Przeskanowane zalaczam pliki
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 18-01-2017
Uruchomiony przez OskiAWP (administrator) XXX (21-01-2017 17:37:47)
Uruchomiony z C:\Users\OskiAWP\Downloads
Załadowane profile: OskiAWP (Dostępne profile: OskiAWP)
Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesy (filtrowane) =================
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.0.50\NSBU.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.0.50\NSBU.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Malwarebytes) E:\Anti-Malware\MBAMService.exe
(Malwarebytes) E:\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Highresolution Enterprises) E:\Tibia\X mouse buttom\XMouseButtonControl.exe
(Valve Corporation) E:\Steam\Steam.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Rejestr (filtrowane) ====================
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
HKLM\...\Run: [NvBackend] = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] = & gt; C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [XMouseButtonControl] = & gt; E:\Tibia\X mouse buttom\XMouseButtonControl.exe [1091568 2015-03-03] (Highresolution Enterprises)
HKLM\...\Run: [Malwarebytes TrayApp] = & gt; E:\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM-x32\...\Run: [GrooveMonitor] = & gt; C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-2613713000-1800714837-4235397282-1000\...\Run: [Steam] = & gt; E:\Steam\steam.exe [2881824 2017-01-19] (Valve Corporation)
HKU\S-1-5-21-2613713000-1800714837-4235397282-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2613713000-1800714837-4235397282-1000\...\MountPoints2: {3a96735e-c4f8-11e5-ba0e-8c89a5837d24} - J:\HiSuiteDownLoader.exe
ShellIconOverlayIdentifiers: [ OverlayExcluded] - & gt; {4433A54A-1AC8-432F-90FC-85F045CF383C} = & gt; C:\Program Files (x86)\Norton Security with Backup\Engine64\22.8.0.50\buShell.dll [2016-09-23] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] - & gt; {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} = & gt; C:\Program Files (x86)\Norton Security with Backup\Engine64\22.8.0.50\buShell.dll [2016-09-23] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] - & gt; {476D0EA3-80F9-48B5-B70B-05E677C9C148} = & gt; C:\Program Files (x86)\Norton Security with Backup\Engine64\22.8.0.50\buShell.dll [2016-09-23] (Symantec Corporation)
Startup: C:\Users\OskiAWP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Powiadomienia monitorowania tuszu - HP Deskjet 3510 series.lnk [2017-01-21]
ShortcutTarget: Powiadomienia monitorowania tuszu - HP Deskjet 3510 series.lnk - & gt; C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (filtrowane) ====================
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{FD48B86D-9A7C-4C57-A7AF-416E862030D7}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2613713000-1800714837-4235397282-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKU\S-1-5-21-2613713000-1800714837-4235397282-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp
SearchScopes: HKLM-x32 - & gt; ielnksrch URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2613713000-1800714837-4235397282-1000 - & gt; {ielnksrch} URL = hxxp://www.bing.com/search?q={searchTerms}
BHO: Norton Identity Protection - & gt; {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - & gt; C:\Program Files (x86)\Norton Security with Backup\Engine64\22.8.0.50\coIEPlg.dll [2016-09-23] (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files\Java\jre7\bin\ssv.dll [2016-10-03] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files\Java\jre7\bin\jp2ssv.dll [2016-10-03] (Oracle Corporation)
