Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja: 06-10-2017 Uruchomiony przez KAZI (administrator) KAZI-PC (08-10-2017 14:32:21) Uruchomiony z C:\Users\KAZI\Downloads Załadowane profile: KAZI (Dostępne profile: KAZI) Platform: Microsoft Windows 7 Starter (X86) Język: Polski (Polska) Internet Explorer Wersja 8 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (SlySoft, Inc.) C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (ALLPlayer Group Ltd.) C:\Program Files\ALLPlayer Remote\ALLPlayerRemoteControl.exe () C:\Users\KAZI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Online.com (Mega Limited) C:\Users\KAZI\AppData\Local\MEGAsync\MEGAsync.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-11-14] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart HKLM\...\Run: [CloneCDTray] => C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-30] (SlySoft, Inc.) HKLM\...\Winlogon: [LegalNoticeCaption] 81u3f4nt45y - 24.01.2007 - Surabaya HKLM\...\Winlogon: [LegalNoticeText] Surabaya in my birthday Don't kill me, i'm just send message from your computer Terima kasih telah menemaniku walaupun hanya sesaat, tapi bagiku sangat berarti Maafkan jika kebahagiaan yang kuminta adalah teman sepanjang hidupku Seharusnya aku mengerti bahwa keberadaanku bukanlah disisimu, hanyalah lamunan dalam sesal Untuk kekasih yang tak kan pernah kumiliki 3r1k1m0 HKU\S-1-5-21-1671606494-1044672718-3766306234-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3376832 2016-06-22] (Disc Soft Ltd) HKU\S-1-5-21-1671606494-1044672718-3766306234-1000\...\Run: [World of Tanks] => "C:\Games\World_of_Tanks\WargamingGameUpdater.exe" HKU\S-1-5-21-1671606494-1044672718-3766306234-1000\...\Run: [BlueStacks Agent] => C:\Program Files\Bluestacks\HD-Agent.exe HKU\S-1-5-21-1671606494-1044672718-3766306234-1000\...\Run: [ALLUpdate] => "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep" HKU\S-1-5-21-1671606494-1044672718-3766306234-1000\...\Run: [Napisy24Update] => "C:\Program Files\Napisy24\Napisy24Update.exe" "sleep" HKU\S-1-5-21-1671606494-1044672718-3766306234-1000\...\Run: [ALLPlayer WiFi Remote] => C:\Program Files\ALLPlayer Remote\ALLPlayerRemoteControl.exe [6168768 2016-09-15] (ALLPlayer Group Ltd.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK-Konfigurationstool.lnk [2016-06-04] ShortcutTarget: TP-LINK-Konfigurationstool.lnk -> C:\Program Files\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe () Startup: C:\Users\KAZI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Online.com [2013-02-14] () Startup: C:\Users\KAZI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe update.com [2013-02-14] () Startup: C:\Users\KAZI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-09-08] ShortcutTarget: MEGAsync.lnk -> C:\Users\KAZI\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{2BFEE763-BF20-4902-89E7-748842F5A5A6}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKU\S-1-5-21-1671606494-1044672718-3766306234-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gazeta.pl/0,0.html?p=190 HKU\S-1-5-21-1671606494-1044672718-3766306234-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-06-18] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-18] (Oracle Corporation) FireFox: ======== FF DefaultProfile: xwt7niw5.default FF ProfilePath: C:\Users\KAZI\AppData\Roaming\Mozilla\Firefox\Profiles\xwt7niw5.default [2017-09-24] FF user.js: detected! => C:\Users\KAZI\AppData\Roaming\Mozilla\Firefox\Profiles\xwt7niw5.default\user.js [2016-07-24] FF Homepage: Mozilla\Firefox\Profiles\xwt7niw5.default -> hxxp://www.gazeta.pl/0,0.html?p=190 FF Extension: (Firefox Hotfix) - C:\Users\KAZI\AppData\Roaming\Mozilla\Firefox\Profiles\xwt7niw5.