Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:11-10-2015 02 Uruchomiony przez ALEKS (administrator) ALEKS-KOMPUTER (11-10-2015 22:04:41) Uruchomiony z C:\Users\ALEKS\Downloads Załadowane profile: ALEKS (Dostępne profile: ALEKS & UpdatusUser & Gość) Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe () C:\Program Files (x86)\Common Files\NMSAccessU.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe () C:\Windows\SysWOW64\Rezip.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe () C:\Program Files (x86)\Netia\Mobilny Internet\AssistantServices.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe (SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Flux Software LLC) C:\Users\ALEKS\AppData\Local\FluxSoftware\Flux\flux.exe () C:\Program Files (x86)\Netia\Mobilny Internet\UIExec.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe (Google Inc.) C:\Users\ALEKS\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9644576 2009-12-15] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation) HKLM-x32\...\Run: [UpdateLBPShortCut] => "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" HKLM-x32\...\Run: [CLMLServer] => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" HKLM-x32\...\Run: [UpdateP2GoShortCut] => "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" HKLM-x32\...\Run: [UpdatePDRShortCut] => "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0" HKLM-x32\...\Run: [RemoteControl8] => "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" HKLM-x32\...\Run: [PDVD8LanguageShortcut] => "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe" HKLM-x32\...\Run: [UpdatePPShortCut] => "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0" HKLM-x32\...\Run: [UpdatePSTShortCut] => "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" HKLM-x32\...\Run: [APLangApp] => C:\Program Files (x86)\AnyPC Client\APLangApp.exe [13312 2009-11-20] (DoctorSoft) HKLM-x32\...\Run: [UCam_Menu] => "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\Netia\Mobilny Internet\UIExec.exe [138072 2010-03-02] () HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3775912 2015-08-24] (AVG Technologies CZ, s.r.o.) HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\...\Run: [Google Update] => C:\Users\ALEKS\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc.) HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\...\Run: [TomTomHOME.exe] => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\...\Run: [Facebook Update] => "C:\Users\ALEKS\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\...\Run: [ALLUpdate] => D:\ALLPlayer\ALLPlayer\ALLUpdate.exe [3670472 2015-07-28] (ALLPlayer Group Ltd.) HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd) HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\...\Run: [f.lux] => C:\Users\ALEKS\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC) HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> Startup: C:\Users\ALEKS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-07-01] ShortcutTarget: Dropbox.lnk -> C:\Users\ALEKS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 10.30.30.1 150.254.173.2 150.254.173.3 8.8.8.8 Tcpip\..\Interfaces\{B6AC41CC-732B-4B03-897C-92612C138041}: [DhcpNameServer] 10.30.30.1 150.254.173.2 150.254.173.3 8.8.8.8 Internet Explorer: ================== HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO-x32: Pomocnik logowania za pomocą identyfikatora Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Brak pliku DPF: HKLM-x32 {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} hxxps://m.zentis.pl/dwa85W.cab DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll Brak pliku FireFox: ======== FF ProfilePath: C:\Users\ALEKS\AppData\Roaming\Mozilla\Firefox\Profiles\yi536pj3.default-1444592561045 FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] () FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Brak pliku] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] () FF Plugin-x32: @baidu.com/BaiduExpert-npplugin -> C:\Users\ALEKS\AppData\Roaming\Baidu\BDWebAdapter\3.0.331.0\npBDExNP.dll [Brak pliku] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2008-11-13] (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin HKU\S-1-5-21-2195184045-3265951034-2981680463-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\ALEKS\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll Brak pliku FF Plugin HKU\S-1-5-21-2195184045-3265951034-2981680463-1001: @tools.google.com/Google Update;version=3 -> C:\Users\ALEKS\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF Plugin HKU\S-1-5-21-2195184045-3265951034-2981680463-1001: @tools.google.com/Google Update;version=9 -> C:\Users\ALEKS\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF Plugin HKU\S-1-5-21-2195184045-3265951034-2981680463-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ALEKS\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-02-22] (Unity Technologies ApS) StartMenuInternet: FIREFOX.EXE - D:\Mozilla Firefox\firefox.exe Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.pl/" CHR Plugin: (Widevine Content Decryption Module) - C:\Users\ALEKS\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.) CHR Plugin: (Shockwave Flash) - C:\Users\ALEKS\AppData\Local\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll () CHR Profile: C:\Users\ALEKS\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Przelewy24) - C:\Users\ALEKS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiicmmpkicnndkhlnnloilpgncbpkbjj [2015-05-12] CHR Extension: (Adblock Plus) - C:\Users\ALEKS\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-21] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\ALEKS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30] StartMenuInternet: Google Chrome - C:\Users\ALEKS\AppData\Local\Google\Chrome\Application\chrome.exe Opera: ======= OPR Extension: (Adblock Plus) - C:\Users\ALEKS\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2014-04-04] StartMenuInternet: (HKLM) OperaStable - D:\Opera\Launcher.exe ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3637160 2015-08-24] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [335656 2015-08-24] (AVG Technologies CZ, s.r.o.) R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [Brak podpisu cyfrowego] R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Brak podpisu cyfrowego] R2 NMSAccessU; C:\Program Files (x86)\Common Files\NMSAccessU.exe [65536 2007-01-25] () [Brak podpisu cyfrowego] R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Brak podpisu cyfrowego] R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Brak podpisu cyfrowego] R2 Rezip; C:\windows\SysWOW64\Rezip.exe [311296 2009-03-05] () [Brak podpisu cyfrowego] R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] () R2 UI Assistant Service; C:\Program Files (x86)\Netia\Mobilny Internet\AssistantServices.exe [247152 2010-03-02] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1205136 2015-09-30] () S2 GtDetectSc; "C:\Program Files\Orange\ICON 225 USB Connect\GtDetectSc.exe" [X] S2 HTCMonitorService; "D:\HTC SYNC\HSMServiceEntry.exe" [X] S2 McAfee SiteAdvisor Service; "C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe" [X] S2 TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [X] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313264 2015-08-19] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [297904 2015-08-19] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [250800 2015-08-04] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [300464 2015-08-04] (AVG Technologies CZ, s.r.o.) R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [50976 2014-08-12] (AVG Technologies) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 GT72NDISIPXP; C:\Windows\System32\DRIVERS\Gt51Ip.sys [124416 2007-11-13] (Option N.V.) S3 GT72UBUS; C:\Windows\System32\DRIVERS\gt72ubus.sys [80896 2007-10-09] (Option N.V.) S3 GTPTSER; C:\Windows\System32\DRIVERS\gtptser.sys [10624 2007-03-30] (Option N.V.