Prosze o przejrzenie logów , wyskakujaca reklama w chrome po uruchumieniu systemu pzdr
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 02.01.2018
Uruchomiony przez Omnibus (administrator) DIODAK (10-01-2018 09:54:31)
Uruchomiony z D:\EXLCLUSIVE
Załadowane profile: Omnibus (Dostępne profile: Omnibus)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesy (filtrowane) =================
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
() C:\MSI Afterburner\MSIAfterburner.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(My Portable Software) C:\Users\Omnibus\Downloads\my_daily_wallpaper\My_Daily_Wallpaper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(BitTorrent Inc.) C:\Users\Omnibus\AppData\Roaming\BitTorrent\BitTorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BitTorrent Inc.) C:\Users\Omnibus\AppData\Roaming\BitTorrent\updates\7.10.0_43917\bittorrentie.exe
(BitTorrent Inc.) C:\Users\Omnibus\AppData\Roaming\BitTorrent\updates\7.10.0_43917\bittorrentie.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Rejestr (filtrowane) ===========================
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
HKLM\...\Run: [Bdagent] = & gt; C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [321232 2017-12-04] (Bitdefender)
HKLM-x32\...\Run: [HDAudDeck] = & gt; C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2583040 2009-09-21] (VIA)
HKLM-x32\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598040 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-806564315-1623105969-3350884956-1001\...\Run: [My Daily Wallpaper] = & gt; C:\Users\Omnibus\Downloads\my_daily_wallpaper\My_Daily_Wallpaper.exe [536576 2015-03-19] (My Portable Software)
HKU\S-1-5-21-806564315-1623105969-3350884956-1001\...\Run: [BitTorrent] = & gt; C:\Users\Omnibus\AppData\Roaming\BitTorrent\BitTorrent.exe [2150088 2017-07-02] (BitTorrent Inc.)
HKU\S-1-5-21-806564315-1623105969-3350884956-1001\...\Run: [CCleaner Monitoring] = & gt; C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd)
HKU\S-1-5-21-806564315-1623105969-3350884956-1001\...\Run: [Omnibus] = & gt; explorer.exe hxxp://ozirizsoos.info & lt; ==== UWAGA
HKU\S-1-5-21-806564315-1623105969-3350884956-1001\...\Policies\system: [EnableLUA] 0
HKU\S-1-5-21-806564315-1623105969-3350884956-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-806564315-1623105969-3350884956-1001\...\MountPoints2: G - G:\Setup.exe
HKU\S-1-5-21-806564315-1623105969-3350884956-1001\...\MountPoints2: {a5c339d6-74dd-11e6-9e16-20cf30200bf3} - F:\setup.exe
HKU\S-1-5-21-806564315-1623105969-3350884956-1001\...\MountPoints2: {a5c339da-74dd-11e6-9e16-20cf30200bf3} - F:\setup.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] = & gt; " C:\Windows\System32\SPReview\SPReview.exe " /sp:1 /errorfwlink: " hxxp://go.microsoft.com/fwlink/?LinkID=122915 " /build:7601
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
==================== Internet (filtrowane) ====================
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.100
Tcpip\..\Interfaces\{0FF57367-DE69-4FBE-8C03-3DBD7B30BE5C}: [DhcpNameServer] 192.168.1.100
Tcpip\..\Interfaces\{5C655603-C339-4D84-8764-5FE955E22898}: [DhcpNameServer] 192.168.1.100
Tcpip\..\Interfaces\{6D4B4812-3D07-4515-9A80-524AD1FEC282}: [DhcpNameServer] 192.168.1.100
Tcpip\..\Interfaces\{96A208C2-ED4B-41FF-B49C-DF44E7D62854}: [NameServer] 192.168.1.1,194.204.159.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-806564315-1623105969-3350884956-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Portfel Bitdefender - & gt; {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - & gt; C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2017-12-04] (Bitdefender)