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-31] FF Extension: (MEGA) - C:\Users\KAZI\AppData\Roaming\Mozilla\Firefox\Profiles\xwt7niw5.default\Extensions\firefox@mega.co.nz.xpi [2016-10-29] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-08-12] () FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-18] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-18] (Oracle Corporation) FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2008-07-30] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2008-07-30] (Google Inc.) FF Plugin HKU\S-1-5-21-1671606494-1044672718-3766306234-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\KAZI\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies ApS) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://www.gazeta.pl/0,0.html?p=190 CHR StartupUrls: Default -> "hxxp://www.gazeta.pl/0,0.html?p=190" CHR Profile: C:\Users\KAZI\AppData\Local\Google\Chrome\User Data\Default [2017-10-08] CHR Extension: (Prezentacje Google) - C:\Users\KAZI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-04] CHR Extension: (Dokumenty Google) - C:\Users\KAZI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-04] CHR Extension: (Dysk Google) - C:\Users\KAZI\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-04] CHR Extension: (YouTube) - C:\Users\KAZI\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-04] CHR Extension: (Arkusze Google) - C:\Users\KAZI\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-04] CHR Extension: (Dokumenty Google offline) - C:\Users\KAZI\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-17] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\KAZI\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-10] CHR Extension: (Gmail) - C:\Users\KAZI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-04] CHR Extension: (Chrome Media Router) - C:\Users\KAZI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-10] CHR Profile: C:\Users\KAZI\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-09-24] CHR Profile: C:\Users\KAZI\AppData\Local\Google\Chrome\User Data\System Profile [2017-09-24] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1138368 2016-06-22] (Disc Soft Ltd) S3 EasyAntiCheat; C:\Windows\system32\EasyAntiCheat.exe [249104 2016-10-12] (EasyAntiCheat Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [930240 2016-11-14] (NVIDIA Corporation) R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-11-14] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2904000 2016-11-14] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016704 2016-11-14] (NVIDIA Corporation) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2016-07-24] (Disc Soft Ltd) S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2016-07-24] (Disc Soft Ltd) R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [35112 2014-02-10] (SlySoft, Inc.) R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2014-12-21] (Elaborate Bytes AG) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26048 2016-11-14] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [50744 2016-11-14] (NVIDIA Corporation) R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [801896 2012-10-26] (Realtek Semiconductor Corporation ) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-10-08 14:12 - 2017-10-08 14:24 - 000000823 ____N C:\UsbFix.txt 2017-10-08 14:11 - 2017-10-08 14:11 - 000000000 ____D C:\Users\KAZI\Downloads\FRST-OlderVersion 2017-09-24 19:12 - 2017-09-24 19:12 - 000000426 ____N C:\Autoexec.bat 2017-09-24 18:52 - 2017-09-24 18:52 - 001200411 _____ C:\Users\KAZI\Downloads\UsbFix.rar 2017-09-24 18:43 - 2017-09-24 18:43 - 000001448 _____ C:\Users\KAZI\Desktop\UsbFix.lnk 2017-09-24 14:34 - 2017-09-24 14:34 - 000000632 _____ C:\Users\KAZI\Desktop\Total Commander.lnk 2017-09-24 14:34 - 2017-09-24 14:34 - 000000000 ____D C:\Users\KAZI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander 2017-09-24 14:34 - 2017-09-24 14:34 - 000000000 ____D C:\Users\KAZI\AppData\Roaming\GHISLER 2017-09-24 14:34 - 2017-09-24 14:34 - 000000000 ____D C:\Users\KAZI\AppData\Local\GHISLER 2017-09-24 14:34 - 2017-09-24 14:34 - 000000000 ____D C:\totalcmd 2017-09-24 14:34 - 2016-12-14 09:00 - 000000545 _____ C:\Windows\UC.PIF 2017-09-24 14:34 - 2016-12-14 09:00 - 000000545 _____ C:\Windows\RAR.PIF 2017-09-24 14:34 - 2016-12-14 09:00 - 000000545 _____ C:\Windows\PKZIP.PIF 2017-09-24 14:34 - 2016-12-14 09:00 - 000000545 _____ C:\Windows\PKUNZIP.PIF 2017-09-24 14:34 - 2016-12-14 09:00 - 000000545 _____ C:\Windows\LHA.PIF 2017-09-24 14:34 - 2016-12-14 09:00 - 000000545 _____ C:\Windows\ARJ.PIF 2017-09-24 14:33 - 2017-09-24 14:33 - 004289984 _____ (Ghisler Software GmbH) C:\Users\KAZI\Downloads\tcmd900ax32.exe 2017-09-24 14:20 - 2017-10-08 14:25 - 000000000 ____D C:\UsbFix 2017-09-24 13:43 - 2017-09-24 15:31 - 000004551 _____ C:\Users\KAZI\Downloads\Fixlog.txt 2017-09-24 13:18 - 2017-10-08 14:31 - 000030255 _____ C:\Users\KAZI\Downloads\Shortcut.txt 2017-09-24 13:16 - 2017-10-08 14:11 - 001796608 _____ (Farbar) C:\Users\KAZI\Downloads\FRST.exe 2017-09-24 12:56 - 2017-10-08 14:31 - 000027296 _____ C:\Users\KAZI\Downloads\Addition.txt 2017-09-24 12:55 - 2017-10-08 14:32 - 000012396 _____ C:\Users\KAZI\Downloads\FRST.txt 2017-09-24 12:55 - 2017-10-08 14:32 - 000000000 ____D C:\FRST 2017-09-23 20:19 - 2017-09-23 20:22 - 186257403 _____ C:\Users\KAZI\Downloads\r40.rar 2017-09-23 18:49 - 2017-09-24 13:54 - 000000000 ____D C:\Program Files\DrWeb 2017-09-23 18:49 - 2017-09-23 18:49 - 000000000 ____D C:\ProgramData\Doctor Web 2017-09-23 18:49 - 2017-09-23 18:49 - 000000000 ____D C:\Program Files\Common Files\Doctor Web 2017-09-22 21:01 - 2017-09-22 21:07 - 000000000 ____D C:\Users\KAZI\AppData\Local\NFS Underground 2 2017-09-17 20:57 - 2017-09-24 12:51 - 000073902 _____ C:\Users\KAZI\Downloads\OTL.Txt 2017-09-17 20:57 - 2017-09-24 12:51 - 000048856 _____ C:\Users\KAZI\Downloads\Extras.Txt 2017-09-17 20:51 - 2017-09-17 20:52 - 000602112 _____ (OldTimer Tools) C:\Users\KAZI\Downloads\OTL.exe 2017-09-17 19:37 - 2017-09-17 20:12 - 000007597 _____ C:\Users\KAZI\AppData\Local\Resmon.ResmonCfg 2017-09-17 19:02 - 2017-09-24 18:47 - 000000000 ____D C:\Users\KAZI\AppData\Local\CrashDumps 2017-09-17 18:44 - 2017-09-17 18:49 - 000000000 ____D C:\Users\KAZI\AppData\Local\ESET 2017-09-17 18:44 - 2017-09-17 18:44 - 003146880 _____ (ESET) C:\Users\KAZI\Downloads\eset_internet_security_live_installer.exe 2017-09-17 18:43 - 2017-09-17 18:43 - 006760064 _____ (ESET spol. s r.o.) C:\Users\KAZI\Downloads\esetonlinescanner_plk.exe 2017-09-17 18:36 - 2017-09-23 21:11 - 000304626 _____ C:\Windows\ntbtlog.txt 2017-09-17 17:12 - 2017-09-17 17:12 - 000000249 _____ C:\Users\KAZI\Documents\Fix.reg 2017-09-17 17:06 - 2017-09-17 17:06 - 004471124 _____ C:\Users\KAZI\Downloads\unetbootin-linux-613.rar 2017-09-17 17:06 - 2017-09-17 17:06 - 004471036 _____ C:\Users\KAZI\Downloads\unetbootin-linux-613.bin 2017-09-17 14:04 - 2017-09-17 14:04 - 000000028 _____ C:\Windows\OutLog.txt 2017-09-17 14:00 - 2017-09-17 14:00 - 000000000 ____D C:\Program Files\EASEUS 2017-09-17 13:59 - 2017-09-17 14:00 - 011703104 _____ (EASEUS ) C:\Users\KAZI\Downloads\EASEUS.exe 2017-09-17 13:46 - 2017-09-17 13:46 - 000030437 _____ C:\Users\KAZI\Downloads\guiformat.rar 2017-09-17 13:31 - 2017-09-17 13:31 - 001106855 _____ C:\Users\KAZI\Downloads\7-Zip 9.30.exe 2017-09-17 13:31 - 2017-09-17 13:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2017-09-17 13:31 - 2017-09-17 13:31 - 000000000 ____D C:\Program Files\7-Zip 2017-09-16 21:56 - 2017-09-16 21:59 - 000000769 _____ C:\Users\KAZI\.maps-toolconfig 2017-09-16 18:43 - 2017-09-17 11:59 - 000000000 ____D C:\Users\KAZI\Desktop\Nowy folder (2) 2017-09-11 18:48 - 2017-09-11 18:52 - 000000041 ___SH C:\ProgramData\.zreglib 2017-09-11 18:47 - 2017-09-11 18:47 - 000001075 _____ C:\Users\Public\Desktop\CloneCD.lnk 2017-09-11 18:47 - 2017-09-11 18:47 - 000000000 ____D C:\ProgramData\SlySoft 2017-09-11 18:47 - 2017-09-11 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft 2017-09-11 18:47 - 2017-09-11 18:47 - 000000000 ____D C:\Program Files\SlySoft 2017-09-10 13:34 - 2017-09-10 13:34 - 000000000 ____D C:\Users\KAZI\AppData\Local\NVIDIA Corporation 2017-09-10 13:33 - 2017-09-10 13:33 - 000000000 ____D C:\Users\KAZI\AppData\Local\NVIDIA 2017-09-10 13:33 - 2016-11-14 14:35 - 001377752 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap.dll 2017-09-10 13:33 - 2016-11-14 14:35 - 001316136 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge.dll 2017-09-10 13:33 - 2016-11-14 14:35 - 000091336 _____ C:\Windows\system32\NvRtmpStreamer32.dll 2017-09-10 13:32 - 2017-09-10 13:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2017-09-10 13:32 - 2017-09-10 13:32 - 000000000 ____D C:\Program Files\AGEIA Technologies 2017-09-10 13:32 - 2016-11-14 11:45 - 000615992 _____ (NVIDIA Corporation) C:\Windows\system32\nvStreaming.exe 2017-09-10 13:31 - 2016-11-11 21:51 - 007513855 _____ C:\Windows\system32\nvcoproc.bin 2017-09-10 13:29 - 2016-11-14 14:35 - 024208440 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll 2017-09-10 13:29 - 2016-11-14 14:35 - 016128720 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll 2017-09-10 13:29 - 2016-11-14 14:35 - 015301056 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2017-09-10 13:29 - 2016-11-14 14:35 - 014497712 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll 2017-09-10 13:29 - 2016-11-14 14:35 - 011270656 