Witam, Problem z time to read pojawił się kilka dni temu, usunąłem przy użycie Adw Cleaner 12 zagrożeń jednak dalej nie udało się usunąć do końca tego wirusa. Problem polega na tym że po uruchomieniu komputera samoczynnie otwiera się Firefox i jako strona startowa pojawia się właśnie time-to-read. W załączniku przesyłam Frst i Addition. Proszę o pomoc w rozwiązaniu tego problemu.
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 15-02-2017 02
Uruchomiony przez Monika (administrator) DESKTOP-JJKELE9 (17-02-2017 22:31:58)
Uruchomiony z D:\Instalki
Załadowane profile: Monika (Dostępne profile: Monika)
Platform: Windows 10 Home Wersja 1607 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: FF)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesy (filtrowane) =================
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.5.541\AsusWSWinService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(AVAST Software) C:\Program Files\AVAST Software\SecureLine\secureline.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.5.541\AsusWSPanel.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DiscSoftBusService.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
==================== Rejestr (filtrowane) ====================
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
HKLM\...\Run: [NvBackend] = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-03] (NVIDIA Corporation)
HKLM\...\Run: [WindowsDefender] = & gt; C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-25] (Microsoft Corporation)
HKLM-x32\...\Run: [WebStorage] = & gt; C:\Program Files (x86)\ASUS\WebStorage\2.2.5.541\ASUSWSLoader.exe [63272 2015-10-22] ()
HKLM-x32\...\Run: [AvastUI.exe] = & gt; C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM-x32\...\Run: [CanonQuickMenu] = & gt; C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-06-09] (CANON INC.)
HKU\S-1-5-21-1995266626-3318955745-1767398354-1001\...\Run: [DAEMON Tools Pro Agent] = & gt; C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3759376 2014-11-24] (Disc Soft Ltd)
HKU\S-1-5-21-1995266626-3318955745-1767398354-1001\...\Run: [sbhtgimowa] = & gt; explorer " hxxp://granena.ru/?utm_source=uoua03n & utm_content=e739009bccd5f1e6d71a91bff5994529 & utm_term=1F3FDD56F65E5A4F0BB4236F5919FD1F & utm_d=20170212 " & lt; ===== UWAGA
HKU\S-1-5-21-1995266626-3318955745-1767398354-1001\...\Run: [Lync] = & gt; D:\Microsoft Office\Office15\lync.exe [27951312 2016-12-13] (Microsoft Corporation)
HKU\S-1-5-21-1995266626-3318955745-1767398354-1001\...\Run: [CCleaner Monitoring] = & gt; C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-1995266626-3318955745-1767398354-1001\...\MountPoints2: {3d1401ce-00bb-11e6-8a4e-806e6f6e6963} - " E:\autorun.exe "
HKU\S-1-5-21-1995266626-3318955745-1767398354-1001\...\MountPoints2: {913eb114-efdd-11e6-8a7c-74c63b07c824} - " G:\SETUP.EXE "
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] - & gt; {6D4133E5-0742-4ADC-8A8C-9303440F7191} = & gt; C:\Program Files (x86)\Common Files\AWS\2.2.5.541\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] - & gt; {64174815-8D98-4CE6-8646-4C039977D809} = & gt; C:\Program Files (x86)\Common Files\AWS\2.2.5.541\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] - & gt; {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} = & gt; C:\Program Files (x86)\Common Files\AWS\2.2.5.541\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] - & gt; {472083B0-C522-11CF-8763-00608CC02F24} = & gt; C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-28] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2016-04-12]
ShortcutTarget: avast! SecureLine.lnk - & gt; C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)
GroupPolicy: Ograniczenia & lt; ======= UWAGA
GroupPolicy\User: Ograniczenia & lt; ======= UWAGA
==================== Internet (filtrowane) ====================
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2699cc46-64ea-4401-a9b5-832de5ae3231}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c0730898-0ac6-4300-9b3d-f951b55d8124}: [DhcpNameServer] 40.51.1.11
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1995266626-3318955745-1767398354-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
BHO: Skype for Business Browser Helper - & gt; {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - & gt; D:\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO - & gt; {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - & gt; C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO: McAfee WebAdvisor BHO - & gt; {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - & gt; c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-06] (McAfee, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO - & gt; {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - & gt; C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO-x32: Evernote extension - & gt; {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - & gt; C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-03] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: McAfee WebAdvisor BHO - & gt; {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - & gt; c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-06] (McAfee, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - & gt; {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - & gt; C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-06] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-06] (McAfee, Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Microsoft Office\Office15\MSOSB.DLL [2016-10-11] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-06] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-06] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-09-23] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-09-23] (McAfee, Inc.)
