Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 15-03-2017 Uruchomiony przez Ireneusz (administrator) IREK (03-04-2017 00:46:03) Uruchomiony z E:\Progsy Załadowane profile: Ireneusz (Dostępne profile: Ireneusz & Administrator) Platform: Windows 8.1 (Update) (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe (Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe () C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe (ArcSoft, Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Conceiva Pty. Ltd.) C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe (SoftPerfect) E:\Progsy\NetWorx 5.5.5\NetWorx 5.5.5.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Nektra S.A.) C:\Program Files (x86)\ivo\Expressivo\integr\OutlookExpress\ExprOElauncher.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe (www.BitComet.com) E:\Progsy\BitComet 1.42\BitComet.exe (Google Inc.) C:\Users\Ireneusz\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ireneusz\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ireneusz\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ireneusz\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ireneusz\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ireneusz\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ireneusz\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ireneusz\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ireneusz\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ireneusz\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ireneusz\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ireneusz\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ireneusz\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ireneusz\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ireneusz\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ireneusz\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ireneusz\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ireneusz\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ireneusz\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ireneusz\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ireneusz\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ireneusz\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ireneusz\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ireneusz\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ireneusz\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ireneusz\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ireneusz\AppData\Local\Google\Chrome\Application\chrome.exe (AppWork GmbH) E:\Progsy\JDownloader 2.0 DC 11.05.2016\JDownloader2.exe (Farbar) E:\Progsy\Downloading Farbar Recovery Scan Tool 15.03.2017.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2608040 2012-08-14] (TOSHIBA Corporation) HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-05] (TOSHIBA Corporation) HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-05] () HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA Corporation) HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation) HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2172816 2012-10-22] (SRS Labs, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2886824 2015-02-27] (Synaptics Incorporated) HKLM\...\Run: [NetWorx] => E:\Progsy\NetWorx 5.5.5\NetWorx 5.5.5.exe [7597384 2016-10-06] (SoftPerfect) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-01-11] (Realtek Semiconductor) HKLM-x32\...\Run: [ToshibaDynamicIconUtility] => C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe [1498624 2012-08-09] (Toshiba) HKLM-x32\...\Run: [TPUReg] => C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe [6884352 2012-08-23] (Pegatron Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-15] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-05-09] (Plays.tv, LLC) HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-05-23] (Raptr, Inc) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation) HKLM-x32\...\Winlogon: [Userinit] %windows%\system32\userinit.exe, HKU\S-1-5-21-2056806550-332065934-4011290001-1001\...\Run: [Google Update] => C:\Users\Ireneusz\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-17] (Google Inc.) HKU\S-1-5-21-2056806550-332065934-4011290001-1001\...\Run: [Expressivo] => C:\Program Files (x86)\ivo\Expressivo\expressivo.exe [1368064 2009-11-23] (IVO Software Sp. z o.o.) HKU\S-1-5-21-2056806550-332065934-4011290001-1001\...\Run: [ExprOElauncher] => C:\Program Files (x86)\ivo\Expressivo\integr\OutlookExpress\ExprOElauncher.exe [94720 2009-04-28] (Nektra S.A.) HKU\S-1-5-21-2056806550-332065934-4011290001-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files\DAEMON Tools Pro\DTAgent.exe [4530520 2015-10-22] (Disc Soft Ltd) HKU\S-1-5-21-2056806550-332065934-4011290001-1001\...\Policies\Explorer: [NoSaveSettings] 0 HKU\S-1-5-21-2056806550-332065934-4011290001-1001\...\MountPoints2: {1a720272-8887-11e5-be88-24ec997a4228} - "D:\HTC_Sync_Manager_PC.exe" HKU\S-1-5-21-2056806550-332065934-4011290001-1001\...