Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 29-01-2017 Uruchomiony przez Win7 (administrator) WIN7-KOMPUTER (05-02-2017 12:48:49) Uruchomiony z C:\Users\Win7\Desktop\Programy\Programy do usuwania robaków jak ru Załadowane profile: Win7 (Dostępne profile: Win7) Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 8 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AMD) C:\Windows\System32\atiesrxx.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\ASTSRV.EXE (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe (SafeNet Inc.) C:\Windows\System32\hasplms.exe (Hi-Rez Studios) D:\Gry\Hi-Rez Studios\HiPatchService.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe () C:\Windows\System32\PnkBstrA.exe (arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (DT Soft Ltd) C:\Program Files (x86)\Daemon Tools Pro\DTShellHlp.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12459112 2012-03-27] (Realtek Semiconductor) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5618456 2013-09-12] (ESET) HKLM\...\Run: [BCSSync] => D:\Programy\Microsoft\Office 2010\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard) HKLM-x32\...\Run: [Andy] => C:\Program Files\Andy\HandyAndy.exe HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-06-01] (Plays.tv, LLC) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation) HKU\S-1-5-21-1706106373-1807487178-1385189351-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1706106373-1807487178-1385189351-1000\...\Run: [Opos] => [X] HKU\S-1-5-21-1706106373-1807487178-1385189351-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\Win7\AppData\Local\Akamai\netsession_win.exe" HKU\S-1-5-21-1706106373-1807487178-1385189351-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\Daemon Tools Pro\DTAgent.exe [3035968 2012-02-02] (DT Soft Ltd) HKU\S-1-5-21-1706106373-1807487178-1385189351-1000\...\Run: [OfficeSyncProcess] => D:\Programy\Microsoft\Office 2010\Office14\MSOSYNC.EXE [908160 2010-03-16] (Microsoft Corporation) HKU\S-1-5-21-1706106373-1807487178-1385189351-1000\...\Run: [Opencl] => "C:\Users\Win7\AppData\Roaming\Opencl\nircmd.exe" exec hide "C:\Users\Win7\AppData\Roaming\Opencl\start.bat" HKU\S-1-5-21-1706106373-1807487178-1385189351-1000\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe HKU\S-1-5-21-1706106373-1807487178-1385189351-1000\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [19256832 2016-07-18] () HKU\S-1-5-21-1706106373-1807487178-1385189351-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd) HKU\S-1-5-21-1706106373-1807487178-1385189351-1000\...\Run: [GoogleChromeAutoLaunch_97F6DB1979184FEB69629C32DFCD380A] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1116504 2017-02-01] (Google Inc.) HKU\S-1-5-21-1706106373-1807487178-1385189351-1000\...\MountPoints2: {2dc842ea-5ade-11e4-b283-1c6f65bae75e} - J:\AutoRun.exe HKU\S-1-5-21-1706106373-1807487178-1385189351-1000\...\MountPoints2: {2f4a96f6-65dc-11e5-a5ac-1c6f65bae75e} - J:\LGAutoRun.exe HKU\S-1-5-21-1706106373-1807487178-1385189351-1000\...\MountPoints2: {43f121c9-466b-11e6-8d2a-1c6f65bae75e} - J:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-1706106373-1807487178-1385189351-1000\...\MountPoints2: {dddb5bb6-0e28-11e6-9959-1c6f65bae75e} - J:\autorun.exe ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => D:\Programy\Microsoft\Office 2010\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => D:\Programy\Microsoft\Office 2010\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => D:\Programy\Microsoft\Office 2010\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => D:\Programy\Microsoft\Office 2010\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => D:\Programy\Microsoft\Office 2010\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{0802DC5B-D4C1-4BD0-9358-1A4C33DC9414}: [DhcpNameServer] 7.254.254.254 Tcpip\..\Interfaces\{E873DA5E-3E46-4F95-A37F-8CA13079D13E}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{FDA41182-4726-4864-B829-B5A3FC8000DD}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKU\S-1-5-21-1706106373-1807487178-1385189351-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Programy\Microsoft\Office 2010\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Programy\Microsoft\Office 2010\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-30] (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-30] (Oracle Corporation) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\mve5vpfr.default [2017-02-05] FF Extension: (EPUBReader) - C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\mve5vpfr.