Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 31-08-2016 Uruchomiony przez ShastaMan (administrator) SHASTAMAN-KOMPU (05-09-2016 16:39:39) Uruchomiony z C:\Users\ShastaMan\Downloads Załadowane profile: ShastaMan (Dostępne profile: ShastaMan) Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Ellora Assets Corp.) D:\Programy\PobieranieFilmowProgram\Freemake\CaptureLib\CaptureLibService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe (MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe (Symantec Corporation) C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.2.15\nsbu.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe () C:\Windows\System32\PnkBstrA.exe (Podatnik.info Sp. z o.o.) C:\Program Files (x86)\Podatnik.info\PIT pro 2015\pproupd.exe (TeamViewer GmbH) D:\Programy\teamviever\TeamViewer_Service.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (LogMeIn Inc.) D:\Programy\hamachi\x64\hamachi-2.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (LogMeIn, Inc.) D:\Programy\hamachi\x64\LMIGuardianSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Disc Soft Ltd) D:\Programy\daemontools\DAEMON Tools Lite\DiscSoftBusService.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe (Podatnik.info Sp. z o.o.) C:\Program Files (x86)\Podatnik.info\PIT pro 2015\Widget.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (GG Network S.A.) C:\Users\ShastaMan\AppData\Local\GG\Application\gghub.exe (Skype Technologies S.A.) D:\Programy\Skype\Phone\Skype.exe (GG Network S.A.) C:\Users\ShastaMan\AppData\Local\GG\Application\ggapp.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe (BitTorrent Inc.) C:\Users\ShastaMan\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) C:\Users\ShastaMan\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe (BitTorrent Inc.) C:\Users\ShastaMan\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam6\YouCam6.exe (Code::Blocks Team) D:\Programy\CodeBlock\CodeBlocks\codeblocks.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506136 2013-12-06] (Realtek Semiconductor) HKLM\...\Run: [C:\Windows\system32\V0520Ext.ax] => C:\Windows\system32\RegSvr32.exe /s C:\Windows\system32\V0520Ext.ax HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1767944 2016-06-14] (NVIDIA Corporation) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation) HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-18] (CANON INC.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [16073336 2016-08-11] (Logitech Inc.) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7408312 2016-06-27] (AVAST Software) HKLM-x32\...\Run: [C:\Windows\SysWOW64\V0520Ext.ax] => C:\Windows\system32\RegSvr32.exe /s C:\Windows\SysWOW64\V0520Ext.ax HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [75776 2016-06-01] () HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.) HKLM-x32\...\Run: [YouCam Service6] => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [504792 2014-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (CANON INC.) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1298456 2015-04-20] (CANON INC.) HKLM-x32\...\Run: [WidgetPodatnikInfo] => C:\Program Files (x86)\Podatnik.info\PIT pro 2015\Widget.exe [261360 2016-08-30] (Podatnik.info Sp. z o.o.) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Programy\hamachi\hamachi-2-ui.exe [5565960 2016-07-20] (LogMeIn Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" HKLM-x32\...\Run: [kbdsprt] => [X] HKU\S-1-5-21-570891128-3581372902-1687710604-1000\...\Run: [DAEMON Tools Lite Automount] => D:\Programy\daemontools\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd) HKU\S-1-5-21-570891128-3581372902-1687710604-1000\...\Run: [uTorrent] => C:\Users\ShastaMan\AppData\Roaming\uTorrent\uTorrent.exe [1972224 2016-08-09] (BitTorrent Inc.) HKU\S-1-5-21-570891128-3581372902-1687710604-1000\...\Run: [CCleaner Monitoring] => D:\Programy\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd) HKU\S-1-5-21-570891128-3581372902-1687710604-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-570891128-3581372902-1687710604-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation) HKU\S-1-5-21-570891128-3581372902-1687710604-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [247344 2016-08-29] () HKU\S-1-5-21-570891128-3581372902-1687710604-1000\...\Policies\Explorer: [HideSCAVolume] 0 ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation) ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Brak pliku ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Brak pliku ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Brak pliku ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-25] (AVAST Software) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) BootExecute: autocheck autochk * sdnclean64.exe CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{18976741-40AE-4DF5-AA16-7ED1838898F4}: [NameServer] 188.120.239.115,8.8.8.8 Tcpip\..