google Chrome.66DOD76VHGQ7UCHSREKMMCYDCE - C:\Users\Mateusz\AppData\Local\Google\Chrome\Application\chrome.exe Opera: ======= StartMenuInternet: (HKLM) OperaNext - C:\Program Files (x86)\Opera Next\Launcher.exe ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 Amazon 1Button App Service; C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [436032 2016-02-17] (Amazon Inc.) S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-10-18] (AVAST Software) S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [647864 2016-10-13] (AVG Technologies CZ, s.r.o.) R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [2050040 2016-10-13] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5332384 2016-10-13] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1149712 2016-09-13] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [727512 2016-10-13] (AVG Technologies CZ, s.r.o.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1457160 2016-10-06] () S3 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation) S3 Common Toolkit 2; C:\Program Files (x86)\Common Files\Common Toolkit Suite\Tools\x64\CommonToolkit2.exe [358072 2016-04-13] (SPAMfighter ApS) S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [103176 2016-04-19] () S3 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [93408 2015-02-08] (Intel(R) Corporation) S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2013-03-02] () [Brak podpisu cyfrowego] S3 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2013-11-11] () S3 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [215128 2014-02-02] () R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [926632 2016-09-28] (QIHU 360 SOFTWARE CO. LIMITED) S3 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [8016240 2016-11-06] (Reimage®) R2 SlimService; C:\Program Files\SlimService\SlimServiceFactory.exe [252096 2016-10-25] (SlimWare Utilities, Inc.) R2 Suite Service; C:\Program Files (x86)\Fighters\FighterSuiteService.exe [1282592 2015-11-13] (SPAMfighter ApS) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [151784 2016-09-15] (360.cn) R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [86248 2016-09-28] (360.cn) R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [86248 2016-09-28] (360.cn) R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [330472 2016-09-28] (360.cn) S3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2016-09-15] (360.cn) R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [391392 2016-09-15] (360.cn) S3 3xHybr64; C:\Windows\System32\DRIVERS\3xHybr64.sys [1437952 2000-01-01] (NXP Semiconductors Germany GmbH) [Brak podpisu cyfrowego] S3 ALCATELUSB; C:\Windows\System32\Drivers\AlcatelUsb.sys [25088 2010-06-09] (Windows (R) Codename Longhorn DDK provider) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969560 2016-10-18] (AVAST Software) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.) R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [73480 2016-06-06] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [311552 2016-09-22] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272640 2016-07-27] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [265472 2016-09-20] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [299264 2016-07-27] (AVG Technologies CZ, s.r.o.) R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.) R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [188864 2016-09-15] (360.cn) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-02] (DT Soft Ltd) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-04-12] (REALiX(tm)) S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [123776 2013-06-18] (TCT International Mobile Ltd.) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-18] (Malwarebytes) R1 ndisrd; C:\Windows\System32\DRIVERS\ndisrfl.sys [41176 2014-10-30] (Intel Corporation) R3 NetTap60; C:\Windows\System32\DRIVERS\nettap60.sys [51416 2014-10-30] (Intel Corporation) S3 Ph3xIB64; C:\Windows\System32\DRIVERS\Ph3xIB64.sys [1627520 2009-06-10] (NXP Semiconductors) S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2016-11-09] (SlimWare Utilities, Inc.) R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2016-04-19] (Anchorfree Inc.) S3 aswHwid; \??\C:\Windows\system32\drivers\aswHwid.sys [X] S2 aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [X] S1 aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [X] S0 aswRvrt; system32\drivers\aswRvrt.sys [X] S1 aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [X] S2 aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [X] S0 aswVmm; system32\drivers\aswVmm.sys [X] S3 catchme; \??\C:\ComboFix\catchme.sys [X] S1 dewktpfi; \??\C:\Windows\system32\drivers\dewktpfi.sys [X] S4 NVHDA; system32\drivers\nvhda64v.sys [X] S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X] S3 VBAudioVACMME; system32\DRIVERS\vbaudio_cable64_win7.sys [X] S3 WinRing0_1_2_0; \??\D:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-11-12 07:54 - 2016-11-12 08:24 - 00020714 _____ C:\Users\Matii\Desktop\FRST.txt 2016-11-12 07:53 - 2016-11-12 07:54 - 00000000 ___DC C:\FRST 2016-11-12 07:51 - 2016-11-12 07:53 - 02410496 _____ (Farbar) C:\Users\Matii\Desktop\FRST64.exe 2016-11-11 23:25 - 2016-11-11 23:25 - 01017792 RSHOT (Auslogics) C:\Windows\SysWOW64\ActionCenterForms.dll 2016-11-11 23:05 - 2016-11-11 23:05 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2016-11-11 23:05 - 2016-11-11 23:05 - 00000000 ____D C:\Program Files\Realtek 2016-11-11 23:04 - 2013-11-05 19:47 - 03707864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2016-11-11 23:04 - 2013-11-05 18:54 - 38385664 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat 2016-11-11 23:04 - 2013-11-05 15:48 - 00681905 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2016-11-11 23:04 - 2013-11-04 19:26 - 00153304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2016-11-11 23:04 - 2013-11-04 11:11 - 02587864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll 2016-11-11 23:04 - 2013-10-28 17:29 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2016-11-11 23:04 - 2013-10-18 16:41 - 01286360 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2016-11-11 23:04 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2016-11-11 23:04 - 2013-10-09 20:12 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll 2016-11-11 23:04 - 2013-10-07 11:05 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2016-11-11 23:04 - 2013-10-02 17:10 - 00617176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2016-11-11 23:04 - 2013-09-09 15:32 - 05681192 _____ C:\Windows\system32\Drivers\rtvienna.dat 2016-11-11 23:04 - 2013-08-24 03:14 - 01014016 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll 2016-11-11 23:04 - 2013-08-24 03:14 - 00897792 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll 2016-11-11 23:04 - 2013-08-24 03:14 - 00722688 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll 2016-11-11 23:04 - 2013-08-24 03:14 - 00244480 _____ (TODO: ) C:\Windows\system32\slprp64.dll 2016-11-11 23:04 - 2013-06-25 12:47 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll 2016-11-11 23:04 - 2013-06-25 12:47 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll 2016-11-11 23:04 - 2013-06-25 12:46 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll 2016-11-11 23:04 - 2013-04-24 17:16 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2016-11-11 23:04 - 2012-01-30 11:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll 2016-11-11 23:04 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll 2016-11-11 23:04 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2016-11-11 23:04 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2016-11-11 23:04 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll 2016-11-11 23:04 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll 2016-11-11 23:04 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll 2016-11-11 23:04 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2016-11-11 23:04 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2016-11-11 23:04 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2016-11-11 23:04 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2016-11-11 23:04 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2016-11-11 23:04 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2016-11-11 23:04 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2016-11-11 23:04 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2016-11-11 23:04 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2016-11-11 23:04 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll 2016-11-11 23:04 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2016-11-11 23:04 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2016-11-11 23:04 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2016-11-11 23:04 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2016-11-11 23:03 - 2013-10-30 16:31 - 00929080 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll 2016-11-11 23:03 - 2013-10-25 10:49 - 05751576 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll 2016-11-11 23:03 - 2013-10-09 20:13 - 01921792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll 2016-11-11 23:03 - 2013-10-09 20:13 - 01345280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll 2016-11-11 23:03 - 2013-10-09 20:13 - 01286400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll 2016-11-11 23:03 - 2013-10-09 20:12 - 27644160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll 2016-11-11 23:03 - 2013-10-09 20:12 - 14152960 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll 2016-11-11 23:03 - 2013-10-09 20:12 - 03714304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll 2016-11-11 23:03 - 2013-10-09 20:12 - 02036992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll 2016-11-11 23:03 - 2013-10-09 20:12 - 01012992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll 2016-11-11 23:03 - 2013-08-14 16:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2016-11-11 23:03 - 2013-08-14 16:35 - 01084160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll 2016-11-11 23:03 - 2013-08-14 16:35 - 00907008 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll 2016-11-11 23:03 - 2013-08-14 16:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2016-11-11 23:03 - 2013-07-23 15:39 - 00790272 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll 2016-11-11 23:03 - 2013-04-03 14:13 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll 2016-11-11 23:03 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll 2016-11-11 23:03 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll 2016-11-11 23:03 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll 2016-11-11 23:03 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll 2016-11-11 23:03 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll 2016-11-11 23:03 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll 2016-11-11 23:03 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2016-11-11 23:02 - 2013-10-16 03:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2016-11-11 23:02 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2016-11-11 23:02 - 2013-10-07 00:26 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll 2016-11-11 23:02 - 2013-10-07 00:26 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll 2016-11-11 23:02 - 2013-10-07 00:26 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll 2016-11-11 23:02 - 2013-09-10 04:02 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll 2016-11-11 23:02 - 2013-09-10 04:02 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll 2016-11-11 23:02 - 2013-09-10 04:01 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll 2016-11-11 23:02 - 