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-08-27] () [Brak podpisu cyfrowego] U5 UnlockerDriver5; D:\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] () U3 a7uus9jc; Brak ImagePath U3 amoziabx; Brak ImagePath S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-10-11 21:59 - 2015-10-11 21:59 - 00000000 ____D C:\Users\ALEKS\Downloads\FRST-OlderVersion 2015-10-11 21:49 - 2015-10-11 21:49 - 00011158 _____ C:\Users\ALEKS\Desktop\plik.txt 2015-10-11 21:42 - 2015-10-11 21:42 - 00000000 ____D C:\Users\ALEKS\Desktop\Stare dane programu Firefox 2015-10-11 19:12 - 2015-10-11 21:54 - 00040301 _____ C:\Users\ALEKS\Downloads\Shortcut.txt 2015-10-11 19:02 - 2015-10-11 19:02 - 01254532 _____ C:\Users\ALEKS\Desktop\GMER.txt 2015-10-11 18:50 - 2015-10-11 18:50 - 00380416 _____ C:\Users\ALEKS\Downloads\k9oi3ivo.exe 2015-10-11 17:46 - 2015-10-11 21:54 - 00067982 _____ C:\Users\ALEKS\Downloads\Addition.txt 2015-10-11 17:45 - 2015-10-11 22:06 - 00016549 _____ C:\Users\ALEKS\Downloads\FRST.txt 2015-10-11 17:24 - 2015-10-11 22:04 - 00000000 ____D C:\FRST 2015-10-11 17:24 - 2015-10-11 21:59 - 02195968 _____ (Farbar) C:\Users\ALEKS\Downloads\FRST64.exe 2015-10-11 16:41 - 2015-10-11 16:41 - 01682432 _____ C:\Users\ALEKS\Desktop\AdwCleaner.exe 2015-10-11 12:54 - 2015-10-11 12:54 - 00000000 ____D C:\Users\ALEKS\AppData\Roaming\TuneUp Software 2015-10-11 12:50 - 2015-10-11 12:50 - 00000000 ____D C:\Users\ALEKS\AppData\Local\MFAData 2015-10-11 12:46 - 2015-10-11 12:46 - 00000000 ____D C:\Users\ALEKS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux 2015-10-11 12:46 - 2015-10-11 12:46 - 00000000 ____D C:\Users\ALEKS\AppData\Local\FluxSoftware 2015-10-10 22:03 - 2015-01-07 05:10 - 00782848 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll 2015-10-10 22:03 - 2015-01-07 04:44 - 00079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpapi.dll 2015-10-10 22:03 - 2015-01-07 03:49 - 00310272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdbss.sys 2015-10-10 22:03 - 2015-01-07 03:48 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys 2015-10-10 22:02 - 2015-01-07 05:15 - 00104896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mup.sys 2015-10-10 21:56 - 2015-10-11 11:22 - 00000000 ____D C:\ProgramData\Oracle 2015-10-10 21:55 - 2015-10-10 21:55 - 00004152 _____ C:\windows\msxml4-KB2758694-chs.LOG 2015-10-10 21:45 - 2015-10-11 22:02 - 00000280 _____ C:\windows\setupact.log 2015-10-10 21:45 - 2015-10-10 21:45 - 00000000 _____ C:\windows\setuperr.log 2015-10-10 21:44 - 2015-10-11 22:01 - 00020984 _____ C:\windows\PFRO.log 2015-10-10 20:20 - 2015-10-10 20:20 - 00002802 _____ C:\windows\System32\Tasks\CCleanerSkipUAC 2015-10-10 20:20 - 2015-10-10 20:20 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk 2015-10-10 20:20 - 2015-10-10 20:20 - 00000000 ____D C:\Program Files\CCleaner 2015-10-05 18:26 - 2015-10-05 18:26 - 00000670 _____ C:\Users\ALEKS\Desktop\ALLPlayer.lnk 2015-10-05 18:26 - 2015-10-05 18:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer 2015-10-05 18:26 - 2013-04-05 21:26 - 00276992 _____ (IntelleSoft) C:\windows\SysWOW64\BugTrap.dll 2015-09-16 19:57 - 2015-09-16 19:57 - 00000000 ____D C:\Users\Gość\AppData\Local\Avg ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-10-11 22:04 - 2015-05-16 15:32 - 00001058 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2195184045-3265951034-2981680463-1001UA.job 2015-10-11 22:02 - 2014-01-30 00:27 - 00000008 __RSH C:\ProgramData\ntuser.pol 2015-10-11 22:02 