FireFox:
========
FF DefaultProfile: 31i2rg99.default
FF ProfilePath: C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\31i2rg99.default [2017-02-17]
FF user.js: detected! = & gt; C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\31i2rg99.default\user.js [2017-02-17]
FF NewTab: Mozilla\Firefox\Profiles\31i2rg99.default - & gt; about:newtab
FF Homepage: Mozilla\Firefox\Profiles\31i2rg99.default - & gt; hxxps://www.google.pl/?gws_rd=ssl
FF Session Restore: Mozilla\Firefox\Profiles\31i2rg99.default - & gt; [funkcja włączona]
FF Keyword.URL: Mozilla\Firefox\Profiles\31i2rg99.default - & gt; hxxp://go.mail.ru/distib/ep/?product_id=%7B94667FC2-A744-4598-A689-BD6B58DCA51F%7D & gp=811010
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-02-10]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2016-08-28] [Brak podpisu cyfrowego]
FF Plugin: @mcafee.com/MSC,version=10 - & gt; c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-09-23] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - & gt; C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - & gt; D:\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf - & gt; C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-04-21] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf - & gt; C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-04-21] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp - & gt; C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-04-21] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf - & gt; C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-04-21] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 - & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - & gt; c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-09-23] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - & gt; C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-13] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - & gt; C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - & gt; C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-12-13] (Microsoft Corporation)
Chrome:
=======
CHR HomePage: Default - & gt; mail.ru/cnt/11956636?rciguc__PARAM__
CHR StartupUrls: Default - & gt; " hxxp://mail.ru/cnt/10445?gp=811013 "
CHR DefaultSearchURL: Default - & gt; hxxp://go-search.ru/search?q={searchTerms}
CHR DefaultSearchKeyword: Default - & gt; gosearch
CHR DefaultSuggestURL: Default - & gt; hxxp://suggest.yandex.net/suggest-ff.cgi?part={searchTerms}
CHR Profile: C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default [2017-02-17]
CHR Extension: (Prezentacje Google) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-12]
CHR Extension: (Dokumenty Google) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-12]
CHR Extension: (Dysk Google) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-12]
CHR Extension: (YouTube) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-12]
CHR Extension: (Arkusze Google) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-12]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-12-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-16]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-17]
CHR Extension: (Визуальные Закладки Mail.Ru) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelpkepjlgmehajehfeicfbjdiobdkfj [2017-02-12]
CHR Extension: (Mail.Ru) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojlcebdkbpjdpiligkdbbkdkfjmchbfd [2017-02-12]
CHR Extension: (Gmail) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-12]
CHR Extension: (Chrome Media Router) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-17]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ccfifbojenkenpkmnbnndeadpfdiffof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [oelpkepjlgmehajehfeicfbjdiobdkfj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ojlcebdkbpjdpiligkdbbkdkfjmchbfd] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (Brak nazwy) - C:\Users\Monika\AppData\Roaming\Opera Software\Opera Stable\Extensions\ahggfmgiidlaceichjfemgbaggnbaloe [2017-02-12]
==================== Usługi (filtrowane) ====================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.5.541\AsusWSWinService.exe [75264 2015-10-22] (ASUS Cloud Corporation) [Brak podpisu cyfrowego]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [323152 2015-07-29] (Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-28] (AVAST Software)
R3 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Pro\DiscSoftBusService.exe [2216208 2014-11-24] (Disc Soft Ltd)
R2 esifsvc; C:\WINDOWS\SysWoW64\esif_uf.exe [1385640 2015-08-17] (Intel Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Brak podpisu cyfrowego]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Brak podpisu cyfrowego]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5178\wtoolex\wpsupdatesvr.exe [133480 2015-11-30] (Zhuhai Kingsoft Office Software Co.,Ltd)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188352 2017-02-06] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [993824 2016-09-23] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [379896 2015-07-03] (McAfee, Inc.)