\Interfaces\{7041BB92-59D1-44B9-B604-4ED6E63B649E}: [NameServer] 188.120.239.115,8.8.8.8 Tcpip\..\Interfaces\{7F4E235C-626C-4E81-8F1E-A054CE6B7897}: [NameServer] 188.120.239.115,8.8.8.8 Tcpip\..\Interfaces\{7F4E235C-626C-4E81-8F1E-A054CE6B7897}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{C4DA79C9-8D05-4941-8F43-3CFC7F503081}: [NameServer] 188.120.239.115,8.8.8.8 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKU\S-1-5-21-570891128-3581372902-1687710604-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-570891128-3581372902-1687710604-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKU\S-1-5-21-570891128-3581372902-1687710604-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.) BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-16] (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.) BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-18] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-16] (AVAST Software) BHO-x32: Pomocnik logowania za pomocą konta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-18] (Oracle Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.) FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] () FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-29] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] () FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-18] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-18] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-25] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-25] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\Programy\vlc\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Reader -> D:\Programy\AdobeReader\Reader\AIR\nppdf32.dll [2016-06-23] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-29] (Adobe Systems) FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.2.15\coFFAddon => nie znaleziono FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-13] FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.2.15\coFFAddon => nie znaleziono FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.5.0.124\coFFPlgn FF Extension: (Brak nazwy) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.5.0.124\coFFPlgn [2015-11-19] [Brak podpisu cyfrowego] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-06-13] Chrome: ======= CHR HomePage: vafuiedtajuthervperdom -> hxxp://www.google.pl/ CHR StartupUrls: vafuiedtajuthervperdom -> "hxxp://www.google.pl/" CHR DefaultSearchURL: vafuiedtajuthervperdom -> hxxp://www.youndoo.com/search/?q={searchTerms}&z=c6545a7d3251484840558c3g2zfqdt8b3tcz0qeg9m&from=sqr&uid=WDCXWD10EZEX-00BN5A0_WD-WCC3F254145641456&type=sp CHR DefaultSearchKeyword: vafuiedtajuthervperdom -> youndoo CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.2.15\Exts\Chrome.crx CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.2.15\Exts\Chrome.crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-16] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-25] (AVAST Software) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1257504 2015-12-22] () R3 Disc Soft Lite Bus Service; D:\Programy\daemontools\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [249104 2016-07-29] (EasyAntiCheat Ltd) R2 FreemakeVideoCapture; D:\Programy\PobieranieFilmowProgram\Freemake\CaptureLib\CaptureLibService.exe [9216 2016-03-28] (Ellora Assets Corp.) [Brak podpisu cyfrowego] R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation) R2 Hamachi2Svc; D:\Programy\hamachi\x64\hamachi-2.exe [2554376 2016-07-20] (LogMeIn Inc.) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [253528 2015-11-09] () R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [54976 2013-07-25] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-08-11] (Logitech Inc.) R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-09-09] (MSI) R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3611808 2015-07-22] (INCA Internet Co., Ltd.) R2 NSBU; C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.2.15\NSBU.exe [282016 2015-07-16] (Symantec Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation) S3 Origin Client Service; D:\Programy\Orgin\Origin\OriginClientService.exe [2122248 2016-06-12] (Electronic Arts) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1310448 2016-08-29] (Overwolf LTD) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-05-27] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-05-26] () R2 pproupd; C:\Program Files (x86)\Podatnik.info\PIT pro 2015\pproupd.exe [50416 2016-08-30] (Podatnik.info Sp. z o.o.) S2 SkypeUpdate; D:\Programy\Skype\Updater\Updater.exe [324224 2016-07-25] (Skype Technologies) R2 TeamViewer; D:\Programy\teamviever\TeamViewer_Service.exe [7183632 2016-07-18] (TeamViewer GmbH) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-25] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-25] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-25] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-25] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-25] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-25] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-25] (AVAST Software) S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-25] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] (AVAST Software) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2015-12-25] () S3 BHDrvx64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.0.124\Definitions\BASHDefs\20151102.001\BHDrvx64.sys [1665608 2015-11-02] (Symantec Corporation) S3 ccSet_NSBU; C:\Windows\system32\drivers\NSBUx64\1605020.