BHO-x32: Norton Identity Protection - & gt; {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - & gt; C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.0.50\coIEPlg.dll [2016-09-23] (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - & gt; {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - & gt; C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2016-10-03] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2016-10-03] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine64\22.8.0.50\coIEPlg.dll [2016-09-23] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.0.50\coIEPlg.dll [2016-09-23] (Symantec Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.8.0.50\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.8.0.50\coFFAddon [2017-01-21]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.8.0.50\coFFAddon
FF Plugin: @adobe.com/FlashPlayer - & gt; C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-10] ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - & gt; C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2016-10-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - & gt; C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2016-10-03] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - & gt; disabled [Brak pliku]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - & gt; C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - & gt; C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - & gt; C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - & gt; C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2016-10-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - & gt; C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2016-10-03] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - & gt; disabled [Brak pliku]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - & gt; C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - & gt; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-09-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - & gt; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-09-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - & gt; C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - & gt; C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
Chrome:
=======
CHR HomePage: Default - & gt; hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpdxsybOcAN5r0oVcgSBneLfnkMYKDbWPkEombjY_aaRBh8d7F2ElY6C5JeopVPZB7H4x1J_P_tTYUxG1l86HhMKplOjPS2JY4lALBsB6lEyEuGAxWd1AquCCVGk5WOX_M8MXQ2-16qHO7-cbZOrpvYgijXBtjE,
CHR StartupUrls: Default - & gt; " hxxp://google.pl/ "
CHR Profile: C:\Users\OskiAWP\AppData\Local\Google\Chrome\User Data\Default [2017-01-21]
CHR Extension: (Prezentacje Google) - C:\Users\OskiAWP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-15]
CHR Extension: (Dokumenty Google) - C:\Users\OskiAWP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-15]
CHR Extension: (Dysk Google) - C:\Users\OskiAWP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-15]
CHR Extension: (YouTube) - C:\Users\OskiAWP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-15]
CHR Extension: (Adblock Plus) - C:\Users\OskiAWP\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-11-20]
CHR Extension: (Norton Security Toolbar) - C:\Users\OskiAWP\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-01-21]