2013-09-10 04:01 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll 2016-11-11 23:02 - 2013-08-20 17:37 - 00605496 _____ C:\Windows\system32\audioLibVc.dll 2016-11-11 23:02 - 2013-08-05 18:11 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2016-11-11 23:02 - 2013-06-21 11:01 - 00109848 _____ C:\Windows\system32\AcpiServiceVnA64.dll 2016-11-11 23:02 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2016-11-11 23:02 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll 2016-11-11 23:02 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll 2016-11-11 23:02 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll 2016-11-11 23:02 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll 2016-11-11 23:02 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll 2016-11-11 23:02 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll 2016-11-11 23:02 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll 2016-11-11 23:02 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll 2016-11-11 23:02 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll 2016-11-11 23:02 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll 2016-11-11 23:02 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll 2016-11-11 23:02 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll 2016-11-11 22:49 - 2016-11-11 22:52 - 108956093 _____ (Realtek Semiconductor Corp.) C:\Users\Matii\Desktop\64bit_Win7_Win8_Win81_R273.exe 2016-11-11 20:49 - 2016-11-12 08:11 - 00000000 ____D C:\Users\Matii\AppData\Roaming\.minecraft 2016-11-11 20:43 - 2016-11-11 20:45 - 00000000 ____D C:\Program Files (x86)\BaisvikSoftware 2016-11-11 20:43 - 2016-11-11 20:43 - 00000000 ____D C:\Users\Matii\AppData\Roaming\BaisvikSoftware 2016-11-11 20:38 - 2016-11-11 20:45 - 00000000 ____D C:\ProgramData\BaisvikSoftware 2016-11-11 20:36 - 2016-11-11 20:36 - 00003182 _____ C:\Windows\System32\Tasks\{CAD9CF9A-CA62-4CF4-BF9A-2CB852CE9F74} 2016-11-11 20:16 - 2016-11-11 20:16 - 00000017 _____ C:\Users\Matii\AppData\Local\resmon.resmoncfg 2016-11-11 20:06 - 2016-11-11 20:06 - 00000000 ____D C:\Users\Matii\AppData\Local\DriverToolkit 2016-11-11 20:06 - 2016-11-11 20:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit 2016-11-11 19:57 - 2016-11-11 19:57 - 00000000 ____D C:\Program Files (x86)\Realtek AC97 2016-11-11 19:53 - 2016-11-11 19:53 - 00003126 _____ C:\Windows\System32\Tasks\{313E5556-87FA-4AF6-B496-7311E3F810E4} 2016-11-11 15:45 - 2016-11-11 18:28 - 00000000 __HDC C:\$WINDOWS.~BT 2016-11-11 12:52 - 2016-11-11 12:52 - 00000000 __HDC C:\$Windows.~WS 2016-11-11 12:08 - 2016-11-11 12:08 - 00003824 _____ C:\Windows\System32\Tasks\WarThunder3 2016-11-11 12:08 - 2016-11-11 12:08 - 00003824 _____ C:\Windows\System32\Tasks\WarThunder2 2016-11-11 12:08 - 2016-11-11 12:08 - 00003824 _____ C:\Windows\System32\Tasks\WarThunder1 2016-11-11 12:08 - 2016-11-11 12:08 - 00000000 ____D C:\Users\Matii\AppData\Roaming\WarThunder 2016-11-11 12:08 - 2016-11-11 12:08 - 00000000 ____D C:\Users\Matii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder 2016-11-11 11:58 - 2016-11-11 11:58 - 00000000 ____D C:\Users\Administrator\AppData\Local\Crashpad 2016-11-11 11:54 - 2009-04-14 15:44 - 00323104 _____ (Realtek Semiconductor Corp.) C:\Windows\AlcRmv64.exe 2016-11-11 11:54 - 2006-07-31 11:19 - 00475648 _____ (Realtek Semiconductor Corp.) C:\Windows\AlcUpd64.exe 2016-11-11 11:51 - 2016-11-11 11:51 - 00000000 ___HD C:\Users\Administrator\AppData\Roaming\GoldenGate 2016-11-11 11:51 - 2016-11-11 11:51 - 00000000 ___HD C:\Users\Administrator\AppData\Roaming\AliExpress_helper 2016-11-11 11:50 - 2016-11-12 07:50 - 00000274 _____ C:\Windows\Tasks\AliExpress_helper.job 2016-11-11 11:50 - 2016-11-11 11:51 - 00003234 _____ C:\Windows\System32\Tasks\AliExpress_helper 2016-11-11 11:50 - 2016-11-11 11:50 - 31126033 _____ C:\Users\Administrator\Downloads\6305_vista_win7_pg537(dobreprogramy.pl).zip 2016-11-11 11:50 - 2016-11-11 11:50 - 00001164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AliExpress.lnk 2016-11-11 11:49 - 2016-11-11 11:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AliExpress 2016-11-11 11:49 - 2016-11-11 11:49 - 00000000 ____D C:\Program Files (x86)\AliExpress 2016-11-11 11:38 - 2016-11-11 11:38 - 01442992 _____ ( ) C:\Users\Administrator\Desktop\Realtek-AC97-Audio-Codecs-21169-AsystentPobierania.exe 2016-11-10 21:58 - 2016-11-10 21:58 - 00008192 _____ C:\Windows\system32\config\userdiff 2016-11-10 21:19 - 2016-11-10 21:19 - 00000986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2016-11-10 19:37 - 2016-11-11 11:43 - 00000000 ____D C:\ProgramData\360TotalSecurity 2016-11-10 16:18 - 2016-11-11 17:48 - 00001890 _____ C:\Windows\diagwrn.xml 2016-11-10 16:18 - 2016-11-11 17:48 - 00001890 _____ C:\Windows\diagerr.xml 2016-11-10 14:42 - 2016-11-11 15:44 - 00000000 ___DC C:\ESD 2016-11-09 21:59 - 2016-11-09 21:54 - 18309328 _____ (Microsoft Corporation) C:\Users\Matii\Desktop\MediaCreationTool.exe 2016-11-09 21:54 - 2016-11-11 17:47 - 00000000 ____D C:\Windows\Panther 2016-11-09 20:55 - 2016-11-09 21:26 - 00000888 _____ C:\Users\Matii\Desktop\od gambola.txt 2016-11-09 19:48 - 2016-11-09 20:26 - 00003884 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1439814218 2016-11-09 17:36 - 2016-11-11 20:07 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task 2016-11-08 21:06 - 2016-11-08 21:06 - 00000000 ____D C:\Users\Matii\AppData\Local\Amazon Browser Settings 2016-11-08 21:05 - 2016-11-11 23:11 - 00004610 _____ C:\Windows\System32\Tasks\DistromaticSearchProtect-hourly 2016-11-08 21:05 - 2016-11-08 21:05 - 00004486 _____ C:\Windows\System32\Tasks\DistromaticUpdater-periodic 2016-11-08 21:05 - 2016-11-08 21:05 - 00004088 _____ C:\Windows\System32\Tasks\DistromaticSearchProtect-logon 2016-11-08 21:05 - 2016-11-08 21:05 - 00003962 _____ C:\Windows\System32\Tasks\DistromaticUpdater-logon 2016-11-08 21:05 - 2016-11-08 21:05 - 00000000 ____D C:\Program Files (x86)\Amazon Browser Settings 2016-11-08 21:04 - 2016-11-08 21:04 - 00000000 ____D C:\Program Files (x86)\Amazon 2016-11-08 20:54 - 2016-11-08 20:52 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2016-11-08 20:00 - 2016-11-08 20:00 - 00000000 _____ C:\Users\Matii\Desktop\Nowy dokument tekstowy.txt 2016-11-08 19:44 - 2016-11-08 19:48 - 00000000 ____D C:\ProgramData\BSD 2016-11-08 19:44 - 2016-11-08 19:45 - 00000000 ____D C:\ProgramData\Auslogics 2016-11-08 19:44 - 2016-11-08 19:44 - 00000000 ____D C:\Program Files (x86)\Auslogics 2016-11-08 19:43 - 2016-11-08 19:46 - 00000000 ____D C:\Windows\System32\Tasks\Auslogics 2016-11-08 19:42 - 2016-11-08 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics 2016-11-08 18:53 - 2016-11-11 22:55 - 00000000 ____D C:\Windows\system32\DAX2 2016-11-08 18:42 - 2016-11-11 22:55 - 00000000 ____D C:\Program Files (x86)\Realtek 2016-11-08 18:30 - 2016-11-08 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys 2016-11-08 18:24 - 2016-11-08 19:23 - 00004280 _____ C:\Windows\System32\Tasks\ReimageUpdater 2016-11-08 18:23 - 2016-11-08 18:24 - 00000000 ___DC C:\rei 2016-11-08 18:23 - 2016-11-08 18:24 - 00000000 ____D C:\ProgramData\Reimage Protector 2016-11-08 18:23 - 2016-11-08 18:24 - 00000000 ____D C:\Program Files\Reimage 2016-11-08 18:23 - 2016-11-08 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair 2016-11-08 18:22 - 2016-11-08 18:24 - 00000140 _____ C:\Windows\Reimage.ini 2016-11-08 17:51 - 2016-11-09 20:47 - 00002838 _____ C:\Windows\System32\Tasks\SlimDrivers Startup 2016-11-07 22:03 - 2000-01-01 01:00 - 00476672 _____ C:\Windows\nxpunist.exe 2016-11-07 22:03 - 2000-01-01 01:00 - 00003328 _____ C:\Windows\Polish.lng 2016-11-07 22:03 - 2000-01-01 01:00 - 00002915 _____ C:\Windows\TVNXPDrv.ini 2016-11-07 22:02 - 2016-11-07 22:02 - 00000000 ____D C:\Program Files (x86)\KWorld MultiMedia 2016-11-07 22:02 - 