Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:28-11-2015 Uruchomiony przez Damian (administrator) DAMIAN-KOMPUTER (29-11-2015 12:20:11) Uruchomiony z C:\Users\Damian\Desktop Załadowane profile: Damian (Dostępne profile: Damian & UpdatusUser) Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Opera) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE (Hagel Technologies Ltd.) C:\Program Files (x86)\DU Meter\DUMeterSvc.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (IVONA Software Sp. z o.o.) C:\Program Files (x86)\IVONA\IVONA Reader\IVONA Reader.exe (Nektra S.A.) C:\Program Files (x86)\IVONA\IVONA Reader\integr\OutlookExpress\IROElauncher.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Hagel Technologies Ltd.) C:\Program Files (x86)\DU Meter\DUMeter.exe (Splinterware Software Solutions) C:\Program Files (x86)\SystemScheduler\WScheduler.exe (Opera Software) C:\Program Files (x86)\Opera\opera.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (GG Network S.A.) C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera_crashreporter.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [Sound+] => "C:\Program Files\Sound+\Sound+.exe" HKLM-x32\...\Run: [WScheduler] => C:\Program Files (x86)\SystemScheduler\WScheduler.exe [288256 2013-05-25] (Splinterware Software Solutions) HKLM-x32\...\Run: [Bonus.SSR.FR12] => T:\Abby finereader 12\Bonus.ScreenshotReader.exe [1472312 2014-01-30] (ABBYY Production LLC.) HKU\S-1-5-21-144805859-2219087630-3865369261-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [570688 2010-11-11] (DT Soft Ltd) HKU\S-1-5-21-144805859-2219087630-3865369261-1001\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [1362944 2011-02-08] () HKU\S-1-5-21-144805859-2219087630-3865369261-1001\...\Run: [IVONA Reader] => C:\Program Files (x86)\IVONA\IVONA Reader\IVONA Reader.exe [1528680 2011-04-25] (IVONA Software Sp. z o.o.) HKU\S-1-5-21-144805859-2219087630-3865369261-1001\...\Run: [IROElauncher] => C:\Program Files (x86)\IVONA\IVONA Reader\integr\OutlookExpress\IROElauncher.exe [94720 2008-09-26] (Nektra S.A.) HKU\S-1-5-21-144805859-2219087630-3865369261-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe [205976 2009-09-18] (Alcohol Soft Development Team) HKU\S-1-5-21-144805859-2219087630-3865369261-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd) HKU\S-1-5-21-144805859-2219087630-3865369261-1001\...\Run: [DU Meter] => C:\Program Files (x86)\DU Meter\DUMeter.exe [1946352 2012-02-16] (Hagel Technologies Ltd.) HKU\S-1-5-21-144805859-2219087630-3865369261-1001\...\Run: [Napisy24Update] => C:\Program Files (x86)\Napisy24\Napisy24Update.exe [2790344 2015-03-12] (Napisy24.pl) HKU\S-1-5-21-144805859-2219087630-3865369261-1001\...\Run: [Napisy24.pl] => C:\Program Files (x86)\Napisy24\Napisy24.exe [5509064 2015-07-29] (Napisy24.pl) HKU\S-1-5-21-144805859-2219087630-3865369261-1001\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-144805859-2219087630-3865369261-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-144805859-2219087630-3865369261-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-144805859-2219087630-3865369261-1001\...\MountPoints2: N - N:\cdstart.exe HKU\S-1-5-21-144805859-2219087630-3865369261-1001\...\MountPoints2: {1f2b4d8d-5bf5-11e1-bf36-002215ea93e4} - "L:\WD SmartWare.exe" autoplay=true HKU\S-1-5-21-144805859-2219087630-3865369261-1001\...\MountPoints2: {21475aef-73ff-11e1-ab6c-005056c00008} - N:\SETUP.EXE HKU\S-1-5-21-144805859-2219087630-3865369261-1001\...\MountPoints2: {21475af3-73ff-11e1-ab6c-005056c00008} - P:\autoplay.exe HKU\S-1-5-21-144805859-2219087630-3865369261-1001\...\MountPoints2: {35d4c991-5c75-11e1-be4a-002215ea93e4} - S:\start.exe HKU\S-1-5-21-144805859-2219087630-3865369261-1001\...\MountPoints2: {4b8d5daf-7370-11e1-bf73-005056c00008} - K:\SETUP.EXE BootExecute: autocheck autochk * sh4native Sh4Removal GroupPolicy: Ograniczenia - Chrome <======= UWAGA GroupPolicyUsers\S-1-5-21-144805859-2219087630-3865369261-1005\User: Ograniczenia <======= UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog9 11 C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll [338480 2010-01-22] (VMware, Inc.) Winsock: Catalog9 12 C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll [338480 2010-01-22] (VMware, Inc.) Winsock: Catalog9-x64 11 C:\Program Files (x86)\VMware\VMware Workstation\x64\vsocklib.dll [438320 2010-01-22] (VMware, Inc.) Winsock: Catalog9-x64 12 C:\Program Files (x86)\VMware\VMware Workstation\x64\vsocklib.dll [438320 2010-01-22] (VMware, Inc.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 Tcpip\..