BHO: Groove GFS Browser Helper - & gt; {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - & gt; C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-11] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files\Java\jre1.8.0_102\bin\ssv.dll [2016-10-05] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-10-05] (Oracle Corporation)
BHO-x32: Portfel Bitdefender - & gt; {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - & gt; C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2017-12-04] (Bitdefender)
BHO-x32: Groove GFS Browser Helper - & gt; {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - & gt; C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-11] (Microsoft Corporation)
Toolbar: HKLM - Portfel Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2017-12-04] (Bitdefender)
Toolbar: HKLM-x32 - Portfel Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2017-12-04] (Bitdefender)
FireFox:
========
FF DefaultProfile: 68uho8vc.default
FF ProfilePath: C:\Users\Omnibus\AppData\Roaming\Mozilla\Firefox\Profiles\68uho8vc.default [2018-01-10]
FF user.js: detected! = & gt; C:\Users\Omnibus\AppData\Roaming\Mozilla\Firefox\Profiles\68uho8vc.default\user.js [2017-06-19]
FF Extension: (Ghostery) - C:\Users\Omnibus\AppData\Roaming\Mozilla\Firefox\Profiles\68uho8vc.default\Extensions\firefox@ghostery.com.xpi [2017-12-28]
FF Extension: (Video DownloadHelper) - C:\Users\Omnibus\AppData\Roaming\Mozilla\Firefox\Profiles\68uho8vc.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-12-28]
FF Extension: (Adblock Plus) - C:\Users\Omnibus\AppData\Roaming\Mozilla\Firefox\Profiles\68uho8vc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-28]
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff [2017-12-11]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2017-12-11] [Przestarzałe] [Brak podpisu cyfrowego]
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: @java.com/DTPlugin,version=11.102.2 - & gt; C:\Program Files\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-10-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.102.2 - & gt; C:\Program Files\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-10-05] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - & gt; disabled [Brak pliku]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - & gt; c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - & gt; C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - & gt; disabled [Brak pliku]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - & gt; c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - & gt; C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - & gt; C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - & gt; C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - & gt; C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: Adobe Reader - & gt; C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Omnibus\AppData\Local\Google\Chrome\User Data\Default [2018-01-10]
CHR Extension: (YouTube) - C:\Users\Omnibus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-24]
CHR Extension: (Adblock Plus) - C:\Users\Omnibus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-26]
CHR Extension: (Bitdefender Wallet) - C:\Users\Omnibus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2018-01-09]
CHR Extension: (AdBlock) - C:\Users\Omnibus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-12-07]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Omnibus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\Omnibus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-24]
CHR Extension: (Chrome Media Router) - C:\Users\Omnibus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-15]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx
==================== Usługi (filtrowane) ====================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2017-07-20] (Advanced Micro Devices) [Brak podpisu cyfrowego]
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2119184 2017-09-26] (Bitdefender)
