FRST.txt

Re: DNS unlocker uniemożliwia korzystanie z internetu

Z góry dziękuje za pomoc.


Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:05-03-2016 01
Uruchomiony przez Albert (administrator) KOMPUTERALBERTA (07-03-2016 10:38:40)
Uruchomiony z F:\
Załadowane profile: Albert (Dostępne profile: Albert)
Platform: Windows 8.1 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: IE)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Rejestr (filtrowane) ===========================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [NvBackend] = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2473800 2014-09-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] = & gt; C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] = & gt; C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7636696 2014-09-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] = & gt; C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2014-09-02] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] = & gt; C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] = & gt; C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] = & gt; C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] = & gt; C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-09-17] (Synaptics Incorporated)
HKLM-x32\...\Run: [HPMessageService] = & gt; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [507144 2014-09-02] (Hewlett-Packard Development Company, L.P.)
HKU\S-1-5-21-149791510-44931477-946137979-1001\...\Run: [DAEMON Tools Lite Automount] = & gt; C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-149791510-44931477-946137979-1001\...\Run: [EADM] = & gt; C:\Program Files (x86)\Origin\Origin.exe [3639280 2015-12-17] (Electronic Arts)
HKU\S-1-5-21-149791510-44931477-946137979-1001\...\Run: [Steam] = & gt; C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-02] (Valve Corporation)
HKU\S-1-5-21-149791510-44931477-946137979-1001\...\MountPoints2: H - " H:\setup.exe "
HKU\S-1-5-21-149791510-44931477-946137979-1001\...\MountPoints2: {0707a876-ac0c-11e5-826b-c48e8f6e79b2} - " F:\AutoRun.exe "
HKU\S-1-5-21-149791510-44931477-946137979-1001\...\MountPoints2: {66e8d899-70f6-11e5-8261-c48e8f6e79b2} - " G:\setup.exe "
HKU\S-1-5-21-149791510-44931477-946137979-1001\...\MountPoints2: {e8128427-ab27-11e5-826a-c48e8f6e79b2} - " H:\setup.exe "
HKU\S-1-5-21-149791510-44931477-946137979-1001\Control Panel\Desktop\\SCRNSAVE.EXE - & gt; C:\Windows\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
AppInit_DLLs: C:\ProgramData\Viatax\Tripplecom.dll = & gt; Brak pliku
AppInit_DLLs-x32: C:\ProgramData\Viatax\Zummalab.dll = & gt; Brak pliku
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] - & gt; {8BA85C75-763B-4103-94EB-9470F12FE0F7} = & gt; C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-02-23] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] - & gt; {CD55129A-B1A1-438E-A425-CEBC7DC684EE} = & gt; C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-02-23] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] - & gt; {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} = & gt; C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-02-23] (Microsoft Corporation)

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Tcpip\Parameters: [DhcpNameServer] 37.8.214.2 31.11.202.254
Tcpip\Parameters: [NameServer] 82.163.142.7 95.211.158.134
Tcpip\..\Interfaces\{0210F07E-0265-4834-8A09-F6FB18096227}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{334ACC2D-911C-4C83-8A46-6C3E93F8C2DB}: [DhcpNameServer] 37.8.214.2 31.11.202.254
Tcpip\..\Interfaces\{44094AA4-5B95-424E-A48B-7C2EA10162D3}: [DhcpNameServer] 82.163.142.7
Tcpip\..\Interfaces\{6AC71774-10CB-4D49-8B36-EBB3302BCD54}: [DhcpNameServer] 82.163.142.7
Tcpip\..\Interfaces\{7838564A-3E54-41AE-BED7-FE651955D820}: [DhcpNameServer] 82.163.142.7