\Interfaces\{4872C51D-18CB-464B-BC4D-FD8A7AAB32DA}: [DhcpNameServer] 8.8.8.8 194.204.152.34 Tcpip\..\Interfaces\{4AF048D8-8E75-411A-8080-3D1C960949B6}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 Tcpip\..\Interfaces\{8E8027EF-FDFD-429F-BF42-CAEFB16553C1}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 Tcpip\..\Interfaces\{90605D60-A2B2-4C5D-8344-CDFAA5C785C3}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 Tcpip\..\Interfaces\{DA4240FC-323E-4AC8-8485-3B0E3DDF77D6}: [DhcpNameServer] 192.168.100.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-144805859-2219087630-3865369261-1001 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-144805859-2219087630-3865369261-1001 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-144805859-2219087630-3865369261-1001 -> {szukaj.gazeta.pl} URL = hxxp://szukaj.gazeta.pl/internet/0,0.html?slowo={searchTerms} BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: IVONA Reader -> {8664889D-ED18-4713-918F-E2BB69D8452B} -> C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2_x64.dll [2011-04-06] (IVONA Software Sp. z o.o.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-16] (Oracle Corporation) BHO-x32: IVONA Reader -> {8664889D-ED18-4713-918F-E2BB69D8452B} -> C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2.dll [2011-04-06] (IVONA Software Sp. z o.o.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-16] (Oracle Corporation) BHO-x32: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> C:\Program Files (x86)\ALLPlayer\Iplex\IplexToALLPlayer.dll [2011-02-09] (ALLCinema Ltd.) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.) Toolbar: HKLM - IVONA Reader - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2_x64.dll [2011-04-06] (IVONA Software Sp. z o.o.) Toolbar: HKLM-x32 - IVONA Reader - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2.dll [2011-04-06] (IVONA Software Sp. z o.o.) FireFox: ======== FF ProfilePath: C:\Users\Damian\AppData\Roaming\Mozilla\Firefox\Profiles\xzpq7mwo.default-1445603186771 FF Homepage: hxxp://chomikuj.pl/zenek27/FILMY FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] () FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems) FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-01-23] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] () FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-16] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-10-16] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-07-23] (Nullsoft, Inc.) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-03-14] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-03-14] (NVIDIA Corporation) FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems) FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-01-23] (Adobe Systems) FF user.js: detected! => C:\Users\Damian\AppData\Roaming\Mozilla\Firefox\Profiles\xzpq7mwo.default-1445603186771\user.js [2015-11-28] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-08-16] [Brak podpisu cyfrowego] FF HKU\S-1-5-21-144805859-2219087630-3865369261-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-08-16] [Brak podpisu cyfrowego] Chrome: ======= CHR HomePage: Default -> gazeta.pl/0,0.html?p=174 CHR DefaultSearchKeyword: Default -> q CHR Profile: C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Prezentacje Google) - C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-28] CHR Extension: (Dokumenty Google) - C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-28] CHR Extension: (Dysk Google) - C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-28] CHR Extension: (YouTube) - C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-28] CHR Extension: (Google Search) - C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-28] CHR Extension: (Arkusze Google) - C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-28] CHR Extension: (Dokumenty Google offline) - C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-29] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-28] CHR Extension: (Quick Menu) - C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\oggihoncmelambjaefiboekididcaffe [2015-11-28] CHR Extension: (Gmail) - C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-28] CHR HKLM\...\Chrome\Extension: [oggihoncmelambjaefiboekididcaffe] - C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\oggihoncmelambjaefiboekididcaffe.crx [2015-10-22] CHR HKLM-x32\...