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2017-02-05] FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: (ESET Smart Security Extension) - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013-11-07] [Brak podpisu cyfrowego] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-12-04] [Brak podpisu cyfrowego] FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF HKU\S-1-5-21-1706106373-1807487178-1385189351-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-10] () FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [Brak pliku] FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll [2013-01-24] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> D:\Programy\MICROS~1\OFFICE~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\Programy\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] () FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [Brak pliku] FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB) FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-30] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-30] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll [2013-01-24] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2014-04-04] (Nexon) FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-05] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-05] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1706106373-1807487178-1385189351-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Win7\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-1706106373-1807487178-1385189351-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Win7\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-1706106373-1807487178-1385189351-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-12-16] () Chrome: ======= CHR HomePage: Default -> file:///F:/FotyLisa CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.google.pl/" CHR Profile: C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default [2017-02-05] CHR Extension: (Prezentacje Google) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-05] CHR Extension: (Magic Actions for YouTube™) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2017-02-05] CHR Extension: (HD for YouTube™) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjbfncbadcmnkopckegnmjgihagponf [2017-02-05] CHR Extension: (Theme Creator) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc [2017-02-05] CHR Extension: (Dokumenty Google) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-05] CHR Extension: (Dysk Google) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-05] CHR Extension: (Turn Off the Lights) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2017-02-05] CHR Extension: (YouTube) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-05] CHR Extension: (Adblock Plus) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-02-05] CHR Extension: (Arkusze Google) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-05] CHR Extension: (Dokumenty Google offline) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-05] CHR Extension: (AdBlock) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-05] CHR Extension: (Better Battlelog (BBLog)) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjlfnjepjdmlppapoikepbaabbghofma [2017-02-05] CHR Extension: (SoundCloud mp3 Download) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlinbfdlnkjpimeeeeodegeibkkekboe [2017-02-05] CHR Extension: (Twitch Now) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2017-02-05] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-05] CHR Extension: (Mój motyw Chrome) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2017-02-05] CHR Extension: (Oddshot) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnoeeagkgpkplnhmnnlgodjnjgckhja [2017-02-05] CHR Extension: (Click&Clean App) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2017-02-05] CHR Extension: (Gmail) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-05] CHR Extension: (Chrome Media Router) - C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-05] CHR Extension: (ThemeBeta.com) - F:\FotyLisa\Przeróbki\Tło Chrome\MyTheme [2017-02-05] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] R2 ASTSRV; C:\Windows\SysWOW64\ASTSRV.EXE [57344 2008-05-19] (Nalpeiron Ltd.) [Brak podpisu cyfrowego] R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1337752 2013-09-12] (ESET) R2 hasplms; C:\Windows\system32\hasplms.exe [3750400 2009-12-16] (SafeNet Inc.) R2 HiPatchService; D:\Gry\Hi-Rez Studios\HiPatchService.exe [9216 2015-03-12] (Hi-Rez Studios) [Brak podpisu cyfrowego] R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Brak podpisu cyfrowego] R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Brak podpisu cyfrowego] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Brak podpisu cyfrowego] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes) S3 Microsoft SharePoint Workspace Audit Service; D:\Programy\Microsoft\Office 2010\Office14\GROOVE.EXE [51456888 2010-03-25] (Microsoft Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Brak podpisu cyfrowego] S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2121736 