Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 12.05.2018
- Uruchomiony przez Kamil (administrator) TREVOR (15-05-2018 12:08:10)
- Uruchomiony z C:\Users\Kamil\AppData\Local\Temp\scoped_dir5132_22328
- Załadowane profile: Kamil (Dostępne profile: Kamil)
- Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska)
- Internet Explorer Wersja 11 (Domyślna przeglądarka: Opera)
- Tryb startu: Normal
- Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Procesy (filtrowane) =================
- (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
- (AMD) C:\Windows\System32\atiesrxx.exe
- (AMD) C:\Windows\System32\atieclxx.exe
- (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
- (Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
- (Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
- (COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
- (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
- () C:\Windows\SysWOW64\PnkBstrA.exe
- (SlimWare Utilities, Inc.) C:\Program Files\SlimService\SlimServiceFactory.exe
- (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
- (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Microsoft Corporation) C:\Windows\System32\cmd.exe
- (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
- (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
- (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
- (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE
- (Opera Software) C:\Program Files\Opera\52.0.2871.99\opera.exe
- (Opera Software) C:\Program Files\Opera\52.0.2871.99\opera_crashreporter.exe
- (Opera Software) C:\Program Files\Opera\52.0.2871.99\opera.exe
- (Opera Software) C:\Program Files\Opera\52.0.2871.99\opera.exe
- (Opera Software) C:\Program Files\Opera\52.0.2871.99\opera.exe
- (Opera Software) C:\Program Files\Opera\52.0.2871.99\opera.exe
- (Opera Software) C:\Program Files\Opera\52.0.2871.99\opera.exe
- (Opera Software) C:\Program Files\Opera\52.0.2871.99\opera.exe
- (Opera Software) C:\Program Files\Opera\52.0.2871.99\opera.exe
- (Opera Software) C:\Program Files\Opera\52.0.2871.99\opera.exe
- (Opera Software) C:\Program Files\Opera\52.0.2871.99\opera.exe
- (Opera Software) C:\Program Files\Opera\52.0.2871.99\opera.exe
- (Microsoft Corporation) C:\Windows\System32\dllhost.exe
- ==================== Rejestr (filtrowane) ===========================
- (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
- HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5299320 2000-01-01] (VIA)
- HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [291568 2018-05-10] (AVG Technologies CZ, s.r.o.)
- HKU\S-1-5-21-1651964370-1241916403-2472724040-1000\...\Run: [Spol] => hxxp://www.toya.net.pl/~spol/site/index.htm
- HKU\S-1-5-21-1651964370-1241916403-2472724040-1000\...\Run: [GoogleChromeAutoLaunch_46BF133ACA8BEB7ACDB8F921980892DB] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008 2018-04-26] (Google Inc.)
- HKU\S-1-5-21-1651964370-1241916403-2472724040-1000\...\MountPoints2: {01775f5c-2072-11e8-850b-002215f210f5} - I:\setup.exe
- HKU\S-1-5-21-1651964370-1241916403-2472724040-1000\...\MountPoints2: {29aa0f5d-fe42-11d5-a98c-002215f210f5} - F:\AutoRun.exe
- HKU\S-1-5-21-1651964370-1241916403-2472724040-1000\...\MountPoints2: {905f187f-1f93-11e8-b9a2-002215f210f5} - E:\setup.exe
- HKU\S-1-5-21-1651964370-1241916403-2472724040-1000\...\MountPoints2: {905f1884-1f93-11e8-b9a2-002215f210f5} - G:\setup.exe
- HKU\S-1-5-21-1651964370-1241916403-2472724040-1000\...\MountPoints2: {a5a054f8-fe3a-11d5-88b9-002215f210f5} - F:\AutoRun.exe
- HKU\S-1-5-21-1651964370-1241916403-2472724040-1000\...\MountPoints2: {a5a05507-fe3a-11d5-88b9-002215f210f5} - F:\AutoRun.exe
- HKU\S-1-5-21-1651964370-1241916403-2472724040-1000\...\MountPoints2: {a5a0554b-fe3a-11d5-88b9-002215f210f5} - F:\AutoRun.exe
- GroupPolicy: Ograniczenia <==== UWAGA
- ==================== Internet (filtrowane) ====================
- (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
- Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt
- Tcpip\Parameters: [DhcpNameServer] 62.179.1.63 62.179.1.62
- Tcpip\..\Interfaces\{7CBDCBA5-B8A2-46E3-BB32-41150D3EE810}: [DhcpNameServer] 62.179.1.63 62.179.1.62
- Tcpip\..\Interfaces\{D79B19F7-DBF5-489A-8AE3-0CB26B354F9D}: [DhcpNameServer] 192.168.42.129
- Internet Explorer:
- ==================
- HKU\S-1-5-21-1651964370-1241916403-2472724040-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.spolszczenia.pl.prv.pl
- HKU\S-1-5-21-1651964370-1241916403-2472724040-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp
- BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-03-15] (Oracle Corporation)
- BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-04-26] (McAfee, Inc.)
- BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-03-15] (Oracle Corporation)
- BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-04-26] (McAfee, Inc.)
- BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
- Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
- Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-04-26] (McAfee, Inc.)
- Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-04-26] (McAfee, Inc.)
- FireFox:
- ========
- FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
- FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-05-03]
- FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
- FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-03-15] (Oracle Corporation)
- FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-03-15] (Oracle Corporation)
- FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
- FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
- FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-21] (Google Inc.)
- FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-21] (Google Inc.)
- Chrome:
- =======
- CHR HomePage: Default -> hxxp://www.istartsurf.com/?type=hp&ts=1436380077&z=77111472427913efb6d744cgdz9c3q7c6b0e5e6mfw&from=cor&uid=WDCXWD5000BEVT-22A0RT0_WD-WXN0AC9Y2956Y2956
- CHR StartupUrls: Default -> "hxxp://www.istartsurf.com/?type=hp&ts=1436380077&z=77111472427913efb6d744cgdz9c3q7c6b0e5e6mfw&from=cor&uid=WDCXWD5000BEVT-22A0RT0_WD-WXN0AC9Y2956Y2956"
- CHR DefaultSearchURL: Default -> hxxps://pl.search.yahoo.com/search?fr=mcafee_uninternational&type=D210PL91105G0&p={searchTerms}
- CHR DefaultSearchKeyword: Default -> mcafee
- CHR Profile: C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default [2018-05-15]
- CHR Extension: (Dokumenty) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-13]
- CHR Extension: (Dysk Google) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-14]
- CHR Extension: (YouTube) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-14]
- CHR Extension: (Adblock Plus) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-04-19]
- CHR Extension: (Steam Inventory Helper) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2018-04-01]
- CHR Extension: (McAfee® WebAdvisor) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2018-05-05]
- CHR Extension: (Dokumenty Google offline) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-14]
- CHR Extension: (Black red shards) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpjlkkaalgfbbegfnjoclhfidancjpch [2017-11-12]
- CHR Extension: (Until AM Web App) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\kodigjkcpaoeodlnmcnekemakpnmegnk [2017-11-12]
- CHR Extension: (AVG SafePrice) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2018-05-10]
- CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
- CHR Extension: (Gmail) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-14]
- CHR Extension: (Chrome Media Router) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-02]
- CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
- CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
- CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
- Opera:
- =======
- OPR Extension: (Translator) - C:\Users\Kamil\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2018-04-16]
- ==================== Usługi (filtrowane) ====================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [318328 2018-05-10] (AVG Technologies CZ, s.r.o.)
- S3 AVG Firewall; C:\Program Files (x86)\AVG\Antivirus\afwServ.exe [430032 2018-05-10] (AVG Technologies CZ, s.r.o.)
- S3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7670672 2018-05-10] (AVG Technologies CZ, s.r.o.)
- S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1530376 2018-05-02] ()
- S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3480720 2018-02-22] (Disc Soft Ltd)
- R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2272520 2018-02-23] (Comodo)
- S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [779392 2018-04-26] (EasyAntiCheat Ltd)
- R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-03-29] (Hi-Rez Studios) [Brak podpisu cyfrowego]
- R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1199544 2018-01-17] (COMODO)
- R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604824 2018-04-26] (McAfee, Inc.)