CHR Extension: (Slither.io Mods) - C:\Users\OskiAWP\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnlenmmkifnhllnjfoangnjokeadhbbk [2016-05-12]
CHR Extension: (Google Search) - C:\Users\OskiAWP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-15]
CHR Extension: (Tampermonkey) - C:\Users\OskiAWP\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-12-11]
CHR Extension: (Tpay.com) - C:\Users\OskiAWP\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmbhnokcfchfkdgechgkhcfekdfpdjld [2017-01-15]
CHR Extension: (Arkusze Google) - C:\Users\OskiAWP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-15]
CHR Extension: (LoungeDestroyer) - C:\Users\OskiAWP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2016-10-17]
CHR Extension: (AdBlock) - C:\Users\OskiAWP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-12-30]
CHR Extension: (Norton Identity Safe) - C:\Users\OskiAWP\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2017-01-21]
CHR Extension: (Ghostery) - C:\Users\OskiAWP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2017-01-12]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\OskiAWP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-18]
CHR Extension: (Gmail) - C:\Users\OskiAWP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-15]
CHR Extension: (Chrome Media Router) - C:\Users\OskiAWP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.0.50\Exts\Chrome.crx [2017-01-21]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.0.50\Exts\Chrome.crx [2017-01-21]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Usługi (filtrowane) ====================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 MBAMService; E:\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
R2 NSBU; C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.1.14\NSBU.exe [289080 2016-11-12] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-01-12] (Microsoft Corporation)
S4 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]
===================== Sterowniki (filtrowane) ======================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.8.0.50\Definitions\BASHDefs\20170118.001\BHDrvx64.sys [1874136 2017-01-18] (Symantec Corporation)
R1 ccSet_NSBU; C:\Windows\system32\drivers\NSBUx64\1608010.00E\ccSetx64.sys [174328 2016-09-23] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497368 2017-01-20] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156888 2017-01-20] (Symantec Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77416 2016-12-14] ()
R1 IDSVia64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.8.0.50\Definitions\IPSDefs\20170120.001\IDSvia64.sys [1038024 2017-01-20] (Symantec Corporation)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [176064 2017-01-21] (Malwarebytes)
S3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [102856 2017-01-21] (Malwarebytes)
S3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-01-21] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [250816 2017-01-21] (Malwarebytes)
S3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [81696 2017-01-21] (Malwarebytes)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 SRTSP; C:\Windows\system32\drivers\NSBUx64\1608000.032\SRTSP64.SYS [784624 2016-09-23] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NSBUx64\1608010.00E\SRTSPX64.SYS [49400 2016-11-12] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NSBUx64\1608010.00E\SYMEFASI64.SYS [1628888 2016-11-12] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100592 2017-01-21] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NSBUx64\1608010.00E\Ironx64.SYS [289520 2016-11-12] (Symantec Corporation)