2017-01-30] (Electronic Arts) S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2183696 2017-01-30] (Electronic Arts) S3 OverwolfUpdater; D:\Programy\Overwolf\OverwolfUpdater.exe [1318128 2017-01-23] (Overwolf LTD) R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-06-01] (Plays.tv, LLC) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Brak podpisu cyfrowego] R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-11-25] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-09-18] () R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Brak podpisu cyfrowego] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) S3 TunngleService; F:\Program Files\Tunngle\Tunngle\TnglCtrl.exe [X] ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2015-01-26] (LG Electronics Inc.) S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2015-01-26] (LG Electronics Inc.) R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices) R1 cdrblock; C:\Windows\System32\DRIVERS\cdrblock.sys [34360 2008-05-30] (Canopus Co,. Ltd.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-11-07] (DT Soft Ltd) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET) U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77416 2017-01-20] () R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [176584 2017-02-04] (Malwarebytes) R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [110536 2017-02-05] (Malwarebytes) R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-02-05] (Malwarebytes) R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [251848 2017-02-05] (Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [81696 2017-02-05] (Malwarebytes) R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net) S3 VBAudioVACMME; C:\Windows\System32\DRIVERS\vbaudio_cable64_win7.sys [41192 2013-07-11] (Windows (R) Win 7 DDK provider) R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation) S3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex) S3 WinRing0_1_2_0; D:\Programy\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org) R1 XQHDrv; C:\Windows\System32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation) R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation) S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X] S4 NVHDA; system32\drivers\nvhda64v.sys [X] S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X] S3 NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [X] S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X] U0 Partizan; system32\drivers\Partizan.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-02-05 11:47 - 2017-02-05 11:47 - 00012422 _____ C:\Users\Win7\Desktop\JRT.txt 2017-02-05 10:44 - 2017-02-05 10:44 - 00042598 _____ C:\Users\Win7\Documents\cc_20170205_104359.reg 2017-02-05 10:31 - 2017-02-05 10:32 - 00000000 ____D C:\Program Files\CCleaner 2017-02-05 10:31 - 2017-02-05 10:31 - 00002798 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2017-02-05 10:31 - 2017-02-05 10:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2017-02-05 10:29 - 2017-02-05 10:30 - 08845344 _____ (Piriform Ltd) C:\Users\Win7\Downloads\ccsetup526pro.exe 2017-02-05 01:08 - 2017-02-05 01:08 - 00004960 _____ C:\Users\Win7\Downloads\Fixlog.txt 2017-02-05 01:05 - 2017-02-05 01:07 - 00004610 _____ C:\Users\Win7\Downloads\fixlist.txt 2017-02-05 00:58 - 2017-02-05 00:58 - 00002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-02-05 00:58 - 2017-02-05 00:58 - 00002271 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-02-05 00:54 - 2017-02-05 00:54 - 01129376 _____ (Google Inc.) C:\Users\Win7\Downloads\ChromeSetup.exe 2017-02-05 00:54 - 2017-02-05 00:54 - 00003480 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2017-02-05 00:45 - 2017-02-05 00:45 - 00001157 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2017-02-05 00:29 - 2017-02-05 00:30 - 04015056 _____ C:\Users\Win7\Downloads\adwcleaner_6.043 (1).exe 2017-02-05 00:15 - 2017-02-05 00:16 - 00000000 ____D C:\Users\Win7\Documents\RegRun2 2017-02-05 00:15 - 2017-02-05 00:15 - 00000002 RSHOT C:\Windows\winstart.bat 2017-02-05 00:15 - 2017-02-05 00:15 - 00000002 RSHOT C:\Windows\SysWOW64\CONFIG.NT 2017-02-05 00:15 - 2017-02-05 00:15 - 00000002 RSHOT C:\Windows\SysWOW64\AUTOEXEC.NT 2017-02-05 00:06 - 2017-02-05 00:07 - 18578896 _____ C:\Users\Win7\Downloads\unhackme.zip 2017-02-04 21:47 - 2017-02-05 12:33 - 00081696 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2017-02-04 21:47 - 2017-02-05 10:20 - 00110536 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2017-02-04 21:47 - 2017-02-05 10:19 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2017-02-04 21:47 - 2017-02-04 21:47 - 00176584 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys 2017-02-04 21:46 - 2017-02-05 10:19 - 00251848 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-02-04 21:46 - 2017-02-04 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-02-04 21:46 - 2017-02-04 21:46 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-02-04 21:46 - 2017-02-04 21:46 - 00000000 ____D C:\Program Files\Malwarebytes 2017-02-04 21:46 - 2017-01-20 07:47 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys 2017-02-04 21:42 - 2017-02-04 21:46 - 55566792 _____ (Malwarebytes ) C:\Users\Win7\Downloads\mb3-setup-consumer-3.0.6.1469.exe 2017-02-04 21:31 - 2017-02-04 21:32 - 00122445 _____ C:\Users\Win7\Downloads\Addition.txt 2017-02-04 21:30 - 2017-02-04 21:32 - 00053127 _____ C:\Users\Win7\Downloads\FRST.txt 2017-02-04 21:29 - 2017-02-05 01:08 - 00000000 ____D C:\FRST 2017-02-04 21:28 - 2017-02-04 21:28 - 01762816 _____ (Farbar) C:\Users\Win7\Downloads\FRST.exe 2017-02-04 20:07 - 2017-02-05 11:31 - 00000000 ____D C:\AdwCleaner 2017-02-04 19:44 - 2017-02-04 20:15 - 00001847 _____ C:\Users\Win7\Desktop\fm-AMD Phenom II X4 945 — skrót.lnk 2017-02-04 19:36 - 2017-02-04 19:42 - 50244773 _____ C:\Users\Win7\Downloads\fm-AMD Phenom II X4 945.rar 2017-02-04 19:26 - 2017-02-04 19:26 - 00000000 ____D C:\Users\Win7\Documents\Sports Interactive 2017-02-04 19:26 - 2017-02-04 19:26 - 00000000 ____D C:\Users\Win7\AppData\Local\Sports Interactive 2017-02-04 19:26 - 2017-02-04 19:26 - 00000000 ____D C:\Users\Public\Documents\Sports Interactive 2017-02-04 19:12 - 2017-02-04 19:24 - 97652532 _____ C:\Users\Win7\Downloads\Football Manager 2017 32 (1).7z 2017-02-04 18:56 - 2017-02-04 18:56 - 00019556 _____ C:\Users\Win7\Downloads\lates22-100000.txt 2017-02-04 18:50 - 2017-02-04 18:57 - 18204383 _____ C:\Users\Win7\Downloads\Football Manager 2017 32.7z 2017-02-04 18:36 - 2017-02-04 18:46 - 49046903 _____ C:\Users\Win7\Downloads\FOOTBALL MANGER 2017 32- MKDEV TEAM.rar 2017-02-04 18:35 - 2017-02-04 18:46 - 43996376 _____ C:\Users\Win7\Downloads\fm_LAPTOP32.7z 2017-02-04 18:26 - 2017-02-04 18:26 - 00003632 _____ C:\Windows\System32\Tasks\httpgdslkeee1rurupowersm 2017-02-04 18:08 - 2017-02-04 18:16 - 49112334 _____ C:\Users\Win7\Downloads\FM.17.Crack.Only.V1-MKDEV (dla procesora intel).rar 2017-02-04 17:58 - 2017-02-04 17:58 - 00000000 ____D C:\Users\Win7\AppData\Local\ali213GameLauncher 2017-02-04 14:02 - 2017-02-04 14:26 - 31497699 _____ C:\Users\Win7\Downloads\Fifa 17 .rar 2017-02-04 13:58 - 2017-02-04 13:58 - 00018359 _____ C:\Users\Win7\Downloads\Football.Manager.2017-ALI213.torrent 2017-02-02 17:11 - 2017-02-02 17:11 - 00315624 _____ (Microsoft Corporation) C:\Users\Win7\Downloads\dxwebsetup.exe 2017-02-02 17:10 - 2017-02-02 17:10 - 00000000 ____D C:\Users\Win7\AppData\Roaming\Riot Games 2017-02-02 17:08 - 2017-02-02 17:10 - 31876824 _____ (Riot Games) C:\Users\Win7\Downloads\LeagueofLegends_EUW_Installer_2016_11_10.exe 2017-02-02 17:00 - 2017-02-02 17:00 - 00000000 ____D C:\Program Files\AMD 2017-02-02 16:59 - 2017-02-02 17:00 - 00000000 ____D C:\AMD 2017-02-02 16:55 - 2017-02-02 16:58 - 56487840 _____ (AMD Inc.) C:\Users\Win7\Downloads\radeon-crimson-relive-17.1.2-minimalsetup-170130_web.exe 2017-02-01 20:18 - 2017-02-01 20:23 - 47790112 _____ C:\Users\Win7\Downloads\Championify-WIN-2.0.2.zip 2017-01-31 06:25 - 2017-01-31 06:25 - 00000000 ____D C:\Users\Win7\AppData\Local\Arktos Entertainment 2017-01-31 06:22 - 2017-01-31 06:22 - 00000000 ____D C:\Users\Win7\Documents\FredaikisAB 2017-01-31 06:22 - 2017-01-31 06:22 - 00000000 ____D C:\Users\Win7\AppData\Local\FredaikisAB 2017-01-30 23:28 - 2017-01-30 23:28 - 00007606 _____ C:\Users\Win7\AppData\Local\Resmon.ResmonCfg 2017-01-30 19:13 - 2017-01-30 19:13 - 00191309 _____ C:\Users\Win7\Downloads\Icon 512.rar 2017-01-30 16:36 - 2017-01-30 16:36 - 04121760 _____ (Husdawg, LLC) C:\Users\Win7\Downloads\Detection (2).exe 2017-01-30 16:30 - 2017-01-30 16:30 - 00000216 _____ C:\Users\Win7\Desktop\Infestation The New Z.url 2017-01-30 15:36 - 2017-01-30 15:36 - 00066867 _____ C:\Users\Win7\Downloads\shexview.zip 2017-01-30 15:35 - 2017-01-30 15:35 - 00002776 _____ C:\Users\Win7\Downloads\shexview_polish.zip 2017-01-30 15:01 - 2017-01-30 15:01 - 00000000 ____D C:\Users\Win7\AppData\Roaming\ATI 2017-01-30 15:01 - 2017-01-30 15:01 - 00000000 ____D C:\Users\Win7\AppData\Local\ATI 2017-01-30 15:01 - 2017-01-30 15:01 - 00000000 ____D C:\Users\Win7\AppData\Local\AMD 2017-01-30 15:01 - 2017-01-30 15:01 - 00000000 ____D C:\ProgramData\ATI 2017-01-30 15:00 - 2017-01-30 15:00 - 00000000 _____ C:\Windows\ativpsrm.bin 2017-01-30 14:59 - 2017-01-30 14:59 - 00000000 ____D C:\Program Files (x86)\AMD APP 2017-01-30 14:58 - 2017-01-30 14:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center 2017-01-30 14:58 - 2017-01-30 14:58 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies 2017-01-30 14:53 - 2017-01-30 14:53 - 00000000 ____D C:\ProgramData\AMD 2017-01-30 14:53 - 2012-07-28 04:43 - 00070144 _____ (AMD) C:\Windows\system32\coinst_8.982.dll 2017-01-30 14:53 - 2012-07-28 03:17 - 00268728 _____ C:\Windows\SysWOW64\atiapfxx.blb 2017-01-30 14:53 - 2012-07-28 03:17 - 00268728 _____ C:\Windows\system32\atiapfxx.blb 2017-01-30 14:53 - 2012-07-28 03:10 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIDEMGX.dll 2017-01-30 14:53 - 2012-07-28 02:39 - 00204952 _____ C:\Windows\SysWOW64\ativvsvl.dat 2017-01-30 14:53 - 2012-07-28 02:39 - 00204952 _____ C:\Windows\system32\ativvsvl.dat 2017-01-30 14:53 - 2012-07-28 02:39 - 00157144 _____ C:\Windows\SysWOW64\ativvsva.dat 2017-01-30 14:53 - 2012-07-28 02:39 - 00157144 _____ C:\Windows\system32\ativvsva.dat 2017-01-30 14:53 - 2012-07-16 10:33 - 00038557 _____ C:\Windows\atiogl.xml 2017-01-30 14:53 - 2012-05-14 07:12 - 00096896 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys 2017-01-30 14:53 - 2011-09-12 23:06 - 00003917 _____ C:\Windows\SysWOW64\atipblag.dat 2017-01-30 14:53 - 2011-09-12 23:06 - 00003917 _____ C:\Windows\system32\atipblag.dat 2017-01-30 14:53 - 2010-02-18 09:18 - 00046136 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdiox64.sys 2017-01-30 14:49 - 2017-01-30 14:49 - 00000000 ____D C:\Program Files (x86)\ATI Technologies 2017-01-30 14:47 - 2017-01-30 14:57 - 00000000 ____D C:\Program Files\ATI Technologies 2017-01-30 14:47 - 2017-01-30 14:47 - 00000000 ____D C:\Program Files\ATI 2017-01-26 14:48 - 2017-01-26 14:51 - 04121824 _____ (Husdawg, LLC) C:\Users\Win7\Downloads\Detection (1).exe 2017-01-20 19:54 - 2013-12-10 03:15 - 00982232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2017-01-20 19:54 - 2013-12-10 03:14 - 01100248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2017-01-20 19:51 - 2017-01-30 16:06 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-01-20 19:38 - 2017-01-20 19:39 - 01094066 _____ C:\Users\Win7\Downloads\DDUv96-[Guru3D.com].exe 2017-01-20 18:30 - 2017-01-20 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys 2017-01-20 18:30 - 2017-01-20 18:30 - 00000000 ____D C:\Program Files (x86)\Lavalys 2017-01-20 18:29 - 2017-01-20 18:30 - 04179293 _____ (Lavalys, Inc. ) C:\Users\Win7\Downloads\everesthome220(dobreprogramy.pl).exe 2017-01-20 17:57 - 2017-01-20 17:57 - 00000000 ____D C:\Temp 2017-01-19 23:56 - 2017-01-19 23:57 - 05161984 _____ C:\Users\Win7\Downloads\WindowsDefender.msi 2017-01-19 22:09 - 2017-01-19 22:09 - 00003294 _____ C:\Windows\System32\Tasks\SidebarExecute 2017-01-19 22:08 - 2017-01-19 22:08 - 00073196 _____ C:\Users\Win7\Downloads\nvidia.zip 2017-01-18 22:51 - 2017-01-18 23:11 - 387532560 _____ (NVIDIA Corporation) C:\Users\Win7\Downloads\376.33-desktop-win8-win7-64bit-international-whql.exe 2017-01-15 21:43 - 2017-01-15 21:44 - 01396559 _____ C:\Users\Win7\Downloads\Logo-3.cdr 2017-01-08 00:13 - 2017-01-08 00:13 - 00000000 ____D C:\Users\Win7\AppData\Roaming\SmartSteamEmu 2017-01-07 23:46 - 2017-01-07 23:46 - 00000000 ____D C:\ProgramData\Tunngle 2017-01-07 23:26 - 2017-01-07 23:33 - 58071144 _____ (Tunngle.net GmbH ) C:\Users\Win7\Downloads\Tunngle_OfflineSetup_v5.8.8.exe 2017-01-07 23:22 - 2017-01-07 23:22 - 04843904 _____ (Tunngle.net GmbH ) C:\Users\Win7\Downloads\Tunngle_Setup_v5.8.8.exe ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-02-05 12:46 - 2015-02-05 11:52 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2017-02-05 12:38 - 2015-12-03 21:33 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d12e09df8c8a40.job 2017-02-05 12:38 - 2015-09-15 18:33 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0efdc916ece10.job 2017-02-05 12:38 - 2015-08-29 07:32 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e22485c01350.job 2017-02-05 12:37 - 2016-05-11 09:32 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1ab5fa7b60dc0.job 2017-02-05 12:37 - 2016-05-04 08:31 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1a5d77bede60.job 2017-02-05 12:37 - 2015-07-15 21:31 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bf3d47569030.job 2017-02-05 12:36 - 2016-02-10 16:33 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1641867087fd0.job 2017-02-05 12:36 - 2015-02-05 21:27 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d04182182f6ea0.job 2017-02-05 12:31 - 2014-05-07 05:59 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf69b12a0e8bf0.job 2017-02-05 11:57 - 2013-11-07 16:45 - 00000000 ___RD C:\Users\Win7\Desktop\Programy 2017-02-05 11:44 - 2014-02-22 17:39 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1706106373-1807487178-1385189351-1000UA.job 2017-02-05 11:30 - 2016-07-28 00:16 - 00000000 ____D C:\Users\Win7\AppData\Local\screenSHU 2017-02-05 10:37 - 2016-05-04 08:31 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1a5d7701a8e0.job 2017-02-05 10:26 - 2009-07-14 05:45 - 00028320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-02-05 10:26 - 2009-07-14 05:45 - 