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2017-09-10 13:29 - 2016-11-14 14:35 - 011208312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2017-09-10 13:29 - 2016-11-14 14:35 - 010711488 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2017-09-10 13:29 - 2016-11-14 14:35 - 003995192 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2017-09-10 13:29 - 2016-11-14 14:35 - 001060216 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3234201.dll 2017-09-10 13:29 - 2016-11-14 14:35 - 000913856 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll 2017-09-10 13:29 - 2016-11-14 14:35 - 000912248 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3234201.dll 2017-09-10 13:29 - 2016-11-14 14:35 - 000876480 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll 2017-09-10 13:29 - 2016-11-14 14:35 - 000104512 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll 2017-09-10 13:29 - 2016-11-14 14:35 - 000050744 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys 2017-09-10 13:27 - 2017-09-10 13:27 - 000000000 ____D C:\NVIDIA 2017-09-10 12:37 - 2017-09-24 18:42 - 000000000 ____D C:\ProgramData\ALLPlayer 2017-09-10 12:37 - 2017-09-10 12:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer Remote Control 2017-09-10 12:37 - 2017-09-10 12:37 - 000000000 ____D C:\ProgramData\ALLPlayerRemote 2017-09-10 12:37 - 2017-09-10 12:37 - 000000000 ____D C:\Program Files\ALLPlayer Remote 2017-09-10 12:18 - 2017-09-23 18:48 - 000000000 ____D C:\Users\KAZI\Desktop\filmiki 2017-09-10 12:03 - 2017-09-10 12:03 - 000000000 ____D C:\Users\KAZI\Documents\ConvertXtoDVD_Resources 2017-09-10 11:56 - 2017-09-11 21:46 - 000000000 ____D C:\Users\KAZI\Documents\ConvertXToDVD 2017-09-10 11:56 - 2017-09-11 21:39 - 000087608 _____ C:\Users\KAZI\AppData\Roaming\inst.exe 2017-09-10 11:56 - 2017-09-11 21:39 - 000047360 _____ (VSO Software) C:\Users\KAZI\AppData\Roaming\pcouffin.sys 2017-09-10 11:56 - 2017-09-11 21:39 - 000007887 _____ C:\Users\KAZI\AppData\Roaming\pcouffin.cat 2017-09-10 11:56 - 2017-09-11 21:39 - 000001190 _____ C:\Users\KAZI\Desktop\ConvertXToDVD 7.lnk 2017-09-10 11:56 - 2017-09-11 21:39 - 000000000 ____D C:\Users\KAZI\AppData\Roaming\VSO 2017-09-10 11:56 - 2017-09-10 12:41 - 000000000 ____D C:\ProgramData\VSO 2017-09-10 11:56 - 2017-09-10 11:56 - 000000000 ____D C:\Users\KAZI\Documents\PcSetup 2017-09-10 11:56 - 2017-09-10 11:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO 2017-09-10 11:56 - 2017-09-10 11:56 - 000000000 ____D C:\Program Files\VSO 2017-09-10 11:46 - 2017-09-10 11:46 - 000001905 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk 2017-09-10 11:46 - 2017-09-10 11:46 - 000001849 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk 2017-09-10 11:46 - 2017-09-10 11:46 - 000000000 ____D C:\Users\KAZI\AppData\Roaming\Canneverbe Limited 2017-09-10 11:46 - 2017-09-10 11:46 - 000000000 ____D C:\ProgramData\Canneverbe Limited 2017-09-10 11:46 - 2017-09-10 11:46 - 000000000 ____D C:\Program Files\CDBurnerXP 2017-09-09 20:35 - 2017-09-10 12:30 - 000000000 ____D C:\Users\KAZI\Desktop\foty 2017-09-09 20:17 - 2017-09-10 12:20 - 000000000 ____D C:\Users\KAZI\Desktop\ZDJECIA ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-10-08 14:28 - 2016-06-04 15:05 - 000000000 ____D C:\ProgramData\NVIDIA 