Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja:10-01-2015 01
- Uruchomiony przez Kuba (administrator) KUBA-KOMPUTER (14-01-2016 16:10:54)
- Uruchomiony z C:\Users\Kuba\Downloads
- Załadowane profile: Kuba (Dostępne profile: Kuba)
- Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Język: Polski (Polska)
- Internet Explorer Wersja 11 (Domyślna przeglądarka: FF)
- Tryb startu: Normal
- Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Procesy (filtrowane) =================
- (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
- (AMD) C:\Windows\System32\atiesrxx.exe
- (Creative Technology Ltd) C:\Program Files\Creative\Shared Files\CTAudSvc.exe
- (AVAST Software) E:\Avast\AvastSvc.exe
- (AMD) C:\Windows\System32\atieclxx.exe
- (Advanced Micro Devices, Inc.) E:\AMD\ATI.ACE\Fuel\Fuel.Service.exe
- () C:\Genius\ioCentre\GMouseService.exe
- (AVAST Software) E:\Avast\avastui.exe
- (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
- () C:\Genius\ioCentre\gTaskBar.exe
- (Creative Technology Ltd) C:\Windows\System32\CtHelper.exe
- (Samsung Electronics Co., Ltd.) E:\Kies\Kies\KiesTrayAgent.exe
- (Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
- (Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
- (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
- (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
- (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
- (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
- () C:\Genius\ioCentre\gMouseTask.exe
- () C:\Genius\ioCentre\gKbdTask.exe
- (ioCentre) C:\Genius\ioCentre\gIoCentreFunMgm.exe
- (DEVGURU Co., LTD.) E:\Kies\USB Drivers\25_escape\conn\ss_conn_service.exe
- (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
- (Mozilla Corporation) E:\Mozilla\firefox.exe
- (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
- (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
- (Mozilla Corporation) E:\Mozilla\plugin-container.exe
- (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_20_0_0_267.exe
- (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_20_0_0_267.exe
- (Farbar) C:\Users\Kuba\Downloads\FRST(2).exe
- ==================== Rejestr (filtrowane) ===========================
- (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
- HKLM\...\Run: [AvastUI.exe] => E:\Avast\AvastUI.exe [6133520 2015-11-06] (AVAST Software)
- HKLM\...\Run: [StartCCC] => E:\AMD\ATI.ACE\Core-Static\x86\CLIStart.exe [748256 2014-04-17] (Advanced Micro Devices, Inc.)
- HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7936280 2014-07-02] (Logitech Inc.)
- HKLM\...\Run: [ioCentre] => C:\Genius\ioCentre\gTaskBar.exe [61440 2012-04-23] ()
- HKLM\...\Run: [CTHelper] => C:\Windows\system32\CTHELPER.EXE [19968 2014-03-14] (Creative Technology Ltd)
- HKLM\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
- HKLM\...\Run: [KiesTrayAgent] => E:\Kies\Kies\KiesTrayAgent.exe [311616 2015-04-28] (Samsung Electronics Co., Ltd.)
- HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
- HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems Incorporated)
- HKU\S-1-5-21-1796659216-2005027326-3630884742-1001\...\Run: [DAEMON Tools Lite] => E:\DaemonTools\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
- HKU\S-1-5-21-1796659216-2005027326-3630884742-1001\...\MountPoints2: {271dce82-d3cb-11e4-9606-00241dda03a0} - J:\racer.exe
- HKU\S-1-5-21-1796659216-2005027326-3630884742-1001\...\MountPoints2: {920c578d-1e4f-11e5-b82d-00241dda03a0} - K:\MLLaunch.exe
- HKU\S-1-5-21-1796659216-2005027326-3630884742-1001\...\MountPoints2: {af070161-464c-11e4-b999-00241dda03a0} - I:\setup.exe
- HKU\S-1-5-21-1796659216-2005027326-3630884742-1001\...\MountPoints2: {eda8f66d-1efa-11e4-82c5-00241dda03a0} - H:\SETUP.EXE
- HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-07-28] (Microsoft Corporation)
- ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Avast\ashShell.dll [2015-09-28] (AVAST Software)
- ==================== Internet (filtrowane) ====================
- (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
- Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