00028320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-02-05 10:18 - 2016-05-11 09:32 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1ab5fa7088fb0.job 2017-02-05 10:18 - 2015-12-03 21:33 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d12e09deb0a930.job 2017-02-05 10:18 - 2015-09-15 18:32 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0efdc90bdf4a0.job 2017-02-05 10:18 - 2015-08-29 07:32 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e22484f76c20.job 2017-02-05 10:18 - 2015-05-18 15:32 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d091776b4de860.job 2017-02-05 10:17 - 2014-10-15 18:35 - 00000266 _____ C:\Windows\Tasks\AutoKMS.job 2017-02-05 10:17 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-02-05 01:17 - 2017-01-04 15:28 - 00000000 ____D C:\Users\Win7\AppData\LocalLow\Mozilla 2017-02-05 01:17 - 2016-08-10 17:07 - 00000992 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job 2017-02-05 01:17 - 2013-11-07 14:58 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2017-02-05 01:00 - 2016-12-28 14:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-02-05 00:58 - 2013-11-07 16:33 - 00000000 ____D C:\Users\Win7\AppData\Local\Google 2017-02-05 00:58 - 2013-11-07 16:33 - 00000000 ____D C:\Program Files (x86)\Google 2017-02-05 00:54 - 2013-11-07 16:33 - 00003352 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2017-02-05 00:29 - 2014-05-13 13:05 - 00000000 ____D C:\Users\Win7\AppData\Roaming\TS3Client 2017-02-04 22:17 - 2014-10-15 18:35 - 00000000 ____D C:\Windows\AutoKMS 2017-02-04 22:10 - 2016-05-20 15:24 - 00002896 _____ C:\Windows\System32\Tasks\AutoKMS 2017-02-04 21:46 - 2013-11-07 16:43 - 00003064 _____ C:\Users\Win7\Desktop\Pamiętać.txt 2017-02-04 19:39 - 2014-09-13 14:59 - 00000000 ____D C:\Users\Win7\AppData\Roaming\uTorrent 2017-02-04 19:30 - 2016-03-03 18:46 - 00000000 ____D C:\Users\Win7\AppData\Local\CrashDumps 2017-02-04 18:00 - 2013-11-09 08:24 - 00000000 ____D C:\Windows\SysWOW64\directx 2017-02-04 17:44 - 2014-02-22 17:39 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1706106373-1807487178-1385189351-1000Core.job 2017-02-03 11:44 - 2014-01-10 14:00 - 00000000 ____D C:\ProgramData\Origin 2017-02-03 11:40 - 2016-11-25 14:53 - 00000000 ____D C:\Users\Win7\AppData\Roaming\Origin 2017-02-03 10:56 - 2013-11-07 19:02 - 00348856 _____ C:\Windows\SysWOW64\PnkBstrB.xtr 2017-02-03 10:56 - 2013-11-07 17:51 - 00348856 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2017-02-01 22:21 - 2015-05-15 13:47 - 00000000 ____D C:\Users\Win7\AppData\Roaming\Championify 2017-02-01 18:17 - 2015-09-21 14:40 - 00003350 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings 2017-02-01 18:09 - 2014-01-10 21:09 - 00000000 ____D C:\Users\Win7\AppData\Roaming\OBS 2017-02-01 11:47 - 2013-11-07 14:53 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2017-02-01 11:47 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2017-01-31 04:09 - 2013-11-09 03:12 - 00000000 ____D C:\ProgramData\Package Cache 2017-01-30 23:22 - 2015-02-26 21:11 - 00000000 ____D C:\Program Files (x86)\SpeedFan 2017-01-30 20:52 - 2013-11-07 17:51 - 00348856 _____ C:\Windows\SysWOW64\PnkBstrB.ex0 2017-01-30 19:28 - 2013-11-09 18:26 - 00000132 _____ C:\Users\Win7\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG 2017-01-30 16:06 - 2014-05-29 22:01 - 00000000 ____D C:\Users\Win7\AppData\Local\NVIDIA Corporation 2017-01-30 16:06 - 2013-11-07 14:55 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2017-01-30 16:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help 2017-01-30 16:01 - 2014-01-10 14:00 - 00000000 ____D C:\Program Files (x86)\Origin 2017-01-30 15:53 - 2014-01-21 17:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-01-30 15:53 - 2013-11-17 00:06 - 00000000 ____D C:\ProgramData\Oracle 2017-01-30 15:53 - 2013-11-17 00:05 - 00000000 ____D C:\Program Files (x86)\Java 2017-01-30 15:52 - 2014-01-21 17:40 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2017-01-30 15:33 - 2011-04-12 14:21 - 00743808 _____ C:\Windows\system32\perfh015.dat 2017-01-30 15:33 - 2011-04-12 14:21 - 00157290 _____ C:\Windows\system32\perfc015.dat 2017-01-30 15:33 - 2009-07-14 06:13 - 01679426 _____ C:\Windows\system32\PerfStringBackup.INI 2017-01-25 13:54 - 2016-07-22 16:25 - 00000000 ____D C:\Users\Win7\.BigNox 2017-01-25 13:54 - 2016-07-22 14:00 - 00000000 ____D C:\Users\Win7\AppData\Local\Nox 2017-01-25 13:50 - 2016-07-22 14:04 - 00000000 ____D C:\Users\Win7\vmlogs 2017-01-25 13:50 - 2015-03-09 19:47 - 00000000 ____D C:\Users\Win7\.android 2017-01-25 09:49 - 2016-02-09 22:58 - 00010194 _____ C:\Users\Win7\Desktop\Anime.txt 2017-01-24 16:14 - 2013-11-07 14:28 - 00000000 ____D C:\Users\Win7 2017-01-20 20:21 - 2014-07-30 09:40 - 351343911 _____ C:\Windows\MEMORY.DMP 2017-01-20 20:10 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\security 