Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 09-11-2019 01 Uruchomiony przez Andrzej (administrator) LENOVOZ50-70 (LENOVO 20354) (10-11-2019 10:39:22) Uruchomiony z C:\Users\Andrzej\Downloads Załadowane profile: Andrzej (Dostępne profile: Andrzej) Platform: Windows 8.1 (Update) (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) ( ) [Brak podpisu cyfrowego] C:\Program Files (x86)\ChomikBox\chomikbox.exe () [Brak podpisu cyfrowego] C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Apple Computer, Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\ProtectedService.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Huawei Technologies Co., Ltd. -> ) [Brak podpisu cyfrowego] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Intel(R) Corporation) [Brak podpisu cyfrowego] C:\Program Files\Intel\iCLS Client\HeciServer.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Malwarebytes Inc -> Malwarebytes) C:\Users\Andrzej\Downloads\AdwCleaner.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [6340312 2013-12-23] (Realtek Semiconductor Corp -> Realtek semiconductor) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891080 2013-10-17] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [] => [X] HKLM-x32\...\Run: [UnlockerAssistant] => C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] () [Brak podpisu cyfrowego] HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [228728 2019-10-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd -> Piriform Ltd) HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\...\Run: [ChomikBox] => C:\Program Files (x86)\ChomikBox\chomikbox.exe [3941376 2017-02-22] ( ) [Brak podpisu cyfrowego] HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50615936 2016-01-18] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [254840 2017-03-17] (TomTom International BV -> TomTom) HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\...\Run: [ShowBatteryBar] => C:\Program Files\BatteryBar\ShowBatteryBar.exe [89600 2014-09-19] () [Brak podpisu cyfrowego] HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\...\Run: [] => [X] HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] () [Brak podpisu cyfrowego] HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\...\Run: [DAEMON Tools Lite Automount] => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\...\MountPoints2: {24158a71-7501-11e5-828d-303a64b1471f} - "F:\windows\Install\Install.exe" HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\...\MountPoints2: {33fbd760-4d5f-11e7-82d9-303a64b1471f} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\...\MountPoints2: {33fbd785-4d5f-11e7-82d9-303a64b1471f} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\...\MountPoints2: {38dd83ea-6ae9-11e8-8303-303a64b1471f} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\...\MountPoints2: {3badc268-fdec-11e6-82cf-303a64b1471f} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\...\MountPoints2: {3badc30c-fdec-11e6-82cf-303a64b1471f} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\...\MountPoints2: {427b9ef4-5b3e-11e6-82b0-303a64b1471f} - "F:\LG_PC_Programs.exe" HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\...\MountPoints2: {69a34c29-10eb-11e9-831a-303a64b1471f} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\...\MountPoints2: {8ac21963-b103-11e8-8313-303a64b1471f} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\...\MountPoints2: {8ac219a3-b103-11e8-8313-303a64b1471f} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\...\MountPoints2: {94787084-a0de-11e9-8337-303a64b1471f} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\...\MountPoints2: {9eac3cf0-ff6b-11e7-82f4-303a64b1471f} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\...\MountPoints2: {aa0d8157-48e9-11e7-82d9-303a64b1471f} - "F:\setup.exe" HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\...\MountPoints2: {c3950f69-9816-11e8-830d-303a64b1471f} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\...\MountPoints2: {fde902b2-f73d-11e8-8319-303a64b1471f} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [2755504 2016-08-27] (Microsoft Windows -> Microsoft Corporation) <==== UWAGA HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [217088 2014-10-29] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.) ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {05E96AC7-0597-4077-97C6-554CC7145802} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2759024 2019-10-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {1336C3B3-9D08-4E2F-99DD-D04C3CE88A82} - System32\Tasks\{77A762CA-E080-4C80-AE3A-4D5C23E0BBB2} => C:\Windows\system32\pcalua.exe -a "C:\Users\Andrzej\Desktop\INPA\INPA_EA-90X ver.5.0.4\INPA_Setup\Programminstallation\setup.exe" -d "C:\Users\Andrzej\Desktop\INPA\INPA_EA-90X ver.5.0.4\INPA_Setup\Programminstallation" Task: {17EB68EB-6A7D-4CFD-A2AF-08BBEF96F5CE} - System32\Tasks\{F88D978C-A70F-4561-A5C9-0F70D02BD92B} => C:\Windows\system32\pcalua.exe -a E:\Bin\InstMsiW.exe -d E:\Bin Task: {27B284B4-D9E5-4F52-B84D-316396CA9B8C} - System32\Tasks\{D6E19A83-96ED-408F-B515-84F301571E06} => C:\Windows\system32\pcalua.exe -a D:\Mafia\MAFIA\Game.exe -d D:\Mafia\MAFIA Task: {283E448E-BCE3-41FB-9140-8DB342CE7A30} - System32\Tasks\{B6F3A56E-38C0-4A8B-AAB9-BE898A5DBA4F} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\HiSuite\uninst.exe" Task: {2C903B39-A441-41A6-A6E1-DCCA41F49E70} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {34662F0B-EBD0-4E03-BD5F-D00E5EEC6284} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-10] (Adobe Inc. -> Adobe) Task: {39CFB22F-080A-4769-9011-5113C05CBB84} - System32\Tasks\{C072ADEB-7D21-47F9-8BDE-4AB4A172383B} => C:\Windows\system32\pcalua.exe -a "C:\Users\Andrzej\Desktop\INPA\INPA_EA-90X ver.5.0.4\INPA_Setup\Referenz\INSTALL\Instprog.exe" -d "C:\Users\Andrzej\Desktop\INPA\INPA_EA-90X ver.5.0.4\INPA_Setup\Referenz\INSTALL" Task: {41223376-7910-4E65-A856-F831D2C0A019} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_Plugin.exe [1457720 2019-10-10] (Adobe Inc. -> Adobe) Task: {4821511C-E83F-45FD-8B35-24B2F0802F94} - System32\Tasks\{D53060C0-ED35-45AD-9A6A-6E0461DADBB1} => C:\Windows\system32\pcalua.exe -a E:\Bin\RSsetup.exe -d E:\Bin Task: {502EFBD1-C2C6-4486-90E6-0157E83CABDF} - System32\Tasks\Opera scheduled Autoupdate 1480884247 => C:\Program Files (x86)\Opera\launcher.exe [1357848 2019-11-05] (Opera Software AS -> Opera Software) Task: {6BB9B7B9-0918-4583-93DB-E8B21EB4E1A5} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2781936 2013-12-24] (Synaptics Incorporated -> Synaptics Incorporated) Task: {7C7A06A1-3A14-428E-8249-EC1CB737ADB4} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1917757122-2644230913-1936381572-1001 => C:\Users\Andrzej\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe Task: {BB29DC17-5336-4FF7-8C7D-C341B17AF78B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd -> Piriform Ltd) Task: {DB4ABF5C-4285-413C-82F3-3611D5F8203E} - System32\Tasks\{68A929C6-12AE-4390-9C92-731BC2D66AF9} => C:\Windows\system32\pcalua.exe -a E:\MAFIA\Game.exe -d E:\MAFIA Task: {DF46E94D-D105-450F-A604-EF2BCC4694C3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems) Task: {E921CAE4-CAAE-4B1E-9C73-C2C1F8444B9A} - System32\Tasks\{339D4779-8272-4CC3-88AE-F9F850DAE298} => C:\Windows\system32\pcalua.exe -a C:\EDIABAS\Bin\OBDSetup.exe -d C:\EDIABAS\Bin (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [94208 2006-02-28] (Apple Computer, Inc.) [Brak podpisu cyfrowego] Tcpip\Parameters: [DhcpNameServer] 217.172.224.160 89.231.1.206 192.168.1.1 Tcpip\..\Interfaces\{8B5E61F7-A827-4F57-8DBD-00D6DD58D0FE}: [DhcpNameServer] 217.172.224.160 89.231.1.206 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie HKU\S-1-5-21-1917757122-2644230913-1936381572-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1917757122-2644230913-1936381572-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1917757122-2644230913-1936381572-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-29] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-29] (Oracle America, Inc. -> Oracle Corporation) FireFox: ======== FF DefaultProfile: 62udv3ut.default FF ProfilePath: C:\Users\Andrzej\AppData\Roaming\TomTom\HOME\Profiles\ljw57f8d.default [2017-08-12] FF ProfilePath: C:\Users\Andrzej\AppData\Roaming\Mozilla\Firefox\Profiles\62udv3ut.default [2019-11-10] FF Homepage: Mozilla\Firefox\Profiles\62udv3ut.default -> hxxp://www.onet.pl/ FF Notifications: Mozilla\Firefox\Profiles\62udv3ut.default -> hxxps://do.centrum24.pl; hxxps://forum.dobreprogramy.pl FF Extension: (Chomikuj.pl) - C:\Users\Andrzej\AppData\Roaming\Mozilla\Firefox\Profiles\62udv3ut.default\Extensions\@chomikuj.xpi [2019-07-19] FF Extension: (Avira Browser Safety) - C:\Users\Andrzej\AppData\Roaming\Mozilla\Firefox\Profiles\62udv3ut.default\Extensions\abs@avira.com.xpi [2019-10-10] FF Extension: (MyJDownloader Browser Extension) - C:\Users\Andrzej\AppData\Roaming\Mozilla\Firefox\Profiles\62udv3ut.default\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2019-11-01] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json] FF Extension: (Google Translator for Firefox) - C:\Users\Andrzej\AppData\Roaming\Mozilla\Firefox\Profiles\62udv3ut.default\Extensions\translator@zoli.bod.xpi [2018-12-02] FF Extension: (Planet Plus) - C:\Users\Andrzej\AppData\Roaming\Mozilla\Firefox\Profiles\62udv3ut.default\Extensions\{299e053e-7d4c-4a16-ae92-cbdf7b82e4ae}.xpi [2019-07-13] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_270.dll [2019-10-10] (Adobe Inc. -> ) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_270.dll [2019-10-10] (Adobe Inc. -> ) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-17] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-17] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-29] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-29] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-16] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1209328 2019-10-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntivirProtectedService; C:\Program Files (x86)\Avira\AntiVir Desktop\ProtectedService.exe [537144 2019-10-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [483408 2019-10-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [483408 2019-10-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [500272 2019-09-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [591872 2019-10-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [146224 2019-10-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [Brak podpisu cyfrowego] S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2017-12-03] (Macrovision Europe Ltd.) [Brak podpisu cyfrowego] R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-12-12] (Huawei Technologies Co., Ltd. -> ) [Brak podpisu cyfrowego] R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [181512 2016-07-12] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation - pGFX -> Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation -> NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation -> NVIDIA Corporation) S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-04-26] () [Brak podpisu cyfrowego] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [78936 2019-06-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S0 avelam; C:\Windows\System32\drivers\avelam.sys [22336 2019-02-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [206584 2019-09-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [197176 2019-09-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [46704 2019-02-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [89736 2019-02-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Broadcom Corporation -> Windows (R) Win 7 DDK provider) R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions Inc. -> Motorola Solutions, Inc.) S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-06-17] (Motorola Solutions Inc. -> Motorola Solutions, Inc.) S3 btmlehid; C:\Windows\System32\drivers\btmlehid.sys [76088 2013-01-21] (Motorola Solutions Inc. -> Motorola Solutions, Inc.) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S2 DirectNT; C:\Windows\SysWow64\Drivers\DirectNT.sys [3424 2004-10-19] (c't) [Brak podpisu cyfrowego] S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [42256 2019-02-10] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [59360 2019-02-10] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-12-30] () [Brak podpisu cyfrowego] S3 FTDIBUS; C:\Windows\system32\drivers\ftdibus.sys [108352 2016-03-16] (Future Technology Devices International Ltd -> FTDI Ltd.) S3 FTSER2K; C:\Windows\system32\drivers\ftser2k.sys [95168 2016-06-21] (Future Technology Devices International Ltd -> FTDI Ltd.