- Tcpip\..\Interfaces\{26F1CF78-71E0-4CAF-821D-0E175E778826}: [DhcpNameServer] 192.168.0.1
- Internet Explorer:
- ==================
- HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130964982448270976&GUID=00000000-0000-0000-0000-000000000000
- HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
- HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
- HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
- HKU\S-1-5-21-1796659216-2005027326-3630884742-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130964982448280976&GUID=00000000-0000-0000-0000-000000000000
- SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
- SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
- SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
- BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> E:\Microsoft Office 2013\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
- BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-31] (Oracle Corporation)
- BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> E:\Avast\aswWebRepIE.dll [2015-08-18] (AVAST Software)
- BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Microsoft Office 2013\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
- BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-31] (Oracle Corporation)
- Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - E:\Microsoft Office 2013\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
- FireFox:
- ========
- FF ProfilePath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\hcfvaxip.default
- FF NewTab: hxxp://www.istartpageing.com/newtab/?type=nt&ts=1451045519&z=08673fff328300740d849edgczfw7g9edzaw5w6g8t&from=cor&uid=wdcxwd7500aads-00m2b0_wd-wcav5899344493444
- FF Homepage: hxxp://www.istartpageing.com/?type=hp&ts=1451045519&z=08673fff328300740d849edgczfw7g9edzaw5w6g8t&from=cor&uid=wdcxwd7500aads-00m2b0_wd-wcav5899344493444
- FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
- FF NetworkProxy: "backup.ftp", ""
- FF NetworkProxy: "backup.ftp_port", 0
- FF NetworkProxy: "backup.socks", ""
- FF NetworkProxy: "backup.socks_port", 0
- FF NetworkProxy: "backup.ssl", ""
- FF NetworkProxy: "backup.ssl_port", 0
- FF NetworkProxy: "ftp", "95.140.196.34:3128"
- FF NetworkProxy: "http", "95.140.196.34:3128"
- FF NetworkProxy: "share_proxy_settings", true
- FF NetworkProxy: "socks", "95.140.196.34:3128"
- FF NetworkProxy: "ssl", "95.140.196.34:3128"
- FF NetworkProxy: "type", 0
- FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-28] ()
- FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-31] (Oracle Corporation)
- FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-31] (Oracle Corporation)
- FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
- FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
- FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [Brak pliku]
- FF Plugin: @microsoft.com/SharePoint,version=14.0 -> E:\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
- FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-12-17] (Adobe Systems Inc.)
- FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
- FF Extension: MEGA - C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\hcfvaxip.default\Extensions\firefox@mega.co.nz.xpi [2015-03-02] [Brak podpisu cyfrowego]
- FF Extension: Przelewy24 - C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\hcfvaxip.default\Extensions\p24ext@przelewy24.pl.xpi [2014-10-20] [Brak podpisu cyfrowego]
- FF Extension: Adblock Plus - C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\hcfvaxip.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-23]
- FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - E:\Avast\WebRep\FF
- FF Extension: Avast Online Security - E:\Avast\WebRep\FF [2015-12-10]
- StartMenuInternet: FIREFOX.EXE - E:\Mozilla\firefox.exe
- Chrome:
- =======
- CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - E:\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-01]
- ==================== Usługi (filtrowane) ========================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- R2 AMD FUEL Service; E:\AMD\ATI.ACE\Fuel\Fuel.Service.exe [276992 2014-04-17] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego]