R2 DevMgmtService; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [103072 2017-12-04] (Bitdefender)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-08-29] (Disc Soft Ltd)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1278584 2017-10-31] (Bitdefender)
S2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2016-08-25] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-08-25] (McAfee, Inc.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [218416 2017-12-04] (Bitdefender)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2017-05-11] (VIA Technologies, Inc.)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe [1129720 2017-12-04] (Bitdefender)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Sterowniki (filtrowane) ======================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [305544 2017-07-21] (Advanced Micro Devices)
R1 atc; C:\Windows\System32\DRIVERS\atc.sys [1019880 2017-09-14] (BitDefender S.R.L. Bucharest, ROMANIA)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1763744 2017-08-23] (BitDefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [124424 2017-05-31] (BitDefender LLC)
R0 bdprivmon; C:\Windows\System32\DRIVERS\bdprivmon.sys [47376 2017-10-09] (© Bitdefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-09-07] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-09-07] (Disc Soft Ltd)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [187688 2017-05-11] (BitDefender LLC)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-05-11] (REALiX(tm))
R0 Ignis; C:\Windows\System32\DRIVERS\ignis.sys [362664 2017-08-10] (Bitdefender)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 RTCore64; C:\MSI Afterburner\RTCore64.sys [14024 2016-10-24] ()
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33960 2017-05-11] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [439576 2017-04-11] (BitDefender S.R.L.)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
==================== Jeden miesiąc - utworzone pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2018-01-10 09:53 - 2018-01-10 09:54 - 000000000 ____D C:\FRST
2018-01-10 09:07 - 2018-01-10 09:07 - 000000295 _____ C:\Users\Omnibus\Desktop\Nowy dokument tekstowy.txt
2018-01-10 08:31 - 2018-01-10 08:31 - 000000000 ____D C:\Users\Omnibus\AppData\LocalLow\BitTorrent
2018-01-09 23:46 - 2018-01-09 23:46 - 000061265 _____ C:\ProgramData\dm.1515537895.bdinstall.bin
2018-01-09 23:46 - 2018-01-09 23:46 - 000000000 ____D C:\ProgramData\Bitdefender Device Management
2018-01-09 23:40 - 2018-01-10 02:53 - 000001085 _____ C:\bdlog.txt
2018-01-09 23:19 - 2018-01-09 23:19 - 000398217 _____ C:\ProgramData\cl.1515536031.bdinstall.bin
2018-01-09 23:18 - 2018-01-09 23:18 - 000002270 _____ C:\Users\Public\Desktop\Bitdefender.lnk
2018-01-09 23:18 - 2018-01-09 23:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security
2018-01-09 23:18 - 2018-01-09 23:18 - 000000000 ____D C:\ProgramData\Atc
2018-01-09 23:17 - 2017-10-09 06:25 - 000047376 _____ (© Bitdefender SRL) C:\Windows\system32\Drivers\bdprivmon.sys
2018-01-09 23:17 - 2017-09-14 23:49 - 001019880 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\atc.sys
2018-01-09 23:17 - 2017-08-23 02:49 - 001763744 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2018-01-09 23:17 - 2015-12-04 19:27 - 000087912 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2018-01-09 23:17 - 2007-04-11 10:11 - 000511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2018-01-09 23:16 - 2018-01-09 23:24 - 000000000 ____D C:\Users\Omnibus\AppData\Roaming\Bitdefender
2018-01-09 23:16 - 2017-08-10 03:40 - 000362664 _____ (Bitdefender) C:\Windows\system32\Drivers\ignis.sys
2018-01-09 23:14 - 2018-01-09 23:44 - 000000000 ____D C:\Program Files\Bitdefender
2018-01-09 23:14 - 2018-01-09 23:33 - 000000000 ____D C:\ProgramData\Bitdefender