- R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2018-04-07] ()
- R2 SlimService; C:\Program Files\SlimService\SlimServiceFactory.exe [270672 2018-03-20] (SlimWare Utilities, Inc.)
- R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
- R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2000-01-01] (VIA Technologies, Inc.)
- S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
- ===================== Sterowniki (filtrowane) ======================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- S3 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [189032 2018-05-10] (AVG Technologies CZ, s.r.o.)
- S3 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdrivera.sys [220600 2018-05-10] (AVG Technologies CZ, s.r.o.)
- S3 avgbidsh; C:\Windows\System32\drivers\avgbidsha.sys [192536 2018-05-10] (AVG Technologies CZ, s.r.o.)
- S3 avgblog; C:\Windows\System32\drivers\avgbloga.sys [336848 2018-05-10] (AVG Technologies CZ, s.r.o.)
- S3 avgbuniv; C:\Windows\System32\drivers\avgbuniva.sys [50776 2018-05-10] (AVG Technologies CZ, s.r.o.)
- S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [39352 2018-05-10] (AVG Technologies CZ, s.r.o.)
- R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [151504 2018-05-10] (AVG Technologies CZ, s.r.o.)
- S3 avgNetNd6; C:\Windows\System32\DRIVERS\avgNetNd6.sys [29944 2018-05-10] (AVG Technologies CZ, s.r.o.)
- S3 avgNetSec; C:\Windows\System32\drivers\avgNetSec.sys [632640 2018-05-10] (AVG Technologies CZ, s.r.o.)
- S3 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [103744 2018-05-10] (AVG Technologies CZ, s.r.o.)
- R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [78352 2018-05-10] (AVG Technologies CZ, s.r.o.)
- S3 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1020112 2018-05-10] (AVG Technologies CZ, s.r.o.)
- R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [452904 2018-05-10] (AVG Technologies CZ, s.r.o.)
- S3 avgStm; C:\Windows\System32\drivers\avgStm.sys [198368 2018-05-10] (AVG Technologies CZ, s.r.o.)
- S3 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [373944 2018-05-10] (AVG Technologies CZ, s.r.o.)
- S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
- R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2018-03-04] (Disc Soft Ltd)
- R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2018-03-04] (Disc Soft Ltd)
- R1 isedrv; C:\Windows\system32\drivers\isedrv.sys [50576 2018-01-17] (COMODO)
- R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
- R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
- S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [59240 2018-02-24] (NVIDIA Corporation)
- S3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57928 2018-02-24] (NVIDIA Corporation)
- S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
- U3 avgbdisk; Brak ImagePath
- S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
- S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
- S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
- S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
- S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
- S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
- S4 NVHDA; system32\drivers\nvhda64v.sys [X]
- S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
- S3 WinRing0_1_2_0; \??\C:\Program Files\Smart PC Utilities\Game Fire\GameFire.sys [X]
- ==================== NetSvcs (filtrowane) ===================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- ==================== Jeden miesiąc - utworzone pliki i foldery ========
- (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
- 2018-05-15 12:07 - 2018-05-15 12:08 - 000000000 ____D C:\FRST
- 2018-05-15 12:07 - 2018-05-15 12:07 - 002404864 _____ (Farbar) C:\Users\Kamil\Desktop\FRST64.exe
- 2018-05-14 14:21 - 2018-05-14 14:21 - 115993681 _____ C:\Users\Kamil\Downloads\IGG-Bloodytrapland1.50.rar
- 2018-05-14 14:09 - 2018-05-14 14:09 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Bennett Foddy