R3 SymNetS; C:\Windows\system32\drivers\NSBUx64\1608000.032\SYMNETS.SYS [567512 2016-09-23] (Symantec Corporation)
S3 NAVENG; \??\C:\Program Files (x86)\Norton Security with Backup\NortonData\22.8.0.50\Definitions\SDSDefs\20160915.023\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security with Backup\NortonData\22.8.0.50\Definitions\SDSDefs\20160915.023\EX64.SYS [X]
==================== NetSvcs (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
==================== Jeden miesiąc - utworzone pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2017-01-21 17:37 - 2017-01-21 17:37 - 00018785 _____ C:\Users\OskiAWP\Downloads\FRST.txt
2017-01-21 17:37 - 2017-01-21 17:37 - 00000000 ____D C:\FRST
2017-01-21 17:36 - 2017-01-21 17:36 - 02419712 _____ (Farbar) C:\Users\OskiAWP\Downloads\FRST64.exe
2017-01-21 16:19 - 2017-01-21 16:19 - 00000000 ____D C:\Windows\System32\Tasks\Remediation
2017-01-21 16:19 - 2017-01-21 16:19 - 00000000 ____D C:\Program Files\Common Files\AV
2017-01-21 15:38 - 2017-01-21 15:38 - 00007605 _____ C:\Users\OskiAWP\AppData\Local\Resmon.ResmonCfg
2017-01-21 15:25 - 2017-01-21 15:25 - 00000000 ____D C:\Windows\System32\Tasks\Norton Security with Backup
2017-01-21 15:24 - 2017-01-21 15:24 - 00100592 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2017-01-21 15:24 - 2017-01-21 15:24 - 00008319 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2017-01-21 15:24 - 2017-01-21 15:24 - 00002494 _____ C:\Users\Public\Desktop\Norton Security with Backup.lnk
2017-01-21 15:24 - 2017-01-21 15:24 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2017-01-21 15:23 - 2017-01-21 16:52 - 00000000 ____D C:\Windows\system32\Drivers\NSBUx64
2017-01-21 15:23 - 2017-01-21 15:24 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security with Backup
2017-01-21 15:23 - 2017-01-21 15:23 - 00000000 ____D C:\ProgramData\NortonInstaller
2017-01-21 15:23 - 2017-01-21 15:23 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2017-01-21 15:23 - 2017-01-21 15:23 - 00000000 ____D C:\Program Files (x86)\Norton Security with Backup
2017-01-21 15:21 - 2017-01-21 15:33 - 00000000 ____D C:\Users\OskiAWP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2017-01-21 15:21 - 2017-01-21 15:33 - 00000000 ____D C:\ProgramData\Norton
2017-01-21 15:21 - 2017-01-21 15:31 - 00001208 _____ C:\Users\OskiAWP\Desktop\Norton Installation Files.lnk
2017-01-21 15:21 - 2017-01-21 15:21 - 00000000 ____D C:\Users\Public\Downloads\Norton
2017-01-21 15:20 - 2017-01-21 15:20 - 01101280 _____ (Symantec Corporation) C:\Users\OskiAWP\Downloads\NSPremiumDownloader.exe
2017-01-21 02:24 - 2017-01-21 02:24 - 00211746 _____ C:\Windows\ntbtlog.txt
2017-01-21 02:08 - 2017-01-21 02:08 - 00176064 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-01-21 02:07 - 2017-01-21 02:13 - 00102856 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-01-21 02:07 - 2017-01-21 02:12 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-21 02:07 - 2017-01-21 02:12 - 00081696 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-01-21 02:07 - 2017-01-21 02:12 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-01-21 02:07 - 2017-01-21 02:07 - 00000598 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-01-21 02:07 - 2017-01-21 02:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-01-21 02:07 - 2017-01-21 02:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-21 02:07 - 2016-12-14 12:55 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-01-21 02:05 - 2017-01-21 02:05 - 00000000 ____D C:\Users\OskiAWP\AppData\LocalLow\Oracle