\Chrome\Extension: [mgmkibjehmijilgdlafejbedipjcjeaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [oggihoncmelambjaefiboekididcaffe] - C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\oggihoncmelambjaefiboekididcaffe.crx [2015-10-22] Opera: ======= OPR Session Restore: -> [funkcja włączona] OPR Extension: (Ghostery) - C:\Users\Damian\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg [2015-09-29] OPR Extension: (Adguard AdBlocker) - C:\Users\Damian\AppData\Roaming\Opera Software\Opera Stable\Extensions\bopfaehpakahokaelnomggbohfbimcia [2015-11-06] OPR Extension: (µBlock) - C:\Users\Damian\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2015-10-31] StartMenuInternet: (HKLM) Opera - c:\program files (x86)\opera\opera.exe hxxp://www.piesearch.com/?type=sc&ts=1445521710&pid=etc22&uid=389458e5-880d-4d4d-9d95-41f8448ed22d ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2009-06-05] (Andrea Electronics Corporation) R2 DUMeterSvc; C:\Program Files (x86)\DU Meter\DUMeterSvc.exe [1110480 2012-02-16] (Hagel Technologies Ltd.) R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [Brak podpisu cyfrowego] R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Brak podpisu cyfrowego] R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [Brak podpisu cyfrowego] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Brak podpisu cyfrowego] S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2012-12-18] () [Brak podpisu cyfrowego] R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Brak podpisu cyfrowego] R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Brak podpisu cyfrowego] S3 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [Brak podpisu cyfrowego] S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Brak podpisu cyfrowego] S3 ufad-ws60; C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe [191024 2009-10-12] (VMware, Inc.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [X] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Inc.) R3 azvusb; C:\Windows\System32\DRIVERS\azvusb.sys [54784 2009-08-24] (AzureWave Technologies, Inc.) S1 CFRMD; C:\Windows\SysWOW64\DRIVERS\CFRMD.sys [37976 2012-09-03] (Windows (R) Win 7 DDK provider) [Brak podpisu cyfrowego] R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [256576 2012-02-21] (DT Soft Ltd) R3 DUMeterDrv; C:\Program Files (x86)\DU Meter\DUMETR64.SYS [20856 2012-02-16] (Hagel Technologies Ltd.) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-10-23] () R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] () R0 mv61xx; C:\Windows\System32\DRIVERS\mv61xx.sys [178728 2009-05-11] (Marvell Semiconductor, Inc.) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation) S3 prwntdrv; C:\Windows\system32\prwntdrv.sys [18528 2014-10-23] () S3 prwntdrv; C:\Windows\SysWOW64\prwntdrv.sys [15456 2014-10-23] () R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2012-03-21] () [Brak podpisu cyfrowego] R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2013-02-19] (WinISO.com) R1 {b28b30d2-a22b-48a9-8948-d4167c37e7f0}Gw64; C:\Windows\System32\drivers\{b28b30d2-a22b-48a9-8948-d4167c37e7f0}Gw64.sys [48784 2015-11-28] (StdLib) U3 agebcdaz; C:\Windows\System32\Drivers\agebcdaz.sys [0 ] (Microsoft Corporation) <==== UWAGA (zerobajtowy plik/folder) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-11-29 12:20 - 2015-11-29 12:20 - 00023992 _____ C:\Users\Damian\Desktop\FRST.txt 2015-11-29 12:16 - 2015-11-29 12:16 - 02349056 _____ (Farbar) C:\Users\Damian\Desktop\FRST64.exe 2015-11-29 12:11 - 2015-11-29 12:11 - 00005691 _____ C:\Users\Damian\Desktop\h.txt 2015-11-28 23:49 - 2015-11-28 23:49 - 00000008 __RSH C:\ProgramData\ntuser.pol 2015-11-28 21:50 - 2015-11-28 12:23 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{b28b30d2-a22b-48a9-8948-d4167c37e7f0}Gw64.sys 2015-11-28 21:49 - 2015-11-28 23:38 - 00000008 _____ C:\END 2015-11-28 21:42 - 2015-11-28 21:42 - 03758992 _____ (Amazing Studio ) C:\Users\Damian\Desktop\driver+ecran+asus+vh192d_10924_i91756123_il345.exe 2015-11-26 19:00 - 2015-11-26 19:00 - 00000097 _____ C:\Users\Damian\Desktop\Lucy(2014) Cały Film Napisy PL.txt 2015-11-24 14:43 - 2015-11-24 14:43 - 00000000 __SHD C:\ProgramData\DSS 2015-11-24 14:39 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2015-11-24 14:39 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2015-11-24 14:39 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll 2015-11-24 14:39 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2015-11-24 14:39 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2015-11-24 14:39 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2015-11-24 14:39 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2015-11-24 14:39 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2015-11-24 14:39 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2015-11-24 14:39 