- 2018-05-14 14:07 - 2018-05-14 14:09 - 671687197 _____ C:\Users\Kamil\Downloads\Getting.Over.It.with.Bennett.Foddy.v1.5762 (1).rar
- 2018-05-14 13:56 - 2018-05-14 15:59 - 000000000 ____D C:\Program Files (x86)\trend micro
- 2018-05-14 13:56 - 2018-05-14 13:56 - 001107968 _____ C:\Users\Kamil\Desktop\RSIT.exe
- 2018-05-14 13:56 - 2018-05-14 13:56 - 000000000 ____D C:\rsit
- 2018-05-14 13:30 - 2018-05-14 13:30 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\SKS
- 2018-05-11 19:07 - 2018-05-11 19:07 - 000647609 _____ C:\Users\Kamil\Downloads\postal2_postal2stp_pl.rar
- 2018-05-11 19:00 - 2018-05-11 19:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Running With Scissors
- 2018-05-11 18:56 - 2018-05-11 18:56 - 000000000 ____D C:\Program Files (x86)\Running With Scissors
- 2018-05-11 18:52 - 2018-05-11 18:52 - 000017184 _____ C:\Users\Kamil\Downloads\Postal.2.Complete-PROPHET.torrent
- 2018-05-11 18:46 - 2018-05-14 12:18 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\uTorrent
- 2018-05-11 10:33 - 2018-05-11 10:35 - 671687197 _____ C:\Users\Kamil\Downloads\Getting.Over.It.with.Bennett.Foddy.v1.5762.rar
- 2018-05-10 22:42 - 2018-05-10 22:42 - 000176160 _____ C:\Windows\ntbtlog.txt
- 2018-05-10 22:01 - 2018-05-10 22:01 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\AVG
- 2018-05-10 22:00 - 2018-05-10 22:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
- 2018-05-10 21:59 - 2018-05-10 21:59 - 000000000 ____D C:\Windows\System32\Tasks\AVG
- 2018-05-10 21:58 - 2018-05-10 21:58 - 000003916 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
- 2018-05-10 21:58 - 2018-05-10 21:57 - 000452904 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
- 2018-05-10 21:58 - 2018-05-10 21:57 - 000373944 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
- 2018-05-10 21:58 - 2018-05-10 21:57 - 000198368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
- 2018-05-10 21:58 - 2018-05-10 21:57 - 000078352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
- 2018-05-10 21:57 - 2018-05-10 21:57 - 001020112 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
- 2018-05-10 21:57 - 2018-05-10 21:57 - 000632640 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetSec.sys
- 2018-05-10 21:57 - 2018-05-10 21:57 - 000377584 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
- 2018-05-10 21:57 - 2018-05-10 21:57 - 000336848 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbloga.sys
- 2018-05-10 21:57 - 2018-05-10 21:57 - 000220600 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdrivera.sys
- 2018-05-10 21:57 - 2018-05-10 21:57 - 000192536 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsha.sys
- 2018-05-10 21:57 - 2018-05-10 21:57 - 000189032 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
- 2018-05-10 21:57 - 2018-05-10 21:57 - 000151504 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
- 2018-05-10 21:57 - 2018-05-10 21:57 - 000103744 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
- 2018-05-10 21:57 - 2018-05-10 21:57 - 000050776 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniva.sys
- 2018-05-10 21:57 - 2018-05-10 21:57 - 000039352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
- 2018-05-10 21:57 - 2018-05-10 21:57 - 000029944 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetNd6.sys
- 2018-05-10 21:57 - 2018-05-10 21:57 - 000000000 ____D C:\Program Files\Common Files\AVG
- 2018-05-10 21:56 - 2018-05-10 22:00 - 000000000 ____D C:\Program Files (x86)\AVG
- 2018-05-10 21:55 - 2018-05-10 22:42 - 000000000 ____D C:\Users\Kamil\AppData\Local\AvgSetupLog
- 2018-05-10 21:55 - 2018-05-10 22:32 - 000000000 ____D C:\ProgramData\Avg
- 2018-05-10 21:55 - 2018-05-10 22:00 - 000000000 ____D C:\Users\Kamil\AppData\Local\Avg
- 2018-05-10 12:52 - 2018-05-10 12:52 - 000000000 ____D C:\Users\Kamil\AppData\Local\Chromium
- 2018-05-10 12:51 - 2018-05-10 12:51 - 000000000 ____D C:\ProgramData\RELOADED
- 2018-05-10 12:39 - 2018-05-10 12:39 - 000000956 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Island Riptide.lnk