2017-01-20 20:10 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration 2017-01-20 12:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat 2017-01-19 22:09 - 2013-12-04 16:15 - 00000000 ____D C:\Users\Win7\AppData\Local\HP 2017-01-19 20:59 - 2015-07-08 10:29 - 00000000 ____D C:\Users\Win7\AppData\Local\Purplizer 2017-01-19 20:57 - 2014-05-14 17:08 - 00000000 ____D C:\Users\Win7\AppData\Local\Overwolf 2017-01-19 01:29 - 2016-10-27 16:27 - 00000637 _____ C:\Users\Win7\Desktop\Fifa 15.lnk 2017-01-14 10:44 - 2014-12-04 15:24 - 00000000 ____D C:\Users\Win7\Documents\Visual Studio 2008 2017-01-14 08:44 - 2016-09-18 00:10 - 00000931 _____ C:\Users\Win7\Desktop\Battlefield 4.lnk 2017-01-12 08:37 - 2016-08-10 17:07 - 00003994 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2017-01-11 20:46 - 2015-02-05 11:52 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-01-11 07:47 - 2013-11-07 14:58 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-01-11 07:47 - 2013-11-07 14:58 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-01-11 07:47 - 2013-11-07 14:58 - 00000000 ____D C:\Windows\system32\Macromed 2017-01-08 09:18 - 2009-07-14 06:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2017-01-07 23:46 - 2015-01-26 23:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle 2017-01-07 23:46 - 2014-07-12 11:46 - 00000000 ____D C:\Users\Win7\AppData\Roaming\Tunngle 2017-01-07 13:18 - 2016-09-07 12:33 - 00000000 ____D C:\Users\Win7\Desktop\Szkoła ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-06-18 15:49 - 2015-06-18 15:49 - 0000132 _____ () C:\Users\Win7\AppData\Roaming\Preferencje Adobe CS5 dla formatu AIFF 2015-11-13 20:30 - 2015-11-13 20:34 - 0000132 _____ () C:\Users\Win7\AppData\Roaming\Preferencje Adobe CS5 dla formatu BMP 2014-02-12 21:02 - 2014-02-12 21:02 - 0000132 _____ () C:\Users\Win7\AppData\Roaming\Preferencje Adobe CS5 dla formatu GIF 2013-11-09 18:26 - 2017-01-30 19:28 - 0000132 _____ () C:\Users\Win7\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG 2015-01-10 02:55 - 2016-03-11 09:19 - 0000132 _____ () C:\Users\Win7\AppData\Roaming\Preferencje Adobe CS5 dla formatu Targa 2013-11-09 15:49 - 2013-11-09 15:49 - 0000054 _____ () C:\Users\Win7\AppData\Roaming\updater.cfg 2013-12-19 19:15 - 2016-08-22 22:36 - 0001496 _____ () C:\Users\Win7\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs 2015-03-14 11:53 - 2015-03-14 11:53 - 0000000 ___SH () C:\Users\Win7\AppData\Local\LumaEmu 2016-08-11 21:48 - 2016-08-11 21:48 - 0000218 _____ () C:\Users\Win7\AppData\Local\recently-used.xbel 2017-01-30 23:28 - 2017-01-30 23:28 - 0007606 _____ () C:\Users\Win7\AppData\Local\Resmon.ResmonCfg 2015-03-09 19:45 - 2015-03-09 19:45 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip 2013-12-04 16:06 - 2013-12-04 16:15 - 0001282 _____ () C:\ProgramData\hpzinstall.log Niektóre pliki w TEMP: ==================== 2014-09-13 14:21 - 2014-09-13 14:26 - 34180736 _____ (AppWork GmbH) C:\Users\Win7\AppData\Local\Temp\13055088119032600095.exe 2014-12-06 18:26 - 2017-02-02 23:01 - 0000056 _____ () C:\Users\Win7\AppData\Local\Temp\50ec2caf412bef1e81b947a8a4f76bdd.dll 2016-02-21 22:29 - 2013-09-17 21:36 - 0401408 _____ () C:\Users\Win7\AppData\Local\Temp\aria.exe 2005-11-04 03:52 - 2005-11-04 03:52 - 0729088 _____ (Electronic Arts Inc.) C:\Users\Win7\AppData\Local\Temp\AutoRun.exe 2015-10-31 19:40 - 2005-10-14 06:02 - 0585728 _____ (Electronic Arts Inc.) C:\Users\Win7\AppData\Local\Temp\AutoRunGUI.dll 2016-09-16 07:47 - 2016-07-14 18:35 - 0949784 _____ (BlueStack Systems, Inc.) C:\Users\Win7\AppData\Local\Temp\BluestacksUninstaller.exe 2014-10-18 12:46 - 2014-10-30 18:58 - 0003072 _____ () C:\Users\Win7\AppData\Local\Temp\CH.dll 2012-09-21 06:49 - 2011-05-19 22:57 - 0086016 _____ () C:\Users\Win7\AppData\Local\Temp\CPU-V.dll 2013-11-09 00:44 - 2013-11-20 16:39 - 0000057 _____ () C:\Users\Win7\AppData\Local\Temp\d18998302a3419d4125112d0ae4dc7d0.dll 2015-11-23 19:30 - 2015-11-23 19:30 - 0208896 _____ (Sony DADC Austria AG) C:\Users\Win7\AppData\Local\Temp\drm_dyndata_7340014.dll 2015-12-21 10:48 - 2015-12-21 11:34 - 0204800 _____ (Sony DADC Austria AG) C:\Users\Win7\AppData\Local\Temp\drm_dyndata_7380012.dll 2015-12-21 17:09 - 2015-12-21 17:09 - 0208896 _____ (Sony DADC Austria AG) C:\Users\Win7\AppData\Local\Temp\drm_dyndata_7400008.dll 2015-04-18 20:17 - 2016-09-22 17:35 - 0204800 _____ (Sony DADC Austria AG) C:\Users\Win7\AppData\Local\Temp\drm_dyndata_7400009.dll 2015-08-10 14:10 - 2015-08-27 09:56 - 0208896 _____ (Sony DADC Austria AG) C:\Users\Win7\AppData\Local\Temp\drm_dyndata_7410004.dll 2013-02-11 14:08 - 2013-02-11 14:08 - 18722816 _____ () C:\Users\Win7\AppData\Local\Temp\dsp_ipp.dll 2014-12-12 14:49 - 2014-12-12 14:49 - 0000512 _____ () C:\Users\Win7\AppData\Local\Temp\ed6e8e8c4b588010c8f64663407c6196.dll 2015-02-14 13:20 - 