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13.msn.com
HKU\S-1-5-21-149791510-44931477-946137979-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKU\S-1-5-21-149791510-44931477-946137979-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
HKU\S-1-5-21-149791510-44931477-946137979-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKLM - & gt; DefaultScope - brak wartości
SearchScopes: HKLM - & gt; {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - & gt; DefaultScope - brak wartości
SearchScopes: HKLM-x32 - & gt; {0187400A-A342-40D3-BBFB-4BF406B047B3} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8 & tag=hp-uk3-vsb-21 & link%5Fcode=qs & index=aps & field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-149791510-44931477-946137979-1001 - & gt; {0187400A-A342-40D3-BBFB-4BF406B047B3} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8 & tag=hp-uk3-vsb-21 & link%5Fcode=qs & index=aps & field-keywords={searchTerms}
BHO: Skype for Business Browser Helper - & gt; {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - & gt; C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-02-23] (Microsoft Corporation)
BHO: Content Blocker Plugin - & gt; {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - & gt; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - & gt; {73455575-E40C-433C-9784-C78DC7761455} - & gt; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2016-03-06] (Kaspersky Lab ZAO)
BHO: Microsoft SkyDrive Pro Browser Helper - & gt; {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - & gt; C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-23] (Microsoft Corporation)
BHO: URL Advisor Plugin - & gt; {E33CF602-D945-461A-83F0-819F76A199F8} - & gt; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: HP Network Check Helper - & gt; {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - & gt; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Skype for Business Browser Helper - & gt; {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - & gt; C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-02-23] (Microsoft Corporation)
BHO-x32: Content Blocker Plugin - & gt; {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - & gt; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - & gt; {73455575-E40C-433C-9784-C78DC7761455} - & gt; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2016-03-06] (Kaspersky Lab ZAO)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - & gt; {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - & gt; C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-02-23] (Microsoft Corporation)
BHO-x32: URL Advisor Plugin - & gt; {E33CF602-D945-461A-83F0-819F76A199F8} - & gt; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: HP Network Check Helper - & gt; {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - & gt; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-10-13] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Albert\AppData\Roaming\Mozilla\Firefox\Profiles\ykdastjg.default-1457280126831
FF Plugin: @adobe.com/FlashPlayer - & gt; C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-25] ()
FF Plugin-x32: @adobe.com/FlashPlayer - & gt; C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-25] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - & gt; C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @kaspersky.com/content_blocker - & gt; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com [2016-03-06] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard - & gt; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2016-03-06] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - & gt; C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - & gt; C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-10-13] (Microsoft Corporation)
FF user.js: detected! = & gt; C:\Users\Albert\AppData\Roaming\Mozilla\Firefox\Profiles\ykdastjg.default-1457280126831\user.js [2016-03-06]
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com [2016-03-06] [Brak podpisu cyfrowego]
FF HKLM-x32\...\Firefox\Extensions: [sidebarff@gmail.com] - C:\Users\Albert\AppData\Roaming\Mozilla\Firefox\Profiles\k7f2bxb0.default\extensions\sidebarff@gmail.com = & gt; nie znaleziono
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2016-03-06] [Brak podpisu cyfrowego]
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com [2016-03-06] [Brak podpisu cyfrowego]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