- R2 avast! Antivirus; E:\Avast\AvastSvc.exe [146600 2015-09-28] (AVAST Software)
- S3 AvastVBoxSvc; E:\Avast\ng\vbox\AvastVBoxSVC.exe [3219136 2015-09-28] (Avast Software)
- S3 BITCOMET_HELPER_SERVICE; E:\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com)
- S3 Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-07-25] (Creative Labs) [Brak podpisu cyfrowego]
- R2 CTAudSvcService; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [429056 2013-10-28] (Creative Technology Ltd) [Brak podpisu cyfrowego]
- R2 GeniusMouseService; C:\Genius\ioCentre\GMouseService.exe [12288 2010-03-11] () [Brak podpisu cyfrowego]
- S2 SkypeUpdate; E:\Skype\Updater\Updater.exe [327296 2015-07-09] (Skype Technologies)
- R2 ss_conn_service; E:\Kies\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
- R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
- ===================== Sterowniki (filtrowane) ==========================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- R2 AODDriver4.3; E:\AMD\ATI.ACE\Fuel\i386\AODDriver2.sys [50400 2014-02-11] (Advanced Micro Devices)
- R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-09-28] (AVAST Software)
- R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-09-28] (AVAST Software)
- R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-09-28] (AVAST Software)
- R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-09-28] (AVAST Software)
- R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-11-06] (AVAST Software)
- R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2015-11-06] (AVAST Software)
- S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [115640 2015-09-28] (AVAST Software)
- R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-09-28] (AVAST Software)
- R3 bbcap; C:\Windows\System32\DRIVERS\bbcap.sys [4096 2015-10-03] (Windows (R) Codename Longhorn DDK provider)
- S3 COMMONFX; C:\Windows\System32\drivers\COMMONFX.SYS [101656 2014-03-14] (Creative Technology Ltd)
- R3 COMMONFX.SYS; C:\Windows\System32\drivers\COMMONFX.SYS [101656 2014-03-14] (Creative Technology Ltd)
- S3 CTAUDFX; C:\Windows\System32\drivers\CTAUDFX.SYS [557336 2014-03-14] (Creative Technology Ltd)
- R3 CTAUDFX.SYS; C:\Windows\System32\drivers\CTAUDFX.SYS [557336 2014-03-14] (Creative Technology Ltd)
- S3 ctdvda2k; C:\Windows\System32\drivers\ctdvda2k.sys [349384 2014-03-14] (Creative Technology Ltd)
- S3 CTERFXFX; C:\Windows\System32\drivers\CTERFXFX.SYS [103192 2014-03-14] (Creative Technology Ltd)
- S3 CTERFXFX.SYS; C:\Windows\System32\drivers\CTERFXFX.SYS [103192 2014-03-14] (Creative Technology Ltd)
- S3 CTSBLFX; C:\Windows\System32\drivers\CTSBLFX.SYS [568600 2014-03-14] (Creative Technology Ltd)
- R3 CTSBLFX.SYS; C:\Windows\System32\drivers\CTSBLFX.SYS [568600 2014-03-14] (Creative Technology Ltd)
- R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-08-08] (Disc Soft Ltd)
- S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14920 2013-03-07] () [Brak podpisu cyfrowego]
- S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9160 2013-03-07] () [Brak podpisu cyfrowego]
- S3 gMouPS2; C:\Windows\System32\DRIVERS\gMouPS2.sys [17408 2009-06-30] ( Mouse Upfilter Driver )
- R3 ha10kx2k; C:\Windows\System32\drivers\ha10kx2k.sys [802584 2014-03-14] (Creative Technology Ltd)
- R3 hap16v2k; C:\Windows\System32\drivers\hap16v2k.sys [165144 2014-03-14] (Creative Technology Ltd)
- S3 hap17v2k; C:\Windows\System32\drivers\hap17v2k.sys [191768 2014-03-14] (Creative Technology Ltd)
- R3 LGBusEnum; C:\Windows\System32\drivers\LGBusEnum.sys [19720 2009-11-24] (Logitech Inc.)
- R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [39960 2013-05-30] (Logitech Inc.)
- R3 LGVirHid; C:\Windows\System32\drivers\LGVirHid.sys [14856 2009-11-24] (Logitech Inc.)
- R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
- R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [107984 2015-09-28] (AVAST Software)
- S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13976 2009-04-30] (Logitech Inc.)
- S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2687512 2009-04-30] (Logitech Inc.)