2018-01-09 23:14 - 2018-01-09 23:14 - 000000000 ____D C:\Users\Omnibus\AppData\Roaming\QuickScan
2018-01-09 23:02 - 2018-01-09 23:14 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2018-01-09 22:54 - 2018-01-10 08:33 - 000003648 _____ C:\Windows\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2018-01-09 22:52 - 2018-01-09 22:52 - 000049157 _____ C:\ProgramData\agent.1515534717.bdinstall.bin
2018-01-09 22:51 - 2018-01-09 23:04 - 000000000 ____D C:\Program Files\Bitdefender Agent
2018-01-09 22:51 - 2018-01-09 22:51 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2018-01-09 02:19 - 2018-01-09 02:42 - 000000000 ____D C:\Users\Omnibus\AppData\Roaming\SpinTires MudRunner
2018-01-09 02:19 - 2018-01-09 02:19 - 000000000 ____D C:\Users\Omnibus\AppData\Roaming\SmartSteamEmu
2018-01-09 02:16 - 2018-01-09 02:16 - 000000845 _____ C:\Users\Public\Desktop\Spintires MudRunner.lnk
2018-01-09 02:15 - 2018-01-09 02:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spintires MudRunner
2018-01-09 02:13 - 2018-01-09 02:13 - 000000000 ____D C:\Users\Omnibus\AppData\Roaming\Saber Interactive
2018-01-05 13:58 - 2018-01-05 13:58 - 000320590 _____ C:\Users\Omnibus\Desktop\Konrad.Koper.pdf
2018-01-05 12:21 - 2018-01-05 13:12 - 000264600 _____ C:\Users\Omnibus\Desktop\Konrad_Koper.pdf
2018-01-05 11:32 - 2018-01-05 12:32 - 000195431 _____ C:\Users\Omnibus\Desktop\Konrad_KoperCV.pdf
2018-01-03 22:04 - 2018-01-03 22:04 - 000000000 ____D C:\Users\Omnibus\Documents\1C SoftClub
2018-01-03 22:01 - 2018-01-03 22:01 - 000000776 _____ C:\Users\Omnibus\Desktop\IL 2 Sturmovik Cliffs of Dover Blitz.lnk
2017-12-23 21:39 - 2017-12-23 21:39 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2017-12-23 21:39 - 2017-12-23 21:39 - 000410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll
2017-12-23 21:39 - 2017-12-23 21:39 - 000113543 _____ C:\Windows\SysWOW64\slmgr.vbs
2017-12-23 21:39 - 2017-12-23 21:39 - 000002048 _____ C:\Windows\SysWOW64\winver.exe
2017-12-23 21:39 - 2017-12-23 21:39 - 000001536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll
==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2018-01-10 09:52 - 2016-08-25 09:54 - 000000000 ____D C:\Users\Omnibus\AppData\Roaming\BitTorrent
2018-01-10 08:31 - 2017-05-17 23:04 - 000000000 ____D C:\Users\Omnibus\Downloads\my_daily_wallpaper
2018-01-10 08:31 - 2017-02-28 01:56 - 000000000 ____D C:\MSI Afterburner
2018-01-10 08:30 - 2017-12-10 00:48 - 000000424 _____ C:\Windows\Tasks\Nero TuneItUp PRO (Autopilot.exe).job
2018-01-10 08:29 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-01-10 02:54 - 2016-08-24 16:13 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2018-01-10 02:54 - 2009-07-14 05:45 - 000010128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-01-10 02:54 - 2009-07-14 05:45 - 000010128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-01-10 02:53 - 2017-10-08 23:10 - 000002982 _____ C:\Windows\System32\Tasks\MSIAfterburner
2018-01-09 23:35 - 2016-08-25 10:17 - 000000000 ____D C:\Users\Omnibus\AppData\Roaming\MPC-HC
2018-01-09 23:18 - 2017-03-30 13:40 - 000000000 ____D C:\ProgramData\BDLogging
2018-01-09 23:11 - 2017-03-29 01:05 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2018-01-09 23:10 - 2017-03-29 14:10 - 000000085 _____ C:\Windows\wininit.ini
2018-01-09 23:10 - 2017-03-29 01:05 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-01-09 23:05 - 2016-08-24 16:23 - 000000000 ____D C:\ProgramData\AVAST Software
2018-01-09 21:14 - 2016-10-25 10:57 - 000000000 ____D C:\AdwCleaner
2018-01-09 19:15 - 2016-11-19 18:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-01-09 18:57 - 2017-12-10 00:45 - 000000000 ____D C:\ProgramData\Nero
2018-01-09 18:57 - 2017-03-29 16:23 - 000000000 ____D C:\Users\Omnibus\AppData\LocalLow\IObit
2018-01-09 17:29 - 2016-10-06 14:34 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-01-09 17:28 - 2017-12-10 00:48 - 000003374 _____ C:\Windows\System32\Tasks\SkipUAC Bezpieczne usuwanie zawartości Kosza