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation) R3 clwvd6; C:\Windows\System32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-10-22] (Disc Soft Ltd) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-11-14] (Symantec Corporation) S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [155456 2015-11-14] (Symantec Corporation) R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2016-03-27] (REALiX(tm)) S3 IDSVia64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.0.124\Definitions\IPSDefs\20151113.001\IDSvia64.sys [767224 2015-11-13] (Symantec Corporation) R3 ladfGSS; C:\Windows\System32\drivers\ladfGSS.sys [45208 2016-08-10] (Logitech Inc.) S3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [61712 2009-05-28] (Logitech) S3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [376848 2009-05-28] (Logitech) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [67736 2016-06-25] (Logitech Inc.) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2015-12-25] () S1 mbmiodrvr; C:\Windows\syswow64\mbmiodrvr.sys [4608 2004-04-10] (cansoft@livewiredev.com) [Brak podpisu cyfrowego] R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) S3 NAVENG; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.0.124\Definitions\VirusDefs\20151114.006\ENG64.SYS [138488 2015-11-14] (Symantec Corporation) S3 NAVEX15; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.0.124\Definitions\VirusDefs\20151114.006\EX64.SYS [2148080 2015-11-14] (Symantec Corporation) R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation) S3 SRTSP; C:\Windows\System32\Drivers\NSBUx64\1605020.00F\SRTSP64.SYS [926448 2015-07-11] (Symantec Corporation) S3 SRTSPX; C:\Windows\system32\drivers\NSBUx64\1605020.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation) S3 SymEFASI; C:\Windows\system32\drivers\NSBUx64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-11] (Symantec Corporation) S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-11-14] (Symantec Corporation) S3 SymIRON; C:\Windows\system32\drivers\NSBUx64\1605020.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation) S3 SymNetS; C:\Windows\System32\Drivers\NSBUx64\1605020.00F\SYMNETS.SYS [576248 2015-07-11] (Symantec Corporation) S3 V0520Vid; C:\Windows\System32\DRIVERS\V0520Vid.sys [280704 2011-09-02] (Creative Technology Ltd.) R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [117768 2015-12-18] (Oracle Corporation) R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [194976 2015-12-18] (Oracle Corporation) R3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2015-05-26] (SplitmediaLabs Limited) S3 ATP; system32\DRIVERS\cmdatp.sys [X] S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 CLMirrorDriver; system32\DRIVERS\CLMirrorDriver.sys [X] S3 clwvd7; system32\DRIVERS\clwvd7.sys [X] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 NTIOLib_1_0_C; \??\F:\NTIOLib_X64.sys [X] S3 RivaTuner64; \??\D:\Programy\RivaTuner\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [X] U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X] U3 kwlyauod; \??\C:\Users\SHASTA~1\AppData\Local\Temp\kwlyauod.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-09-05 16:39 - 2016-09-05 16:39 - 00031230 _____ C:\Users\ShastaMan\Downloads\FRST.txt 2016-09-05 16:38 - 2016-09-05 16:39 - 00000000 ____D C:\FRST 2016-09-05 16:38 - 2016-09-05 16:38 - 02397696 _____ (Farbar) C:\Users\ShastaMan\Downloads\FRST64.exe 2016-09-05 16:10 - 2016-09-05 16:10 - 00380928 _____ C:\Users\ShastaMan\Downloads\33wqzjnj.exe 2016-09-05 15:58 - 2016-09-05 15:58 - 00000000 ____D C:\Users\ShastaMan\AppData\LocalLow\uTorrent 2016-09-04 18:31 - 2016-09-04 18:31 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2016-09-04 18:31 - 2016-08-25 22:50 - 00133056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2016-09-04 18:31 - 2016-05-04 04:23 - 00129824 _____ C:\Windows\SysWOW64\vulkan-1.dll 2016-09-04 18:31 - 2016-05-04 04:22 - 00130848 _____ C:\Windows\system32\vulkan-1.dll 2016-09-04 18:31 - 2016-05-04 04:22 - 00045344 _____ C:\Windows\system32\vulkaninfo.exe 2016-09-04 18:31 - 2016-05-04 04:22 - 00040224 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2016-09-04 18:30 - 2016-09-04 18:30 - 00000000 ____D C:\temp 2016-09-04 18:29 - 2016-08-26 01:28 - 40070200 _____ C:\Windows\system32\nvcompiler.