\MountPoints2: {242b5ba2-95e7-11e5-bea8-24ec997a4228} - "D:\HTC_Sync_Manager_PC.exe" HKU\S-1-5-21-2056806550-332065934-4011290001-1001\...\MountPoints2: {fc2a852b-25c3-11e6-bffe-24ec997a4228} - "D:\HTC_Sync_Manager_PC.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TotalMedia Server.lnk [2016-09-11] ShortcutTarget: TotalMedia Server.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TotalMedia Server\TM Server.exe (ArcSoft Inc.) Startup: C:\Users\Ireneusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk [2016-06-17] ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) BootExecute: autocheck autochk * sh4native Sh4Removal ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{41E72AC0-1488-408D-8F17-B99FD8C10487}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{5537E479-DC70-46D7-8094-E4668F66BD70}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{5DAECF37-04AF-4C2C-BBA4-2BD2240B98ED}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{DBE9812F-9EBC-4D4F-848D-8AB8137FCD29}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{DCD2E561-D030-4578-B136-8BD14C41791C}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{F9AE000C-AE62-48D2-87FB-8D8224B65752}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKU\S-1-5-21-2056806550-332065934-4011290001-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-2056806550-332065934-4011290001-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com URLSearchHook: [S-1-5-21-2056806550-332065934-4011290001-1001] UWAGA => Brak domyślnego URLSearchHook BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-19] (Oracle Corporation) BHO: Expressivo -> {85F685C3-20D9-4943-95E4-EB4224056C3F} -> C:\Program Files (x86)\ivo\Expressivo\integr\ih-iexplorer\IH_iexplorer_x64.dll [2008-09-19] (IVO Software Sp. z o.o.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-10-24] (AO Kaspersky Lab) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-19] (Oracle Corporation) BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> E:\Progsy\BitComet 1.42\tools\bitcometbho.dll [2016-04-19] (BitComet) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Expressivo -> {85F685C3-20D9-4943-95E4-EB4224056C3F} -> C:\Program Files (x86)\ivo\Expressivo\integr\ih-iexplorer\IH_iexplorer.dll [2008-09-19] (IVO Software Sp. z o.o.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-10-24] (AO Kaspersky Lab) Toolbar: HKLM - Expressivo - {85F685C3-20D9-4943-95E4-EB4224056C3F} - C:\Program Files (x86)\ivo\Expressivo\integr\ih-iexplorer\IH_iexplorer_x64.dll [2008-09-19] (IVO Software Sp. z o.o.) Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-10-24] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Expressivo - {85F685C3-20D9-4943-95E4-EB4224056C3F} - C:\Program Files (x86)\ivo\Expressivo\integr\ih-iexplorer\IH_iexplorer.dll [2008-09-19] (IVO Software Sp. z o.o.) Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-10-24] (AO Kaspersky Lab) FireFox: ======== FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-10-24] FF HKLM-x32\...\Firefox\Extensions: [daplinkchecker@speedbit.com] - C:\Program Files (x86)\DAP\daplinkchecker FF Extension: (DAP Link Checker) - C:\Program Files (x86)\DAP\daplinkchecker [2016-11-28] [Brak podpisu cyfrowego] FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-19] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-19] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-07-24] (Nero AG) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2011-09-28] () FF Plugin HKU\S-1-5-21-2056806550-332065934-4011290001-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Ireneusz\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin HKU\S-1-5-21-2056806550-332065934-4011290001-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Ireneusz\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) Chrome: ======= CHR Profile: C:\Users\Ireneusz\AppData\Local\Google\Chrome\User Data\Default [2017-04-03] CHR Extension: (Dysk Google) - C:\Users\Ireneusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-10] CHR Extension: (Turn Off the Lights) - C:\Users\Ireneusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2017-04-02] CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\Ireneusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2017-03-20] CHR Extension: (YouTube) - C:\Users\Ireneusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-10] CHR Extension: (Adblock Plus) - C:\Users\Ireneusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-22] CHR Extension: (AdBIock PIus) - C:\Users\Ireneusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknahjikooefghmbljkifnchkfnfebjh [2016-04-10] CHR Extension: (Google Search) - C:\Users\Ireneusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-10] CHR Extension: (Kaspersky Protection) - C:\Users\Ireneusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2016-04-11] CHR Extension: (AdBlock) - C:\Users\Ireneusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-03-31] CHR Extension: (IE Tab) - C:\Users\Ireneusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2017-04-02] CHR Extension: (Video DownloadHelper) - C:\Users\Ireneusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2016-12-24] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Ireneusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10] CHR Extension: (Auto Pause Stop for YouTube™) - C:\Users\Ireneusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnpoaljdhjeigcijocpigbegjkbhkhlh [2016-12-10] CHR Extension: (Ochrona hasła) - C:\Users\Ireneusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\noondiphcddnnabmjcihcjfbhfklnnep [2017-03-23] CHR Extension: (Gmail) - C:\Users\Ireneusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-10] CHR Extension: (Chrome Media Router) - C:\Users\Ireneusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07] CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKLM-x32\...\Chrome\Extension: [ffdcfjdljhbehggjdkdioajnknjcpbjb] - C:\Program Files (x86)\DAP\DAPChrome\DAPChrome6.crx [2016-11-28] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [44736 2014-03-11] (ArcSoft, Inc.) R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-12-07] (Kaspersky Lab ZAO) R3 Disc Soft Pro Bus Service; C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe [1292632 2015-10-22] (Disc Soft Ltd) R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [156672 2011-10-13] () [Brak podpisu cyfrowego] S2 Launch TotalMedia Theatre 6 Driver; C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TMTLaunchDriverServer.exe [608256 2014-03-04] (ArcSoft, Inc.) [Brak podpisu cyfrowego] R2 Mezzmo; C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe [6955776 2016-05-20] (Conceiva Pty. Ltd.) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Brak podpisu cyfrowego] R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-05-09] (Plays.tv, LLC) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [320512 2017-01-11] (Realtek Semiconductor) R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [142960 2013-03-19] (Stardock Software, Inc) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [220840 2015-02-27] (Synaptics Incorporated) S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [114656 2012-08-14] (Toshiba Europe GmbH) S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) S3 AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [139352 2013-07-31] (SlySoft, Inc.) S3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [139352 2013-07-31] (SlySoft, Inc.) R1 ArcCtrl; C:\WINDOWS\System32\drivers\ArcCtrl.sys [3315392 2013-11-20] () R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [4316456 2016-05-23] (Qualcomm Atheros Communications, Inc.) R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWB6.sys [102400 2016-02-26] (Advanced Micro Devices) R3 CLVirtualBus02; C:\WINDOWS\System32\drivers\CLVirtualBus02.sys [103176 2016-03-28] (CyberLink) R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO) R3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30264 2016-02-27] (Disc Soft Ltd) S3 HtcVCom32; C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated) R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-05-24] (REALiX(tm)) R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO) R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO) R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [77728 2016-04-10] (AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab) R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [181640 2015-12-07] (AO Kaspersky Lab) R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [238000 2016-05-23] (AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [933808 2016-05-23] (AO Kaspersky Lab) R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [49240 2016-05-23] (AO Kaspersky Lab) R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO) R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [41352 2015-12-07] (AO Kaspersky Lab) R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [87984 2016-05-23] (AO Kaspersky Lab) R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO) R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO) R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [136408 2017-03-31] (Malwarebytes Corporation) R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON) R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-08-05] (Realsil Semiconductor Corporation) S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33448 2015-02-27] (Synaptics Incorporated) R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [36712 2016-05-24] (Toshiba Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S3 WinDivert1.1; C:\ProgramData\KMSAuto\bin\driver\x64WDV\WinDivert.sys [35376 2013-12-03] (Basil Projects) R1 WiseUnlock; C:\WINDOWS\WiseUnlock64.sys [12240 2015-05-11] (WiseCleaner.com) S1 ArcSec; system32\drivers\ArcSec.sys [X] U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X] S3 MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [X] S3 MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [X] S3 RSUSBSTOR; \SystemRoot\System32\Drivers\RtsUStor.sys [X] S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [X] S2 {41E8078B-96D9-42DC-8789-A1CF102CD880}; \??\C:\Program Files (x86)\CyberLink\PowerDVD16\Common\NavFilter\000.fcl [X] S2 {687703DE-DC6D-4649-892B-B8497854A6AB}; \??\C:\Program Files (x86)\CyberLink\PowerDVD15\Common\NavFilter\000.fcl [X] S2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; \??\C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-04-03 00:45 - 2017-04-03 00:46 - 00000000 ____D C:\FRST 2017-04-02 20:38 - 2017-04-02 20:38 - 00000000 ____D C:\Users\Ireneusz\AppData\Roaming\DVDFab9 2017-04-02 20:38 - 2017-04-02 20:38 - 00000000 ____D C:\Program Files (x86)\DVDFab 10 2017-04-02 20:26 - 2017-04-02 20:26 - 00000000 ____D C:\Users\Ireneusz\AppData\Roaming\4545 2017-04-01 20:13 - 2017-04-01 20:13 - 00001432 _____ C:\Users\Ireneusz\Desktop\Winamp Pro 5.65 Build 3438 Final.lnk 2017-04-01 19:56 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll 2017-04-01 19:56 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll 2017-04-01 19:55 - 2017-04-01 19:55 - 00000000 ____D C:\Users\Ireneusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Detektor Winampa 2017-04-01 19:55 - 2017-04-01 19:55 - 00000000 ____D C:\Program Files (x86)\Winamp Detect 2017-04-01 18:50 - 2017-04-01 18:50 - 00000000 ____D C:\Users\Ireneusz\Documents\Ghost Games 2017-04-01 18:32 - 2017-04-01 18:32 - 00000000 ____D C:\Users\Ireneusz\AppData\Roaming\27847 2017-04-01 17:27 - 2017-04-01 18:32 - 00000000 ____D C:\Users\Ireneusz\AppData\Roaming\DVDFab10 2017-04-01 17:27 - 2017-04-01 17:31 - 00000000 ____D C:\Users\Ireneusz\Documents\DVDFab10 2017-03-31 16:00 - 2017-03-31 16:00 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2017-03-31 15:58 - 2017-03-31 15:58 - 00954368 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys 2017-03-31 15:58 - 2017-03-31 15:58 - 00082536 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll 2017-03-31 15:54 - 2017-03-31 15:54 - 00000000 ____D C:\Users\Ireneusz\AppData\Roaming\IObit 2017-03-31 15:53 - 2017-03-31 16:00 - 00001375 _____ C:\Users\Ireneusz\Desktop\DriverBooster.lnk 2017-03-18 19:44 - 2017-03-04 10:01 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2017-03-18 19:44 - 2017-03-04 09:59 - 02895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-03-18 19:44 - 2017-03-04 09:48 - 25746944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-03-18 19:44 - 2017-03-04 09:45 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2017-03-18 19:44 - 2017-03-04 09:44 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2017-03-18 19:44 - 2017-03-04 09:31 - 06045696 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-03-18 19:44 - 2017-03-04 09:05 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2017-03-18 19:44 - 2017-03-04 08:54 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-03-18 19:44 - 2017-03-04 08:26 - 15259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-03-18 19:44 - 2017-03-04 08:25 - 03241984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-03-18 19:44 - 2017-03-04 08:12 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-03-18 19:44 - 2017-03-04 08:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2017-03-18 19:44 - 2017-03-04 06:18 - 20281856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-03-18 19:44 - 2017-03-02 20:01 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2017-03-18 19:44 - 2017-03-02 19:55 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-03-18 19:44 - 2017-03-02 19:49 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2017-03-18 19:44 - 2017-03-02 19:25 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2017-03-18 19:44 - 2017-03-02 19:22 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-03-18 19:44 - 2017-03-02 19:19 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-03-18 19:44 - 2017-03-02 19:11 - 13654528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-03-18 19:44 - 2017-03-02 18:53 - 02767360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-03-18 19:44 - 2017-03-02 18:50 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-03-18 19:44 - 2017-03-02 18:50 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2017-03-18 19:44 - 2017-02-11 21:25 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2017-03-18 19:44 - 2017-02-11 07:12 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2017-03-18 19:44 - 2017-02-11 07:12 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2017-03-18 19:44 - 2017-02-11 07:00 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2017-03-18 19:44 - 2017-02-11 06:58 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2017-03-18 19:44 - 2017-02-11 06:56 - 02131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2017-03-18 19:44 - 2017-02-10 21:09 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2017-03-18 19:44 - 2017-02-10 07:34 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2017-03-18 19:44 - 2017-02-10 07:10 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2017-03-18 19:44 - 2017-02-10 07:09 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2017-03-18 19:44 - 2017-02-10 07:08 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2017-03-18 19:44 - 2017-02-10 07:01 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2017-03-18 19:44 - 2017-02-10 07:00 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2017-03-18 19:44 - 2017-02-10 06:59 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2017-03-18 19:44 - 2017-02-10 03:31 - 01549144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-03-18 19:44 - 2017-02-10 02:12 - 01375960 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2017-03-18 19:44 - 2017-02-09 17:28 - 01987584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2017-03-18 19:44 - 2017-02-09 17:19 - 01377792 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2017-03-18 19:44 - 2017-02-09 17:16 - 01560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2017-03-18 19:44 - 2017-02-09 17:16 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2017-03-18 19:44 - 2017-02-09 16:59 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2017-03-18 19:44 - 2017-02-09 16:58 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2017-03-18 19:44 - 2017-02-09 16:58 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2017-03-18 19:44 - 2017-02-04 22:32 - 07444832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-03-18 19:44 - 2017-02-04 22:30 - 01663184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2017-03-18 19:44 - 2017-02-04 22:30 - 01523216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2017-03-18 19:44 - 2017-02-04 22:30 - 01490128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2017-03-18 19:44 - 2017-02-04 22:30 - 01358960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2017-03-18 19:44 - 2017-02-04 21:32 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2017-03-18 19:44 - 2017-02-04 21:30 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll 2017-03-18 19:44 - 2017-02-04 20:14 - 01001472 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe 2017-03-18 19:44 - 2017-02-04 19:50 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll 2017-03-18 19:44 - 2017-02-04 19:40 - 01754112 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2017-03-18 19:44 - 2017-02-04 19:32 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll 2017-03-18 19:44 - 2017-02-04 19:17 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll 2017-03-18 19:44 - 2017-02-04 19:10 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2017-03-18 19:44 - 2017-02-04 19:05 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll 2017-03-18 19:44 - 2017-01-21 23:37 - 00567152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-03-18 19:44 - 2017-01-21 21:27 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll 2017-03-18 19:44 - 2017-01-21 21:27 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msobjs.dll 2017-03-18 19:44 - 2017-01-21 21:22 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2017-03-18 19:44 - 2017-01-21 21:20 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2017-03-18 19:44 - 2017-01-21 20:40 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll 2017-03-18 19:44 - 2017-01-21 20:40 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msobjs.dll 2017-03-18 19:44 - 2017-01-21 20:37 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2017-03-18 19:44 - 2017-01-21 19:58 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2017-03-18 19:44 - 2017-01-21 19:48 - 01437696 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-03-18 19:44 - 2017-01-14 19:49 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe 2017-03-18 19:44 - 2017-01-11 21:37 - 02345984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2017-03-18 19:44 - 2017-01-10 21:08 - 01549312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2017-03-18 19:44 - 2017-01-05 20:20 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2017-03-18 19:44 - 2017-01-05 20:09 - 07076864 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll 2017-03-18 19:44 - 2017-01-05 19:36 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2017-03-18 19:44 - 2017-01-05 19:29 - 05273600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll 2017-03-18 19:44 - 2017-01-05 19:13 - 07796224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-03-18 19:44 - 2017-01-05 18:57 - 05268480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-03-18 19:44 - 2016-11-09 21:22 - 00681472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2017-03-13 16:06 - 2017-03-13 16:06 - 00001240 _____ C:\Users\Ireneusz\Desktop\Dll-Files Fixer.lnk 2017-03-13 16:05 - 2017-03-13 16:05 - 00000000 ____D C:\Users\Ireneusz\AppData\Roaming\dll-files.com 2017-03-10 16:52 - 2017-03-10 16:51 - 00102400 _____ (Creative Labs) C:\WINDOWS\system32\OpenAL32.dll 2017-03-08 23:30 - 2017-03-08 23:30 - 00000000 ____D C:\Users\Ireneusz\AppData\Roaming\Steam 2017-03-08 23:30 - 2017-03-08 23:30 - 00000000 ____D C:\Users\Ireneusz\AppData\Local\Gearbox 2017-03-08 23:17 - 2017-03-08 23:36 - 00000051 _____ C:\Users\Ireneusz\.vortex_launcher.conf ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-04-03 00:47 - 2016-07-14 18:15 - 00000000 ____D C:\Download 2017-04-03 00:09 - 2016-04-10 22:57 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2017-04-02 20:17 - 2016-07-31 11:07 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2056806550-332065934-4011290001-1001 2017-04-02 19:42 - 2016-04-28 16:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-04-01 22:27 - 2014-11-21 06:46 - 01825074 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-04-01 22:27 - 2014-11-21 06:07 - 00795572 _____ C:\WINDOWS\system32\perfh015.dat 2017-04-01 22:27 - 2014-11-21 06:07 - 00159790 _____ C:\WINDOWS\system32\perfc015.dat 2017-04-01 22:27 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf 2017-04-01 21:56 - 2016-11-02 23:14 - 00000000 ____D C:\Users\Ireneusz\AppData\Local\ChomikBox 2017-04-01 20:19 - 2015-11-05 02:31 - 00000000 ____D C:\Users\Ireneusz\AppData\Local\VirtualStore 2017-04-01 19:44 - 2015-10-30 05:00 - 00000000 ___HD C:\Users\Ireneusz\.gstreamer-0.10 2017-04-01 14:00 - 2016-09-14 09:46 - 00000000 ____D C:\Users\Ireneusz\AppData\Local\IE Tab 2017-04-01 05:49 - 2017-02-26 02:50 - 00000906 _____ C:\WINDOWS\Tasks\WinmendUpdateTask_Ireneusz.job 2017-04-01 02:14 - 2016-12-02 19:23 - 00000000 ____D C:\Users\Ireneusz\AppData\Roaming\MPC-HC 2017-03-31 22:46 - 2016-11-14 13:26 - 00000000 ____D C:\ProgramData\IObit 2017-03-31 16:39 - 2016-05-25 21:06 - 00002866 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Ireneusz) 2017-03-31 16:37 - 2016-01-16 05:00 - 00000000 ___HD C:\ProgramData\NCH Software 2017-03-31 16:12 - 2016-05-25 11:04 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-03-31 15:53 - 2016-12-28 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4 2017-03-31 15:51 - 2016-05-24 03:35 - 00000000 ___HD C:\ProgramData\ProductData 2017-03-31 15:25 - 2016-02-27 19:50 - 00000000 ____D C:\Users\Ireneusz\AppData\Roaming\DAEMON Tools Pro 2017-03-27 06:02 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2017-03-21 00:01 - 2016-01-16 05:00 - 00000000 ____D C:\Users\Ireneusz\AppData\Roaming\NCH Software 2017-03-18 20:23 - 2013-08-22 16:44 - 00484376 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-03-18 20:20 - 2016-07-03 16:00 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2017-03-18 20:20 - 2016-07-03 16:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2017-03-18 19:53 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-03-18 19:51 - 2015-11-06 05:00 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-03-18 19:47 - 2016-07-03 16:01 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2017-03-18 19:47 - 2015-11-06 04:59 - 138634176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-03-16 16:12 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-03-16 16:12 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\WindowsApps 2017-03-10 06:34 - 2016-12-14 04:08 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-03-10 06:34 - 2016-12-14 04:08 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-03-08 23:17 - 2015-11-11 00:40 - 00000000 ____D C:\Users\Ireneusz ==================== Pliki w katalogu głównym wybranych folderów ======= 2016-02-08 20:07 - 2016-02-08 20:07 - 0000424 _____ () C:\Users\Ireneusz\AppData\Roaming\burnaware.ini 2016-04-21 15:45 - 2016-04-21 15:45 - 0127488 _____ () C:\Users\Ireneusz\AppData\Roaming\Installer.dat 2015-11-29 05:49 - 2016-12-10 23:46 - 1778736 _____ () C:\Users\Ireneusz\AppData\Local\ASbs.ac 2016-02-08 01:02 - 2016-02-08 01:06 - 0000040 ___SH () C:\ProgramData\.zreglib Niektóre pliki w TEMP: ==================== 2017-03-31 17:28 - 2017-03-31 17:28 - 0043520 ____N () C:\Users\Ireneusz\AppData\Local\Temp\proxy_vole3749316878331108397.dll 2017-03-31 17:31 - 2017-03-31 17:31 - 0043520 ____N () C:\Users\Ireneusz\AppData\Local\Temp\proxy_vole442716229493358867.dll 2017-03-31 17:29 - 2017-03-31 17:29 - 0043520 ____N () C:\Users\Ireneusz\AppData\Local\Temp\proxy_vole4950598808140319388.dll 2017-03-31 17:27 - 2017-03-31 17:27 - 0043520 ____N () C:\Users\Ireneusz\AppData\Local\Temp\proxy_vole5433045989267738417.dll 2017-03-31 21:23 - 2017-03-31 21:23 - 0043520 ____N () C:\Users\Ireneusz\AppData\Local\Temp\proxy_vole5688370600202586240.dll 2017-03-31 21:22 - 2017-03-31 21:22 - 0043520 ____N () C:\Users\Ireneusz\AppData\Local\Temp\proxy_vole5737565250069261390.dll 2017-03-31 17:32 - 2017-03-31 17:32 - 0043520 ____N () C:\Users\Ireneusz\AppData\Local\Temp\proxy_vole7087881599593636602.dll 2017-04-01 15:43 - 2017-04-01 15:43 - 0043520 ____N () C:\Users\Ireneusz\AppData\Local\Temp\proxy_vole743941870573760314.dll ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-04-25 05:55 ==================== Koniec FRST.txt ============================