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2015-11-24 14:39 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2015-11-24 14:39 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll 2015-11-24 14:39 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2015-11-24 14:39 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2015-11-24 14:39 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2015-11-24 14:39 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2015-11-24 14:39 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2015-11-24 14:39 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll 2015-11-24 14:39 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll 2015-11-24 14:39 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2015-11-24 14:39 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2015-11-24 14:39 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll 2015-11-24 14:39 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll 2015-11-24 14:39 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll 2015-11-24 14:39 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll 2015-11-24 14:39 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll 2015-11-24 14:39 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll 2015-11-24 14:39 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll 2015-11-24 14:39 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll 2015-11-24 14:39 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll 2015-11-24 14:39 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll 2015-11-24 14:39 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll 2015-11-24 14:39 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll 2015-11-24 14:39 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll 2015-11-24 14:39 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll 2015-11-24 14:39 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll 2015-11-24 14:39 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll 2015-11-24 14:39 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll 2015-11-24 14:39 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll 2015-11-24 14:39 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll 2015-11-24 14:39 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll 2015-11-24 14:39 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll 2015-11-24 14:39 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll 2015-11-24 14:39 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll 2015-11-24 14:39 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll 2015-11-24 14:39 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll 2015-11-24 14:39 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll 2015-11-24 14:39 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll 2015-11-24 14:39 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll 2015-11-24 14:39 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll 2015-11-24 14:39 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll 2015-11-24 14:39 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll 2015-11-24 14:02 - 2015-11-24 14:06 - 17009704 _____ (Electronic Arts, Inc.) C:\Users\Damian\Downloads\FIFA World [1].exe 2015-11-24 08:14 - 2015-11-24 08:14 - 00001091 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk 2015-11-24 08:14 - 2015-11-24 08:14 - 00000000 ____D C:\ProgramData\VS Revo Group 2015-11-24 08:14 - 2015-11-24 08:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro 2015-11-24 08:14 - 2015-11-24 08:14 - 00000000 ____D C:\Program Files\VS Revo Group 2015-11-24 08:14 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys 2015-11-18 15:06 - 2015-11-18 15:06 - 00000018 _____ C:\Users\Damian\Desktop\Debacom.txt 2015-11-17 19:16 - 2015-11-17 19:16 - 00001412 _____ C:\Users\Damian\AppData\Local\Installer.lnk 2015-11-15 20:51 - 2015-11-15 20:52 - 00000000 ____D C:\Users\Damian\Desktop\Nowy folder (3) 2015-11-15 20:13 - 2015-11-15 20:13 - 00000000 ____D C:\Users\Damian\AppData\Local\CEF 2015-11-15 20:02 - 2015-11-15 20:03 - 02394601 _____ C:\Users\Damian\Downloads\BA42.tmp 2015-11-15 19:08 - 2015-11-27 22:43 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2015-11-08 12:32 - 2015-11-08 12:32 - 00238622 _____ C:\Users\Damian\Desktop\Spawanie MIG.pdf 2015-11-07 06:40 - 2015-11-09 08:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-11-06 20:18 - 2015-11-06 20:18 - 00000836 _____ C:\Users\Public\Desktop\CCleaner.lnk 2015-11-03 07:15 - 2015-11-03 07:15 - 31332760 _____ (Electronic Arts, Inc.) C:\Users\Damian\Downloads\FIFA 13 Demo [1].exe 2015-11-03 06:49 - 2015-11-24 