==================== Usługi (filtrowane) ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [98816 2014-10-11] () [Brak podpisu cyfrowego]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2809072 2016-01-20] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [509192 2014-09-02] (Hewlett-Packard Development Company, L.P.)
R2 Huawei E3372; C:\ProgramData\MobileBrServ\mbbservice.exe [240720 2014-03-07] ()
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [318568 2014-10-15] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Brak podpisu cyfrowego]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19438920 2014-09-09] (NVIDIA Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [Brak podpisu cyfrowego]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-17] (Electronic Arts)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [291032 2014-08-19] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-09-17] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Sterowniki (filtrowane) ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-10-18] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [142344 2016-03-06] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [771272 2016-03-06] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [67680 2014-03-19] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2014-01-23] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-05] (NVIDIA Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [294104 2014-08-19] (Realtek Semiconductor Corp.)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [580824 2014-09-10] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3593432 2014-10-08] (Realtek Semiconductor Corporation )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [32496 2014-09-17] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2014-09-17] (Synaptics Incorporated)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2016-03-07 10:35 - 2016-03-07 10:38 - 00000000 ____D C:\FRST
2016-03-07 07:57 - 2016-03-07 08:00 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-07 07:56 - 2016-03-07 07:56 - 01524224 _____ C:\Users\Albert\Downloads\adwcleaner_5.100.exe
2016-03-07 07:56 - 2016-03-07 07:56 - 00000000 ____D C:\AdwCleaner
2016-03-06 21:28 - 2016-03-06 21:28 - 00562408 _____ C:\Users\Albert\Desktop\Aplikacje.rar
2016-03-06 21:27 - 2016-03-06 21:27 - 00921295 _____ C:\Users\Albert\Desktop\System.rar
2016-03-06 21:26 - 2016-03-06 21:26 - 21041152 _____ C:\Users\Albert\Desktop\System.evtx
2016-03-06 21:25 - 2016-03-06 21:26 - 00000000 ____D C:\Users\Albert\Desktop\LocaleMetaData
2016-03-06 16:50 - 2016-03-06 16:50 - 00001174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-06 16:50 - 2016-03-06 16:50 - 00001162 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-06 16:50 - 2016-03-06 16:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-06 13:11 - 2016-03-06 13:25 - 00000000 ____D C:\Program Files\Common Files\AV
2016-03-06 12:46 - 2016-03-06 12:46 - 00001170 _____ C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2016-03-06 12:46 - 2016-03-06 12:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2016-03-06 12:46 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2016-03-06 12:45 - 2016-03-07 08:03 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-03-06 12:45 - 2016-03-06 12:45 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-03-06 12:44 - 2016-03-06 13:11 - 00771272 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2016-03-06 12:44 - 2016-03-06 13:11 - 00142344 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2016-03-06 12:44 - 2014-04-10 17:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2016-03-05 21:27 - 2016-02-25 19:05 - 00000030 _____ C:\AVScanner.ini
2016-03-04 15:19 - 2016-03-04 15:22 - 733270016 _____ C:\Users\Albert\Downloads\Olimp w Ogniu.avi
2016-03-03 19:37 - 2016-03-03 19:37 - 00123434 _____ C:\Users\Albert\Downloads\Instrukcja_CEIDG-1_8_stycznia_2015.pdf
2016-03-03 19:37 - 2016-03-03 19:37 - 00099668 _____ C:\Users\Albert\Downloads\CEIDG-1_v1.06z.pdf
2016-02-28 13:17 - 2016-02-28 14:07 - 196961970 _____ C:\Users\Albert\Downloads\Breaking-Bad-S04E08 pl.avi
2016-02-28 13:17 - 2016-02-28 14:07 - 192763093 _____ C:\Users\Albert\Downloads\Breaking-Bad-S04E09 pl.avi
2016-02-27 19:50 - 2016-03-06 17:02 - 00000000 ____D C:\Users\Albert\Desktop\Stare dane programu Firefox
2016-02-27 11:52 - 2016-02-27 11:52 - 00000000 ____D C:\Users\Albert\.oracle_jre_usage
2016-02-27 11:48 - 2016-02-27 11:51 - 47695168 _____ (eTeks ) C:\Users\Albert\Downloads\SweetHome3D-5.2-windows.exe
2016-02-27 11:47 - 2016-02-27 11:47 - 00735328 _____ (Oracle Corporation) C:\Users\Albert\Downloads\jxpiinstall.exe
2016-02-27 11:47 - 2016-02-27 11:47 - 00000000 ____D C:\Users\Albert\AppData\LocalLow\Oracle
2016-02-27 11:41 - 2016-02-27 11:41 - 08003072 _____ C:\Users\Albert\AppData\Roaming\agent.dat
2016-02-27 11:41 - 2016-02-27 11:41 - 01894066 _____ C:\Users\Albert\AppData\Roaming\Sontip.tst
2016-02-27 11:41 - 2016-02-27 11:41 - 00126464 _____ C:\Users\Albert\AppData\Roaming\noah.dat
2016-02-27 11:41 - 2016-02-27 11:41 - 00064752 _____ C:\Users\Albert\AppData\Roaming\Config.xml
2016-02-27 11:41 - 2016-02-27 11:41 - 00018432 _____ C:\Users\Albert\AppData\Roaming\Main.dat
2016-02-27 11:41 - 2016-02-27 11:41 - 00005568 _____ C:\Users\Albert\AppData\Roaming\md.xml
2016-02-27 11:41 - 2016-02-27 11:41 - 00000000 ____D C:\Users\Albert\AppData\Roaming\PriceFountainUpdateVer
2016-02-27 11:40 - 2016-02-27 11:41 - 00011424 _____ C:\Users\Albert\AppData\Roaming\InstallationConfiguration.xml
2016-02-27 11:40 - 2016-02-27 11:40 - 00127488 _____ C:\Users\Albert\AppData\Roaming\Installer.dat
2016-02-24 07:28 - 2016-02-24 07:28 - 00000000 ____D C:\Users\Albert\Downloads\Breaking.Bad.S02E09.DVDRip.XviD-NODLABS
2016-02-24 07:25 - 2016-02-24 07:28 - 366954600 _____ C:\Users\Albert\Downloads\Breaking.Bad.S02E09.DVDRip.XviD-NODLABS.rar
2016-02-24 07:25 - 2016-02-24 07:25 - 00000000 ____D C:\Users\Albert\Downloads\Breaking.Bad.S02E08.DVDRip.XviD-NODLABS
2016-02-22 22:01 - 2016-02-22 22:01 - 00000000 ____D C:\Users\Albert\AppData\LocalLow\Temp
2016-02-22 21:05 - 2016-02-22 21:05 - 00224207 _____ C:\Users\Albert\Desktop\cv-albert-bogdanski(1).pdf
2016-02-22 21:01 - 2016-02-22 21:01 - 00222255 _____ C:\Users\Albert\Downloads\cv-albert-bogdanski.pdf
2016-02-22 19:49 - 2016-02-22 19:49 - 00000000 ____D C:\Users\Albert\Desktop\cv1
2016-02-22 18:22 - 2016-02-22 18:24 - 206878166 _____ C:\Users\Albert\Downloads\Ten Typ Mes - Trzeba Było Zostać Dresiarzem (2014) [mp3@320].rar
2016-02-22 18:18 - 2016-02-22 18:21 - 159755711 _____ C:\Users\Albert\Downloads\Tede & Sir Mich - Vanilla Hajs Cały Album.rar
2016-02-18 12:20 - 2016-02-22 18:28 - 00000000 ____D C:\Users\Albert\Desktop\Muzyka
2016-02-18 12:19 - 2016-02-22 18:07 - 00000000 ____D C:\Users\Albert\galaxy neo
2016-02-16 14:16 - 2016-02-02 03:37 - 00828920 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-16 14:16 - 2016-02-02 03:37 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-14 12:36 - 2016-02-14 12:36 - 00567484 _____ C:\Users\Albert\Downloads\D20040593Lj.pdf
2016-02-12 21:07 - 2016-02-12 21:07 - 00011987 _____ C:\Users\Albert\Downloads\confirmation.pdf
2016-02-12 08:35 - 2016-02-12 14:18 - 1469820646 _____ C:\Users\Albert\Downloads\The.Hateful.Eight.2015.PLSUBBED.DVDSCR.XViD-MX.avi