- R2 VBoxAswDrv; E:\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-09-28] (Avast Software)
- S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
- ==================== NetSvcs (filtrowane) ===================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- ==================== Jeden miesiąc - utworzone pliki i foldery ========
- (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
- 2016-01-14 16:09 - 2016-01-14 16:10 - 01721856 _____ (Farbar) C:\Users\Kuba\Downloads\FRST(2).exe
- 2016-01-13 23:04 - 2015-11-17 01:45 - 00022464 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
- 2016-01-13 23:04 - 2015-11-17 01:42 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
- 2016-01-13 23:04 - 2015-11-17 01:42 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
- 2016-01-13 23:04 - 2015-11-17 01:42 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
- 2016-01-13 23:04 - 2015-11-17 01:42 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
- 2016-01-13 23:04 - 2015-11-17 01:42 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
- 2016-01-13 11:04 - 2016-01-13 11:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
- 2016-01-12 20:42 - 2015-12-11 19:35 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
- 2016-01-12 20:42 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
- 2016-01-12 20:42 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
- 2016-01-12 20:42 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
- 2016-01-12 20:42 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
- 2016-01-12 20:42 - 2015-12-08 22:54 - 01202688 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
- 2016-01-12 20:42 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
- 2016-01-12 20:42 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
- 2016-01-12 20:42 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
- 2016-01-12 20:42 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
- 2016-01-12 20:42 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
- 2016-01-12 20:42 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
- 2016-01-12 20:42 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
- 2016-01-12 20:42 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
- 2016-01-12 20:42 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
- 2016-01-12 20:42 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
- 2016-01-12 20:42 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
- 2016-01-12 20:42 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
- 2016-01-12 20:42 - 2015-12-08 22:53 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
- 2016-01-12 20:42 - 2015-12-08 22:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
- 2016-01-12 20:42 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
- 2016-01-12 20:42 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
- 2016-01-12 20:42 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
- 2016-01-12 20:42 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
- 2016-01-12 20:42 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
- 2016-01-12 20:42 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
- 2016-01-12 20:42 - 2015-12-08 22:53 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
- 2016-01-12 20:42 - 2015-12-08 22:53 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
- 2016-01-12 20:42 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
- 2016-01-12 20:42 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
- 2016-01-12 20:42 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
- 2016-01-12 20:42 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
- 2016-01-12 20:42 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
- 2016-01-12 20:42 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
- 2016-01-12 20:42 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
- 2016-01-12 20:42 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
- 2016-01-12 20:42 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
- 2016-01-12 20:42 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
- 2016-01-12 20:42 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
- 2016-01-12 20:42 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
- 2016-01-12 20:42 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
- 2016-01-12 20:42 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
- 2016-01-12 20:42 - 2015-12-08 22:43 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
- 2016-01-12 20:42 - 2015-12-08 22:11 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
- 2016-01-12 20:42 - 2015-12-08 22:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