2017-10-08 14:28 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-10-08 14:24 - 2009-07-14 06:34 - 000020272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-10-08 14:24 - 2009-07-14 06:34 - 000020272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-10-08 14:22 - 2016-06-04 14:47 - 000781298 _____ C:\Windows\system32\PerfStringBackup.INI 2017-10-08 14:22 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf 2017-09-24 19:07 - 2016-06-19 21:28 - 000000000 ____D C:\Users\KAZI\Desktop\MUZYKA 2017-09-24 14:15 - 2016-06-04 14:42 - 000000000 ____D C:\Users\KAZI\AppData\Local\VirtualStore 2017-09-24 13:59 - 2016-06-04 14:42 - 000000000 ____D C:\Users\KAZI 2017-09-24 13:44 - 2016-10-12 19:20 - 000000000 ____D C:\Users\KAZI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GFACE Launcher 2017-09-24 13:44 - 2016-06-04 20:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Goat Simulator 2017-09-22 21:01 - 2016-06-04 15:11 - 000000000 ____D C:\Users\KAZI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2017-09-17 19:43 - 2016-09-08 14:15 - 000000000 ____D C:\Users\KAZI\Documents\MEGAsync Downloads 2017-09-17 19:13 - 2016-06-18 18:06 - 000000000 ____D C:\Users\KAZI\Desktop\NFS MW 2017-09-17 19:13 - 2016-02-24 09:27 - 000000000 ____D C:\ShiginimaSE_v3100 2017-09-10 13:33 - 2016-06-04 15:05 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2017-09-10 13:33 - 2016-06-04 15:05 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2017-09-09 20:02 - 2016-06-04 18:26 - 000000000 ____D C:\Users\KAZI\AppData\Local\Google 2017-09-09 19:55 - 2016-08-26 16:25 - 000000000 ____D C:\Users\KAZI\AppData\Roaming\.minecraftzyczu ==================== Pliki w katalogu głównym wybranych folderów ======= 2005-10-16 14:07 - 2005-10-20 22:58 - 000003869 _____ () C:\Program Files\Nazwy misji.txt 2005-10-16 13:58 - 2005-10-20 22:51 - 000002411 _____ () C:\Program Files\Polonizacja v.0.91 - Readme.txt 2016-06-18 15:48 - 2016-06-18 15:48 - 000000000 ___RH () C:\Users\KAZI\AppData\Roaming\04d977f7136142501f27f91796e178a32 2017-09-10 11:56 - 2017-09-11 21:39 - 000087608 _____ () C:\Users\KAZI\AppData\Roaming\inst.exe 2017-09-10 11:56 - 2017-09-11 21:39 - 000007887 _____ () C:\Users\KAZI\AppData\Roaming\pcouffin.cat 2017-09-10 11:56 - 2017-09-11 21:39 - 000001144 _____ () C:\Users\KAZI\AppData\Roaming\pcouffin.inf 2017-09-10 11:56 - 2017-09-11 21:39 - 000000055 _____ () C:\Users\KAZI\AppData\Roaming\pcouffin.log 2017-09-10 11:56 - 2017-09-11 21:39 - 000047360 _____ (VSO Software) C:\Users\KAZI\AppData\Roaming\pcouffin.sys 2016-06-18 14:26 - 2016-06-18 14:26 - 000189248 _____ () C:\Users\KAZI\AppData\Roaming\PnkBstrB.exe 2016-06-18 14:10 - 2016-06-18 14:26 - 000138056 _____ () C:\Users\KAZI\AppData\Roaming\PnkBstrK.sys 2017-09-17 19:37 - 2017-09-17 20:12 - 000007597 _____ () C:\Users\KAZI\AppData\Local\Resmon.ResmonCfg 2017-09-11 18:48 - 2017-09-11 18:52 - 000000041 ___SH () C:\ProgramData\.zreglib Niektóre pliki w TEMP: ==================== 2017-09-28 18:31 - 2017-09-28 18:57 - 000000000 _____ () C:\Users\KAZI\AppData\Local\Temp\{5105B2A4-8F00-41AE-A4D4-AE40365D4153}-61.0.3163.100_60.0.3112.113_chrome_updater.exe ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-09-23 18:36 ==================== Koniec FRST.txt ============================