2017-01-21 02:04 - 2017-01-21 02:05 - 54199488 _____ (Malwarebytes ) C:\Users\OskiAWP\Downloads\mb3-setup-consumer-3.0.5.1299.exe
2017-01-21 00:55 - 2017-01-21 00:55 - 00000000 ____D C:\Users\OskiAWP\AppData\Local\ESET
2017-01-21 00:54 - 2017-01-21 00:55 - 06776960 _____ (ESET spol. s r.o.) C:\Users\OskiAWP\Downloads\ESETOnlineScanner_PLK.exe
2017-01-20 20:31 - 2017-01-21 02:11 - 00000668 _____ C:\Users\OskiAWP\Desktop\Tibialyzer v1.4.2.lnk
2017-01-20 20:31 - 2017-01-21 02:11 - 00000668 _____ C:\Users\OskiAWP\Desktop\Tibia.lnk
2017-01-20 20:31 - 2017-01-21 02:11 - 00000668 _____ C:\Users\OskiAWP\Desktop\Spellcaster.lnk
2017-01-20 20:31 - 2017-01-21 02:11 - 00000668 _____ C:\Users\OskiAWP\Desktop\PA Modern 9.4.lnk
2017-01-20 20:31 - 2017-01-21 02:11 - 00000668 _____ C:\Users\OskiAWP\Desktop\Nowy folder.lnk
2017-01-20 20:31 - 2017-01-21 02:11 - 00000668 _____ C:\Users\OskiAWP\Desktop\misia.lnk
2017-01-20 20:31 - 2017-01-21 02:11 - 00000668 _____ C:\Users\OskiAWP\Desktop\map.lnk
2017-01-20 20:31 - 2017-01-21 02:11 - 00000668 _____ C:\Users\OskiAWP\Desktop\kclient_v1.lnk
2017-01-20 20:31 - 2017-01-21 02:11 - 00000668 _____ C:\Users\OskiAWP\Desktop\cfg.lnk
2017-01-20 20:31 - 2017-01-20 20:31 - 00001090 _____ C:\Program Files (x86).lnk
2017-01-20 20:31 - 2017-01-20 20:31 - 00001066 _____ C:\Program Files.lnk
2017-01-20 20:31 - 2017-01-20 20:31 - 00001046 _____ C:\PerfLogs.lnk
2017-01-20 20:31 - 2017-01-20 20:31 - 00001042 _____ C:\Windows.lnk
2017-01-20 20:31 - 2017-01-20 20:31 - 00001034 _____ C:\Users.lnk
2017-01-20 18:54 - 2017-01-20 20:31 - 02614232 _____ C:\Users\OskiAWP\AppData\Roaming\2554759421
2017-01-20 17:14 - 2017-01-20 18:54 - 01070677 _____ C:\Users\OskiAWP\Downloads\VchuP_2014_34_5 (1).pdf
2017-01-20 17:08 - 2017-01-20 18:54 - 01070677 _____ C:\Users\OskiAWP\Downloads\VchuP_2014_34_5.pdf
2017-01-20 16:58 - 2017-01-20 16:58 - 00102844 _____ C:\Users\OskiAWP\Downloads\RESOCJALIZACJA ZAJECIA 22-10-2016.pptx
2017-01-20 14:17 - 2017-01-20 14:17 - 37323946 _____ (CipSoft GmbH ) C:\Users\OskiAWP\Downloads\tibia1000 (3).exe
2017-01-18 14:35 - 2017-01-18 15:13 - 00000000 ____D C:\Users\OskiAWP\medivia
2017-01-18 14:35 - 2017-01-18 14:35 - 00000583 _____ C:\Users\Public\Desktop\Medivia Online - OpenGL.lnk
2017-01-18 14:35 - 2017-01-18 14:35 - 00000583 _____ C:\Users\Public\Desktop\Medivia Online - DirectX.lnk
2017-01-18 14:35 - 2017-01-18 14:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medivia Online
2017-01-18 14:34 - 2017-01-18 14:34 - 16204022 _____ (COMADSOFT ) C:\Users\OskiAWP\Downloads\medivia-2.0.1-windows-32bits.exe
2017-01-12 14:41 - 2017-01-12 14:44 - 00014117 _____ C:\Users\OskiAWP\Downloads\responder.txt
2017-01-08 21:40 - 2017-01-20 18:54 - 00048320 _____ C:\Users\OskiAWP\Downloads\Test-klasy-maturalne.odt
2017-01-07 23:35 - 2017-01-07 23:35 - 00000626 _____ C:\Users\OskiAWP\Desktop\wplata wahadla.txt
2017-01-07 12:30 - 2017-01-07 12:31 - 37017729 _____ (CipSoft GmbH ) C:\Users\OskiAWP\Downloads\tibia1000 (2).exe
2016-12-30 13:12 - 2016-12-30 16:01 - 00000148 _____ C:\Users\OskiAWP\Desktop\HUnted.txt