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT 2015-10-11 22:02 - 2009-07-14 06:45 - 00379024 _____ C:\windows\system32\FNTCACHE.DAT 2015-10-11 22:00 - 2010-08-24 18:59 - 00000000 ____D C:\Users\ALEKS\Documents\Youcam 2015-10-11 22:00 - 2010-08-24 18:58 - 00000000 ___RD C:\Users\ALEKS\Desktop\Samsung 2015-10-11 22:00 - 2010-03-06 21:04 - 01111349 _____ C:\windows\WindowsUpdate.log 2015-10-11 21:59 - 2009-07-14 05:20 - 00000000 ___HD C:\windows\system32\GroupPolicy 2015-10-11 21:59 - 2009-07-14 05:20 - 00000000 ____D C:\windows\SysWOW64\GroupPolicy 2015-10-11 21:57 - 2013-03-30 17:05 - 00000930 _____ C:\windows\Tasks\Adobe Flash Player Updater.job 2015-10-11 21:32 - 2009-07-14 06:45 - 00022976 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-10-11 21:32 - 2009-07-14 06:45 - 00022976 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-10-11 20:27 - 2010-08-24 18:04 - 00093952 _____ C:\Users\ALEKS\AppData\Local\GDIPFONTCACHEV1.DAT 2015-10-11 20:22 - 2015-04-21 20:04 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2015-10-11 20:21 - 2010-08-24 17:56 - 00000000 ____D C:\ProgramData\Adobe 2015-10-11 18:13 - 2015-04-21 19:35 - 00000000 ____D C:\AdwCleaner 2015-10-11 16:48 - 2011-08-30 12:54 - 00000000 ____D C:\Users\ALEKS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-10-11 16:48 - 2011-04-23 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 3. High End Loft Stuff 2015-10-11 16:48 - 2011-04-23 13:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 3. Ambitions 2015-10-11 16:47 - 2015-03-02 18:14 - 00725112 _____ C:\Users\ALEKS\Desktop\SEMESTR LETNI.xlsx 2015-10-11 16:47 - 2012-05-18 09:15 - 01671459 _____ C:\windows\SysWOW64\debug.log 2015-10-11 15:40 - 2011-02-24 11:52 - 00003990 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{61248C4A-D447-49D8-A2C4-079AD2C5A6C3} 2015-10-11 14:59 - 2010-10-16 14:36 - 00000000 ____D C:\ProgramData\MFAData 2015-10-11 13:15 - 2010-03-06 04:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-10-11 10:04 - 2011-08-30 12:53 - 00001006 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2195184045-3265951034-2981680463-1001Core.job 2015-10-11 03:56 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache 2015-10-11 00:20 - 2012-03-24 18:17 - 00001056 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2195184045-3265951034-2981680463-1001Core.job 2015-10-10 20:46 - 2014-06-03 13:23 - 00003844 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1383754833 2015-10-10 20:46 - 2012-08-24 18:45 - 00003034 _____ C:\windows\System32\Tasks\{03C1FFEE-CBFD-4E37-A3B1-BD93CDEBEA0F} 2015-10-10 20:46 - 2010-08-25 19:45 - 00002876 _____ C:\windows\System32\Tasks\{FEA45AFA-D07A-4827-93BE-0D1F6D6BBF6B} 2015-10-10 20:46 - 2010-03-06 04:15 - 00003158 _____ C:\windows\System32\Tasks\SUPBackground 2015-10-10 20:41 - 2015-01-13 22:13 - 00000000 ____D C:\Program Files (x86)\LibreOffice 4 2015-10-10 20:32 - 2010-08-27 10:10 - 00000000 ____D C:\Users\ALEKS\AppData\Roaming\DAEMON Tools Lite 2015-10-10 20:31 - 2015-04-20 13:45 - 00000000 ____D C:\Users\ALEKS\AppData\Roaming\PhotoScape 2015-10-10 20:31 - 2010-08-25 19:45 - 00000000 ____D C:\Users\ALEKS\AppData\Roaming\Skype 2015-10-10 20:30 - 2010-12-17 20:36 - 00000000 ____D C:\windows\Minidump 2015-10-10 20:30 - 2009-08-02 04:27 - 00000000 ____D C:\windows\Panther 2015-10-09 11:35 - 2015-04-05 01:44 - 00000000 ___SD C:\windows\system32\GWX 2015-10-09 11:30 - 2012-05-20 14:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-10-09 01:14 - 2015-04-05 01:44 - 00000000 ___SD C:\windows\SysWOW64\GWX 2015-10-07 19:11 - 2010-08-25 19:44 - 00000000 ____D C:\ProgramData\Skype 2015-10-05 18:28 - 2015-07-12 16:47 - 00000000 ____D C:\Users\ALEKS\Desktop\Kariera 2015-10-05 18:26 - 2010-08-28 13:11 - 00000000 ____D C:\ProgramData\ALLPlayer 2015-10-05 18:22 - 2015-06-10 12:54 