R2 mcbootdelaystartsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe [1910000 2016-05-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [816128 2016-06-21] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-04-26] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-06-23] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [277744 2016-04-26] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1454216 2016-09-13] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2017-02-15] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184208 2017-02-15] (Electronic Arts)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1045336 2016-05-25] (Intel Security, Inc.)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-08-19] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Sterowniki (filtrowane) ======================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R3 AsusSGDrv; C:\WINDOWS\system32\DRIVERS\AsusSGDrv.sys [141304 2015-12-18] (ASUS Corporation)
R3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-28] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-28] (AVAST Software)
S3 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-28] (AVAST Software)
S3 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-28] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-28] (AVAST Software)
S3 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-28] (AVAST Software)
S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-17] (AVAST Software)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [78632 2016-04-27] (McAfee, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [53752 2015-08-17] (Intel Corporation)
R3 dptf_pch; C:\WINDOWS\System32\drivers\dptf_pch.sys [50696 2015-08-17] (Intel Corporation)
R3 dtscsibus; C:\WINDOWS\system32\DRIVERS\dtscsibus.sys [29864 2017-02-10] (Disc Soft Ltd)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [261624 2015-08-17] (Intel Corporation)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 iaLPSS_GPIO; C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys [46856 2015-06-15] (Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-26] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [419616 2016-04-27] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [349480 2016-04-27] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83608 2016-04-27] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [493352 2016-04-27] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [843048 2016-04-27] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [519456 2016-08-01] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [100136 2016-08-01] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [243488 2016-04-27] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
==================== Jeden miesiąc - utworzone pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2017-02-17 22:33 - 2017-02-17 22:33 - 00001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-02-17 22:33 - 2017-02-17 22:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-17 22:33 - 2017-02-17 22:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-17 22:33 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-02-17 22:31 - 2017-02-17 22:31 - 00000000 ____D C:\FRST
2017-02-17 21:12 - 2017-02-17 21:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-02-17 20:54 - 2017-02-17 20:48 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-02-17 20:50 - 2017-02-17 20:50 - 05741448 _____ (Microsoft Corporation) C:\Users\Monika\Downloads\Windows10Upgrade28084.exe
2017-02-17 20:50 - 2017-02-17 20:50 - 00000733 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asystent uaktualnienia do systemu Windows 10.lnk
2017-02-17 20:50 - 2017-02-17 20:50 - 00000721 _____ C:\Users\Monika\Desktop\Asystent uaktualnienia do systemu Windows 10.lnk
2017-02-17 20:50 - 2017-02-17 20:50 - 00000000 ____D C:\Windows10Upgrade