==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2017-01-21 17:25 - 2009-07-14 05:45 - 00016880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-21 17:25 - 2009-07-14 05:45 - 00016880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-21 16:49 - 2016-10-03 22:09 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-21 16:31 - 2011-04-12 14:21 - 00749304 _____ C:\Windows\system32\perfh015.dat
2017-01-21 16:31 - 2011-04-12 14:21 - 00160782 _____ C:\Windows\system32\perfc015.dat
2017-01-21 16:31 - 2009-07-14 06:13 - 01696926 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-21 16:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-21 16:24 - 2016-01-15 20:07 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-21 16:24 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-21 02:37 - 2016-01-15 20:03 - 00000000 ____D C:\Users\OskiAWP\AppData\Local\VirtualStore
2017-01-21 02:30 - 2016-12-14 16:05 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-01-21 01:57 - 2016-01-15 22:08 - 00000000 ____D C:\Users\OskiAWP\AppData\Roaming\TS3Client
2017-01-20 19:02 - 2016-11-21 13:22 - 39873658 _____ C:\Users\OskiAWP\Downloads\Tibialyzer.v1.4.2.zip
2017-01-20 19:02 - 2016-11-18 19:44 - 00032677 _____ C:\Users\OskiAWP\Downloads\blackdmc_10.99.zip
2017-01-20 19:02 - 2016-11-18 13:50 - 20837143 _____ C:\Users\OskiAWP\Downloads\Tibialyzer.v1.3.0.zip
2017-01-20 19:02 - 2016-10-21 15:04 - 00158454 _____ C:\Users\OskiAWP\Downloads\The.Settlers.7.zip
2017-01-20 19:02 - 2016-10-18 15:49 - 00158633 _____ C:\Users\OskiAWP\Downloads\Need.for.Speed.Most.Wanted.2005 (1).zip
2017-01-20 19:02 - 2016-10-18 14:24 - 00158633 _____ C:\Users\OskiAWP\Downloads\Need.for.Speed.Most.Wanted.2005.zip
2017-01-20 19:02 - 2016-10-18 09:09 - 00874253 _____ C:\Users\OskiAWP\Downloads\download.zip
2017-01-20 19:02 - 2016-10-03 21:56 - 376333334 _____ C:\Users\OskiAWP\Downloads\aio210.zip
2017-01-20 19:02 - 2016-10-03 21:46 - 06189682 _____ C:\Users\OskiAWP\Downloads\dlls.zip
2017-01-20 19:02 - 2016-10-03 21:18 - 00462741 _____ C:\Users\OskiAWP\Downloads\msvcr120.zip
2017-01-20 19:02 - 2016-10-03 18:05 - 00390758 _____ C:\Users\OskiAWP\Downloads\taskersetup-www-legalne-info--[www.legalne.info].7z
2017-01-20 19:02 - 2016-10-01 17:02 - 01089662 _____ C:\Users\OskiAWP\Downloads\map.rar
2017-01-20 19:02 - 2016-10-01 12:11 - 17135947 _____ C:\Users\OskiAWP\Downloads\kclient_v2.zip
2017-01-20 19:02 - 2016-09-22 10:12 - 05925042 _____ C:\Users\OskiAWP\Downloads\Classictibia.zip
2017-01-20 19:02 - 2016-07-15 13:14 - 00873620 _____ C:\Users\OskiAWP\Downloads\tibiacast_3_1_63_0.zip
2017-01-20 19:02 - 2016-06-18 09:06 - 00872506 _____ C:\Users\OskiAWP\Downloads\tibiacast_3_1_62_0.zip
2017-01-20 19:02 - 2016-06-01 09:12 - 00873339 _____ C:\Users\OskiAWP\Downloads\tibiacast_3_1_61_0.zip
2017-01-20 19:02 - 2016-05-18 10:02 - 19953109 _____ C:\Users\OskiAWP\Downloads\Tibialyzer.v1.2.1.zip
2017-01-20 19:02 - 2016-05-04 09:04 - 05101024 _____ C:\Users\OskiAWP\Downloads\Client.rar
2017-01-20 19:02 - 2016-05-04 08:34 - 00873058 _____ C:\Users\OskiAWP\Downloads\tibiacast_3_1_60_0.zip
2017-01-20 19:02 - 2016-04-14 09:26 - 00858804 _____ C:\Users\OskiAWP\Downloads\tibiacast_3_1_59_0.zip
2017-01-20 19:02 - 2016-02-27 12:22 - 00858181 _____ C:\Users\OskiAWP\Downloads\tibiacast_3_1_58_0 (1).zip
2017-01-20 19:02 - 2016-02-27 12:19 - 00032422 _____ C:\Users\OskiAWP\Downloads\blackdmc_10.91.zip
2017-01-20 19:02 - 2016-02-27 12:15 - 00858181 _____ C:\Users\OskiAWP\Downloads\tibiacast_3_1_58_0.zip