- 2018-05-10 12:31 - 2018-05-10 12:50 - 000000000 ____D C:\Program Files (x86)\Dead Island Riptide
- 2018-05-07 21:54 - 2018-05-07 21:54 - 000000000 ____D C:\Users\Kamil\AppData\Local\SoulworkerLauncher
- 2018-05-07 21:53 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
- 2018-05-07 21:52 - 2018-05-07 21:52 - 000000774 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoulWorker.lnk
- 2018-05-06 18:28 - 2018-05-06 18:28 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Little Fighter 2
- 2018-05-06 18:28 - 2018-05-06 18:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Little Fighter 2
- 2018-05-06 18:28 - 2018-05-06 18:28 - 000000000 ____D C:\Program Files (x86)\LittleFighter2
- 2018-05-06 18:13 - 2018-05-06 18:13 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
- 2018-05-06 18:13 - 2018-05-06 18:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
- 2018-05-05 12:21 - 2018-05-07 21:51 - 000000000 ____D C:\Users\Kamil\Desktop\nie wiem co to wiec jak nie trafi do wlasciwego folderu usuwam to
- 2018-05-04 22:06 - 2018-05-04 22:06 - 000000000 ____D C:\Users\Kamil\AppData\Local\CrashReportClient
- 2018-05-04 13:05 - 2018-05-04 15:09 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\EasyAntiCheat
- 2018-05-02 17:10 - 2018-05-02 17:10 - 000000000 ____D C:\Users\Kamil\AppData\Local\GameAnalytics
- 2018-05-02 15:38 - 2018-05-02 15:38 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Smartly Dressed Games
- 2018-05-01 08:28 - 2018-05-01 08:28 - 000293528 _____ C:\Windows\system32\FNTCACHE.DAT
- 2018-04-30 21:43 - 2018-04-30 21:43 - 000063968 _____ C:\Users\Kamil\AppData\Local\GDIPFONTCACHEV1.DAT
- 2018-04-30 21:36 - 2018-04-30 21:36 - 000000000 ____D C:\Users\Kamil\Desktop\adrian
- 2018-04-30 21:34 - 2018-04-30 21:36 - 000000000 ____D C:\Users\Kamil\Desktop\inne
- 2018-04-30 11:06 - 2018-04-30 11:07 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\SmartSteamEmu
- 2018-04-30 11:06 - 2018-04-30 11:06 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Teal Fire
- 2018-04-29 13:27 - 2018-04-29 13:28 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\.technic
- 2018-04-28 21:14 - 2018-04-28 21:15 - 000000000 ____D C:\Users\Kamil\Documents\ArcaniA - Gothic 4
- 2018-04-27 22:17 - 2018-04-27 22:17 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
- 2018-04-27 22:16 - 2018-04-27 22:16 - 000000000 ____D C:\Users\Kamil\AppData\Local\Facebook
- 2018-04-27 14:02 - 2018-04-27 14:02 - 000227784 _____ C:\Users\Kamil\Downloads\Umowa o wydanie Promesy Pewne Wakacje (2).pdf
- 2018-04-27 13:51 - 2018-04-27 13:51 - 000161156 _____ C:\Users\Kamil\Downloads\zakres ubezpieczenia.pdf
- 2018-04-27 13:43 - 2018-04-27 13:43 - 000227784 _____ C:\Users\Kamil\Downloads\Umowa o wydanie Promesy Pewne Wakacje (1).pdf
- 2018-04-27 11:29 - 2018-04-27 11:29 - 000227784 _____ C:\Users\Kamil\Downloads\Umowa o wydanie Promesy Pewne Wakacje.pdf
- 2018-04-23 15:37 - 2018-04-23 15:37 - 000052212 _____ C:\Users\Kamil\Downloads\TR_DETAILS_20180423153753.pdf
- ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
- (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
- 2018-05-15 10:32 - 2018-02-24 20:24 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
- 2018-05-15 10:31 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
- 2018-05-14 17:56 - 2018-02-25 12:34 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\.minecraft
- 2018-05-14 17:43 - 2018-02-25 12:34 - 000000000 ____D C:\Program Files (x86)\Minecraft
- 2018-05-14 16:55 - 2017-12-03 13:11 - 000000000 ____D C:\Users\Kamil\AppData\Local\Ubisoft Game Launcher
- 2018-05-14 14:22 - 2018-03-02 18:36 - 000000000 ____D C:\Users\Kamil\AppData\Local\CrashDumps
- 2018-05-14 13:15 - 2009-07-14 06:45 - 000016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
- 2018-05-14 13:15 - 2009-07-14 06:45 - 000016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
- 2018-05-14 13:13 - 2018-03-04 13:31 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\uTorrent
- 2018-05-14 12:48 - 2018-02-24 20:15 - 000000000 ____D C:\Users\Kamil\AppData\Local\osu!