2017-02-17 17:02 - 2017-02-17 20:41 - 00000000 ____D C:\AdwCleaner
2017-02-17 17:02 - 2017-02-17 17:02 - 00000000 ____D C:\Users\Monika\Downloads\adwcleaner_6.040
2017-02-17 16:42 - 2017-02-17 16:43 - 00000000 ____D C:\Users\Monika\Desktop\Chodakowska
2017-02-17 16:39 - 2017-02-17 16:39 - 00002872 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-02-17 16:39 - 2017-02-17 16:39 - 00000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-02-17 16:39 - 2017-02-17 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-02-17 16:39 - 2017-02-17 16:39 - 00000000 ____D C:\Program Files\CCleaner
2017-02-17 16:29 - 2017-02-17 16:29 - 09261616 _____ (Piriform Ltd) C:\Users\Monika\Downloads\ccsetup527.exe.part
2017-02-17 16:05 - 2017-02-17 16:05 - 00000000 ____D C:\Users\Monika\AppData\Roaming\WildTangent
2017-02-16 22:47 - 2017-02-16 22:47 - 00044701 _____ C:\Users\Monika\Downloads\Test - Present Simple.pdf
2017-02-16 22:46 - 2017-02-16 22:46 - 00000000 ____D C:\Users\Monika\Documents\Niestandardowe szablony pakietu Office
2017-02-16 20:58 - 2017-02-16 20:59 - 00000000 ____D C:\Users\Monika\Documents\FIFA 17 Demo
2017-02-16 20:58 - 2017-02-16 20:58 - 00000000 ____D C:\ProgramData\Electronic Arts
2017-02-16 19:57 - 2017-02-16 19:57 - 00001288 _____ C:\Users\Public\Desktop\FIFA 17 DEMO.lnk
2017-02-16 19:57 - 2017-02-16 19:57 - 00000000 ___HD C:\Program Files\Common Files\EAInstaller
2017-02-16 19:57 - 2017-02-16 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 17 DEMO
2017-02-16 17:28 - 2017-02-16 17:28 - 00000000 ____D C:\Users\Monika\Documents\FIFA 16
2017-02-16 16:56 - 2017-02-16 17:33 - 00000000 ____D C:\Program Files (x86)\Origin Games
2017-02-15 18:38 - 2017-02-15 18:38 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2017-02-15 18:38 - 2017-02-15 18:38 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2017-02-15 18:28 - 2017-02-17 22:08 - 00005326 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-JJKELE9-Monika DESKTOP-JJKELE9
2017-02-15 17:58 - 2017-02-15 17:58 - 00233643 _____ C:\Users\Monika\Downloads\english adventure 3 unit test 4.pdf
2017-02-15 17:45 - 2017-02-15 17:45 - 00001068 _____ C:\Users\Public\Desktop\Origin.lnk
2017-02-15 17:45 - 2017-02-15 17:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2017-02-15 17:45 - 2017-02-15 17:45 - 00000000 ____D C:\Program Files (x86)\Origin
2017-02-15 17:34 - 2017-02-16 16:56 - 00000000 ____D C:\Users\Monika\AppData\Local\Origin
2017-02-15 17:34 - 2017-02-15 17:34 - 00000000 ____D C:\Users\Monika\.QtWebEngineProcess
2017-02-15 17:34 - 2017-02-15 17:34 - 00000000 ____D C:\Users\Monika\.Origin
2017-02-15 17:30 - 2017-02-16 17:28 - 00000000 ____D C:\ProgramData\Origin
2017-02-15 17:28 - 2017-02-16 21:51 - 00000000 ___HD C:\Users\Monika\AppData\Roaming\Origin
2017-02-15 17:28 - 2017-02-15 17:28 - 00003204 _____ C:\WINDOWS\System32\Tasks\Origin
2017-02-12 21:34 - 2017-02-12 21:34 - 00004608 _____ C:\WINDOWS\SECOH-QAD.exe
2017-02-12 21:34 - 2017-02-12 21:34 - 00003584 _____ C:\WINDOWS\SECOH-QAD.dll
2017-02-12 21:01 - 2013-03-24 05:00 - 00393728 _____ (CANON INC.) C:\WINDOWS\system32\CNMXLMBX.DLL
2017-02-12 21:00 - 2013-02-04 15:10 - 00321536 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_BXL.dll
2017-02-12 21:00 - 2012-11-09 10:43 - 00088064 _____ C:\WINDOWS\SysWOW64\CNC176DD.TBL
2017-02-12 21:00 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNHMCA.dll
2017-02-12 20:58 - 2017-02-12 20:58 - 00000000 ____D C:\Users\Monika\AppData\LocalLow\Canon Easy-WebPrint EX2
2017-02-12 20:58 - 2017-02-12 20:58 - 00000000 ____D C:\Users\Monika\AppData\LocalLow\Canon Easy-WebPrint EX
2017-02-12 20:58 - 2017-02-12 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rejestracja użytkownika drukarki Canon MG2500 series
2017-02-12 20:57 - 2017-02-12 20:58 - 00000000 ____D C:\Program Files\Canon