2017-01-20 19:02 - 2016-01-16 18:02 - 04957903 _____ C:\Users\OskiAWP\Downloads\Leatrix_Latency_Fix_3.03.zip
2017-01-20 19:02 - 2016-01-16 13:51 - 00000298 _____ C:\Users\OskiAWP\Downloads\Tibia-C-Maps.zip
2017-01-20 19:02 - 2016-01-16 00:21 - 00858947 _____ C:\Users\OskiAWP\Downloads\tibiacast_3_1_57_0.zip
2017-01-20 18:54 - 2016-12-14 16:02 - 00047729 _____ C:\Users\OskiAWP\Downloads\Wniosek_Karta_Kierowcy.pdf
2017-01-20 18:54 - 2016-11-18 20:36 - 00063578 _____ C:\Users\OskiAWP\Downloads\pko_trans_details_161118_203602.pdf
2017-01-20 18:54 - 2016-11-03 18:29 - 10273939 _____ C:\Users\OskiAWP\Downloads\W1 (1).pdf
2017-01-20 18:54 - 2016-11-03 18:28 - 09165364 _____ C:\Users\OskiAWP\Downloads\W2 (1).pdf
2017-01-20 18:54 - 2016-11-03 18:26 - 10273939 _____ C:\Users\OskiAWP\Downloads\W1.pdf
2017-01-20 18:54 - 2016-11-03 18:25 - 09165364 _____ C:\Users\OskiAWP\Downloads\W2.pdf
2017-01-20 18:54 - 2016-11-03 16:41 - 02474897 _____ C:\Users\OskiAWP\Downloads\Miron Porsche Cayenne GTS.pdf
2017-01-20 18:54 - 2016-10-26 14:29 - 00194627 _____ C:\Users\OskiAWP\Documents\Scan0002.pdf
2017-01-20 18:54 - 2016-10-18 09:11 - 01224950 _____ C:\Users\OskiAWP\Downloads\Scan_Doc0004.pdf
2017-01-20 18:54 - 2016-10-18 09:11 - 00660105 _____ C:\Users\OskiAWP\Downloads\polisa ubezpieczeniowa.pdf
2017-01-20 18:54 - 2016-10-18 09:10 - 01119338 _____ C:\Users\OskiAWP\Downloads\Scan_Doc0006.pdf
2017-01-20 18:54 - 2016-10-18 09:09 - 00643760 _____ C:\Users\OskiAWP\Downloads\Scan_Doc0009.pdf
2017-01-20 18:54 - 2016-09-21 11:57 - 00069449 _____ C:\Users\OskiAWP\Downloads\Potwierdzenie_Transakcji_160921_125703.pdf
2017-01-20 18:54 - 2016-09-21 11:51 - 00071357 _____ C:\Users\OskiAWP\Downloads\Historia_Rachunku_160921_125140.pdf
2017-01-20 18:54 - 2016-09-21 11:49 - 00078365 _____ C:\Users\OskiAWP\Downloads\Historia_Rachunku_160921_124955.pdf
2017-01-20 18:54 - 2016-09-07 12:45 - 00207900 _____ C:\Users\OskiAWP\Documents\Scan0001.pdf
2017-01-20 18:54 - 2016-08-24 10:42 - 00120488 _____ C:\Users\OskiAWP\Downloads\ubezp 2.pdf
2017-01-20 18:54 - 2016-08-24 10:42 - 00120234 _____ C:\Users\OskiAWP\Downloads\pani magda ubezpieczenie.pdf
2017-01-20 18:54 - 2016-08-18 10:06 - 00075753 _____ C:\Users\OskiAWP\Downloads\history_160818_110610.pdf
2017-01-20 18:54 - 2016-08-18 10:03 - 00062730 _____ C:\Users\OskiAWP\Downloads\pko_trans_details_160818_110349.pdf
2017-01-20 18:54 - 2016-08-18 10:02 - 00075750 _____ C:\Users\OskiAWP\Downloads\history_160818_110200.pdf
2017-01-20 18:54 - 2016-08-18 10:02 - 00062716 _____ C:\Users\OskiAWP\Downloads\pko_trans_details_160818_110210.pdf
2017-01-20 18:54 - 2016-08-18 10:02 - 00062713 _____ C:\Users\OskiAWP\Downloads\pko_trans_details_160818_110223.pdf
2017-01-20 18:54 - 2016-08-17 12:16 - 00062792 _____ C:\Users\OskiAWP\Downloads\pko_trans_details_160817_131641.pdf
2017-01-20 18:54 - 2016-08-17 12:15 - 00062720 _____ C:\Users\OskiAWP\Downloads\pko_trans_details_160817_131504.pdf
2017-01-20 18:54 - 2016-08-17 12:15 - 00062714 _____ C:\Users\OskiAWP\Downloads\pko_trans_details_160817_131535.pdf
2017-01-20 18:54 - 2016-08-17 12:14 - 00062802 _____ C:\Users\OskiAWP\Downloads\pko_trans_details_160817_131416.pdf
2017-01-20 18:54 - 2016-08-17 12:12 - 00071015 _____ C:\Users\OskiAWP\Downloads\history_160817_131255.pdf
2017-01-20 18:54 - 2016-06-21 11:36 - 00060586 _____ C:\Users\OskiAWP\Downloads\31588012_F_11074018_06_16_F.pdf
2017-01-20 18:54 - 2016-06-19 10:41 - 00218720 _____ C:\Users\OskiAWP\Downloads\Umowa kupna i sprzedaży (Współwłaściciel).pdf