2000-01-01 01:00 - 01437952 _____ (NXP Semiconductors Germany GmbH) C:\Windows\system32\Drivers\3xHybr64.sys 2016-11-07 21:57 - 2000-01-01 01:00 - 00953344 _____ (NVIDIA Corporation) C:\Windows\system32\fdco2.dll 2016-11-07 21:57 - 2000-01-01 01:00 - 00403560 _____ (NVIDIA Corporation) C:\Windows\system32\nvraiins.dll 2016-11-07 21:57 - 2000-01-01 01:00 - 00403560 _____ (NVIDIA Corporation) C:\Windows\system32\nvraidco.dll 2016-11-07 21:57 - 2000-01-01 01:00 - 00349416 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvmf6264.sys 2016-11-07 21:57 - 2000-01-01 01:00 - 00244328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor64.sys 2016-11-07 21:57 - 2000-01-01 01:00 - 00229480 _____ (NVIDIA Corporation) C:\Windows\system32\nvconrm.dll 2016-11-07 21:57 - 2000-01-01 01:00 - 00019048 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoPtb.dll 2016-11-07 21:57 - 2000-01-01 01:00 - 00019048 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoIt.dll 2016-11-07 21:57 - 2000-01-01 01:00 - 00019048 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoFr.dll 2016-11-07 21:57 - 2000-01-01 01:00 - 00019048 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoEsm.dll 2016-11-07 21:57 - 2000-01-01 01:00 - 00019048 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoEs.dll 2016-11-07 21:57 - 2000-01-01 01:00 - 00019048 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoDe.dll 2016-11-07 21:57 - 2000-01-01 01:00 - 00018536 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoSv.dll 2016-11-07 21:57 - 2000-01-01 01:00 - 00018536 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoRu.dll 2016-11-07 21:57 - 2000-01-01 01:00 - 00018536 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoNo.dll 2016-11-07 21:57 - 2000-01-01 01:00 - 00018536 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoNl.dll 2016-11-07 21:57 - 2000-01-01 01:00 - 00018536 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoFi.dll 2016-11-07 21:57 - 2000-01-01 01:00 - 00018536 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoDa.dll 2016-11-07 21:57 - 2000-01-01 01:00 - 00018024 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoENU.dll 2016-11-07 21:57 - 2000-01-01 01:00 - 00018024 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoEng.dll 2016-11-07 21:57 - 2000-01-01 01:00 - 00016488 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoKo.dll 2016-11-07 21:57 - 2000-01-01 01:00 - 00016488 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoJa.dll 2016-11-07 21:57 - 2000-01-01 01:00 - 00015976 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoZht.dll 2016-11-07 21:57 - 2000-01-01 01:00 - 00015976 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoZhc.dll 2016-11-07 21:49 - 2016-11-07 21:49 - 00000000 ____H C:\ProgramData\DP45977C.lfl 2016-11-07 21:43 - 2016-11-11 23:06 - 00000000 ___HD C:\Program Files (x86)\Temp 2016-11-07 21:43 - 2015-05-27 17:38 - 02825944 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll 2016-11-07 21:25 - 2016-11-07 21:25 - 00000000 ____D C:\ProgramData\SlimWare Utilities, Inc 2016-11-07 21:21 - 2016-11-07 21:21 - 00000000 ____D C:\Users\Matii\AppData\Local\Downloaded Installers 2016-11-07 21:21 - 2016-11-07 21:21 - 00000000 ____D C:\ProgramData\SlimWare Utilities Inc 2016-11-07 21:21 - 2016-11-07 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner Plus 2016-11-07 21:21 - 2016-11-07 21:21 - 00000000 ____D C:\Program Files\SlimService 2016-11-07 21:20 - 2016-11-09 20:37 - 00016056 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys 2016-11-07 21:20 - 2016-11-07 22:10 - 00000000 ____D C:\Users\Matii\AppData\Local\SlimWare Utilities Inc 2016-11-07 21:20 - 2016-11-07 21:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers 2016-11-07 21:20 - 2016-11-07 21:20 - 00000000 ____D C:\Program Files (x86)\SlimDrivers 2016-11-07 21:19 - 2016-11-07 21:19 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers 2016-11-07 21:00 - 2016-11-07 21:00 - 00010113 _____ C:\Users\Matii\AppData\Local\recently-used.xbel 2016-11-07 17:08 - 2016-11-07 17:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7GIF 2016-11-07 15:23 - 2015-07-30 14:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2016-11-07 15:23 - 2015-07-30 14:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2016-11-05 07:49 - 2016-11-05 07:53 - 00000000 ____D C:\Users\Matii\AppData\LocalLow\Daybreak Game Company 2016-11-05 07:49 - 2016-11-05 07:49 - 00000000 ____D C:\Users\Matii\AppData\Local\SCE 2016-11-05 07:49 - 2016-11-05 07:49 - 00000000 ____D C:\Users\Matii\AppData\Local\Daybreak Game Company 2016-11-04 22:47 - 2016-11-04 22:48 - 00000000 ____D C:\ProgramData\Package Cache 2016-11-04 17:30 - 2016-11-04 17:34 - 00000000 ____D C:\Program Files\VB 2016-11-04 00:29 - 2016-11-04 00:33 - 00000000 ____D C:\Program Files\DVD Maker 2016-11-03 18:06 - 2016-11-03 18:06 - 00000222 _____ C:\Users\Matii\Desktop\H1Z1 King of the Kill.url 2016-11-03 15:26 - 2016-11-10 22:31 - 00405976 _____ C:\Windows\system32\FNTCACHE.DAT 2016-11-03 14:21 - 2016-11-10 22:34 - 00107264 _____ C:\Users\Matii\AppData\Local\GDIPFONTCACHEV1.DAT 2016-10-23 12:29 - 2016-10-23 12:29 - 00009992 ____N C:\bootsqm.dat 2016-10-23 12:27 - 2016-10-23 12:27 - 00000000 __SHD C:\found.000 2016-10-22 07:20 - 2016-10-22 07:20 - 00007036 _____ C:\Users\Matii\Desktop\AntiCheatPackDownloader.jar 2016-10-22 07:13 - 2016-10-22 07:10 - 00110144 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll 2016-10-22 07:11 - 2016-10-22 07:11 - 00000000 ____D C:\Users\Matii\AppData\Roaming\Sun 2016-10-22 07:11 - 2016-10-22 07:11 - 00000000 ____D C:\Users\Matii\AppData\LocalLow\Sun 2016-10-22 07:10 - 2016-10-22 07:10 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2016-10-19 14:15 - 2016-11-07 17:07 - 00000000 ____D C:\Users\Matii\AppData\Local\gtk-2.0 2016-10-19 14:10 - 2016-10-19 14:10 - 00000000 ____D C:\Users\Matii\.thumbnails 2016-10-18 18:38 - 2016-11-07 21:01 - 00000000 ____D C:\Users\Matii\.gimp-2.8 2016-10-18 18:38 - 2016-10-18 18:38 - 00000000 ____D C:\Users\Matii\AppData\Local\gegl-0.2 2016-10-18 18:38 - 2016-10-18 18:38 - 00000000 ____D C:\Users\Matii\AppData\Local\fontconfig 2016-10-18 18:33 - 2016-10-18 18:33 - 00001931 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2016-10-18 18:33 - 2016-10-18 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2016-10-18 18:33 - 2016-10-18 18:23 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2016-10-18 18:29 - 2016-10-18 18:23 - 00969560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2016-10-18 18:28 - 2016-10-18 18:28 - 00000000 ____D C:\ProgramData\ByteFence 2016-10-18 18:26 - 2016-10-18 18:27 - 00303682 ____C C:\unp305503723406480888.mdmp 2016-10-18 18:25 - 2016-10-18 18:23 - 00391496 _____ (AVAST Software) C:\Windows\system32\asw70A1.tmp 2016-10-18 18:24 - 2016-10-18 18:31 - 00000000 ____D C:\Program Files\GIMP 2 2016-10-18 18:23 - 2016-10-18 18:23 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr 2016-10-18 18:17 - 2016-10-18 18:17 - 00000000 ____D C:\Program Files\AVAST Software 2016-10-18 18:16 - 2016-10-30 10:29 - 00000000 ____D C:\Program Files\ByteFence 2016-10-18 18:15 - 2016-10-18 18:15 - 00000000 ____D C:\Users\Matii\AppData\Roaming\OGame 2016-10-18 18:15 - 2016-10-18 18:15 - 00000000 ____D C:\Users\Matii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OGame 2016-10-18 18:12 - 2016-10-18 18:12 - 01180376 _____ ( ) C:\Users\Matii\GIMP-13219-dp.exe ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-11-12 08:19 - 2016-04-18 15:35 - 00000000 ____D C:\Users\Matii\AppData\Roaming\TS3Client 2016-11-12 07:58 - 2016-09-18 12:21 - 00000000 ____D C:\Users\Matii\AppData\LocalLow\360WD 2016-11-12 07:52 - 2016-09-21 16:18 - 00000000 ____D C:\ProgramData\MFAData 2016-11-12 07:45 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-11-11 23:08 - 2009-07-14 05:45 - 00031664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-11-11 23:08 - 2009-07-14 05:45 - 00031664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-11-11 23:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-11-11 21:30 - 2009-07-14 03:34 - 00000552 _____ C:\Windows\win.ini 2016-11-11 17:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration 2016-11-11 16:35 - 2016-07-27 15:34 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-11-11 12:36 - 2016-09-18 12:21 - 00000000 _RSHD C:\360SANDBOX 2016-11-11 11:54 - 2016-09-29 19:58 - 00000000 ____D C:\Users\Administrator\AppData\LocalLow\360WD 2016-11-11 11:54 - 2013-03-02 18:10 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-11-10 17:21 - 2016-09-10 06:39 - 00000000 ____D C:\Users\Matii\AppData\Local\SHU 2016-11-10 15:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PLA 2016-11-10 15:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\IME 2016-11-10 14:53 - 2016-04-18 14:37 - 00000000 ____D C:\Users\Matii\AppData\Local\Google 2016-11-09 22:05 - 2016-05-03 10:58 - 00000000 ____D C:\Users\Matii\Desktop\pliki 2016-11-09 22:05 - 2014-03-26 16:32 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-11-09 20:47 - 2016-09-18 12:22 - 00000000 ____D C:\Windows\Tasks\360Disabled 2016-11-09 20:27 - 2015-08-17 13:23 - 00000000 ____D C:\Program Files (x86)\Opera 2016-11-09 19:34 - 2016-04-18 14:36 - 00000000 ____D C:\Users\Matii 2016-11-09 18:45 - 2013-03-02 17:35 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-11-09 18:44 - 2013-03-02 17:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-11-09 18:44 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help 2016-11-08 21:51 - 2013-03-02 17:36 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-11-08 21:51 - 2013-03-02 17:36 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2016-11-08 20:58 - 2016-07-27 15:34 - 00000000 ____D C:\Users\Matii\AppData\Roaming\TeamViewer 2016-11-08 20:54 - 2015-07-07 09:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-11-08 20:49 - 2013-06-28 14:08 - 00000000 ____D C:\Program Files (x86)\Java 2016-11-08 17:15 - 2016-08-05 18:30 - 00000000 ____D C:\Users\Matii\AppData\Local\ElevatedDiagnostics 2016-11-07 21:13 - 2016-04-18 14:37 - 00000000 ____D C:\Users\Matii\AppData\Local\Avg 2016-11-07 21:13 - 2015-08-17 15:09 - 00000000 ____D C:\Program Files\Common Files\AV 2016-11-07 21:12 - 2016-03-27 15:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2016-11-07 21:08 - 2016-04-18 14:43 - 00000000 ____D C:\Users\Matii\AppData\Local\AvgSetupLog 2016-11-07 20:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2016-11-03 20:39 - 2016-09-22 14:54 - 02283808 _____ C:\Users\Matii\Desktop\hasla i ajpiki.txt 2016-11-03 18:06 - 2016-09-22 16:39 - 00000000 ____D C:\Users\Matii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2016-11-03 13:53 - 2016-01-03 12:44 - 00001268 __RSH C:\ProgramData\ntuser.pol 2016-10-30 10:27 - 2016-09-03 08:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-10-22 07:38 - 2016-09-18 12:34 - 00000000 __SHD C:\$360Section 2016-10-22 07:09 - 2014-07-13 12:47 - 00000000 ____D C:\Program Files\Java 2016-10-17 07:44 - 2016-08-10 16:59 - 00000675 _____ C:\Users\Matii\Desktop\pasy.txt ==================== Pliki w katalogu głównym wybranych folderów ======= 2016-11-07 21:00 - 2016-11-07 21:00 - 0010113 _____ () C:\Users\Matii\AppData\Local\recently-used.xbel 2016-11-11 20:16 - 2016-11-11 20:16 - 0000017 _____ () C:\Users\Matii\AppData\Local\resmon.resmoncfg 2016-11-07 21:49 - 2016-11-07 21:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2016-09-29 12:32 - 2016-09-29 12:32 - 0000016 _____ () C:\ProgramData\mntemp Pliki do przeniesienia lub usunięcia: ==================== C:\Users\Matii\GIMP-13219-dp.exe ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-11-03 16:16 ==================== Koniec FRST.txt ============================