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-10-05 18:22 - 2009-07-14 07:09 - 00000000 ____D C:\windows\System32\Tasks\WPD 2015-10-04 12:32 - 2010-03-06 21:46 - 00740688 _____ C:\windows\system32\perfh015.dat 2015-10-04 12:32 - 2010-03-06 21:46 - 00156230 _____ C:\windows\system32\perfc015.dat 2015-10-04 12:32 - 2009-07-14 07:13 - 01670590 _____ C:\windows\system32\PerfStringBackup.INI 2015-09-30 20:05 - 2015-05-05 17:43 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp 2015-09-30 14:03 - 2015-04-25 21:03 - 00000000 ____D C:\Users\ALEKS\Desktop\Literatura 2015-09-22 12:57 - 2013-03-30 17:05 - 00003868 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater 2015-09-22 12:57 - 2012-05-18 08:02 - 00780488 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2015-09-22 12:57 - 2011-08-21 18:14 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-09-20 16:03 - 2014-01-17 22:48 - 00000000 ____D C:\Users\ALEKS\AppData\Local\PokerStars.EU 2015-09-17 14:41 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\NDF 2015-09-17 14:25 - 2015-05-07 14:35 - 00000000 ____D C:\Users\ALEKS\AppData\Roaming\foobar2000 2015-09-16 19:59 - 2015-07-11 12:15 - 00000955 _____ C:\Users\Public\Desktop\AVG 2015.lnk 2015-09-16 19:59 - 2015-07-11 12:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2015-09-15 09:59 - 2015-05-16 15:32 - 00004032 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2195184045-3265951034-2981680463-1001UA 2015-09-15 09:59 - 2011-08-30 12:53 - 00003636 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2195184045-3265951034-2981680463-1001Core 2015-09-14 22:43 - 2010-08-24 18:37 - 00000000 ____D C:\Users\ALEKS\AppData\Local\Google ==================== Pliki w katalogu głównym wybranych folderów ======= 2007-01-25 03:52 - 2007-01-25 03:52 - 0065536 _____ () C:\Program Files (x86)\Common Files\NMSAccessU.exe 2015-07-08 10:40 - 2015-07-08 10:44 - 0000563 _____ () C:\Users\ALEKS\AppData\Roaming\burnaware.ini 2012-09-27 19:18 - 2012-09-27 19:18 - 0000000 _____ () C:\Users\ALEKS\AppData\Roaming\wklnhst.dat 2010-12-12 13:56 - 2010-12-12 13:56 - 0003584 _____ () C:\Users\ALEKS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-01-14 16:42 - 2015-01-14 16:42 - 0026900 _____ () C:\Users\ALEKS\AppData\Local\dt.dat 2011-09-17 20:14 - 2014-09-19 17:06 - 0007246 _____ () C:\ProgramData\hpzinstall.log 2010-03-06 04:21 - 2010-03-06 04:21 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log 2010-03-06 04:19 - 2010-03-06 04:20 - 0000106 _____ () C:\ProgramData\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}.log 2010-03-06 04:16 - 2010-03-06 04:17 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log 2010-03-06 04:20 - 2010-03-06 04:21 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log 2010-03-06 04:15 - 2010-03-06 04:16 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log 2010-03-06 04:17 - 2010-03-06 04:19 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log Niektóre pliki w TEMP: ==================== C:\Users\ALEKS\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpoxgcc2.dll ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\windows\system32\wininit.exe => Plik podpisany cyfrowo C:\windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\windows\explorer.exe => Plik podpisany cyfrowo C:\windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\windows\system32\svchost.exe => Plik podpisany cyfrowo C:\windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\windows\system32\services.exe => Plik podpisany cyfrowo C:\windows\system32\User32.dll => Plik podpisany cyfrowo C:\windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\windows\system32\userinit.exe => Plik podpisany cyfrowo C:\windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2015-10-11 03:48 ==================== Koniec FRST.txt ============================