2017-02-12 20:56 - 2017-02-12 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2500 series Manual
2017-02-12 20:56 - 2017-02-12 20:56 - 00002439 _____ C:\Users\Public\Desktop\Canon MG2500 series Podręcznik ekranowy.lnk
2017-02-12 20:56 - 2017-02-12 20:56 - 00000000 ___HD C:\ProgramData\CanonBJ
2017-02-12 20:56 - 2013-02-04 15:12 - 00367104 _____ (CANON INC.) C:\WINDOWS\system32\CNC_BXL.dll
2017-02-12 20:56 - 2012-11-08 13:04 - 00282624 _____ (CANON INC.) C:\WINDOWS\system32\CNC_BXC.dll
2017-02-12 20:56 - 2012-11-08 13:03 - 00106496 _____ (CANON INC.) C:\WINDOWS\system32\CNC_BXI.dll
2017-02-12 20:55 - 2017-02-12 20:56 - 00000000 ___HD C:\Program Files\CanonBJ
2017-02-12 20:34 - 2017-02-12 20:34 - 00000000 __RHD C:\MSOCache
2017-02-12 20:21 - 2017-02-17 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-02-12 20:20 - 2017-02-12 20:20 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-02-12 20:20 - 2017-02-12 20:20 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2017-02-12 20:19 - 2017-02-12 20:20 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2017-02-12 20:19 - 2017-02-12 20:19 - 00000000 ____D C:\WINDOWS\PCHEALTH
2017-02-12 20:17 - 2017-02-12 20:17 - 00000000 ____D C:\WINDOWS\SHELLNEW
2017-02-12 20:17 - 2017-02-12 20:17 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2017-02-12 20:17 - 2017-02-12 20:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2017-02-11 16:12 - 2017-02-11 16:12 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2017-02-11 16:11 - 2017-02-11 16:11 - 00000000 ____D C:\Users\Monika\AppData\Local\Microsoft Help
2017-02-11 00:01 - 2017-02-11 00:01 - 00000000 __SHD C:\ProgramData\DSS
2017-02-11 00:01 - 2017-02-11 00:01 - 00000000 ____D C:\Users\Monika\Documents\My Games
2017-02-11 00:01 - 2017-02-11 00:01 - 00000000 ____D C:\ProgramData\Codemasters
2017-02-10 23:59 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2017-02-10 23:59 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2017-02-10 23:45 - 2017-02-10 23:54 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2017-02-10 23:45 - 2017-02-10 23:54 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2017-02-10 23:45 - 2017-02-10 23:54 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2017-02-10 23:45 - 2017-02-10 23:54 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2017-02-10 23:45 - 2017-02-10 23:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound
2017-02-10 23:45 - 2017-02-10 23:45 - 00000000 ____D C:\Program Files (x86)\OpenAL
2017-02-10 23:45 - 2017-02-10 23:45 - 00000000 ____D C:\Program Files (x86)\BRS
2017-02-10 23:45 - 2011-04-16 00:40 - 00809496 ____R (Creative Labs Inc.) C:\WINDOWS\SysWOW64\tmp7158.tmp
2017-02-10 23:45 - 2011-04-16 00:40 - 00809496 ____R (Creative Labs Inc.) C:\WINDOWS\SysWOW64\tmp7147.tmp
2017-02-10 23:45 - 2011-03-19 15:16 - 01417216 _____ (Blue Ripple Sound Limited) C:\WINDOWS\SysWOW64\rapture3d_oal.dll
2017-02-10 23:45 - 2010-09-22 13:12 - 19087360 _____ (Intel Corporation / Blue Ripple Sound Limited) C:\WINDOWS\SysWOW64\mkl_blueripple.dll
2017-02-10 23:45 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2017-02-10 23:45 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2017-02-10 23:45 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2017-02-10 23:45 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2017-02-10 23:45 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2017-02-10 23:45 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2017-02-10 23:45 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2017-02-10 23:45 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2017-02-10 23:45 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2017-02-10 23:24 - 2017-02-17 16:42 - 00000000 ____D C:\Users\Monika\AppData\Roaming\DAEMON Tools Pro
2017-02-10 23:24 - 2017-02-10 23:26 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Pro