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [357648 2016-07-12] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-11-10] (Malwarebytes Corporation -> Malwarebytes) R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3595832 2018-12-10] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation -> NVIDIA Corporation) S3 qcusbser; C:\Windows\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated) S3 RtkAvrcp; C:\Windows\System32\drivers\RtkAvrcp.sys [57560 2013-08-13] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) S3 RtkAvrcpCtrlr; C:\Windows\System32\drivers\RtkAvrcpCtrlr.sys [69848 2013-06-21] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) R3 RTL8168; C:\Windows\system32\DRIVERS\Rt630x64.sys [591360 2013-06-18] (Microsoft Windows -> Realtek ) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9101016 2013-12-23] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2982104 2013-12-26] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation ) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-12-24] (Synaptics Incorporated -> Synaptics Incorporated) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-12-24] (Synaptics Incorporated -> Synaptics Incorporated) S3 ssudcdf; C:\Windows\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 tap0901; C:\Windows\system32\DRIVERS\tap0901.sys [31232 2011-04-26] (OpenVPN Technologies, Inc. -> The OpenVPN Project) U5 UnlockerDriver5; C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [Brak podpisu cyfrowego] S3 usbser; C:\Windows\system32\DRIVERS\usbser.sys [33280 2018-12-12] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 AndnetBus; \SystemRoot\System32\drivers\lgandnetbus64.sys [X] S3 AndNetDiag; \SystemRoot\system32\DRIVERS\lgandnetdiag64.sys [X] S3 ANDNetModem; \SystemRoot\system32\DRIVERS\lgandnetmodem64.sys [X] S3 RtkBtFilter; \SystemRoot\system32\DRIVERS\RtkBtfilter.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) =================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-11-10 09:30 - 2019-11-10 09:30 - 000068238 _____ C:\Users\Andrzej\Downloads\Shortcut.txt 2019-11-10 09:01 - 2019-11-10 09:01 - 000003092 _____ C:\Windows\system32\Tasks\{B6F3A56E-38C0-4A8B-AAB9-BE898A5DBA4F} 2019-11-10 08:51 - 2019-11-10 09:30 - 000053044 _____ C:\Users\Andrzej\Downloads\Addition.txt 2019-11-10 08:45 - 2019-11-10 10:40 - 000032114 _____ C:\Users\Andrzej\Downloads\FRST.txt 2019-11-10 08:45 - 2019-11-10 10:39 - 000000000 ____D C:\FRST 2019-11-10 08:44 - 2019-11-10 08:44 - 000009189 _____ C:\Users\Andrzej\Downloads\fixlist.txt 2019-11-10 08:39 - 2019-11-10 08:39 - 000003960 _____ C:\Users\Andrzej\Desktop\AdwCleaner[C00].txt 2019-11-10 08:36 - 2019-11-10 08:36 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2019-11-10 08:32 - 2019-11-10 08:32 - 002259968 _____ (Farbar) C:\Users\Andrzej\Downloads\FRST64.exe 2019-11-10 08:26 - 2019-11-10 08:30 - 000000000 ____D C:\AdwCleaner 2019-11-10 08:26 - 2019-11-10 08:26 - 007622344 _____ (Malwarebytes) C:\Users\Andrzej\Downloads\AdwCleaner.exe 2019-11-10 07:23 - 2019-11-10 08:43 - 645860559 _____ C:\Users\Andrzej\Downloads\Beautiful.Boy.2018.PL.720p.BDRip.XviD.AC3-ELiTE.avi.part 2019-11-10 07:23 - 2019-11-10 07:23 - 000000000 _____ C:\Users\Andrzej\Downloads\Beautiful.Boy.2018.PL.720p.BDRip.XviD.AC3-ELiTE.avi 2019-11-09 17:31 - 2019-11-09 17:39 - 000000372 _____ C:\Users\Andrzej\Desktop\filmy.txt 2019-11-09 16:37 - 2019-11-09 16:37 - 000000000 ____D C:\Users\Andrzej\Downloads\ChomikBox 2019-11-01 11:02 - 2019-11-10 08:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2019-10-29 11:31 - 2019-10-29 11:31 - 000158119 _____ C:\Users\Andrzej\Downloads\Zawiadomienie.pdf 2019-10-27 12:23 - 2019-10-27 12:23 - 001233704 _____ C:\Users\Andrzej\Desktop\Product(1).jpeg 2019-10-27 11:45 - 2019-10-27 11:45 - 000095823 _____ C:\Users\Andrzej\Downloads\HistoriaPojazdu_BMW__20191027_114410.pdf 2019-10-18 16:13 - 2019-10-18 16:13 - 000000000 ____D C:\Users\Andrzej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader 2019-10-18 16:12 - 2019-11-01 19:48 - 000000000 ____D C:\Users\Andrzej\AppData\Local\JDownloader 2.0 2019-10-13 21:23 - 2019-10-06 05:12 - 025753088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2019-10-13 21:23 - 2019-10-06 04:49 - 002909184 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2019-10-13 21:23 - 2019-10-06 04:47 - 000579584 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2019-10-13 21:23 - 2019-10-06 04:46 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2019-10-13 21:23 - 2019-10-06 04:36 - 000797696 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2019-10-13 21:23 - 2019-10-06 04:34 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2019-10-13 21:23 - 2019-10-06 04:32 - 020290048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2019-10-13 21:23 - 2019-10-06 04:19 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2019-10-13 21:23 - 2019-10-06 04:18 - 000496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2019-10-13 21:23 - 2019-10-06 04:17 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2019-10-13 21:23 - 2019-10-06 04:17 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2019-10-13 21:23 - 2019-10-06 04:16 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2019-10-13 21:23 - 2019-10-06 04:15 - 002302464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2019-10-13 21:23 - 2019-10-06 04:12 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2019-10-13 21:23 - 2019-10-06 04:10 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2019-10-13 21:23 - 2019-10-06 04:07 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2019-10-13 21:23 - 2019-10-06 04:06 - 000381952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2019-10-13 21:23 - 2019-10-06 04:05 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2019-10-13 21:23 - 2019-10-06 04:05 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2019-10-13 21:23 - 2019-10-06 04:03 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2019-10-13 21:23 - 2019-10-06 03:58 - 015413760 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2019-10-13 21:23 - 2019-10-06 03:57 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2019-10-13 21:23 - 2019-10-06 03:57 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2019-10-13 21:23 - 2019-10-06 03:56 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2019-10-13 21:23 - 2019-10-06 03:56 - 000128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2019-10-13 21:23 - 2019-10-06 03:53 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2019-10-13 21:23 - 2019-10-06 03:53 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2019-10-13 21:23 - 2019-10-06 03:50 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2019-10-13 21:23 - 2019-10-06 03:49 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2019-10-13 21:23 - 2019-10-06 03:48 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2019-10-13 21:23 - 2019-10-06 03:45 - 013808640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2019-10-13 21:23 - 2019-10-06 03:45 - 001566208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2019-10-13 21:23 - 2019-10-06 03:35 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2019-10-13 21:23 - 2019-10-06 03:34 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2019-10-13 21:23 - 2019-10-06 03:32 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2019-10-13 21:23 - 2019-10-06 03:30 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2019-10-13 21:23 - 2019-09-19 06:24 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll 2019-10-13 21:23 - 2019-09-17 07:55 - 001541144 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2019-10-13 21:23 - 2019-09-17 04:48 - 001376768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2019-10-13 21:23 - 2019-09-15 23:28 - 000561152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll 2019-10-13 21:23 - 2019-09-15 05:53 - 000532568 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2019-10-13 21:23 - 2019-09-15 02:26 - 000517120 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe 2019-10-13 21:23 - 2019-09-15 02:18 - 000672768 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll 2019-10-13 21:23 - 2019-09-07 21:24 - 000038408 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe 2019-10-13 21:23 - 2019-09-07 21:00 - 000537320 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2019-10-13 21:23 - 2019-09-07 21:00 - 000467040 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2019-10-13 21:23 - 2019-09-07 21:00 - 000413904 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll 2019-10-13 21:23 - 2019-09-07 21:00 - 000140136 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe 2019-10-13 21:23 - 2019-09-07 20:38 - 002535968 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2019-10-13 21:23 - 2019-09-07 20:37 - 000157432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wof.sys 2019-10-13 21:23 - 2019-09-07 18:17 - 000451024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2019-10-13 21:23 - 2019-09-07 18:17 - 000414312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe 2019-10-13 21:23 - 2019-09-07 18:17 - 000372552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll 2019-10-13 21:23 - 2019-09-07 18:17 - 000136952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe 2019-10-13 21:23 - 2019-09-07 18:16 - 000033512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe 2019-10-13 21:23 - 2019-09-07 18:13 - 001901904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2019-10-13 21:23 - 2019-09-07 17:26 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE 2019-10-13 21:23 - 2019-09-07 17:17 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll 2019-10-13 21:23 - 2019-09-07 17:13 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll 2019-10-13 21:23 - 2019-09-07 16:54 - 000138240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE 2019-10-13 21:23 - 2019-09-07 16:50 - 001254912 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll 2019-10-13 21:23 - 2019-09-07 16:43 - 000160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll 2019-10-13 21:23 - 2019-09-07 16:04 - 007035904 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2019-10-13 21:23 - 2019-09-07 16:04 - 003551232 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2019-10-13 21:23 - 2019-09-07 16:03 - 003825152 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2019-10-13 21:23 - 2019-09-07 15:57 - 006216192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2019-10-13 21:23 - 2019-09-07 15:56 - 003277824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll 2019-10-13 21:23 - 2019-09-07 02:32 - 000567048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2019-10-13 21:23 - 2019-09-07 02:32 - 000430832 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2019-10-13 21:23 - 2019-09-07 02:15 - 000320240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2019-10-13 21:23 - 2019-09-06 17:33 - 000403456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys 2019-10-13 21:23 - 2019-09-06 17:32 - 000401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2019-10-13 21:23 - 2019-09-06 17:07 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2019-10-13 21:23 - 2019-09-06 16:37 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2019-10-13 21:23 - 2019-09-06 14:17 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll 2019-10-13 21:23 - 2019-09-06 14:17 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll 2019-10-13 21:23 - 2019-08-31 21:53 - 001501064 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2019-10-13 21:23 - 2019-08-31 21:51 - 001737720 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2019-10-13 21:23 - 2019-08-31 21:51 - 001677232 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2019-10-13 21:23 - 2019-08-31 21:51 - 001537776 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2019-10-13 21:23 - 2019-08-31 21:51 - 001371472 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2019-10-13 21:23 - 2019-08-31 21:06 - 007362808 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2019-10-13 21:23 - 2019-08-31 17:50 - 000284160 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2019-10-13 21:23 - 2019-08-29 06:11 - 001385912 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2019-10-13 21:23 - 2019-08-29 02:43 - 001125312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2019-10-13 21:23 - 2019-08-27 04:17 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2019-10-13 21:23 - 2019-08-22 14:31 - 000435712 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2019-10-13 21:23 - 2019-08-22 14:31 - 000358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2019-10-13 21:23 - 2019-08-20 04:49 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys 2019-10-13 21:23 - 2019-08-15 10:47 - 000376568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys 2019-10-13 21:23 - 2019-08-15 10:18 - 000805384 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2019-10-13 21:23 - 2019-08-15 08:29 - 000611448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2019-10-13 21:23 - 2019-08-13 21:04 - 000374000 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2019-10-13 21:23 - 2019-08-13 21:00 - 000316144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2019-10-13 21:23 - 2019-08-13 20:54 - 001368072 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2019-10-13 21:23 - 2019-08-13 20:09 - 001546992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2019-10-13 21:23 - 2019-08-13 18:15 - 000121288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys 2019-10-13 21:23 - 2019-08-12 20:29 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2019-10-13 21:23 - 2019-08-12 20:02 - 000117760 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll 2019-10-13 21:23 - 2019-08-12 19:44 - 001994240 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2019-10-13 21:23 - 2019-08-12 19:16 - 000096256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll 2019-10-13 21:23 - 2019-08-12 19:01 - 001085440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2019-10-13 21:23 - 2019-08-12 19:00 - 001560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2019-10-13 21:23 - 2019-08-10 17:53 - 000426560 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll 2019-10-13 21:23 - 2019-08-10 17:51 - 000367176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll 2019-10-13 21:23 - 2019-08-10 14:20 - 001312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll 2019-10-13 21:23 - 2019-08-10 14:20 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll 2019-10-13 21:23 - 2019-08-10 14:20 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll 2019-10-13 21:23 - 2019-08-09 18:48 - 000166912 _____ (Microsoft Corporation) C:\Windows\system32\NcaSvc.dll 2019-10-13 21:23 - 2019-08-09 18:18 - 000748544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll 2019-10-13 21:23 - 2019-08-09 17:28 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll 2019-10-13 21:23 - 2019-08-06 17:41 - 000403968 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys 2019-10-13 21:23 - 2019-07-31 14:31 - 000571392 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2019-10-13 21:23 - 2019-07-23 20:12 - 000169264 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2019-10-13 21:23 - 2019-07-23 14:37 - 001712640 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2019-10-13 21:23 - 2019-07-23 14:37 - 000802304 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2019-10-13 21:23 - 2019-07-23 14:37 - 000732160 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2019-10-13 21:23 - 2019-07-23 14:37 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2019-10-13 21:23 - 2019-07-23 14:37 - 000501760 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2019-10-13 21:23 - 2019-07-23 14:37 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2019-10-13 21:23 - 2019-07-23 14:37 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2019-10-13 21:23 - 2019-07-23 14:37 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2019-10-13 21:23 - 2019-07-11 05:02 - 000195072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys 2019-10-13 21:23 - 2019-07-05 01:10 - 000108392 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll 2019-10-13 21:23 - 2019-07-05 01:07 - 000092040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-11-10 10:37 - 2014-03-18 10:57 - 001817498 _____ C:\Windows\system32\PerfStringBackup.INI 2019-11-10 10:37 - 2014-03-18 10:28 - 000801022 _____ C:\Windows\system32\perfh015.dat 2019-11-10 10:37 - 2014-03-18 10:28 - 000160728 _____ C:\Windows\system32\perfc015.dat 2019-11-10 10:37 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf 2019-11-10 10:33 - 2015-01-01 16:56 - 000000000 ____D C:\Users\Andrzej\AppData\Local\ChomikBox 2019-11-10 08:59 - 2014-12-21 15:41 - 000003600 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1917757122-2644230913-1936381572-1001 2019-11-10 08:40 - 2016-11-17 22:18 - 000000000 ____D C:\Users\Andrzej\AppData\LocalLow\Mozilla 2019-11-10 08:37 - 2015-01-01 16:56 - 000000000 ____D C:\Users\Andrzej\.gstreamer-0.10 2019-11-10 08:37 - 2014-12-21 15:35 - 000000000 __SHD C:\Users\Andrzej\IntelGraphicsProfiles 2019-11-10 08:36 - 2014-12-13 11:43 - 000000000 ____D C:\ProgramData\NVIDIA 2019-11-10 08:35 - 2014-12-22 19:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-11-10 08:35 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-11-10 08:34 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI 2019-11-10 08:30 - 2014-08-22 10:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo 2019-11-10 08:30 - 2014-08-22 10:58 - 000000000 ____D C:\Program Files (x86)\Lenovo 2019-11-10 08:27 - 2017-08-21 10:33 - 000000000 ____D C:\Users\Andrzej\AppData\Local\CrashDumps 2019-11-10 07:20 - 2014-12-21 15:39 - 000004008 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{0FA1BAD5-99C4-415F-8F88-2387894CC4A4} 2019-11-09 16:38 - 2014-12-25 01:39 - 000000000 ____D C:\Users\Andrzej\AppData\Roaming\AIMP3 2019-11-07 20:16 - 2014-12-22 19:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2019-11-07 17:32 - 2014-12-25 01:28 - 014304768 ___SH C:\Users\Andrzej\Desktop\Thumbs.db 2019-11-07 16:50 - 2017-06-30 15:06 - 000001059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2019-11-07 16:50 - 2016-12-04 21:44 - 000003896 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1480884247 2019-11-07 16:50 - 2015-09-25 18:18 - 000000000 ____D C:\Program Files (x86)\Opera 2019-11-03 07:18 - 2015-02-21 20:36 - 001575936 ___SH C:\Users\Andrzej\Downloads\Thumbs.db 2019-11-01 17:55 - 2014-12-22 19:32 - 000001182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2019-10-31 08:03 - 2016-07-26 19:45 - 000000000 ____D C:\Program Files (x86)\LG Electronics 2019-10-31 08:02 - 2016-07-26 19:50 - 000000000 ____D C:\Users\Andrzej\AppData\Roaming\LG Electronics 2019-10-31 08:02 - 2016-07-26 19:46 - 000000000 ____D C:\Users\Andrzej\AppData\Local\LG Electronics 2019-10-31 08:02 - 2014-08-22 10:58 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2019-10-30 13:53 - 2017-08-14 23:49 - 000037241 ____H C:\Users\Andrzej\AppData\Local\IconCache.db.backup 2019-10-30 07:56 - 2014-08-22 11:33 - 000000000 ____D C:\ProgramData\Package Cache 2019-10-29 11:39 - 2016-10-08 07:53 - 000000000 ___RD C:\Users\Andrzej\Documents\Scanned Documents 2019-10-27 12:35 - 2019-02-17 09:22 - 000000000 ____D C:\Users\Andrzej\Desktop\Laura 2019-10-27 11:49 - 2018-02-23 15:57 - 000000000 ____D C:\Users\Andrzej\Downloads\Nowy folder 2019-10-25 15:45 - 2015-11-13 12:38 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2019-10-25 14:38 - 2019-07-19 14:22 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2019-10-22 13:57 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\rescache 2019-10-20 20:13 - 2013-08-22 15:44 - 002450192 _____ C:\Windows\system32\FNTCACHE.DAT 2019-10-20 20:06 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\PolicyDefinitions 2019-10-20 20:06 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\system32\oobe 2019-10-18 17:01 - 2015-06-25 05:00 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2019-10-14 18:33 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp 2019-10-14 18:28 - 2014-08-22 09:08 - 000000000 ____D C:\Windows\system32\MRT 2019-10-14 18:26 - 2014-12-22 20:01 - 000000000 ____D C:\Users\Andrzej\AppData\Local\Adobe 2019-10-14 18:21 - 2014-08-22 09:08 - 127230528 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2019-11-04 18:15 ==================== Koniec FRST.txt ========================