2016-02-11 23:13 - 2016-02-06 11:48 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-11 23:13 - 2016-02-06 11:24 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-11 23:13 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-11 23:13 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-11 23:13 - 2016-02-06 10:32 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-11 23:13 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-11 23:13 - 2016-02-06 10:09 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-11 23:13 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-09 22:16 - 2016-01-15 02:42 - 00033472 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-09 22:16 - 2016-01-14 21:44 - 01362944 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-09 22:16 - 2016-01-14 21:44 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-09 22:16 - 2016-01-14 21:44 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-09 22:16 - 2016-01-14 21:44 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-09 22:16 - 2016-01-14 21:44 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-09 22:16 - 2016-01-14 21:44 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-09 22:16 - 2016-01-10 20:37 - 00442720 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-09 22:16 - 2016-01-10 19:39 - 00332640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-02-09 22:16 - 2016-01-10 19:15 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-09 22:16 - 2016-01-10 19:15 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-09 22:16 - 2016-01-10 18:43 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-02-09 22:16 - 2016-01-10 18:09 - 01442304 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-09 22:16 - 2016-01-10 18:09 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-02-09 22:16 - 2016-01-10 17:56 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2016-02-09 22:15 - 2016-01-22 09:01 - 22365992 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-09 22:15 - 2016-01-22 08:11 - 19794896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-02-09 22:15 - 2016-01-22 06:25 - 14467072 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-02-09 22:15 - 2016-01-22 06:14 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-02-09 22:15 - 2016-01-22 06:07 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-09 22:15 - 2016-01-22 05:58 - 02464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-02-09 22:14 - 2016-01-10 20:37 - 00136912 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-09 22:14 - 2016-01-10 17:51 - 03707392 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-09 22:14 - 2016-01-10 17:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-09 22:14 - 2016-01-10 17:38 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-09 22:14 - 2016-01-10 17:36 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2016-02-09 22:14 - 2016-01-10 17:36 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-09 22:14 - 2016-01-10 17:35 - 02243584 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-09 22:14 - 2016-01-10 17:35 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-09 22:14 - 2016-01-10 17:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-02-09 22:14 - 2016-01-10 17:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-02-09 22:14 - 2016-01-10 17:27 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-02-09 22:14 - 2016-01-10 17:26 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-02-09 21:48 - 2016-01-19 20:14 - 07453024 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-09 21:48 - 2016-01-19 20:13 - 02175008 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-02-09 21:48 - 2016-01-19 20:13 - 01063464 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2016-02-09 21:48 - 2016-01-19 20:12 - 01737088 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-09 21:48 - 2016-01-19 20:12 - 01133744 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-09 21:48 - 2016-01-19 19:23 - 01564496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-02-09 21:48 - 2016-01-19 19:23 - 01501496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-09 21:48 - 2016-01-19 19:23 - 00548024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2016-02-09 21:48 - 2016-01-19 19:15 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-02-09 21:48 - 2016-01-19 18:30 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-09 21:48 - 2016-01-19 17:37 - 00267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2016-02-09 21:48 - 2016-01-10 18:50 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\cfgbkend.dll
2016-02-09 21:48 - 2016-01-10 18:31 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-09 21:48 - 2016-01-10 18:16 - 00898048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-09 21:48 - 2016-01-10 18:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgbkend.dll
2016-02-09 21:48 - 2016-01-10 18:12 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-09 21:48 - 2016-01-10 18:02 - 00987648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-09 21:48 - 2016-01-10 17:58 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-09 21:48 - 2016-01-10 17:51 - 00702976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-02-09 21:48 - 2016-01-10 17:49 - 00443392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-09 21:48 - 2016-01-10 17:43 - 00801792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-09 21:48 - 2016-01-10 17:40 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-09 21:48 - 2016-01-07 19:34 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-09 21:48 - 2016-01-06 19:25 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-09 21:48 - 2015-12-29 16:45 - 07783936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-02-09 21:48 - 2015-12-29 16:45 - 07075328 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-02-09 21:48 - 2015-12-29 16:43 - 05267968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-02-09 21:48 - 2015-12-29 16:42 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-02-09 21:48 - 2015-12-28 22:42 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\WinSync.dll
2016-02-09 21:48 - 2015-12-28 21:31 - 00578048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSync.dll
2016-02-09 21:47 - 2016-01-22 07:40 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-09 21:47 - 2016-01-22 07:29 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-09 21:47 - 2016-01-22 07:28 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-02-09 21:47 - 2016-01-22 07:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-09 21:47 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-02-09 21:47 - 2016-01-22 06:55 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-02-09 21:47 - 2016-01-22 06:52 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-02-09 21:47 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-02-09 21:47 - 2016-01-22 06:50 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-09 21:47 - 2016-01-22 06:48 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-09 21:47 - 2016-01-22 06:48 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-09 21:47 - 2016-01-22 06:47 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-09 21:47 - 2016-01-22 06:46 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-09 21:47 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-09 21:47 - 2016-01-22 06:31 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-09 21:47 - 2016-01-22 06:31 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-02-09 21:47 - 2016-01-22 06:28 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-02-09 21:47 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-02-09 21:47 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-02-09 21:47 - 2016-01-22 06:25 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-02-09 21:47 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-02-09 21:47 - 2016-01-22 06:08 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-09 21:47 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-09 21:47 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-02-09 21:47 - 2015-12-17 19:29 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-09 21:47 - 2015-12-17 17:17 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-08 23:17 - 2016-02-08 23:47 - 734406656 _____ C:\Users\Albert\Downloads\Młodość - La giovinezza [2015] PL.SUBBED.BDRip.XviD- KiT.avi
2016-02-07 10:03 - 2016-02-07 10:04 - 00000000 ____D C:\Users\Albert\Desktop\do sprzedania