14:46 - 00000000 ____D C:\Users\Damian\AppData\Local\CrashDumps 2015-11-01 07:05 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll 2015-11-01 07:05 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll 2015-11-01 07:05 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll 2015-11-01 07:05 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll 2015-11-01 07:04 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll 2015-11-01 07:04 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll 2015-11-01 07:04 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll 2015-11-01 07:04 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll 2015-11-01 07:04 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll 2015-11-01 07:04 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll 2015-11-01 07:04 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll 2015-11-01 07:04 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll 2015-11-01 07:04 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2015-11-01 07:04 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2015-11-01 07:04 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll 2015-11-01 07:04 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2015-11-01 07:04 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll 2015-11-01 07:04 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll 2015-11-01 07:04 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll 2015-11-01 07:04 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll 2015-11-01 07:04 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll 2015-11-01 07:04 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll 2015-11-01 07:04 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll 2015-11-01 07:04 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll 2015-11-01 07:04 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll 2015-11-01 07:04 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll 2015-11-01 07:04 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll 2015-11-01 07:03 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll 2015-11-01 07:03 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll 2015-11-01 07:03 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll 2015-11-01 07:03 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll 2015-11-01 07:03 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll 2015-11-01 07:03 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll 2015-11-01 07:03 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll 2015-11-01 07:03 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll 2015-11-01 07:03 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll 2015-11-01 07:03 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll 2015-11-01 07:03 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll 2015-11-01 07:03 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll 2015-11-01 07:03 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll 2015-11-01 07:03 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll 2015-11-01 07:03 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll 2015-11-01 07:03 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll 2015-11-01 07:03 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll 2015-11-01 07:03 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll 2015-11-01 07:03 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll 2015-11-01 07:03 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll 2015-11-01 07:03 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll 2015-11-01 07:03 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll 2015-11-01 07:03 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll 2015-11-01 07:03 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll 2015-11-01 07:03 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll 2015-11-01 07:03 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll 2015-11-01 07:03 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll 2015-11-01 07:03 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll 2015-11-01 07:03 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll 2015-11-01 07:03 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll 2015-11-01 07:03 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll 2015-11-01 07:03 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll 2015-11-01 07:03 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll 2015-11-01 07:03 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll 2015-11-01 07:03 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll 2015-11-01 07:03 