2015-02-15 17:05 - 0000048 _____ () C:\Users\Win7\AppData\Local\Temp\edfbdf94de71a001d1bb47096109b7bb.dll 2009-02-02 18:07 - 2009-02-02 18:07 - 1909770 _____ (Adobe Systems Incorporated) C:\Users\Win7\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe 2013-12-17 19:01 - 2012-11-27 18:45 - 0192512 _____ () C:\Users\Win7\AppData\Local\Temp\GLFC58C.tmp.dll 2016-09-16 07:47 - 2016-07-14 18:35 - 0187416 _____ (BlueStack Systems) C:\Users\Win7\AppData\Local\Temp\HD-LibraryHandler.dll 2016-09-16 07:47 - 2016-07-14 18:32 - 0246808 _____ (BlueStack Systems) C:\Users\Win7\AppData\Local\Temp\HD-Logger-Native.dll 2013-12-07 22:54 - 2014-06-19 21:01 - 0014848 _____ (Microsoft) C:\Users\Win7\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe 2013-12-07 22:54 - 2013-10-25 18:33 - 0033792 _____ (Microsoft) C:\Users\Win7\AppData\Local\Temp\HiRezLauncherControls.dll 2014-01-04 10:04 - 2008-07-10 15:04 - 0684544 _____ () C:\Users\Win7\AppData\Local\Temp\INST01.dll 2013-11-07 15:02 - 2013-11-07 15:02 - 0379864 _____ (ESET) C:\Users\Win7\AppData\Local\Temp\InstHelper.exe 2013-12-19 18:06 - 2013-12-19 18:06 - 0921512 _____ (Oracle Corporation) C:\Users\Win7\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe 2016-07-22 09:44 - 2016-07-22 09:44 - 0741440 _____ (Oracle Corporation) C:\Users\Win7\AppData\Local\Temp\jre-8u101-windows-au.exe 2017-01-30 15:48 - 2017-01-30 15:48 - 0739904 _____ (Oracle Corporation) C:\Users\Win7\AppData\Local\Temp\jre-8u121-windows-au.exe 2015-09-13 16:29 - 2015-09-13 16:29 - 0012288 _____ () C:\Users\Win7\AppData\Local\Temp\kfmHGKeTSTJSwVdyOfJG.DLL 2014-04-04 20:24 - 2014-04-04 20:24 - 0956760 _____ (Nexon) C:\Users\Win7\AppData\Local\Temp\NGMDll.dll 2014-04-04 20:24 - 2014-04-04 20:24 - 0430080 _____ (Nexon) C:\Users\Win7\AppData\Local\Temp\NGMResource.dll 2016-02-21 22:29 - 2013-08-11 14:41 - 0044032 _____ (NirSoft) C:\Users\Win7\AppData\Local\Temp\nircmd.exe 2014-12-04 15:16 - 2014-12-04 15:16 - 0012288 _____ () C:\Users\Win7\AppData\Local\Temp\NVIOuabFUHMYwEGhGMEw.DLL 2013-10-23 03:02 - 2016-04-27 12:31 - 0722464 _____ (NVIDIA Corporation) C:\Users\Win7\AppData\Local\Temp\nvSCPAPI.dll 2014-09-06 15:58 - 2016-06-03 04:19 - 0845368 _____ (NVIDIA Corporation) C:\Users\Win7\AppData\Local\Temp\nvSCPAPI64.dll 2014-05-29 21:57 - 2013-12-19 12:20 - 0808224 _____ (NVIDIA Corporation) C:\Users\Win7\AppData\Local\Temp\nvStInst.exe 2015-09-13 16:22 - 2015-09-13 16:22 - 0012288 _____ () C:\Users\Win7\AppData\Local\Temp\oiKUstdaNtgdzlguAaUQ.DLL 2015-02-11 03:20 - 2015-02-11 03:20 - 0040448 ____N () C:\Users\Win7\AppData\Local\Temp\proxy_vole616764886719039997.dll 2016-02-21 22:28 - 2013-11-07 20:56 - 0557471 _____ ( ) C:\Users\Win7\AppData\Local\Temp\setup.exe 2015-02-26 21:12 - 2017-01-30 23:22 - 0192512 _____ () C:\Users\Win7\AppData\Local\Temp\sfamcc00001.dll 2015-02-10 18:56 - 2015-02-10 18:56 - 0105984 _____ () C:\Users\Win7\AppData\Local\Temp\sfextra.dll 2013-11-07 20:48 - 2014-03-06 17:34 - 34827424 _____ (Skype Technologies S.A.) C:\Users\Win7\AppData\Local\Temp\SkypeSetup.exe 2011-11-03 15:13 - 2011-11-03 15:13 - 1786688 _____ () C:\Users\Win7\AppData\Local\Temp\sonarinst.exe 2014-10-05 18:00 - 2014-10-05 18:00 - 0184320 ____N () C:\Users\Win7\AppData\Local\Temp\SRLDetectionLibrary2696628418074288879.dll 2015-07-15 18:56 - 2015-07-21 13:54 - 0001024 _____ () C:\Users\Win7\AppData\Local\Temp\toolbar.exe 2013-12-24 15:52 - 2013-12-24 15:52 - 16024312 _____ () C:\Users\Win7\AppData\Local\Temp\topazfusion2_setup.exe 2014-04-04 20:24 - 2014-04-04 20:24 - 0258352 _____ (Microsoft Corporation) C:\Users\Win7\AppData\Local\Temp\unicows.dll 2015-01-31 23:27 - 2015-01-31 23:27 - 1450832 _____ (BitTorrent Inc.) C:\Users\Win7\AppData\Local\Temp\utt2F57.tmp.exe 2015-02-13 16:13 - 2015-02-13 16:13 - 1453904 _____ (BitTorrent Inc.) C:\Users\Win7\AppData\Local\Temp\utt53B.tmp.exe 2014-11-15 21:20 - 2014-11-15 21:20 - 1403216 _____ (BitTorrent Inc.) C:\Users\Win7\AppData\Local\Temp\utt7052.tmp.exe 2015-02-13 13:46 - 2015-02-13 13:46 - 1453904 _____ (BitTorrent Inc.) C:\Users\Win7\AppData\Local\Temp\uttDE0E.tmp.exe 2015-03-21 12:12 - 2015-03-21 12:12 - 1592144 _____ (BitTorrent Inc.) C:\Users\Win7\AppData\Local\Temp\uttE4BC.tmp.exe 2016-08-14 17:41 - 2016-08-14 17:41 - 14449536 _____ (Microsoft Corporation) C:\Users\Win7\AppData\Local\Temp\vcredist14_x86.exe 2010-11-16 03:22 - 2010-11-16 03:22 - 4961800 _____ (Microsoft Corporation) C:\Users\Win7\AppData\Local\Temp\vcredist_x64.exe 2008-11-28 07:01 - 2008-11-28 07:01 - 4129800 _____ (Microsoft Corporation) C:\Users\Win7\AppData\Local\Temp\vcredist_x86.exe 2015-09-13 09:44 - 2015-09-13 09:44 - 0012288 _____ () C:\Users\Win7\AppData\Local\Temp\XIfwUDzuRmKfmfAZFEhR.DLL ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-02-04 14:35 ==================== Koniec FRST.txt ============================