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2016-03-07 08:06 - 2015-10-07 13:48 - 00000000 ____D C:\Users\Albert\Documents\Youcam
2016-03-07 08:04 - 2015-12-23 18:50 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-07 08:04 - 2015-10-07 13:51 - 00000000 ____D C:\Users\Albert\OneDrive
2016-03-07 08:02 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-07 08:02 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-03-07 07:57 - 2015-10-07 13:52 - 00004016 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{AE7C04D9-BE55-4F88-A6B4-D993A1C7160D}
2016-03-06 21:28 - 2015-12-23 21:34 - 00000000 ____D C:\Users\Albert\Desktop\Nowy folder
2016-03-06 19:49 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-03-06 18:03 - 2015-10-07 13:50 - 00003592 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-149791510-44931477-946137979-1001
2016-03-06 16:50 - 2016-01-30 17:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-06 12:46 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-03-06 12:45 - 2014-12-11 07:14 - 00839840 _____ C:\Windows\system32\perfh015.dat
2016-03-06 12:45 - 2014-12-11 07:14 - 00179982 _____ C:\Windows\system32\perfc015.dat
2016-03-06 12:45 - 2014-03-18 10:53 - 01968030 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-06 12:45 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-03-06 12:45 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-03-06 10:28 - 2014-12-11 00:24 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2016-03-01 17:50 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-01 17:50 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2016-02-27 17:32 - 2015-10-07 13:43 - 00001453 _____ C:\Users\Albert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-27 11:52 - 2015-10-07 13:38 - 00000000 ____D C:\Users\Albert
2016-02-25 19:06 - 2015-10-07 19:29 - 00000000 ____D C:\Users\Albert\AppData\Local\Adobe
2016-02-25 19:05 - 2015-03-14 22:25 - 00000000 ____D C:\ProgramData\McAfee
2016-02-25 17:10 - 2015-10-07 13:43 - 00000000 ____D C:\Users\Albert\AppData\Local\Packages
2016-02-23 19:54 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-23 19:52 - 2015-10-13 14:42 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-02-16 18:49 - 2015-10-22 13:42 - 00000000 ____D C:\ProgramData\Origin
2016-02-16 14:15 - 2013-08-22 15:44 - 00501848 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-16 14:11 - 2015-10-22 14:02 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-16 14:11 - 2014-03-18 10:38 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-16 14:11 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData
2016-02-11 23:30 - 2015-10-19 09:07 - 00000000 ____D C:\Windows\system32\MRT
2016-02-11 23:25 - 2015-10-19 09:06 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-10 15:35 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2016-02-09 22:13 - 2015-11-12 18:58 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-02-09 22:13 - 2015-11-12 18:58 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