2017-02-10 23:24 - 2017-02-10 23:24 - 00029864 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtscsibus.sys
2017-02-10 23:24 - 2017-02-10 23:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro
2017-02-10 23:23 - 2017-02-10 23:23 - 00000000 ____D C:\ProgramData\DAEMON Tools Pro
2017-02-10 23:22 - 2017-02-10 23:22 - 00000000 ____D C:\Users\Monika\Downloads\DAEMON Tools Pro Advanced 6.0.0.445 PL [FULL]
2017-02-01 22:07 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-02-01 22:07 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-02-01 21:58 - 2017-02-01 21:59 - 00259276 _____ C:\Users\Monika\Downloads\Curriculum Vitae Monika Kurek(1).pdf
2017-02-01 21:57 - 2017-02-01 21:57 - 00261497 _____ C:\Users\Monika\Downloads\Curriculum Vitae Monika Kurek.pdf
2017-01-28 22:26 - 2017-01-28 22:26 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-01-24 21:22 - 2016-12-23 00:13 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-01-24 21:22 - 2016-12-23 00:13 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2017-02-17 22:33 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-17 22:27 - 2015-10-30 08:24 - 00000199 _____ C:\WINDOWS\win.ini
2017-02-17 22:25 - 2017-01-09 21:56 - 00004228 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B14AF314-D146-4490-9988-273C6CAFFA7F}
2017-02-17 22:22 - 2016-09-25 18:33 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-17 22:17 - 2016-11-18 19:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-17 21:40 - 2016-11-18 20:27 - 00000000 ____D C:\Users\Monika\AppData\LocalLow\Mozilla
2017-02-17 21:40 - 2016-08-19 14:30 - 00000166 _____ C:\Users\Monika\AppData\Roaming\sp_data.sys
2017-02-17 21:07 - 2016-09-25 18:45 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-02-17 21:07 - 2016-08-19 14:30 - 00000000 __SHD C:\Users\Monika\IntelGraphicsProfiles
2017-02-17 21:06 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-17 20:55 - 2016-09-25 19:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-17 20:55 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-02-17 20:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-17 17:19 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-17 17:18 - 2016-09-25 18:33 - 00276400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-17 17:17 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-02-17 17:17 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-02-17 17:17 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-02-17 17:17 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-02-17 17:17 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-02-17 16:53 - 2016-09-12 21:26 - 00000000 ____D C:\Program Files (x86)\Google
2017-02-17 16:46 - 2016-08-19 14:30 - 00000000 ____D C:\Users\Monika\AppData\Local\Packages
2017-02-17 16:46 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-17 16:41 - 2016-09-25 19:32 - 00000000 ___DC C:\WINDOWS\Panther
2017-02-17 16:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-17 16:32 - 2015-11-30 18:39 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-02-17 16:07 - 2016-04-12 16:01 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-17 16:05 - 2015-11-30 18:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-02-17 16:05 - 2015-11-30 18:35 - 00000000 ____D C:\ProgramData\WildTangent
2017-02-17 16:01 - 2016-09-25 18:52 - 00000000 ____D C:\Users\Monika
2017-02-17 14:23 - 2016-09-25 19:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2017-02-17 14:23 - 2015-11-30 18:32 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-02-16 20:19 - 2016-10-29 14:44 - 00000000 ____D C:\Users\Monika\AppData\Local\ElevatedDiagnostics
2017-02-16 19:56 - 2015-11-30 18:33 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-15 18:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-02-15 18:55 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Common Files\System