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 35182648 _____ C:\Windows\SysWOW64\nvcompiler.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 34801088 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 28207672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 14093368 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2016-09-04 18:29 - 2016-08-26 01:28 - 10865704 _____ C:\Windows\system32\nvptxJitCompiler.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 10737632 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 10278080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 09086856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 08875408 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 08680696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 03594808 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 03160512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 01920960 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437270.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437270.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 00956352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 00941504 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 00892864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 00686896 _____ C:\Windows\system32\nvfatbinaryLoader.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 00575984 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 00493608 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 00437696 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 00436088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 00408784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 00390200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 00223304 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2016-09-04 18:29 - 2016-08-26 01:28 - 00181488 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 00159352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 00153368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 00131536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 00054728 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2016-09-04 18:29 - 2016-08-26 01:28 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json 2016-09-04 18:29 - 2016-08-26 01:28 - 00000669 _____ C:\Windows\system32\nv-vk64.json 2016-09-04 14:56 - 2016-09-04 14:56 - 00000002 _____ C:\END 2016-09-04 02:35 - 2016-09-04 02:35 - 00000032 _____ C:\Users\ShastaMan\Desktop\To najpierw.txt 2016-09-02 13:06 - 2016-09-02 13:06 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2016-09-02 04:15 - 2016-09-02 13:11 - 00000000 ___SD C:\Windows\system32\GWX 2016-09-02 02:54 - 2016-09-02 03:00 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2016-09-02 02:54 - 2016-09-02 02:54 - 00001647 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk 2016-09-02 01:53 - 2016-09-02 01:53 - 00001208 _____ C:\Users\ShastaMan\Desktop\Szkola.programowania.Jezyk.C++ — skrót.lnk 2016-09-01 22:40 - 2016-09-01 22:40 - 00001159 _____ C:\Users\ShastaMan\Desktop\Symfonia C++ - J. Grębosz — skrót.lnk 2016-08-31 09:41 - 2016-06-13 21:30 - 00001232 _____ C:\Users\ShastaMan\Desktop\codeblocks — skrót.lnk 2016-08-31 02:35 - 2016-08-31 02:35 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith 2016-08-31 02:35 - 2016-08-31 02:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith 2016-08-31 02:35 - 2016-08-31 02:35 - 00000000 ____D C:\Program Files (x86)\QuickTime 2016-08-31 02:28 - 2016-08-31 20:38 - 00000000 ____D C:\Users\ShastaMan\Desktop\Nagrywanie 2016-08-31 02:24 - 2016-08-31 02:25 - 00003592 _____ C:\Windows\System32\Tasks\klcp_update 2016-08-31 02:24 - 2016-08-31 02:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2016-08-31 02:24 - 2016-08-31 02:24 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack 2016-08-31 01:01 - 2016-08-31 01:01 - 00000000 ____D C:\Users\ShastaMan\Documents\JoWooD 2016-08-31 01:00 - 2016-08-31 01:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JoWood 2016-08-31 00:54 - 2016-08-31 00:54 - 00043520 _____ C:\Windows\SysWOW64\CmdLineExt03.dll 2016-08-31 00:45 - 2016-08-31 00:45 - 00000000 ____D C:\Users\ShastaMan\AppData\LocalLow\Hinterland 2016-08-31 00:45 - 2016-08-31 00:45 - 00000000 ____D C:\Users\ShastaMan\AppData\Local\Hinterland 2016-08-31 00:35 - 2016-08-31 00:35 - 00000000 ____D C:\Users\ShastaMan\Documents\BioWare 2016-08-31 00:29 - 2016-08-31 00:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 2016-08-31 00:29 - 2016-08-31 00:29 - 00000000 ____D C:\ProgramData\Media Center Programs 2016-08-30 11:07 - 2016-08-30 11:07 - 00000000 ____D C:\Users\ShastaMan\AppData\Local\CAPCOM 2016-08-30 10:44 - 2016-08-30 10:44 - 00000000 ____D C:\Users\ShastaMan\AppData\Roaming\Resident Evil HD Remaster_Uninstall 2016-08-30 10:44 - 2016-08-30 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics 2016-08-30 10:04 - 2016-08-30 10:04 - 00000000 ____D C:\Program Files (x86)\Skype 2016-08-30 03:36 - 2016-08-30 03:36 - 00000000 ____D C:\Users\ShastaMan\Documents\Max Payne Savegames 2016-08-27 02:45 - 2016-08-28 04:04 - 00000243 _____ C:\Users\ShastaMan\Desktop\obczaj te filmy.txt 2016-08-26 19:03 - 2016-08-26 19:03 - 00000000 ____D C:\Users\ShastaMan\Documents\Diablo III 2016-08-26 18:07 - 2016-08-26 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III 2016-08-26 18:00 - 2016-08-27 14:56 - 00000000 ____D C:\Users\ShastaMan\AppData\Local\Battle.net 2016-08-26 18:00 - 2016-08-26 18:00 - 00000000 ____D C:\Users\ShastaMan\AppData\Local\Blizzard Entertainment 2016-08-26 18:00 - 2016-08-26 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2016-08-26 18:00 - 2016-08-26 18:00 - 00000000 ____D C:\ProgramData\Blizzard Entertainment 2016-08-26 17:59 - 2016-08-26 18:01 - 00000000 ____D C:\Users\ShastaMan\AppData\Roaming\Battle.net 2016-08-26 17:59 - 2016-08-26 17:59 - 00000000 ____D C:\ProgramData\Battle.net 2016-08-25 17:40 - 2016-08-25 17:40 - 00000000 _____ C:\Users\ShastaMan\Desktop\spyrix free keylogger obczaj ten program.txt 2016-08-25 17:37 - 2016-08-25 17:37 - 00000000 _RSHD C:\ProgramData\{972DC8CA-126D-23FD-11AA-92876DD12AFD} 2016-08-25 17:33 - 2016-08-25 23:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-08-24 21:34 - 2016-08-24 21:34 - 00000000 ____D C:\Users\ShastaMan\AppData\Local\Logitech 2016-08-24 21:32 - 2016-09-04 15:32 - 00000000 ____D C:\Program Files (x86)\Overwolf 2016-08-24 21:32 - 2016-08-24 21:32 - 00003728 _____ C:\Windows\System32\Tasks\Overwolf Updater Task 2016-08-24 21:32 - 2016-08-24 21:32 - 00000000 ____D C:\Users\ShastaMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf 2016-08-24 21:31 - 2016-09-05 15:12 - 00000000 ____D C:\Users\ShastaMan\AppData\Local\Overwolf 2016-08-24 21:31 - 2016-08-24 22:41 - 00000000 ____D C:\ProgramData\Overwolf 2016-08-24 21:30 - 2016-08-24 21:31 - 00000000 ____D C:\Program Files\Logitech Gaming Software 2016-08-24 21:21 - 2016-08-24 21:21 - 00000000 ____D C:\Users\ShastaMan\AppData\Roaming\Logitech 2016-08-24 21:21 - 2016-08-24 21:21 - 00000000 ____D C:\Users\ShastaMan\AppData\Roaming\Logishrd 2016-08-24 02:27 - 2016-08-24 02:27 - 01099018 _____ C:\Users\ShastaMan\Documents\Recorded Audio 24-sie-2016 02-27-41.wav 2016-08-24 02:26 - 2016-08-24 02:26 - 00000000 ____D C:\Users\ShastaMan\AppData\Roaming\COWON 2016-08-24 02:25 - 2016-08-24 02:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jetAudio 2016-08-24 02:25 - 2016-08-24 02:26 - 00000000 ____D C:\Program Files (x86)\JetAudio 2016-08-24 02:03 - 2016-08-24 02:03 - 00000000 ____D C:\Users\ShastaMan\AppData\Local\EZSoftMagic 2016-08-24 02:03 - 2016-08-24 02:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Recorder Platinum 2016-08-24 01:33 - 2016-08-24 01:33 - 00000000 ____D C:\Users\ShastaMan\AppData\Local\arw 2016-08-24 01:33 - 2016-08-24 01:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Record Wizard 2016-08-24 00:33 - 2016-08-24 00:35 - 00000000 ____D C:\Users\ShastaMan\Documents\Free Sound Recorder 2016-08-24 00:33 - 2016-08-24 00:33 - 00000000 ____D C:\Users\ShastaMan\AppData\Roaming\New Version Available 2016-08-24 00:33 - 2016-08-24 00:33 - 00000000 ____D C:\Users\ShastaMan\AppData\Roaming\Free Sound Recorder 2016-08-24 00:33 - 2016-08-24 00:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Sound Recorder 2016-08-24 00:33 - 2006-03-23 12:56 - 00113486 _____ C:\Windows\SysWOW64\NCTWMAProfiles.prx 2016-08-24 00:33 - 2005-05-18 11:52 - 01212416 _____ (Online Media Technologies Ltd.) C:\Windows\SysWOW64\NCTAudioInformation2.dll 2016-08-24 00:33 - 2005-05-17 12:37 - 01986560 _____ (NCT Company Ltd.) C:\Windows\SysWOW64\NCTAudioFile2.dll 2016-08-24 00:33 - 2005-04-25 13:01 - 00458752 _____ (Online Media Technologies Ltd.) C:\Windows\SysWOW64\NCTAudioRecord2.dll 2016-08-24 00:33 - 2005-04-25 13:01 - 00458752 _____ (Online Media Technologies Ltd.) C:\Windows\SysWOW64\NCTAudioPlayer2.dll 2016-08-24 00:33 - 2005-04-15 12:08 - 00880640 _____ (Online Media Technologies Ltd.) C:\Windows\SysWOW64\NCTAudioEditor2.dll 2016-08-24 00:33 - 2005-04-04 17:21 - 00602112 _____ (Online Media Technologies Ltd.) C:\Windows\SysWOW64\NCTAudioTransform2.dll 2016-08-24 00:33 - 2005-03-28 15:54 - 00479232 _____ (Online Media Technologies Ltd.) C:\Windows\SysWOW64\NCTAudioVisualization2.dll 2016-08-24 00:33 - 2005-03-28 15:52 - 00417792 _____ (Online Media Technologies Ltd.) C:\Windows\SysWOW64\NCTTextToAudio2.dll 2016-08-24 00:33 - 2005-02-24 11:51 - 00348160 _____ (NCT Company Ltd.) C:\Windows\SysWOW64\NCTWMAFile2.dll 2016-08-24 00:33 - 2004-11-04 13:31 - 00835584 _____ (NCT) C:\Windows\SysWOW64\NCTAudioCDGrabber2.dll 2016-08-24 00:33 - 2002-01-05 16:37 - 00344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll 2016-08-23 02:43 - 2016-08-23 02:43 - 00000000 ____D C:\meko 2016-08-23 02:42 - 2016-08-23 02:42 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity 2016-08-23 01:44 - 2016-08-31 01:10 - 00000000 ____D C:\Users\ShastaMan\Downloads\Telegram Desktop 2016-08-21 20:09 - 2016-08-21 20:09 - 00000061 _____ C:\Users\ShastaMan\Desktop\awe.txt 2016-08-21 19:29 - 2016-08-21 19:29 - 00000000 _____ C:\Users\ShastaMan\Desktop\obejrzyj dokument defilada.txt 2016-08-20 17:31 - 2016-08-20 17:36 - 00000068 _____ C:\Users\ShastaMan\Desktop\nuta.txt 2016-08-19 00:26 - 2016-09-05 15:48 - 00000000 ____D C:\Program Files (x86)\Steam 2016-08-19 00:26 - 2016-08-19 00:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2016-08-19 00:24 - 2016-08-19 00:26 - 00000963 _____ C:\Users\Public\Desktop\Steam.lnk 2016-08-19 00:16 - 2016-08-25 23:05 - 00000000 ____D C:\AdwCleaner 2016-08-18 23:46 - 2016-08-19 00:03 - 00000000 ____D C:\Qoobox 2016-08-18 23:46 - 2016-08-18 23:57 - 00000000 ____D C:\Windows\erdnt 2016-08-18 23:46 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe 2016-08-18 23:46 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe 2016-08-18 23:46 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2016-08-18 23:46 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2016-08-18 23:46 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2016-08-18 23:46 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe 2016-08-18 23:46 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe 2016-08-18 23:46 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe 2016-08-18 23:36 - 2016-08-18 23:36 - 00000000 ____D C:\Windows\Sun 2016-08-18 23:22 - 2016-08-18 23:21 - 00453275 ____R C:\Windows\system32\Drivers\etc\hosts.20160818-232254.backup 2016-08-18 23:21 - 2016-08-18 22:42 - 00000833 _____ C:\Windows\system32\Drivers\etc\hosts.20160818-232146.backup 2016-08-18 23:14 - 2016-08-18 23:14 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking 2016-08-18 23:13 - 2016-08-18 23:55 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2016-08-18 23:13 - 2016-08-18 23:45 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2016-08-18 22:46 - 2016-08-18 22:46 - 00000504 _____ C:\DelFix.txt 2016-08-16 17:42 - 2016-08-16 17:42 - 00002097 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk 2016-08-16 17:42 - 2016-08-16 17:42 - 00002095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk 2016-08-16 17:42 - 2016-08-16 17:42 - 00002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ореrа.lnk 2016-08-16 17:41 - 2016-08-16 17:41 - 00002017 _____ C:\Users\ShastaMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk 2016-08-16 17:33 - 2016-08-16 17:33 - 00000000 ____D C:\Program Files (x86)\RobotSoft 2016-08-15 20:20 - 2016-09-05 15:19 - 00000000 ____D C:\Users\ShastaMan\Desktop\cim 2016-08-13 22:21 - 2016-08-14 16:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthesia 2016-08-13 22:21 - 2016-08-13 22:21 - 00000000 ____D C:\Program Files (x86)\Synthesia 2016-08-13 22:17 - 2016-08-14 16:43 - 00000000 ____D C:\Users\ShastaMan\AppData\Roaming\Synthesia 2016-08-13 22:17 - 2016-08-13 22:17 - 00000000 ____D C:\Users\ShastaMan\Documents\Synthesia Music 2016-08-13 21:36 - 2016-08-13 21:37 - 00000000 ____D C:\ProgramData\Little Piano 2016-08-13 21:36 - 2016-08-13 21:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Little Piano 2016-08-13 21:30 - 2016-08-13 21:30 - 00030520 _____ C:\Windows\SysWOW64\midiwrap3405.deu 2016-08-13 21:30 - 2016-08-13 21:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KB Piano 2 2016-08-13 21:30 - 2016-08-13 21:30 - 00000000 ____D C:\ProgramData\KB Piano 2016-08-11 12:16 - 2016-08-25 23:05 - 00000000 ____D C:\Program Files (x86)\WinZipper 2016-08-11 12:16 - 2016-08-11 12:16 - 00000000 ____D C:\Program Files (x86)\tfsikxnn 2016-08-10 04:11 - 2016-08-10 04:11 - 03823408 _____ (Logitech Inc.) C:\Windows\system32\RenderAPO.dll 2016-08-10 04:11 - 2016-08-10 04:11 - 02121064 _____ (Logitech Inc.) C:\Windows\system32\CaptureAPO.dll 2016-08-10 04:11 - 2016-08-10 04:11 - 00045208 _____ (Logitech Inc.) C:\Windows\system32\Drivers\ladfGSS.sys 2016-08-08 13:01 - 2016-08-08 13:01 - 00000003 _____ C:\Windows\SysWOW64\EN_163676.html 2016-08-08 13:01 - 2016-08-08 13:01 - 00000003 _____ C:\Windows\SysWOW64\EN_162693.html 2016-08-08 13:01 - 2016-08-08 13:01 - 00000003 _____ C:\Windows\SysWOW64\EN_162506.html 2016-08-08 13:01 - 2016-08-08 13:01 - 00000003 _____ C:\Windows\SysWOW64\EN_161351.html 2016-08-08 13:01 - 2016-08-08 13:01 - 00000003 _____ C:\Windows\SysWOW64\EN_161195.html 2016-08-08 13:01 - 2016-08-08 13:01 - 00000003 _____ C:\Windows\SysWOW64\EN_160337.html 2016-08-08 13:01 - 2016-08-08 13:01 - 00000003 _____ C:\Windows\SysWOW64\EN_160135.html 2016-08-08 13:01 - 2016-08-08 13:01 - 00000003 _____ C:\Windows\SysWOW64\EN_154799.html 2016-08-08 13:01 - 2016-08-08 13:01 - 00000003 _____ C:\Windows\SysWOW64\EN_154378.html 2016-08-08 13:01 - 2016-08-08 13:01 - 00000003 _____ C:\Windows\SysWOW64\EN_133505.html 2016-08-08 13:01 - 2016-08-08 13:01 - 00000003 _____ C:\Windows\SysWOW64\EN_133334.html 2016-08-08 13:01 - 2016-08-08 13:01 - 00000003 _____ C:\Windows\SysWOW64\EN_132772.html 2016-08-08 13:01 - 2016-08-08 13:01 - 00000003 _____ C:\Windows\SysWOW64\EN_132226.html 2016-08-08 13:00 - 2016-08-18 16:14 - 00000000 ____D C:\Windows\SysWOW64\_SSpm 2016-08-08 13:00 - 2016-08-08 13:00 - 00000003 _____ C:\Windows\SysWOW64\pl_79576.html 2016-08-08 13:00 - 2016-08-08 13:00 - 00000003 _____ C:\Windows\SysWOW64\EN_106501.html 2016-08-08 04:01 - 2016-08-08 04:01 - 00000000 ____D C:\Users\ShastaMan\AppData\Local\Arktos Entertainment 2016-08-08 03:46 - 2016-08-08 03:46 - 00000673 _____ C:\Users\ShastaMan\Desktop\Infestation World.lnk 2016-08-08 03:46 - 2016-08-08 03:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronics Extreme 2016-08-07 12:37 - 2016-08-07 12:45 - 00000655 _____ C:\Users\ShastaMan\Documents\sfgame.txt ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-09-05 16:39 - 2015-10-25 23:43 - 00000000 ____D C:\Users\ShastaMan\AppData\Roaming\uTorrent 2016-09-05 16:24 - 2015-09-17 21:36 - 00000000 ____D C:\Users\ShastaMan\AppData\Roaming\Skype 2016-09-05 16:07 - 2015-09-17 20:30 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-09-05 16:06 - 2016-03-12 00:41 - 00000000 ____D C:\Users\ShastaMan\AppData\Roaming\CodeBlocks 2016-09-05 16:04 - 2015-10-29 21:57 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-09-05 16:03 - 2016-02-12 23:51 - 00000000 ____D C:\Users\ShastaMan\Documents\YouCam 2016-09-05 15:24 - 2009-07-14 06:45 - 00031520 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-09-05 15:24 - 2009-07-14 06:45 - 00031520 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-09-05 15:13 - 2015-09-17 21:29 - 00000000 ____D C:\Users\ShastaMan\AppData\Roaming\GG 2016-09-05 15:12 - 2015-11-29 00:44 - 00000000 ____D C:\Users\ShastaMan\AppData\Local\LogMeIn Hamachi 2016-09-05 15:11 - 2015-09-17 20:30 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-09-05 15:08 - 2015-09-17 21:20 - 00000000 ____D C:\ProgramData\NVIDIA 2016-09-05 15:08 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-09-05 02:00 - 2015-10-04 21:37 - 00000000 ____D C:\Users\ShastaMan\AppData\Local\Adobe 2016-09-04 23:32 - 2015-09-17 20:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI 2016-09-04 23:32 - 2015-09-17 20:24 - 00000000 ____D C:\MSI 2016-09-04 23:30 - 2015-12-23 01:52 - 00000000 ____D C:\Windows\system32\appmgmt 2016-09-04 23:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2016-09-04 23:29 - 2015-11-29 02:00 - 00000000 ____D C:\Users\ShastaMan\AppData\Roaming\COMODO 2016-09-04 19:08 - 2015-09-29 16:33 - 00000000 ____D C:\ProgramData\Origin 2016-09-04 18:31 - 2015-11-02 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-09-04 18:31 - 2015-09-17 21:19 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-09-04 18:31 - 2015-09-17 21:17 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-09-04 17:46 - 2015-09-29 16:34 - 00000000 ____D C:\ProgramData\Package Cache 2016-09-04 14:55 - 2015-11-28 05:50 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2016-09-04 03:55 - 2015-12-23 21:15 - 00000000 ____D C:\Users\ShastaMan\AppData\Local\CrashDumps 2016-09-03 14:52 - 2015-09-27 22:29 - 00000000 ____D C:\Users\ShastaMan\AppData\Roaming\Audacity 2016-09-02 20:22 - 2016-02-11 21:43 - 00000000 ____D C:\ProgramData\CanonIJPLM 2016-09-02 02:55 - 2015-09-17 21:26 - 00000000 ____D C:\ProgramData\Adobe 2016-09-02 02:54 - 2016-02-24 21:49 - 00000000 ____D C:\Users\ShastaMan\AppData\LocalLow\Adobe 2016-09-02 02:54 - 2015-09-17 21:26 - 00000000 ____D C:\Users\ShastaMan\AppData\Roaming\Adobe 2016-09-02 01:53 - 2016-07-15 04:13 - 00000000 ____D C:\Users\ShastaMan\Desktop\C+++ 2016-08-31 02:35 - 2016-03-17 01:22 - 00000000 ____D C:\ProgramData\TechSmith 2016-08-31 01:00 - 2015-09-17 20:29 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-08-31 00:52 - 2015-11-15 16:28 - 00000000 ____D C:\Users\ShastaMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2016-08-31 00:29 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-08-31 00:20 - 2015-10-22 17:19 - 00000000 ____D C:\Users\ShastaMan\AppData\Roaming\DAEMON Tools Lite 2016-08-30 22:11 - 2011-04-12 14:17 - 00743666 _____ C:\Windows\system32\perfh015.dat 2016-08-30 22:11 - 2011-04-12 14:17 - 00157148 _____ C:\Windows\system32\perfc015.dat 2016-08-30 22:11 - 2009-07-14 07:13 - 01678830 _____ C:\Windows\system32\PerfStringBackup.INI 2016-08-30 10:04 - 2015-09-17 21:36 - 00000000 ____D C:\ProgramData\Skype 2016-08-28 22:33 - 2015-09-19 15:29 - 00000000 ____D C:\Users\ShastaMan\AppData\Local\ElevatedDiagnostics 2016-08-26 14:20 - 2015-10-25 23:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-08-26 01:28 - 2015-11-02 20:13 - 17463088 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2016-08-26 01:28 - 2015-11-02 20:13 - 01019960 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2016-08-26 01:28 - 2015-11-02 20:13 - 00520912 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2016-08-26 01:28 - 2015-09-17 21:19 - 01588688 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2016-08-26 01:28 - 2015-09-17 21:19 - 00039731 _____ C:\Windows\system32\nvinfo.pb 2016-08-26 01:28 - 2015-09-17 21:18 - 19848080 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2016-08-26 01:28 - 2015-09-17 21:18 - 17263792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2016-08-26 01:28 - 2015-09-17 21:18 - 14352816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2016-08-26 01:28 - 2015-09-17 21:18 - 03917512 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2016-08-26 01:28 - 2015-09-17 21:18 - 03456888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2016-08-25 23:10 - 2016-02-16 19:27 - 00548408 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2016-08-25 23:10 - 2016-02-16 19:27 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2016-08-25 23:10 - 2015-09-17 21:19 - 06385720 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2016-08-25 23:10 - 2015-09-17 21:19 - 02475064 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2016-08-25 23:10 - 2015-09-17 21:19 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2016-08-25 23:10 - 2015-09-17 21:19 - 01362368 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2016-08-25 23:10 - 2015-09-17 21:19 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2016-08-25 23:10 - 2015-09-17 21:19 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2016-08-24 21:30 - 2015-09-17 23:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2016-08-24 01:54 - 2015-10-07 21:38 - 00000000 ____D C:\Users\ShastaMan\AppData\Roaming\TS3Client 2016-08-24 01:33 - 2016-02-12 23:50 - 00000000 ____D C:\ProgramData\Temp 2016-08-22 17:18 - 2015-09-17 21:19 - 07320235 _____ C:\Windows\system32\nvcoproc.bin 2016-08-21 18:06 - 2016-01-10 05:02 - 00000000 ____D C:\Users\ShastaMan\AppData\Roaming\vlc 2016-08-21 04:21 - 2015-11-22 04:59 - 00000000 ____D C:\Users\ShastaMan\Desktop\Muzyki 2016-08-19 16:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF 2016-08-18 23:55 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini 2016-08-18 23:35 - 2015-11-02 20:10 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2016-08-18 23:35 - 2015-11-02 20:10 - 00000000 ____D C:\Users\ShastaMan\.oracle_jre_usage 2016-08-18 23:35 - 2015-11-02 20:09 - 00000000 ____D C:\ProgramData\Oracle 2016-08-18 23:35 - 2015-11-02 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-08-18 23:35 - 2015-11-02 20:09 - 00000000 ____D C:\Program Files (x86)\Java 2016-08-18 23:16 - 2015-12-03 22:50 - 00000000 ____D C:\Program Files\Common Files\AV 2016-08-18 16:16 - 2009-07-14 07:08 - 00032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-08-18 14:30 - 2016-02-24 20:18 - 00000000 ____D C:\Users\ShastaMan\AppData\Roaming\Podatnik.info 2016-08-18 14:30 - 2016-02-24 19:10 - 00000000 ____D C:\PIT Format 2015 2016-08-17 21:33 - 2015-12-09 16:52 - 00000000 ____D C:\Windows\AutoKMS 2016-08-17 21:32 - 2016-07-30 18:09 - 00000000 ____D C:\Users\ShastaMan\AppData\Roaming\Vugfus 2016-08-17 13:01 - 2015-11-29 01:51 - 00000000 ____D C:\Users\ShastaMan\AppData\Roaming\TeamViewer 2016-08-16 17:41 - 2016-07-29 18:53 - 00000000 ____D C:\Users\ShastaMan\Desktop\ProgramyKtore Uzywam 2016-08-16 17:41 - 2015-12-16 19:20 - 00000000 ____D C:\Users\ShastaMan\Desktop\Nowy folder (2) 2016-08-11 13:53 - 2016-03-29 18:33 - 00000000 ___HD C:\ProgramData\CanonIJMIG 2016-08-08 13:07 - 2016-03-19 01:03 - 00000000 ____D C:\Users\ShastaMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder 2016-08-08 13:07 - 2015-12-23 02:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 Multiplayer 2016-08-08 13:07 - 2015-11-28 05:52 - 00001004 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk ==================== Pliki w katalogu głównym wybranych folderów ======= 2016-01-03 17:39 - 2016-01-03 17:39 - 0000600 _____ () C:\Users\ShastaMan\AppData\Roaming\PUTTY.RND 2016-01-02 03:54 - 2016-03-21 00:32 - 0000600 _____ () C:\Users\ShastaMan\AppData\Local\PUTTY.RND 2015-09-18 13:26 - 2016-07-20 21:40 - 0007617 _____ () C:\Users\ShastaMan\AppData\Local\Resmon.ResmonCfg Niektóre pliki w TEMP: ==================== C:\Users\ShastaMan\AppData\Local\Temp\browsersecurity.exe C:\Users\ShastaMan\AppData\Local\Temp\libeay32.dll C:\Users\ShastaMan\AppData\Local\Temp\msvcr120.dll C:\Users\ShastaMan\AppData\Local\Temp\nvSCPAPI.dll C:\Users\ShastaMan\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\ShastaMan\AppData\Local\Temp\nvStInst.exe C:\Users\ShastaMan\AppData\Local\Temp\SIntf16.dll C:\Users\ShastaMan\AppData\Local\Temp\SIntf32.dll C:\Users\ShastaMan\AppData\Local\Temp\SIntfNT.dll C:\Users\ShastaMan\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-08-27 14:45 ==================== Koniec FRST.txt ============================