==================== Pliki w katalogu głównym wybranych folderów =======

2016-02-27 11:41 - 2016-02-27 11:41 - 8003072 _____ () C:\Users\Albert\AppData\Roaming\agent.dat
2016-02-27 11:41 - 2016-02-27 11:41 - 0064752 _____ () C:\Users\Albert\AppData\Roaming\Config.xml
2016-02-27 11:40 - 2016-02-27 11:41 - 0011424 _____ () C:\Users\Albert\AppData\Roaming\InstallationConfiguration.xml
2016-02-27 11:40 - 2016-02-27 11:40 - 0127488 _____ () C:\Users\Albert\AppData\Roaming\Installer.dat
2016-02-27 11:41 - 2016-02-27 11:41 - 0018432 _____ () C:\Users\Albert\AppData\Roaming\Main.dat
2016-02-27 11:41 - 2016-02-27 11:41 - 0005568 _____ () C:\Users\Albert\AppData\Roaming\md.xml
2016-02-27 11:41 - 2016-02-27 11:41 - 0126464 _____ () C:\Users\Albert\AppData\Roaming\noah.dat
2016-02-27 11:41 - 2016-02-27 11:41 - 1894066 _____ () C:\Users\Albert\AppData\Roaming\Sontip.tst
2016-02-27 11:41 - 2016-02-27 11:41 - 0032038 _____ () C:\Users\Albert\AppData\Roaming\uninstall_temp.ico

Niektóre pliki w TEMP:
====================
C:\Users\Albert\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\Windows\system32\winlogon.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\explorer.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\services.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\User32.dll = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\User32.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys = & gt; Plik podpisany cyfrowo


LastRegBack: 2016-01-27 09:06

==================== Koniec FRST.txt ============================


Download file - link to post