2017-02-15 18:53 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-12 21:23 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-02-12 21:23 - 2015-10-30 08:24 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-02-12 21:01 - 2016-10-29 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2017-02-12 21:00 - 2016-10-29 14:47 - 00000000 ____D C:\Program Files (x86)\Canon
2017-02-12 21:00 - 2016-09-28 21:00 - 00004278 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2017-02-12 21:00 - 2016-07-16 12:47 - 00000000 __RSD C:\WINDOWS\Media
2017-02-12 20:57 - 2016-10-29 14:54 - 00002100 _____ C:\Users\Public\Desktop\Canon Quick Menu.lnk
2017-02-12 20:57 - 2016-10-29 14:54 - 00000000 ____D C:\ProgramData\CanonIJWSpt
2017-02-12 20:41 - 2016-10-29 15:08 - 00000000 ____D C:\Users\Monika\AppData\Roaming\Canon
2017-02-12 20:19 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-02-11 16:24 - 2015-11-30 18:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-02-10 23:02 - 2016-04-12 16:20 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-02-08 18:17 - 2016-09-26 21:04 - 00004256 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1474920294
2017-02-08 18:17 - 2016-09-26 21:04 - 00001363 _____ C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-02-07 22:21 - 2016-04-12 16:20 - 00000000 ____D C:\ProgramData\McAfee
2017-02-07 22:16 - 2016-08-19 14:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-01 22:15 - 2016-09-25 18:45 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-01-29 21:19 - 2016-12-12 17:04 - 00000000 ____D C:\Users\Monika\Desktop\Angielski
2017-01-28 22:26 - 2016-04-12 16:20 - 00000000 ____D C:\Program Files\Common Files\AV
2017-01-20 18:47 - 2016-08-19 21:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-20 18:44 - 2016-08-19 21:30 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-20 17:51 - 2016-12-13 19:58 - 00003292 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-01-20 17:51 - 2016-08-19 14:34 - 00002416 _____ C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-20 17:51 - 2016-08-19 14:34 - 00000000 ___RD C:\Users\Monika\OneDrive
==================== Pliki w katalogu głównym wybranych folderów =======
2016-08-19 14:30 - 2017-02-17 21:40 - 0000166 _____ () C:\Users\Monika\AppData\Roaming\sp_data.sys
2016-09-25 18:46 - 2016-09-25 18:46 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Pliki do przeniesienia lub usunięcia:
====================
C:\Users\Monika\AppData\Roaming\Origin\update.vbe
Niektóre pliki w TEMP:
====================
2017-02-17 16:18 - 2017-02-17 16:18 - 1228048 _____ ( ) C:\Users\Monika\AppData\Local\Temp\ICReinstall_CCleaner 5.27.5976.exe
2017-02-17 14:23 - 2017-02-15 17:28 - 0133660 _____ () C:\Users\Monika\AppData\Local\Temp\unins000.exe
==================== Bamital & volsnap ======================
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
C:\WINDOWS\system32\winlogon.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\wininit.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\explorer.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\explorer.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\svchost.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\svchost.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\services.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\User32.dll = & gt; Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\User32.dll = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\userinit.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\userinit.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\rpcss.dll = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\Drivers\volsnap.sys = & gt; Plik podpisany cyfrowo
LastRegBack: 2017-02-16 16:46
==================== Koniec FRST.txt ============================