- 2016-01-12 20:42 - 2015-12-08 22:00 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
- 2016-01-12 20:42 - 2015-11-16 21:12 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
- 2016-01-12 20:42 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
- 2016-01-12 20:42 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
- 2016-01-12 20:42 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
- 2016-01-09 12:32 - 2016-01-09 12:32 - 00263692 _____ C:\Users\Kuba\Downloads\WM-cw19.pdf
- 2015-12-29 19:39 - 2015-12-29 19:39 - 00145000 _____ C:\Windows\Minidump\122915-35209-01.dmp
- 2015-12-26 19:26 - 2015-12-26 19:26 - 00000000 ____D C:\Program Files\MSXML 4.0
- 2015-12-25 22:12 - 2015-12-25 22:12 - 00000000 ____D C:\ProgramData\Malwarebytes
- 2015-12-25 13:34 - 2015-12-25 13:38 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Nero
- 2015-12-25 13:33 - 2015-12-25 22:25 - 00001400 _____ C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
- 2015-12-25 13:33 - 2015-12-25 13:34 - 00000000 ____D C:\Program Files\Common Files\Nero
- 2015-12-25 13:33 - 2015-12-25 13:33 - 00000000 ____D C:\ProgramData\Nero
- 2015-12-25 13:33 - 2015-12-25 13:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
- 2015-12-24 13:41 - 2015-12-24 13:41 - 00145000 _____ C:\Windows\Minidump\122415-38235-01.dmp
- 2015-12-20 13:00 - 2015-12-20 13:00 - 00145000 _____ C:\Windows\Minidump\122015-36176-01.dmp
- 2015-12-19 21:04 - 2015-12-19 21:04 - 00145000 _____ C:\Windows\Minidump\121915-33711-01.dmp
- 2015-12-18 11:14 - 2015-12-18 11:14 - 00145000 _____ C:\Windows\Minidump\121815-34991-01.dmp
- 2015-12-15 23:47 - 2015-12-15 23:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
- 2015-12-15 23:47 - 2015-12-15 23:47 - 00000000 ____D C:\Program Files\Skype
- 2015-12-15 23:47 - 2015-12-15 23:47 - 00000000 ____D C:\Program Files\Common Files\Skype
- ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
- (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
- 2016-01-14 16:11 - 2015-04-07 13:17 - 00015184 _____ C:\Users\Kuba\Downloads\FRST.txt
- 2016-01-14 16:10 - 2015-04-07 13:16 - 00000000 ____D C:\FRST
- 2016-01-14 16:00 - 2014-07-25 15:48 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
- 2016-01-14 15:31 - 2009-07-14 05:34 - 00007840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
- 2016-01-14 15:31 - 2009-07-14 05:34 - 00007840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
- 2016-01-14 15:30 - 2015-10-04 09:53 - 00000031 _____ C:\Windows\system32\bbcap.err
- 2016-01-14 15:30 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
- 2016-01-14 02:45 - 2014-12-23 01:56 - 00032592 _____ C:\Windows\system32\BMXStateBkp-{00000003-00000000-00000007-00001102-00000004-20021102}.rfx
- 2016-01-14 02:45 - 2014-12-23 01:56 - 00032592 _____ C:\Windows\system32\BMXState-{00000003-00000000-00000007-00001102-00000004-20021102}.rfx
- 2016-01-14 02:45 - 2014-12-23 01:56 - 00032136 _____ C:\Windows\system32\BMXCtrlState-{00000003-00000000-00000007-00001102-00000004-20021102}.rfx
- 2016-01-14 02:45 - 2014-12-22 21:52 - 00032136 _____ C:\Windows\system32\BMXBkpCtrlState-{00000003-00000000-00000007-00001102-00000004-20021102}.rfx
- 2016-01-14 02:45 - 2014-12-22 21:52 - 00011564 _____ C:\Windows\system32\DVCState-{00000003-00000000-00000007-00001102-00000004-20021102}.rfx
- 2016-01-14 02:44 - 2014-08-01 22:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
- 2016-01-14 02:43 - 2015-11-09 10:22 - 00000000 ___SD C:\Windows\system32\CompatTel
- 2016-01-14 02:43 - 2015-11-09 10:22 - 00000000 ____D C:\Windows\system32\appraiser
- 2016-01-14 02:42 - 2014-12-22 21:52 - 04931577 _____ C:\Windows\{00000003-00000000-00000007-00001102-00000004-20021102}.BAK
- 2016-01-14 02:42 - 2014-07-25 16:12 - 04931577 _____ C:\Windows\{00000003-00000000-00000007-00001102-00000004-20021102}.CDF
- 2016-01-13 21:39 - 2014-07-25 12:52 - 01668226 _____ C:\Windows\system32\PerfStringBackup.INI
- 2016-01-13 21:39 - 2009-07-14 09:07 - 00739694 _____ C:\Windows\system32\perfh015.dat
- 2016-01-13 21:39 - 2009-07-14 09:07 - 00155268 _____ C:\Windows\system32\perfc015.dat
- 2016-01-13 21:39 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
- 2016-01-13 10:45 - 2009-07-14 05:33 - 00307864 _____ C:\Windows\system32\FNTCACHE.DAT
- 2016-01-13 01:25 - 2014-08-10 15:37 - 00000000 ____D C:\ProgramData\Microsoft Help
- 2016-01-12 20:31 - 2014-10-13 22:58 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
- 2016-01-11 02:21 - 2015-02-01 19:31 - 00000405 _____ C:\Users\Kuba\Desktop\Biznes.txt
- 2016-01-10 01:10 - 2015-12-14 23:01 - 00000000 ____D C:\Users\Kuba\Documents\Euro Truck Simulator 2
- 2016-01-09 23:47 - 2014-08-07 12:33 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Skype