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll 2015-11-01 07:03 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll 2015-11-01 07:03 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll 2015-11-01 07:03 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll 2015-11-01 07:03 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll 2015-11-01 07:03 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll 2015-11-01 07:02 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll 2015-11-01 07:02 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll 2015-11-01 07:02 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll 2015-11-01 07:02 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll 2015-11-01 07:02 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll 2015-11-01 07:02 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll 2015-11-01 07:02 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll 2015-11-01 07:02 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll 2015-11-01 07:02 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll 2015-11-01 07:02 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll 2015-11-01 07:02 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll 2015-11-01 07:02 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll 2015-11-01 07:02 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll 2015-11-01 07:02 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll 2015-11-01 07:02 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll 2015-11-01 07:02 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll 2015-11-01 07:02 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll 2015-11-01 07:02 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll 2015-11-01 07:02 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll 2015-11-01 07:02 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll 2015-11-01 07:02 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll 2015-11-01 07:02 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll 2015-11-01 07:02 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll 2015-11-01 07:02 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll 2015-11-01 07:02 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll 2015-11-01 07:02 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2015-11-01 07:02 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll 2015-11-01 07:02 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll 2015-11-01 07:02 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll 2015-11-01 07:02 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll 2015-11-01 07:02 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll 2015-11-01 07:02 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll 2015-11-01 07:02 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll 2015-11-01 07:02 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll 2015-11-01 07:02 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll 2015-11-01 07:02 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll 2015-11-01 07:02 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll 2015-11-01 07:02 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll 2015-11-01 07:01 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2015-11-01 07:01 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2015-11-01 07:01 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll 2015-11-01 07:01 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll 2015-11-01 07:01 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll 2015-11-01 07:01 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2015-11-01 07:01 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll 2015-11-01 07:01 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2015-11-01 07:01 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll 2015-11-01 07:00 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll 2015-11-01 07:00 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll 2015-11-01 07:00 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2015-11-01 07:00 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll 2015-11-01 07:00 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2015-11-01 07:00 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll 2015-11-01 07:00 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2015-11-01 07:00 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll 2015-10-30 08:36 - 2015-10-30 08:36 - 00000000 ____D C:\Users\Damian\Desktop\Porzeczka__aronia___jagoda_kamczacka ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-11-29 12:20 - 2015-01-27 14:14 - 00000000 ____D C:\FRST 2015-11-29 12:12 - 2009-07-14 05:45 - 00032032 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-11-29 12:12 - 2009-07-14 05:45 - 00032032 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-11-29 12:08 - 2011-04-12 14:21 - 00739252 _____ C:\Windows\system32\perfh015.dat 2015-11-29 12:08 - 2011-04-12 14:21 - 00154358 _____ C:\Windows\system32\perfc015.dat 2015-11-29 12:08 - 2009-07-14 06:13 - 01665574 _____ C:\Windows\system32\PerfStringBackup.INI 2015-11-29 12:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2015-11-29 12:05 - 2012-11-21 21:20 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-11-29 12:04 - 2012-02-21 14:07 - 00000000 ____D C:\ProgramData\VMware 2015-11-29 12:04 - 2012-02-20 20:03 - 00000000 ____D C:\ProgramData\NVIDIA 2015-11-29 12:04 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-11-29 12:00 - 2014-10-30 09:26 - 00001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 33.lnk 2015-11-29 11:54 - 2013-02-16 12:42 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-11-29 11:33 - 2012-11-21 21:20 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-11-29 09:52 - 2014-09-01 01:00 - 00000000 ____D C:\Users\Damian\AppData\Local\Adobe 2015-11-29 01:08 - 2012-09-28 08:13 - 00000000 ____D C:\Users\Damian\AppData\Local\ChomikBox 2015-11-29 00:52 - 2015-07-14 13:01 - 00000992 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job 2015-11-28 22:54 - 2013-10-11 19:53 - 00004016 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{67B2DF36-6DE6-48ED-9272-524FDB267AC9} 2015-11-28 21:50 - 2009-07-14 03:34 - 00000663 _____ C:\Windows\win.ini 2015-11-28 11:39 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-11-28 09:26 - 2012-08-20 21:55 - 00000000 ____D C:\Users\Damian\.gstreamer-0.10 2015-11-27 23:40 - 2015-08-14 08:12 - 00000000 ____D C:\ProgramData\Napisy24 2015-11-25 09:19 - 2014-11-21 21:31 - 00043749 _____ C:\Users\Damian\Desktop\top.txt 2015-11-24 14:37 - 2009-07-14 04:20 - 00000000 ____D C:\Windows 2015-11-22 09:05 - 2012-10-26 15:27 - 00000000 ____D C:\Program Files (x86)\The KMPlayer 2015-11-21 13:10 - 2012-02-24 09:41 - 00000000 ____D C:\Users\Damian\AppData\Local\ElevatedDiagnostics 2015-11-21 13:10 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2015-11-19 10:20 - 2014-06-03 18:49 - 00003886 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1400957026 2015-11-19 10:20 - 2013-04-08 09:54 - 00000000 ____D C:\Program Files (x86)\Opera 2015-11-17 19:24 - 2015-10-25 19:37 - 00000000 ___RD C:\Users\Damian\Desktop\SpyHunter 4.20.9.4533 Eng 32 Bit Portable 2015-11-15 20:52 - 2013-12-12 11:30 - 00000000 ____D C:\Users\Damian\Desktop\Chomikow 2015-11-15 19:09 - 2014-12-24 06:50 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-11-15 19:08 - 2013-02-02 21:08 - 00000000 ____D C:\Program Files (x86)\Adobe 2015-11-15 19:08 - 2013-02-02 20:59 - 00000000 ____D C:\ProgramData\Adobe 2015-11-12 20:13 - 2015-01-26 18:21 - 00000000 ____D C:\Users\Damian\AppData\Roaming\Media Player Classic 2015-11-12 08:21 - 2015-05-19 21:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-11-11 12:06 - 2015-07-14 13:01 - 00004002 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2015-11-11 12:06 - 2013-02-16 12:42 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-11-11 12:06 - 2012-08-14 18:08 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-11-11 12:06 - 2012-02-20 20:26 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-06 19:53 - 2015-10-23 13:59 - 00000000 ____D C:\ProgramData\Malwarebytes ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-11-17 19:16 - 2015-11-17 19:16 - 0001412 _____ () C:\Users\Damian\AppData\Local\Installer.lnk 2015-01-21 05:59 - 2015-01-21 05:59 - 0007602 _____ () C:\Users\Damian\AppData\Local\Resmon.ResmonCfg 2012-02-21 09:53 - 2012-02-21 09:53 - 0017408 _____ () C:\Users\Damian\AppData\Local\WebpageIcons.db 2015-08-05 14:52 - 2015-08-05 14:52 - 0000000 _____ () C:\Users\Damian\AppData\Local\{683D1C05-7868-4006-9A95-F6AB78778047} 2012-08-09 10:21 - 2012-08-16 19:00 - 0013671 _____ () C:\ProgramData\hpzinstall.log Niektóre pliki w TEMP: ==================== C:\Users\Damian\AppData\Local\Temp\amt_mysites123.exe C:\Users\Damian\AppData\Local\Temp\driver+ecran+asus+vh192d__10924_i1761795314_il1919480.exe C:\Users\Damian\AppData\Local\Temp\Napisy24.exe C:\Users\Damian\AppData\Local\Temp\proxy_vole5179064245403094753.dll C:\Users\Damian\AppData\Local\Temp\t.dll C:\Users\Damian\AppData\Local\Temp\UninstallModule.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2015-11-20 16:28 ==================== Koniec FRST.txt ============================