- 2018-05-14 12:11 - 2018-03-12 19:53 - 000000000 ____D C:\Windows\pss
- 2018-05-13 13:30 - 2018-02-24 19:30 - 000000000 ____D C:\Program Files (x86)\Steam
- 2018-05-12 21:50 - 2018-03-25 12:54 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
- 2018-05-12 21:42 - 2018-02-24 20:48 - 000000000 ____D C:\Users\Kamil\Desktop\gry
- 2018-05-12 21:36 - 2018-04-05 11:02 - 000000364 _____ C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Kamil).job
- 2018-05-11 22:16 - 2011-04-12 14:17 - 000740098 _____ C:\Windows\system32\perfh015.dat
- 2018-05-11 22:16 - 2011-04-12 14:17 - 000155672 _____ C:\Windows\system32\perfc015.dat
- 2018-05-11 22:16 - 2009-07-14 07:13 - 001669190 _____ C:\Windows\system32\PerfStringBackup.INI
- 2018-05-11 22:16 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
- 2018-05-11 19:00 - 2018-02-28 14:12 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
- 2018-05-11 17:37 - 2018-04-03 10:46 - 000000000 ____D C:\ProgramData\AVAST Software
- 2018-05-11 10:27 - 2018-02-24 20:49 - 000000000 ____D C:\Users\Kamil\Desktop\cleanery
- 2018-05-10 21:43 - 2018-03-08 22:33 - 000000000 ____D C:\Program Files\Opera
- 2018-05-10 18:43 - 2018-04-05 11:02 - 000003170 _____ C:\Windows\System32\Tasks\SlimCleaner Plus (Scheduled Scan - Kamil)
- 2018-05-10 18:43 - 2018-04-03 10:46 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
- 2018-05-10 18:43 - 2018-04-03 10:46 - 000002786 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
- 2018-05-10 18:43 - 2018-03-31 16:46 - 000002990 _____ C:\Windows\System32\Tasks\{CA27E099-575E-4F6F-9738-9478C1BC0E62}
- 2018-05-10 18:43 - 2018-03-08 23:02 - 000004570 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
- 2018-05-10 18:43 - 2018-03-08 23:02 - 000004424 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
- 2018-05-10 18:43 - 2018-03-08 22:33 - 000003872 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1520541214
- 2018-05-10 18:43 - 2018-03-06 23:30 - 000002952 _____ C:\Windows\System32\Tasks\{F7FADD2E-949C-4CA3-92B2-B07457758A15}
- 2018-05-10 18:43 - 2018-03-06 23:29 - 000002952 _____ C:\Windows\System32\Tasks\{DABAE1C3-AEB1-4A78-A235-0B1C6386A76B}
- 2018-05-10 18:43 - 2018-03-04 14:02 - 000003364 _____ C:\Windows\System32\Tasks\ByteFence
- 2018-05-08 20:27 - 2018-02-24 20:28 - 000000000 ____D C:\Users\Kamil\Documents\My Games
- 2018-05-08 14:06 - 2018-03-08 23:02 - 000804864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
- 2018-05-08 14:06 - 2018-03-08 23:02 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
- 2018-05-08 14:06 - 2018-03-08 23:02 - 000000000 ____D C:\Windows\SysWOW64\Macromed
- 2018-05-08 14:06 - 2018-03-08 23:02 - 000000000 ____D C:\Windows\system32\Macromed
- 2018-05-07 21:52 - 2018-03-04 20:05 - 000000000 ____D C:\Games
- 2018-05-06 18:13 - 2018-03-31 16:48 - 000000000 ____D C:\Users\Kamil\Documents\GTA San Andreas User Files
- 2018-05-06 17:44 - 2017-07-28 11:09 - 000000000 ____D C:\Users\Kamil\AppData\Local\VirtualStore
- 2018-05-06 14:35 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
- 2018-05-05 23:49 - 2018-03-03 19:36 - 000000000 ____D C:\ProgramData\Epic
- 2018-05-04 23:39 - 2018-04-07 17:20 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\TS3Client
- 2018-05-03 09:48 - 2018-03-04 14:01 - 000000000 ____D C:\Program Files (x86)\McAfee
- 2018-05-02 17:22 - 2018-03-15 22:19 - 000000000 ____D C:\Users\Kamil\Documents\TrackMania
- 2018-05-02 17:09 - 2018-03-04 19:32 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\DAEMON Tools Lite