2017-01-20 18:54 - 2016-06-04 20:19 - 00705412 _____ C:\Users\OskiAWP\Downloads\429-2955-1-PB.pdf
2017-01-20 18:54 - 2016-06-04 20:19 - 00366394 _____ C:\Users\OskiAWP\Downloads\fulltext945.pdf
2017-01-20 18:54 - 2016-06-04 13:34 - 31592067 _____ C:\Users\OskiAWP\Downloads\1 (1).pdf
2017-01-20 18:54 - 2016-06-04 13:33 - 31592067 _____ C:\Users\OskiAWP\Downloads\1.pdf
2017-01-20 18:54 - 2016-06-03 17:50 - 00657925 _____ C:\Users\OskiAWP\Downloads\IPET_J_Michaowska.pdf
2017-01-20 18:54 - 2016-05-15 18:28 - 00749716 _____ C:\Users\OskiAWP\Downloads\Program_dla_dziecka_z_ADHD-A_Stelma.pdf
2017-01-20 18:54 - 2016-04-29 19:32 - 00012951 _____ C:\Users\OskiAWP\Downloads\Travel document for JANISZEWSKA - ANETA - 5ALUK3.pdf
2017-01-20 18:03 - 2016-01-27 14:20 - 00000000 ___HD C:\Users\OskiAWP\Desktop\misia
2017-01-20 14:18 - 2016-01-15 22:15 - 00000512 _____ C:\Users\Public\Desktop\Tibia.lnk
2017-01-20 14:18 - 2016-01-15 22:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tibia
2017-01-18 14:35 - 2016-01-15 20:02 - 00000000 ____D C:\Users\OskiAWP
2017-01-10 19:49 - 2016-10-03 22:09 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-10 19:49 - 2016-10-03 22:09 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-10 19:49 - 2016-10-03 22:09 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-10 19:49 - 2016-10-03 22:09 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-10 19:49 - 2016-10-03 22:09 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-02 16:41 - 2016-01-15 22:15 - 00000000 ____D C:\Users\OskiAWP\AppData\Roaming\Tibia
2016-12-26 21:21 - 2016-01-26 21:45 - 00182572 _____ C:\Windows\DirectX.log
2016-12-26 21:21 - 2009-07-14 04:20 - 00000000 __RSD C:\Windows\assembly
==================== Pliki w katalogu głównym wybranych folderów =======
2017-01-20 18:54 - 2017-01-20 20:31 - 2614232 _____ () C:\Users\OskiAWP\AppData\Roaming\2554759421
2016-11-28 16:43 - 2016-11-28 16:43 - 0000020 _____ () C:\Users\OskiAWP\AppData\Roaming\system.xml
2016-01-15 23:26 - 2016-01-15 23:26 - 0000043 _____ () C:\Users\OskiAWP\AppData\Roaming\WB.CFG
2017-01-21 15:38 - 2017-01-21 15:38 - 0007605 _____ () C:\Users\OskiAWP\AppData\Local\Resmon.ResmonCfg
2016-01-23 19:46 - 2016-01-23 19:46 - 0000057 _____ () C:\ProgramData\Ament.ini
Niektóre pliki w TEMP:
====================
C:\Users\OskiAWP\AppData\Local\Temp\DefaultPack.EXE
C:\Users\OskiAWP\AppData\Local\Temp\e299a8ab-8870-411f-973d-01aac27ca5c1.exe
C:\Users\OskiAWP\AppData\Local\Temp\jre-8u121-windows-au.exe
C:\Users\OskiAWP\AppData\Local\Temp\Tibia_Setup_9c7f-312f-2534-9902.exe
==================== Bamital & volsnap ======================
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
C:\Windows\system32\winlogon.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\wininit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\explorer.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\services.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\User32.dll
[2010-11-21 04:24] - [2010-11-21 04:24] - 1008640 ____A (Microsoft Corporation) 8D0F86272C524052236761CABF6E7AFE
C:\Windows\SysWOW64\User32.dll
[2016-02-17 16:02] - [2016-02-17 16:02] - 0833024 ____A (Microsoft Corporation) E01EBE6A0C7B306763667FDC60A0B25A
C:\Windows\system32\userinit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys = & gt; Plik podpisany cyfrowo
LastRegBack: 2017-01-13 15:51
==================== Koniec FRST.txt ============================