2018-01-09 17:28 - 2017-12-10 00:48 - 000003368 _____ C:\Windows\System32\Tasks\SkipUAC Oczyszczanie rejestru
2018-01-09 17:28 - 2017-12-10 00:48 - 000003366 _____ C:\Windows\System32\Tasks\SkipUAC Usuwanie śladów internetowych
2018-01-09 17:28 - 2017-12-10 00:48 - 000003358 _____ C:\Windows\System32\Tasks\SkipUAC Oszczędność energii
2018-01-09 17:28 - 2017-12-10 00:48 - 000003354 _____ C:\Windows\System32\Tasks\SkipUAC Optymalizacja usług Windows
2018-01-09 17:28 - 2017-12-10 00:48 - 000003352 _____ C:\Windows\System32\Tasks\SkipUAC Optymalizacja autostartu
2018-01-09 17:28 - 2017-12-10 00:48 - 000003350 _____ C:\Windows\System32\Tasks\SkipUAC Defragmentacja dysków
2018-01-09 17:28 - 2017-12-10 00:48 - 000002808 _____ C:\Windows\System32\Tasks\Nero TuneItUp PRO (Autopilot.exe)
2018-01-09 17:28 - 2017-12-09 22:30 - 000003496 _____ C:\Windows\System32\Tasks\Omnibus
2018-01-09 17:28 - 2016-10-06 23:38 - 000002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-01-09 17:28 - 2016-09-06 09:33 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-01-09 17:28 - 2016-08-24 16:17 - 000003480 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-01-09 17:28 - 2016-08-24 16:17 - 000003352 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-01-09 16:42 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-01-09 16:16 - 2016-09-07 17:15 - 000000000 ____D C:\Users\Omnibus\AppData\Roaming\DAEMON Tools Lite
2018-01-09 11:45 - 2016-08-24 16:18 - 000002201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-09 11:45 - 2016-08-24 16:18 - 000002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-01-09 00:29 - 2016-10-04 16:15 - 000000000 ____D C:\Users\Omnibus\Documents\My Games
2018-01-07 02:29 - 2016-11-23 21:22 - 000000000 ____D C:\Users\Omnibus\AppData\LocalLow\Mozilla
2017-12-28 10:42 - 2017-03-29 16:23 - 000000000 ____D C:\Users\Omnibus\AppData\Roaming\IObit
2017-12-28 10:42 - 2017-03-29 16:23 - 000000000 ____D C:\ProgramData\IObit
2017-12-28 00:31 - 2016-12-25 09:16 - 000000000 ____D C:\Windows\Minidump
2017-12-22 01:22 - 2016-10-31 13:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-12-12 12:22 - 2009-07-14 18:55 - 000740098 _____ C:\Windows\system32\perfh015.dat
2017-12-12 12:22 - 2009-07-14 18:55 - 000155672 _____ C:\Windows\system32\perfc015.dat
2017-12-12 12:22 - 2009-07-14 06:13 - 001669190 _____ C:\Windows\system32\PerfStringBackup.INI
2017-12-11 21:33 - 2017-04-15 10:57 - 000000015 _____ C:\Users\Omnibus\AppData\Local\X-Plane_drm_11.prf
==================== Pliki w katalogu głównym wybranych folderów =======
2017-04-11 21:38 - 2017-04-11 21:38 - 000000017 _____ () C:\Users\Omnibus\AppData\Local\resmon.resmoncfg
2017-04-15 10:57 - 2017-12-11 21:33 - 000000015 _____ () C:\Users\Omnibus\AppData\Local\X-Plane_drm_11.prf
2017-04-15 10:54 - 2017-04-15 10:54 - 000000040 _____ () C:\Users\Omnibus\AppData\Local\x-plane_install_11.txt
==================== Bamital & volsnap ======================
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
C:\Windows\system32\winlogon.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\wininit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\explorer.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\services.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\User32.dll
[2016-08-30 12:16] - [2015-11-10 19:55] - 001008640 _____ (Microsoft Corporation) E573BD9AB55C8E333C202B9E255F972E
C:\Windows\SysWOW64\User32.dll
[2017-12-23 21:39] - [2017-12-23 21:39] - 000833024 _____ (Microsoft Corporation) 2C9CC9F492CA596B1B9FC1AE5E916356
C:\Windows\system32\userinit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys = & gt; Plik podpisany cyfrowo
LastRegBack: 2018-01-08 07:50
==================== Koniec FRST.txt ============================