- 2016-01-09 16:30 - 2014-12-22 21:52 - 00001080 _____ C:\Windows\system32\settingsbkup.sfm
- 2016-01-09 16:30 - 2014-12-22 21:52 - 00001080 _____ C:\Windows\system32\settings.sfm
- 2016-01-08 22:52 - 2015-08-04 20:31 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\TS3Client
- 2016-01-07 20:54 - 2014-11-30 12:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 Multiplayer
- 2016-01-07 20:32 - 2014-07-25 15:45 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
- 2016-01-05 22:50 - 2014-09-27 20:55 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
- 2016-01-05 01:21 - 2014-08-20 18:35 - 00000366 _____ C:\Users\Kuba\Desktop\Nowy dokument tekstowy.txt
- 2016-01-02 22:00 - 2014-07-25 15:48 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
- 2016-01-02 22:00 - 2014-07-25 15:48 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
- 2015-12-30 12:43 - 2015-02-19 16:58 - 00000000 ____D C:\Users\Kuba\AppData\Local\Steam
- 2015-12-29 19:41 - 2009-07-14 03:37 - 00000000 ____D C:\Windows
- 2015-12-29 19:39 - 2015-02-08 00:49 - 00000000 ____D C:\Windows\Minidump
- 2015-12-25 23:10 - 2014-08-07 12:33 - 00000000 ____D C:\ProgramData\Skype
- 2015-12-25 22:25 - 2015-08-04 20:31 - 00000593 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
- 2015-12-25 22:25 - 2015-07-01 15:41 - 00000652 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
- 2015-12-25 22:25 - 2015-03-26 23:43 - 00000888 _____ C:\Users\Public\Desktop\Play Star Wars Racer (fixed EXE).lnk
- 2015-12-25 22:25 - 2015-01-31 02:12 - 00001017 _____ C:\Users\Public\Desktop\Logitech Vid.lnk
- 2015-12-25 22:25 - 2015-01-31 02:10 - 00002111 _____ C:\Users\Public\Desktop\Logitech Webcam Software.lnk
- 2015-12-25 22:25 - 2014-10-13 22:58 - 00001983 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
- 2015-12-25 22:25 - 2014-07-25 16:27 - 00000515 _____ C:\Users\Public\Desktop\Steam.lnk
- 2015-12-25 22:25 - 2014-07-25 12:38 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
- 2015-12-25 22:25 - 2014-07-25 12:38 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
- 2015-12-25 22:25 - 2009-07-14 05:46 - 00001479 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
- 2015-12-25 22:25 - 2009-07-14 05:42 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
- 2015-12-25 22:25 - 2009-07-14 05:42 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
- 2015-12-25 22:25 - 2009-07-14 05:42 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
- 2015-12-25 22:25 - 2009-07-14 05:42 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
- 2015-12-25 22:24 - 2015-09-25 17:55 - 00000571 _____ C:\Users\Kuba\Desktop\VirtualDJ 8.lnk
- 2015-12-25 22:24 - 2015-06-29 16:44 - 00000733 _____ C:\Users\Kuba\Desktop\Testy B 2015.lnk
- 2015-12-25 22:24 - 2014-09-14 16:02 - 00000541 _____ C:\Users\Kuba\Desktop\SopCast.lnk
- 2015-12-25 22:24 - 2014-08-07 23:52 - 00000000 ____D C:\Users\Kuba\AppData\Local\TempDIR
- 2015-12-25 22:24 - 2014-07-25 12:47 - 00001152 _____ C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
- 2015-12-25 22:24 - 2009-07-14 05:46 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
- 2015-12-25 22:24 - 2009-07-14 05:37 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
- 2015-12-19 02:37 - 2015-11-09 10:22 - 00000000 ___SD C:\Windows\system32\GWX
- 2015-12-15 23:47 - 2014-08-07 12:33 - 00000000 ____D C:\Users\Kuba\AppData\Local\Skype
- Niektóre pliki w TEMP:
- ====================
- C:\Users\Kuba\AppData\Local\Temp\bbcap.dll
- C:\Users\Kuba\AppData\Local\Temp\bbchlp.dll
- C:\Users\Kuba\AppData\Local\Temp\drm_dialogs.dll
- C:\Users\Kuba\AppData\Local\Temp\FlashBackDriverInstaller.exe
- C:\Users\Kuba\AppData\Local\Temp\jre-8u65-windows-au.exe
- C:\Users\Kuba\AppData\Local\Temp\Quarantine.exe
- C:\Users\Kuba\AppData\Local\Temp\sqlite3.dll
- C:\Users\Kuba\AppData\Local\Temp\VirtualDJ New Version.exe
- ==================== Bamital & volsnap =================
- (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
- C:\Windows\explorer.exe => Plik podpisany cyfrowo
- C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo
- C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo
- C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo
- C:\Windows\system32\services.exe => Plik podpisany cyfrowo
- C:\Windows\system32\User32.dll => Plik podpisany cyfrowo
- C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo
- C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo
- C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo
- C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo
- LastRegBack: 2016-01-09 22:16
- ==================== Koniec FRST.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement