Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 05-12-2016 Uruchomiony przez Dejw (administrator) DEJW-KOMPUTER (06-12-2016 18:04:18) Uruchomiony z C:\Users\Dejw\Documents Załadowane profile: Dejw (Dostępne profile: Dejw) Platform: Windows 7 Ultimate (X64) Język: Polski (Polska) Internet Explorer Wersja 8 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AMD) C:\Windows\System32\atiesrxx.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe (AMD) C:\Windows\System32\atieclxx.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe () C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avpui.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Users\Dejw\Downloads\AdwCleaner.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Farbar) C:\Users\Dejw\Documents\FRST64 (2).exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5199984 2011-06-24] (VIA) HKLM-x32\...\Run: [Codec Settings UAC Manager] => C:\Windows\SysWOW64\Codecs\CodecUACManager.exe [60432 2015-10-07] () HKU\S-1-5-21-2448206972-1435992067-1411047560-1001\...\Run: [Mobile Partner] => C:\Program Files (x86)\PLAY ONLINE\PLAY ONLINE HKU\S-1-5-21-2448206972-1435992067-1411047560-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-10-21] (SUPERAntiSpyware) HKU\S-1-5-21-2448206972-1435992067-1411047560-1001\...\Run: [Codec Pack Update Checker] => "C:\Windows\system32\Codecs\UpdateChecker.exe" HKU\S-1-5-21-2448206972-1435992067-1411047560-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-13] (Valve Corporation) HKU\S-1-5-21-2448206972-1435992067-1411047560-1001\...\Run: [RGSC] => D:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent HKU\S-1-5-21-2448206972-1435992067-1411047560-1001\...\Run: [mailruhomesearch] => "C:\Users\Dejw\AppData\Local\Mail.Ru\Sputnik\ptls\mailruhomesearch.exe" --pr_deferred HKU\S-1-5-21-2448206972-1435992067-1411047560-1001\...\Run: [SideSync] => C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe [9918104 2015-12-22] () HKU\S-1-5-21-2448206972-1435992067-1411047560-1001\...\MountPoints2: {40a45d3e-f1c6-11e5-8a87-da106185aaa0} - F:\AutoRun.exe HKU\S-1-5-21-2448206972-1435992067-1411047560-1001\...\MountPoints2: {4d627d21-b6a4-11e5-bc8f-6c626dc62f32} - F:\AutoRun.exe HKU\S-1-5-21-2448206972-1435992067-1411047560-1001\...\MountPoints2: {5833baa8-ce92-11e5-ac1f-ba5cff07afa4} - F:\AutoRun.exe HKU\S-1-5-21-2448206972-1435992067-1411047560-1001\...\MountPoints2: {5fa54f75-b6ab-11e5-b5f4-acc18734acb8} - I:\Autorun.exe HKU\S-1-5-21-2448206972-1435992067-1411047560-1001\...\MountPoints2: {5fa54f9d-b6ab-11e5-b5f4-acc18734acb8} - F:\AutoRun.exe HKU\S-1-5-21-2448206972-1435992067-1411047560-1001\...\MountPoints2: {a59fb894-b69e-11e5-bc31-806e6f6e6963} - F:\AutoRun.exe HKU\S-1-5-21-2448206972-1435992067-1411047560-1001\...\MountPoints2: {b662ec91-fbfa-11e5-a539-6c626dc62f32} - F:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-2448206972-1435992067-1411047560-1001\...\MountPoints2: {f1805cb2-ca9f-11e5-975f-6c626dc62f32} - F:\AutoRun.exe HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2011-04-27] ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 37.8.214.2 31.11.202.254 Tcpip\..\Interfaces\{291C80C1-DC38-4519-8349-4B8235CFB79C}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{29FC8AF6-032A-47BF-8D17-B71F4793438B}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{376D9599-3829-4BDF-9470-A123A719EDDD}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{9267F7F1-E276-4C93-828A-BF51D81BD1C6}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{A7E58CC4-70A6-4F6F-97E0-ABD4D34ECE4A}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{E523F341-4A2F-4544-8307-E52C2E5257E2}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{E865626F-900A-4A15-8334-948C94DCBA92}: [DhcpNameServer] 37.8.214.2 31.11.202.254 Internet Explorer: ================== BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-10-24] (AO Kaspersky Lab) BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll [2016-10-24] (AO Kaspersky Lab) Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-10-24] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll [2016-10-24] (AO Kaspersky Lab) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation) Chrome: ======= CHR HomePage: Default -> hxxp://search.babylon.com/?babsrc=HP_ss&affID=100842&mntrId=56b550450000000000006c626dc62f32 CHR StartupUrls: Default -> "hxxp://google.pl/" CHR Profile: C:\Users\Dejw\AppData\Local\Google\Chrome\User Data\Default [2016-12-06] CHR Extension: (Dysk Google) - C:\Users\Dejw\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-09] CHR Extension: (YouTube) - C:\Users\Dejw\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-09] CHR Extension: (Google Search) - C:\Users\Dejw\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-09] CHR Extension: (Kaspersky Protection) - C:\Users\Dejw\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2016-01-09] CHR Extension: (AdBlock) - C:\Users\Dejw\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-11-23] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Dejw\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR Extension: (Gmail) - C:\Users\Dejw\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-09] CHR Extension: (Chrome Media Router) - C:\Users\Dejw\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-26] CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe [194000 2016-01-09] (Kaspersky Lab ZAO) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-10-28] () R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.) R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-06-14] (VIA Technologies, Inc.) S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO) S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [77728 2016-03-01] (AO Kaspersky Lab) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2016-01-09] (AO Kaspersky Lab) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [237480 2016-05-25] (AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [943536 2016-05-25] (AO Kaspersky Lab) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [49240 2016-05-25] (AO Kaspersky Lab) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2016-01-09] (AO Kaspersky Lab) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104560 2012-04-25] (Qualcomm Atheros Co., Ltd.) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2016-01-09] (Duplex Secure Ltd.) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.) S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-12-06 18:00 - 2016-12-06 18:02 - 00000000 ____D C:\AdwCleaner 2016-12-06 18:00 - 2016-12-06 18:00 - 03968464 _____ C:\Users\Dejw\Downloads\AdwCleaner.exe 2016-12-06 17:50 - 2016-12-06 17:53 - 00024180 _____ C:\Users\Dejw\Documents\Fixlog.txt 2016-12-05 21:13 - 2016-12-05 21:13 - 00053845 _____ C:\Users\Dejw\Documents\GMER.txt 2016-12-05 20:55 - 2016-12-05 20:55 - 00060456 _____ C:\Users\Dejw\Documents\Shortcut.txt 2016-12-05 20:55 - 2016-12-05 20:55 - 00033092 _____ C:\Users\Dejw\Documents\Addition.txt 2016-12-05 20:51 - 2016-12-05 20:57 - 00000396 _____ C:\Users\Dejw\Documents\Nowy dokument tekstowy.txt 2016-12-05 20:46 - 2016-12-06 18:04 - 00014619 _____ C:\Users\Dejw\Documents\FRST.txt 2016-12-05 20:41 - 2016-12-05 20:41 - 02419712 _____ (Farbar) C:\Users\Dejw\Documents\FRST64 (2).exe 2016-12-05 20:40 - 2016-12-05 20:40 - 00380928 _____ C:\Users\Dejw\Documents\3v9zn1je.exe 2016-12-04 23:41 - 2016-12-04 23:44 - 00000140 _____ C:\Windows\Reimage.ini 2016-12-04 23:41 - 2016-12-04 23:41 - 00604928 _____ (Reimage) C:\Users\Dejw\Downloads\ReimageRepair.exe 2016-12-04 23:32 - 2016-12-04 23:34 - 02419200 _____ (Farbar) C:\Users\Dejw\Downloads\FRST64 (1).exe 2016-12-04 19:56 - 2016-12-04 19:56 - 00000000 ____D C:\Users\Public\Documents\CrashDump 2016-12-04 19:50 - 2016-12-04 19:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf 2016-12-04 19:38 - 2016-12-04 19:40 - 16044628 _____ C:\Users\Dejw\Downloads\samsung firmware and driver.zip 2016-12-04 19:27 - 2016-12-04 19:27 - 00001101 _____ C:\Users\Dejw\Desktop\Realterm.lnk 2016-12-04 19:27 - 2016-12-04 19:27 - 00000000 ____D C:\Users\Dejw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Realterm 2016-12-04 19:25 - 2016-12-04 19:25 - 00000000 ____D C:\Windows\system32\appmgmt 2016-12-04 19:22 - 2016-12-04 19:22 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log 2016-12-04 19:20 - 2016-12-04 19:20 - 00001973 _____ C:\Users\Public\Desktop\Samsung Kies 3.lnk 2016-12-04 19:20 - 2016-12-04 19:20 - 00000154 _____ C:\Windows\SysWOW64\avast5.ini 2016-12-04 19:20 - 2016-12-04 19:20 - 00000000 ____D C:\Users\Dejw\Documents\samsung 2016-12-04 19:18 - 2016-07-22 08:21 - 01499408 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll 2016-12-04 19:18 - 2016-07-22 08:21 - 00716928 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll 2016-12-04 19:18 - 2016-07-22 08:21 - 00164992 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys 2016-12-04 19:18 - 2016-07-22 08:21 - 00130688 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys 2016-12-04 19:17 - 2014-05-07 17:42 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll 2016-12-04 19:09 - 2016-12-04 19:10 - 40758048 _____ (Samsung Electronics Co., Ltd.) C:\Users\Dejw\Downloads\Kies3Setup.exe 2016-12-04 19:07 - 2016-12-04 19:07 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software 2016-12-04 19:06 - 2016-12-04 19:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2016-12-04 19:06 - 2016-12-04 19:06 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2016-12-04 19:06 - 2016-12-04 19:06 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2016-12-04 19:06 - 2016-12-04 19:06 - 00001140 _____ C:\Users\Public\Desktop\SideSync.lnk 2016-12-04 19:05 - 2016-12-04 19:05 - 47630688 _____ (Samsung) C:\Users\Dejw\Downloads\Samsung SideSync 4.0.2.37 [1].exe 2016-12-04 19:05 - 2016-12-04 19:05 - 00000000 ____D C:\ProgramData\AVAST Software 2016-12-04 17:52 - 2016-12-04 19:18 - 00000000 ____D C:\Users\Dejw\AppData\Local\Amigo 2016-12-04 17:52 - 2016-12-04 17:52 - 00000000 ____D C:\Users\Dejw\AppData\LocalLow\Unity 2016-12-04 17:52 - 2016-12-04 17:52 - 00000000 ____D C:\Users\Dejw\AppData\Local\Unity 2016-12-04 17:49 - 2016-12-04 17:49 - 00000190 _____ C:\Users\Dejw\Desktop\Искать в Интернете.url 2016-12-04 17:47 - 2016-12-04 17:48 - 03758208 _____ (Astonsoft) C:\Users\Dejw\Downloads\XEO-T280XXU0APB6-20160215081413.exe 2016-12-04 17:34 - 2016-12-04 17:34 - 00000000 ____D C:\Users\Dejw\Desktop\Odin3 2016-12-04 17:27 - 2016-12-04 17:28 - 00997949 _____ C:\Users\Dejw\Downloads\Odin3-v3.11.1.zip 2016-12-04 17:08 - 2016-12-04 17:09 - 48364048 _____ (Samsung) C:\Users\Dejw\Downloads\SideSync_4.3.0.92.exe 2016-12-04 16:55 - 2016-12-04 16:56 - 24142067 _____ C:\Users\Dejw\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones_1_5_6_0.zip 2016-12-04 16:25 - 2016-12-04 16:25 - 00047737 _____ C:\Users\Dejw\Downloads\samsung bypass google verify (1).apk 2016-12-04 16:12 - 2016-12-04 16:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realterm 2016-12-04 16:12 - 2016-12-04 16:12 - 01025524 _____ C:\Users\Dejw\Downloads\Realterm_2.0.0.70_Signed_Wrapper_setup.exe 2016-12-04 16:12 - 2016-12-04 16:12 - 00819226 _____ C:\Users\Dejw\Downloads\BypassFRP_25.11.2016(NEW).apk 2016-12-04 16:12 - 2016-12-04 16:12 - 00000000 ____D C:\Program Files (x86)\BEL 2016-12-04 16:06 - 2016-12-04 19:22 - 00000000 ____D C:\Users\Dejw\AppData\Roaming\Samsung 2016-12-04 16:06 - 2016-12-04 16:06 - 00000000 ____D C:\Users\Dejw\Documents\SideSync 2016-12-04 16:05 - 2016-12-04 17:01 - 00001070 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SideSync.lnk 2016-12-04 16:04 - 2016-12-04 19:22 - 00000000 ____D C:\ProgramData\Samsung 2016-12-04 16:04 - 2016-12-04 19:18 - 00000000 ____D C:\Program Files (x86)\Samsung 2016-12-04 16:04 - 2016-12-04 16:04 - 00000000 ____D C:\Program Files\Samsung 2016-12-04 16:00 - 2016-12-04 16:02 - 48527872 _____ (Samsung) C:\Users\Dejw\Downloads\SideSync_4.6.5.13.exe 2016-12-04 12:24 - 2016-12-04 12:24 - 00047737 _____ C:\Users\Dejw\Downloads\samsung bypass google verify.apk 2016-11-26 14:48 - 2016-11-26 14:48 - 00000222 _____ C:\Users\Dejw\Desktop\DiRT 3 Complete Edition.url 2016-11-23 20:58 - 2016-11-23 21:40 - 253131185 _____ C:\Users\Dejw\Downloads\(2.4) v9.6.29.468978 (16.12.2014).rar 2016-11-23 20:36 - 2016-11-23 20:37 - 37230729 _____ C:\Users\Dejw\Downloads\data (2).zip 2016-11-23 20:35 - 2016-11-23 20:35 - 00002009 _____ C:\Users\Dejw\Downloads\sys.txt 2016-11-23 18:33 - 2016-11-23 18:56 - 191120184 _____ C:\Users\Dejw\Downloads\Truck_2.4_9.6.29.468978.rar 2016-11-21 22:15 - 2016-11-21 22:15 - 00000000 ____D C:\Users\Dejw\Desktop\windows 2016-11-21 22:14 - 2016-11-21 22:14 - 00008704 _____ C:\Users\Dejw\Downloads\UPC_KEYGEN.zip 2016-11-21 22:05 - 2016-11-21 22:05 - 00317731 _____ C:\Users\Dejw\Downloads\wifiinfoview.zip 2016-11-21 22:05 - 2016-11-21 22:05 - 00002278 _____ C:\Users\Dejw\Downloads\wifiinfoview_polish.zip 2016-11-21 20:39 - 2016-11-21 20:39 - 00002276 _____ C:\Users\Dejw\Documents\gift instrukcja.txt 2016-11-21 20:38 - 2016-11-21 21:38 - 509041201 _____ C:\Users\Dejw\Downloads\iGO_Gift.7z 2016-11-20 19:18 - 2016-11-20 19:18 - 00000000 ____D C:\Users\Dejw\Desktop\templates_v2.0 2016-11-20 19:03 - 2016-11-20 19:03 - 00000000 ____D C:\Users\Dejw\Desktop\studio 2016-11-20 18:59 - 2016-11-20 19:02 - 135070249 _____ C:\Users\Dejw\Downloads\ETS2 Studio 0-7-0-1 (2).zip 2016-11-20 18:56 - 2016-11-20 18:58 - 22405086 _____ C:\Users\Dejw\Downloads\Scania_4_Series_Basic_Skin.scs 2016-11-20 16:18 - 2016-11-20 16:18 - 43086377 _____ C:\Users\Dejw\Downloads\client_21031.zip 2016-11-18 22:38 - 2016-11-18 22:39 - 43094002 _____ C:\Users\Dejw\Downloads\client_21025.zip 2016-11-18 22:15 - 2016-11-18 22:18 - 80338690 _____ C:\Users\Dejw\Downloads\Forklifts_Mods_Pack_v_1.0_by_vydka.rar 2016-11-13 11:20 - 2016-11-13 11:28 - 513327234 _____ C:\Users\Dejw\Downloads\poi Q2 (1).rar 2016-11-11 19:12 - 2016-11-11 19:12 - 01777986 _____ C:\Users\Dejw\Desktop\11-0200.PDF 2016-11-11 10:25 - 2016-11-11 10:31 - 410655772 _____ C:\Users\Dejw\Downloads\iGO (1).rar 2016-11-06 20:32 - 2016-11-06 20:34 - 00000000 ____D C:\Users\Dejw\Documents\VirtualDJ 2016-11-06 20:32 - 2016-11-06 20:32 - 00001045 _____ C:\Users\Dejw\Desktop\VirtualDJ PRO Full.lnk 2016-11-06 20:32 - 2016-11-06 20:32 - 00000000 ____D C:\Users\Dejw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ 2016-11-06 20:32 - 2016-11-06 20:32 - 00000000 ____D C:\Program Files (x86)\VirtualDJ ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-12-06 18:04 - 2016-01-09 11:55 - 00000000 ____D C:\FRST 2016-12-06 18:00 - 2009-07-14 05:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-12-06 18:00 - 2009-07-14 05:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-12-06 17:56 - 2016-01-09 11:02 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2016-12-06 17:55 - 2016-01-11 07:46 - 00000000 ____D C:\Program Files (x86)\Steam 2016-12-06 17:55 - 2016-01-09 08:52 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-12-06 17:55 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-12-06 17:51 - 2016-01-09 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack 2016-12-06 17:51 - 2009-07-14 04:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2016-12-06 17:51 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy 2016-12-05 23:17 - 2016-01-09 08:52 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-12-05 20:54 - 2016-06-29 16:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc 2016-12-04 23:36 - 2016-01-09 11:55 - 00033826 _____ C:\Users\Dejw\Downloads\Addition.txt 2016-12-04 23:36 - 2016-01-09 11:55 - 00033503 _____ C:\Users\Dejw\Downloads\FRST.txt 2016-12-04 23:13 - 2009-07-14 18:55 - 00738970 _____ C:\Windows\system32\perfh015.dat 2016-12-04 23:13 - 2009-07-14 18:55 - 00155080 _____ C:\Windows\system32\perfc015.dat 2016-12-04 23:13 - 2009-07-14 06:13 - 01666088 _____ C:\Windows\system32\PerfStringBackup.INI 2016-12-04 23:13 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-12-04 23:04 - 2016-11-02 19:53 - 00003818 _____ C:\Users\Dejw\Documents\sys.txt 2016-12-04 22:55 - 2013-10-13 18:12 - 00000000 ____D C:\Users\Dejw\Desktop\ADB_Fastboot 2016-12-04 22:04 - 2016-01-09 12:01 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-12-04 21:47 - 2016-01-09 12:01 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-12-04 21:47 - 2016-01-09 12:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-12-04 21:47 - 2016-01-09 12:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-12-04 19:43 - 2009-07-14 05:45 - 00276888 _____ C:\Windows\system32\FNTCACHE.DAT 2016-12-04 19:26 - 2016-03-23 17:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO 2016-12-04 19:26 - 2016-03-23 17:11 - 00000000 ____D C:\Program Files (x86)\MagicISO 2016-12-04 19:26 - 2016-02-08 19:46 - 00000000 ____D C:\ProgramData\Package Cache 2016-12-04 19:24 - 2016-02-08 19:54 - 00000000 ____D C:\ProgramData\Garmin 2016-12-04 19:17 - 2016-01-09 08:48 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-12-04 19:07 - 2016-10-24 20:37 - 00000000 ____D C:\Program Files\Common Files\AV 2016-12-04 16:17 - 2016-01-09 08:40 - 00058328 _____ C:\Users\Dejw\AppData\Local\GDIPFONTCACHEV1.DAT 2016-12-04 15:39 - 2016-06-29 19:38 - 00000204 _____ C:\Windows\SysWOW64\secustat.dat 2016-12-04 15:39 - 2016-06-29 16:38 - 00000000 ____D C:\Users\Dejw\AppData\Roaming\BITS 2016-12-03 18:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2016-11-29 18:51 - 2016-02-03 19:07 - 00002371 _____ C:\Users\Dejw\Desktop\Safe Money.lnk 2016-11-27 18:39 - 2016-01-09 07:02 - 00000000 ____D C:\Users\Dejw\Documents\Euro Truck Simulator 2 2016-11-26 00:02 - 2016-03-21 16:46 - 00001163 _____ C:\Users\Public\Desktop\Euro Truck Simulator 2 Multiplayer.lnk 2016-11-21 22:00 - 2016-03-29 16:01 - 00000000 ____D C:\Users\Dejw\AppData\Roaming\Nitro PDF 2016-11-21 20:44 - 2016-07-30 15:32 - 00000000 ____D C:\Users\Dejw\AppData\LocalLow\uTorrent 2016-11-21 20:44 - 2016-02-10 18:24 - 00000000 ____D C:\Users\Dejw\AppData\Roaming\uTorrent 2016-11-21 20:35 - 2016-02-10 18:25 - 00000000 ___SD C:\Users\Dejw\AppData\LocalLow\Temp 2016-11-20 16:25 - 2016-03-21 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP 2016-11-14 23:18 - 2016-01-09 08:52 - 00002201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-11-14 23:18 - 2016-01-09 08:52 - 00002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-11-11 18:33 - 2016-01-09 17:38 - 00000000 ____D C:\Users\Dejw\AppData\Roaming\vlc Niektóre pliki w TEMP: ==================== C:\Users\Dejw\AppData\Local\Temp\libeay32.dll C:\Users\Dejw\AppData\Local\Temp\msvcr120.dll C:\Users\Dejw\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-11-05 17:26 ==================== Koniec FRST.txt ============================