- 2018-05-02 15:35 - 2017-12-14 20:05 - 000000000 ____D C:\ProgramData\Package Cache
- 2018-05-02 15:09 - 2018-02-24 19:34 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
- 2018-05-02 15:02 - 2017-11-13 20:27 - 000002190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
- 2018-05-02 15:02 - 2017-11-13 20:27 - 000002149 _____ C:\Users\Public\Desktop\Google Chrome.lnk
- 2018-05-02 09:38 - 2018-03-03 17:49 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
- 2018-05-02 09:38 - 2018-03-03 17:49 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\discord
- 2018-05-02 09:37 - 2018-03-03 17:49 - 000000000 ____D C:\Users\Kamil\AppData\Local\Discord
- 2018-04-30 21:13 - 2017-11-13 23:46 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
- 2018-04-30 21:13 - 2017-11-13 23:45 - 001008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
- 2018-04-30 21:13 - 2010-11-21 05:24 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
- 2018-04-30 21:13 - 2010-11-21 05:24 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
- 2018-04-30 21:13 - 2010-11-21 05:23 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
- 2018-04-28 21:51 - 2018-04-03 10:46 - 000000000 ____D C:\Program Files\CCleaner
- 2018-04-28 21:06 - 2018-03-03 21:42 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
- ==================== Pliki w katalogu głównym wybranych folderów =======
- 2018-03-04 14:01 - 2018-03-04 14:01 - 000195236 _____ () C:\Users\Kamil\AppData\Roaming\DMGR_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
- 2018-03-02 18:29 - 2018-03-03 21:49 - 001065984 _____ () C:\Users\Kamil\AppData\Local\file__0.localstorage
- 2017-12-25 15:59 - 2017-12-25 15:59 - 000007597 _____ () C:\Users\Kamil\AppData\Local\Resmon.ResmonCfg
- Niektóre pliki w TEMP:
- ====================
- 2018-05-10 21:43 - 2018-05-10 21:43 - 002183680 _____ (Opera Software) C:\Users\Kamil\AppData\Local\Temp\Opera_installer_180510194311217.dll
- 2018-05-10 21:43 - 2018-05-10 21:43 - 002183680 _____ (Opera Software) C:\Users\Kamil\AppData\Local\Temp\Opera_installer_180510194311281.dll
- ==================== Bamital & volsnap ======================
- (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
- C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo
- C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo
- C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo
- C:\Windows\explorer.exe => Plik podpisany cyfrowo
- C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo
- C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo
- C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo
- C:\Windows\system32\services.exe => Plik podpisany cyfrowo
- C:\Windows\system32\User32.dll
- [2017-11-13 23:45] - [2018-04-30 21:13] - 001008640 _____ (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79
- C:\Windows\SysWOW64\User32.dll
- [2017-11-13 23:46] - [2018-04-30 21:13] - 000833024 _____ (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE
- C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo
- C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo
- C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo
- C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo
- C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
- C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo
- LastRegBack: 2018-05-08 11:35
- ==================== Koniec FRST.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement