REKLAMA

FRST.txt

Kaspersky free - blokuje strony internetowe HEUR: Trojan.script.Miner.gen

Proszę o to pliki.


Pobierz plik - link do postu

Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 24.12.2018
Uruchomiony przez Mariusz (administrator) LENOVO (26-12-2018 11:35:54)
Uruchomiony z C:\Users\Mariusz\Desktop
Załadowane profile: Mariusz (Dostępne profile: Mariusz & GUEST & Gość)
Platform: Windows 8.1 (Update) (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\WINDOWS\System32\igfxCUIService.exe
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe
() C:\WINDOWS\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel Corporation) C:\WINDOWS\System32\igfxEM.exe
(Intel Corporation) C:\WINDOWS\System32\igfxHK.exe
(Intel Corporation) C:\WINDOWS\System32\igfxTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avpui.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\WINDOWS\WindowsMobile\wmdc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Mariusz\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe

==================== Rejestr (filtrowane) ===========================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [Energy Management] = & gt; C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2015-11-14] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] = & gt; C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2015-11-14] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] = & gt; C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771696 2013-08-14] (Synaptics Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] = & gt; C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] = & gt; C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16418560 2016-02-23] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] = & gt; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [Bluetooth] = & gt; C:\Program Files\Lenovo\Bluetooth Software\bttray.exe [535808 2015-09-24] (Broadcom Corporation.)
HKLM\...\Run: [AdobeGCInvoker-1.0] = & gt; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [] = & gt; [X]
HKLM-x32\...\Run: [Razer Synapse] = & gt; C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [598200 2018-06-06] (Razer Inc.)
HKLM-x32\...\Run: [Bonus.SSR.FR11] = & gt; C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [1348176 2012-09-20] (ABBYY)
HKLM-x32\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587800 2017-12-19] (Oracle Corporation)
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\Run: [DAEMON Tools Lite Automount] = & gt; C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-07-29] (Disc Soft Ltd)
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\Run: [Steam] = & gt; D:\Gry\Steam\steam.exe [3131680 2018-11-26] (Valve Corporation)
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\Run: [World of Tanks] = & gt; D:\Gry\Wot\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net)
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\Run: [IDMan] = & gt; C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3966064 2018-09-28] (Tonec Inc.)
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\Run: [CCleaner Smart Cleaning] = & gt; C:\Program Files\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd)
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\MountPoints2: {0372a43b-b45d-11e5-be79-2016d827b5ff} - " E:\Autorun.exe "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\MountPoints2: {201781c2-c90a-11e5-be80-2016d827b5ff} - " G:\Setup.exe "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\MountPoints2: {20178e73-c90a-11e5-be80-2016d827b5ff} - " J:\setup.exe "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\MountPoints2: {31e0feb5-275e-11e6-be9a-2016d827b5ff} - " G:\setup.exe "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\MountPoints2: {385cbe2d-8a97-11e5-be6b-2016d827b5ff} - " G:\setup.exe "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\MountPoints2: {6a8df0c5-8ae8-11e5-be6e-2016d827b5ff} - " E:\setup.exe "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\MountPoints2: {6a8df238-8ae8-11e5-be6e-2016d827b5ff} - " H:\setup.exe "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\MountPoints2: {7d4bf22e-3339-11e6-be9d-2016d827b5ff} - " L:\setup.exe "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\MountPoints2: {832debf7-c1f7-11e7-bf03-2016d827b5ff} - " E:\LaunchU3.exe " -a
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\MountPoints2: {c719cee4-0ed8-11e6-be92-2016d827b5ff} - " I:\AutoRun.exe "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\MountPoints2: {c719cf81-0ed8-11e6-be92-2016d827b5ff} - " I:\AutoRun.exe "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\MountPoints2: {e4bd6feb-c3a0-11e5-be7d-2016d827b5ff} - " H:\setup.exe "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\MountPoints2: {e710629c-179c-11e6-be96-2016d827b5ff} - " E:\AutoRun.exe "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\MountPoints2: {f8c164e8-6265-11e6-beb8-2016d827b5ff} - " E:\setup.exe "
HKLM\...\Drivers32: [msacm.l3acm] = & gt; C:\WINDOWS\System32\l3codeca.acm [82432 2014-11-21] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [MSVideo8] = & gt; C:\WINDOWS\System32\VfWWDM32.dll [69632 2014-11-21] (Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.HFYU] = & gt; C:\WINDOWS\System32\huffyuv.dll [55296 2005-01-22] ()
HKLM\...\Drivers32: [VIDC.LAGS] = & gt; C:\WINDOWS\System32\lagarith.dll [148992 2011-12-07] ( )
HKLM\...\Drivers32: [VIDC.X264] = & gt; C:\WINDOWS\System32\x264vfw64.dll [3571200 2015-02-28] (x264vfw project)
HKLM\...\Drivers32: [VIDC.XVID] = & gt; C:\WINDOWS\System32\xvidvfw.dll [254976 2015-11-04] ()
HKLM\...\Drivers32: [msacm.ac3acm] = & gt; C:\WINDOWS\System32\ac3acm.acm [180736 2012-07-21] (fccHandler)
HKLM\...\Drivers32: [msacm.l3codecp] = & gt; C:\WINDOWS\System32\l3codecp.acm [177152 2014-11-21] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [vidc.mjpg] = & gt; C:\WINDOWS\System32\bdmjpeg64.dll [25640 2013-08-05] ()
HKLM\...\Drivers32: [vidc.mpeg] = & gt; C:\WINDOWS\System32\bdmpegv64.dll [70200 2013-08-05] ()
HKLM\...\Drivers32: [msacm.bdmpeg] = & gt; C:\WINDOWS\System32\bdmpega64.acm [70712 2013-08-05] ()
HKLM\...\Drivers32: [VIDC.FICV] = & gt; C:\WINDOWS\System32\ficvdec_x64.dll [652288 2013-05-28] ()
HKLM\...\Drivers32: [vidc.pDAD] = & gt; C:\WINDOWS\System32\prodad-codec.dll [607256 2016-08-26] (proDAD GmbH)
HKLM\...\Drivers32-x32: [msacm.l3acm] = & gt; C:\WINDOWS\SysWOW64\l3codeca.acm [69120 2014-11-21] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32-x32: [VIDC.HFYU] = & gt; C:\WINDOWS\SysWOW64\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.)
HKLM\...\Drivers32-x32: [VIDC.LAGS] = & gt; C:\WINDOWS\SysWOW64\lagarith.dll [216064 2011-12-07] ( )
HKLM\...\Drivers32-x32: [VIDC.X264] = & gt; C:\Windows\SysWOW64\x264vfw.dll [3591680 2015-02-28] (x264vfw project)
HKLM\...\Drivers32-x32: [VIDC.XVID] = & gt; C:\WINDOWS\SysWOW64\xvidvfw.dll [240128 2015-11-04] ()
HKLM\...\Drivers32-x32: [msacm.ac3acm] = & gt; C:\WINDOWS\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler)
HKLM\...\Drivers32-x32: [msacm.lameacm] = & gt; C:\Windows\SysWOW64\lameACM.acm [473088 2015-02-25] (hxxp://www.mp3dev.org/)
HKLM\...\Drivers32-x32: [msacm.l3codecp] = & gt; C:\WINDOWS\SysWOW64\l3codecp.acm [186368 2014-11-21] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32-x32: [vidc.mjpg] = & gt; C:\Windows\SysWOW64\bdmjpeg.dll [23080 2013-08-05] ()
HKLM\...\Drivers32-x32: [vidc.mpeg] = & gt; C:\Windows\SysWOW64\bdmpegv.dll [66104 2013-08-05] ()
HKLM\...\Drivers32-x32: [msacm.bdmpeg] = & gt; C:\Windows\SysWOW64\bdmpega.acm [66104 2013-08-05] ()
HKLM\...\Drivers32-x32: [VIDC.FFDS] = & gt; C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] ()
HKLM\...\Drivers32-x32: [VIDC.FICV] = & gt; C:\Windows\SysWOW64\ficvdec_x86.dll [641024 2013-05-28] ()
AppInit_DLLs: C:\Windows\system32\nvinitx.dll = & gt; C:\Windows\system32\nvinitx.dll [182232 2018-11-16] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll = & gt; C:\WINDOWS\system32\nvinitx.dll [182232 2018-11-16] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll = & gt; C:\WINDOWS\SysWOW64\nvinit.dll [159672 2018-11-16] (NVIDIA Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Ograniczenia ? & lt; ==== UWAGA

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1ED3CD29-CE71-429F-BCF2-1F28F5B14238}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A7C56BAB-F772-486A-A412-B4B0534F5424}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Tcpip\..\Interfaces\{FBD674FD-F4C5-4046-9824-31CC8E83CD89}: [NameServer] 8.8.8.8,8.8.4.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: IDM integration (IDMIEHlprObj Class) - & gt; {0055C089-8582-441B-A0BF-17B458C2A3A8} - & gt; C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2018-09-28] (Internet Download Manager, Tonec Inc.)
BHO: Skype for Business Browser Helper - & gt; {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - & gt; C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-01-28] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper - & gt; {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - & gt; C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-11-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-28] (Oracle Corporation)
BHO: Kaspersky Protection - & gt; {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} - & gt; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2018-12-26] (AO Kaspersky Lab)
BHO-x32: IDM integration (IDMIEHlprObj Class) - & gt; {0055C089-8582-441B-A0BF-17B458C2A3A8} - & gt; C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2018-09-28] (Internet Download Manager, Tonec Inc.)
BHO-x32: Skype for Business Browser Helper - & gt; {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - & gt; C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-28] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper - & gt; {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - & gt; C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-11-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-28] (Oracle Corporation)
BHO-x32: Kaspersky Protection - & gt; {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} - & gt; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll [2018-12-26] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2018-12-26] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll [2018-12-26] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-2102368143-2728945569-3422748965-1001 - & gt; Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2018-12-26] (AO Kaspersky Lab)
DPF: HKLM-x32 {108D3206-846A-4A93-BACB-F0572D043ED7} hxxp://91.231.245.70:8080/webrec.cab
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-11-10] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-11-10] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-11-10] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-11-10] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: y5iryq58.default
FF ProfilePath: C:\Users\Mariusz\AppData\Roaming\Mozilla\Firefox\Profiles\y5iryq58.default [2018-12-26]
FF Extension: (Brak nazwy) - C:\Users\Mariusz\AppData\Roaming\Mozilla\Firefox\Profiles\y5iryq58.default\extensions\WebProtection@360safe.com [nie znaleziono]
FF HKLM\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-12-26]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Mariusz\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Mariusz\AppData\Roaming\IDM\idmmzcc5 [2018-10-14] [Przestarzałe] [Brak podpisu cyfrowego]
FF HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2018-09-28] [Przestarzałe]
FF Plugin: @java.com/DTPlugin,version=11.161.2 - & gt; C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.161.2 - & gt; C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-28] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - & gt; C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - & gt; D:\Gry\Neverwinter\Arc\plugins\flash\NPSWF32.dll [Brak pliku]
FF Plugin-x32: @DVR/npmedia,version=3.1.0.4 - & gt; C:\Program Files (x86)\webrec\WEB30\WebPlugin\npmedia.dll [2016-02-29] ()
FF Plugin-x32: @DVR/npTimeGrid,version=3.1.0.4 - & gt; C:\Program Files (x86)\webrec\WEB30\WebPlugin\npTimeGrid.dll [2016-02-29] (Unauthorized copy)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 - & gt; C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 - & gt; C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - & gt; C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - & gt; C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - & gt; C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - & gt; C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 - & gt; C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 - & gt; C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 - & gt; C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: Adobe Reader - & gt; C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)

Chrome:
=======
CHR NewTab: Default - & gt; Active: " chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html "
CHR DefaultSearchURL: Default - & gt; hxxp://paslek-um.bip-wm.pl/cms/images/favicon.ico
CHR Profile: C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default [2018-12-26]
CHR Extension: (Prezentacje) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-16]
CHR Extension: (Kaspersky Protection) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2018-12-26]
CHR Extension: (Dokumenty) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-16]
CHR Extension: (Dysk Google) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (Ledger Manager) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\beimhnaefocolcplfimocfiaiefpkgbf [2018-08-03]
CHR Extension: (Web Developer) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2017-12-16]
CHR Extension: (YouTube) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-16]
CHR Extension: (Adblock Plus) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-05]
CHR Extension: (uBlock Origin) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-12-07]
CHR Extension: (Adobe Acrobat) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-12-16]
CHR Extension: (MyJDownloader Browser Extension) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2018-11-07]
CHR Extension: (Arkusze) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-16]
CHR Extension: (Small Waterfall) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjmpmheefpadfkjkkeeeanlkhdlpmeom [2017-12-16]
CHR Extension: (Nano Defender) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggolfgbegefeeoocgjbmkembbncoadlb [2018-12-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (AdBlock) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-20]
CHR Extension: (Śledzenie cen AliExpress - AliPrice Asystent) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\hihlaoogegdjakmdbpbilijdghoggkim [2018-11-29]
CHR Extension: (Ledger Wallet Ethereum) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmlhkialjkaldndjnlcdfdphcgeadkkm [2018-12-11]
CHR Extension: (EverSync - Sync bookmarks, backup favorites) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\iohcojnlgnfbmjfjfkbhahhmppcggdog [2018-12-15]
CHR Extension: (Ledger Wallet Bitcoin) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdpmhnladdopljabkgpacgpliggeeaf [2018-07-30]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2018-11-25]
CHR Extension: (BIP - Panel administracyjny) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbbiagdoekmnhbfpjfkhndpkcgelnolg [2018-12-06]
CHR Extension: (IDM Integration Module) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-12-20]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (NACL Web Plug-in) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbdcmagkbhnjpjlnpibbmggikpedpilc [2017-12-16]
CHR Extension: (Gmail) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-16]
CHR Extension: (Chrome Media Router) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-07]
CHR Profile: C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\System Profile [2018-12-25]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-10-14]
CHR HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-10-14]

==================== Usługi (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R2 ABBYY.Licensing.FineReader.Corporate.11.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [821840 2012-07-19] (ABBYY)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc.)
R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe [619640 2018-02-28] (AO Kaspersky Lab)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [980224 2015-09-24] (Broadcom Corporation.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-07-29] (Disc Soft Ltd)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [3065608 2018-12-05] (Comodo)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [382504 2017-05-14] (EasyAntiCheat Ltd)
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2016-04-30] ()
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2013-11-21] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [319096 2016-01-13] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-25] (Intel Corporation)
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\vssbridge64.exe [414352 2018-12-26] (AO Kaspersky Lab)
S2 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-02-28] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-08-13] ()
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [Brak podpisu cyfrowego]
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787336 2018-11-16] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787336 2018-11-16] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2123104 2017-11-20] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3002728 2017-11-20] (Electronic Arts)
S2 PLAY ONLINE. RunOuc; C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe [651856 2016-04-30] ()
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [Brak podpisu cyfrowego]
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2016-02-21] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2016-02-21] ()
R2 RapiMgr; C:\WINDOWS\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189776 2018-03-14] ()
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
R2 WcesComm; C:\WINDOWS\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-08-13] (Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; " C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe " -s NVDisplay.ContainerLocalSystem -f " C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log " -l 3 -d " C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem " -r -p 30000
R2 NvTelemetryContainer; " C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe " -s NvTelemetryContainer -f " C:\ProgramData\NVIDIA\NvTelemetryContainer.log " -l 3 -d " C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins " -r

===================== Sterowniki (filtrowane) ======================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (AO Kaspersky Lab)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-01-09] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-05-22] (Disc Soft Ltd)
S3 evserial7; C:\WINDOWS\System32\DRIVERS\evserial7.sys [71432 2017-03-26] (ELTIMA Software)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [121728 2013-12-10] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\system32\DRIVERS\ew_wwanecm.sys [376704 2013-12-10] (Huawei Technologies Co., Ltd.)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [528576 2018-02-20] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [73416 2018-12-05] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [123152 2018-12-05] (AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [89168 2018-12-05] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29208 2017-03-30] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [219744 2018-12-26] (AO Kaspersky Lab)
R1 KLHK; C:\WINDOWS\System32\drivers\klhk.sys [1214752 2018-12-26] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1113696 2018-12-26] (AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57032 2018-02-12] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [58048 2018-01-15] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [83496 2017-12-11] (AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50648 2017-05-30] (AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [45768 2018-12-05] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\system32\DRIVERS\kltap.sys [48080 2018-02-12] (The OpenVPN Project)
S4 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [100552 2018-02-17] (AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [176976 2018-12-05] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [203968 2018-02-24] (AO Kaspersky Lab)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [261032 2018-12-26] (Malwarebytes)
R3 NETwNe64; C:\WINDOWS\system32\DRIVERS\NETwew00.sys [3352336 2015-05-04] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation)
R3 rzdaendpt; C:\WINDOWS\System32\drivers\rzdaendpt.sys [43720 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [41720 2018-03-08] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137592 2018-03-19] (Razer, Inc.)
R3 rzvkeyboard; C:\WINDOWS\System32\drivers\rzvkeyboard.sys [44232 2015-08-13] (Razer Inc)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12400 2018-12-19] (Macrovision Europe Ltd) [Brak podpisu cyfrowego]
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-14] (Synaptics Incorporated)
R1 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [828688 2018-06-07] (IDRIX)
R3 VSBC7; C:\WINDOWS\System32\drivers\evsbc7.sys [36616 2017-03-26] (ELTIMA Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2018-12-26 11:35 - 2018-12-26 11:36 - 000035430 _____ C:\Users\Mariusz\Desktop\FRST.txt
2018-12-26 11:35 - 2018-12-26 11:35 - 000261032 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-12-26 11:13 - 2018-12-26 11:13 - 000000000 ____D C:\Users\Mariusz\Documents\steamvr
2018-12-26 10:31 - 2018-12-26 10:31 - 002421760 _____ (Farbar) C:\Users\Mariusz\Desktop\FRST64.exe
2018-12-26 08:37 - 2018-12-26 08:37 - 000002059 _____ C:\Users\Public\Desktop\Kaspersky Free.lnk
2018-12-26 08:37 - 2018-12-26 08:37 - 000001204 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2018-12-26 08:37 - 2018-12-26 08:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2018-12-26 08:37 - 2018-12-26 08:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Free
2018-12-26 08:37 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2018-12-26 08:36 - 2018-12-26 08:37 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2018-12-26 08:36 - 2018-12-26 08:36 - 001214752 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2018-12-26 08:36 - 2018-12-26 08:36 - 001113696 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2018-12-26 08:36 - 2018-12-26 08:36 - 000219744 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2018-12-26 08:36 - 2018-12-26 08:36 - 000152960 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\klhkum.dll
2018-12-26 08:30 - 2018-12-26 08:30 - 002545888 _____ (Kaspersky Lab) C:\Users\Mariusz\Desktop\kfa19.0.0.1088abpl_15119.exe
2018-12-25 09:42 - 2018-12-26 11:13 - 000000000 ____D C:\Users\Mariusz\AppData\Roaming\Comodo
2018-12-25 09:35 - 2018-12-26 11:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2018-12-25 09:35 - 2018-12-25 09:44 - 000000000 ____D C:\Program Files (x86)\Comodo
2018-12-25 09:35 - 2018-12-25 09:35 - 000002128 _____ C:\Users\Public\Desktop\Comodo Dragon.lnk
2018-12-25 09:35 - 2018-12-25 09:35 - 000000000 ____D C:\Users\Mariusz\AppData\Local\Comodo
2018-12-25 09:31 - 2018-12-25 09:30 - 005581928 _____ (COMODO) C:\Users\Mariusz\Desktop\cispremium_installer.exe
2018-12-25 09:20 - 2018-12-25 09:20 - 000000000 ____D C:\Users\Mariusz\AppData\Roaming\360DrvMgr
2018-12-25 08:11 - 2018-12-25 09:32 - 000000000 ____D C:\Users\Mariusz\AppData\Roaming\360DesktopLite
2018-12-25 08:10 - 2018-12-25 08:10 - 082609224 _____ C:\Users\Mariusz\Desktop\360TS_Setup_10.2.0.1238.exe
2018-12-25 06:58 - 2018-12-25 06:58 - 069910960 _____ (Safer-Networking Ltd. ) C:\Users\Mariusz\Desktop\spybotsd-2.7.64.0.exe
2018-12-25 06:57 - 2018-12-25 06:57 - 007320272 _____ (Malwarebytes) C:\Users\Mariusz\Desktop\adwcleaner_7.2.6.0.exe
2018-12-23 19:42 - 2018-12-26 09:09 - 000000083 _____ C:\Users\Mariusz\Desktop\konkurs.txt
2018-12-23 08:42 - 2018-12-23 08:42 - 000000000 ____D C:\Users\Mariusz\AppData\Local\NVIDIA
2018-12-23 08:32 - 2018-12-23 08:34 - 689920650 _____ C:\Users\Mariusz\Desktop\quake_ii_quad_damage_game-2018-Aug-21-2150.rar
2018-12-23 08:27 - 2018-12-23 08:37 - 2075354896 _____ C:\Users\Mariusz\Desktop\q2xp1268f.7z
2018-12-20 19:43 - 2018-12-14 08:38 - 000790016 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-12-20 19:43 - 2018-12-14 07:33 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-12-20 16:39 - 2018-12-20 16:39 - 000000000 _____ C:\Users\Mariusz\Desktop\270 od Ewy.txt
2018-12-19 18:04 - 2018-12-19 18:04 - 000000664 _____ C:\Users\Public\Desktop\Uruchom grę GhostMaster.lnk
2018-12-19 18:04 - 2018-12-19 18:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GhostMaster
2018-12-19 18:02 - 2003-03-24 09:50 - 000974848 ____R C:\WINDOWS\SysWOW64\vorbis.dll
2018-12-19 18:02 - 2003-03-24 09:50 - 000049152 ____R C:\WINDOWS\SysWOW64\ogg.dll
2018-12-19 18:02 - 2003-03-24 09:50 - 000028672 ____R C:\WINDOWS\SysWOW64\vorbisfile.dll
2018-12-19 18:01 - 2018-12-19 18:01 - 000000000 ____D C:\Users\Mariusz\Desktop\Ghost.Master.PL.2003
2018-12-19 17:56 - 2018-12-19 17:58 - 694978425 _____ C:\Users\Mariusz\Desktop\Ghost.Master.PL.2003.rar
2018-12-18 22:57 - 2018-12-26 09:56 - 000150016 ___SH C:\Users\Mariusz\Desktop\Thumbs.db
2018-12-15 10:09 - 2018-12-15 12:25 - 000000000 ____D C:\Users\Mariusz\AppData\Local\NVIDIA Corporation
2018-12-15 10:08 - 2018-12-15 10:08 - 000000000 ____D C:\WINDOWS\SysWOW64\NV
2018-12-15 10:08 - 2018-12-15 10:08 - 000000000 ____D C:\WINDOWS\system32\NV
2018-12-15 10:07 - 2018-12-26 11:34 - 000000000 ____D C:\ProgramData\NVIDIA
2018-12-15 10:07 - 2018-12-15 10:07 - 000003792 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-15 10:07 - 2018-12-15 10:07 - 000003792 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-15 10:07 - 2018-12-15 10:07 - 000003792 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-15 10:07 - 2018-12-15 10:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-12-15 10:07 - 2018-11-20 13:57 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-12-15 10:07 - 2018-11-16 12:53 - 002865032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-12-15 10:07 - 2018-11-16 12:53 - 002264968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-12-15 10:07 - 2018-11-16 12:53 - 001323400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-12-15 10:07 - 2018-11-16 00:24 - 005338424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-12-15 10:07 - 2018-11-16 00:24 - 002620272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-12-15 10:07 - 2018-11-16 00:24 - 001767736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-12-15 10:07 - 2018-11-16 00:24 - 000651064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-12-15 10:07 - 2018-11-16 00:24 - 000450416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-12-15 10:07 - 2018-11-16 00:24 - 000124784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-12-15 10:07 - 2018-11-16 00:24 - 000082984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-12-15 10:07 - 2018-11-14 06:56 - 008416032 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-12-15 10:07 - 2018-10-04 13:33 - 000203760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2018-12-15 10:07 - 2018-10-04 13:33 - 000179696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2018-12-15 10:07 - 2018-08-03 23:40 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-12-15 10:06 - 2018-12-15 10:06 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2018-12-15 10:05 - 2018-12-23 08:42 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-12-15 10:05 - 2018-11-16 20:42 - 036644768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2018-12-15 10:05 - 2018-11-16 20:42 - 035301040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl64.dll
2018-12-15 10:05 - 2018-11-16 20:42 - 031396952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2018-12-15 10:05 - 2018-11-16 20:42 - 029974648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl32.dll
2018-12-15 10:05 - 2018-11-16 20:42 - 015909736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-12-15 10:05 - 2018-11-16 20:42 - 013203592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-12-15 10:05 - 2018-11-16 20:42 - 001167776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-12-15 10:05 - 2018-11-16 20:42 - 000914592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-12-15 10:05 - 2018-11-16 20:42 - 000524624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-12-15 10:05 - 2018-11-16 20:42 - 000505696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2018-12-15 10:05 - 2018-11-16 20:42 - 000450656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-12-15 10:05 - 2018-11-16 20:42 - 000419776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2018-12-15 10:05 - 2018-11-16 20:42 - 000163376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2018-12-15 10:05 - 2018-11-16 20:42 - 000141576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2018-12-15 10:05 - 2018-11-16 20:41 - 020846912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2018-12-15 10:05 - 2018-11-16 20:41 - 019707992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-12-15 10:05 - 2018-11-16 20:41 - 017287656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2018-12-15 10:05 - 2018-11-16 20:41 - 016985872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-12-15 10:05 - 2018-11-16 20:41 - 004845080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-12-15 10:05 - 2018-11-16 20:41 - 004284792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-12-15 10:05 - 2018-11-16 20:41 - 000169064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdlistx.dll
2018-12-15 10:05 - 2018-11-16 20:41 - 000147256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvdlist.dll
2018-12-15 10:05 - 2018-11-16 16:49 - 000978336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2018-12-15 10:05 - 2018-11-16 16:49 - 000978336 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-12-15 10:05 - 2018-11-16 16:49 - 000845216 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2018-12-15 10:05 - 2018-11-16 16:49 - 000845216 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-12-15 10:05 - 2018-11-16 16:49 - 000551840 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2018-12-15 10:05 - 2018-11-16 16:49 - 000457016 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2018-12-15 10:05 - 2018-11-16 16:49 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2018-12-15 10:05 - 2018-11-16 16:49 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-12-15 10:05 - 2018-11-16 16:49 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2018-12-15 10:05 - 2018-11-16 16:49 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-12-15 10:05 - 2018-11-16 16:47 - 048639888 _____ (NVIDIA Corp.) C:\WINDOWS\system32\nvoptix.dll
2018-12-15 10:05 - 2018-11-16 16:47 - 040095120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2018-12-15 10:05 - 2018-11-16 16:47 - 029812000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2018-12-15 10:05 - 2018-11-16 16:47 - 020478176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrtum64.dll
2018-12-15 10:05 - 2018-11-16 16:47 - 020104608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2018-12-15 10:05 - 2018-11-16 16:47 - 000383944 _____ C:\WINDOWS\system32\nvofapi.dll
2018-12-15 10:05 - 2018-11-16 16:47 - 000054928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2018-12-15 10:05 - 2018-11-16 16:46 - 004540184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-12-15 10:05 - 2018-11-16 16:46 - 004031368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-12-15 10:05 - 2018-11-16 16:46 - 002017536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441701.dll
2018-12-15 10:05 - 2018-11-16 16:46 - 002002128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-12-15 10:05 - 2018-11-16 16:46 - 001509984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-12-15 10:05 - 2018-11-16 16:46 - 001468192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441701.dll
2018-12-15 10:05 - 2018-11-16 16:46 - 001460024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-12-15 10:05 - 2018-11-16 16:46 - 001125848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-12-15 10:05 - 2018-11-16 16:46 - 000631792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-12-15 10:05 - 2018-11-16 16:46 - 000521688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-12-15 10:05 - 2018-11-16 16:45 - 040256992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-12-15 10:05 - 2018-11-16 16:45 - 035154400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-12-15 10:05 - 2018-11-16 16:45 - 000489368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcbl64.dll
2018-12-15 10:05 - 2018-11-16 02:29 - 000045443 _____ C:\WINDOWS\system32\nvinfo.pb
2018-12-15 10:05 - 2018-11-16 02:29 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2018-12-15 10:05 - 2018-11-16 02:29 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json
2018-12-15 10:05 - 2018-10-01 19:47 - 000070024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2018-12-15 10:05 - 2018-10-01 16:47 - 000074576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2018-12-13 19:49 - 2018-12-26 08:37 - 000000000 ____D C:\Program Files\Common Files\AV
2018-12-13 18:21 - 2018-12-26 08:30 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-12-12 17:28 - 2018-11-28 10:39 - 004168704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2018-12-12 17:28 - 2018-11-28 09:08 - 015441408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-12-12 17:28 - 2018-11-28 09:04 - 013322240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-12-12 17:28 - 2018-11-15 04:00 - 025735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-12-12 17:28 - 2018-11-15 03:34 - 020281856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-12-12 17:28 - 2018-11-15 02:51 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-12-12 17:28 - 2018-11-15 02:50 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-12-12 17:28 - 2018-11-13 05:35 - 005778944 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-12-12 17:28 - 2018-11-13 04:51 - 015284736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-12-12 17:28 - 2018-11-13 04:38 - 013681152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-12-12 17:28 - 2018-11-10 20:42 - 001368584 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2018-12-12 17:28 - 2018-11-10 20:36 - 007371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-12-12 17:28 - 2018-11-10 20:25 - 000121288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-12-12 17:28 - 2018-11-10 19:54 - 001308456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-12-12 17:28 - 2018-11-10 17:34 - 001754112 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-12-12 17:28 - 2018-11-10 17:22 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-12-12 17:28 - 2018-11-10 17:15 - 001491968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-12-12 17:28 - 2018-11-03 19:28 - 002532344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-12-12 17:28 - 2018-11-03 18:41 - 001903456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-12-12 17:28 - 2018-11-03 16:25 - 002348032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-12-12 17:28 - 2018-11-03 16:11 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-12-12 17:28 - 2018-10-05 18:06 - 001200640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-12-12 17:28 - 2018-10-05 17:20 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-12-12 17:27 - 2018-11-13 05:00 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-12-12 17:27 - 2018-11-13 04:52 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-12-12 17:27 - 2018-11-13 04:43 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-12-12 17:27 - 2018-11-13 04:42 - 004494848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-12-12 17:27 - 2018-11-13 04:38 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-12-12 17:27 - 2018-11-13 04:37 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-12-12 17:27 - 2018-11-13 04:27 - 001555968 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-12-12 17:27 - 2018-11-13 04:18 - 004386816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-12-12 17:27 - 2018-11-13 04:16 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-12-12 17:27 - 2018-11-13 04:15 - 001330176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-12-12 17:27 - 2018-11-13 04:14 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-12-12 17:27 - 2018-11-10 19:53 - 000356088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-12-12 17:27 - 2018-11-10 17:25 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2018-12-12 17:27 - 2018-10-06 17:43 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-12-12 17:27 - 2018-10-06 17:13 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-12-12 17:27 - 2018-10-05 18:06 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2018-12-12 17:27 - 2018-10-05 17:20 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2018-12-12 17:27 - 2018-10-05 16:18 - 000513376 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-12-12 17:27 - 2018-10-05 16:18 - 000513376 _____ C:\WINDOWS\system32\locale.nls
2018-12-11 19:49 - 2018-12-11 19:51 - 012175171 _____ C:\Users\Mariusz\Desktop\BDC.4.3.0.1479.port.7z
2018-12-10 15:57 - 2018-12-16 13:14 - 000000000 ____D C:\Users\Mariusz\AppData\Roaming\Median XL
2018-12-10 15:57 - 2018-12-10 15:57 - 000000772 _____ C:\Users\Public\Desktop\Median XL.lnk
2018-12-10 15:57 - 2018-12-10 15:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Median XL
2018-12-09 07:54 - 2018-12-09 07:54 - 000000000 _____ C:\WINDOWS\SysWOW64\SETC191.tmp
2018-12-09 07:54 - 2018-12-09 07:54 - 000000000 _____ C:\WINDOWS\system32\SETB928.tmp
2018-12-06 16:07 - 2018-12-06 16:07 - 000000000 ____D C:\Users\Mariusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WebPlugin
2018-12-06 16:07 - 2018-12-06 16:07 - 000000000 ____D C:\Program Files (x86)\webrec
2018-12-06 16:03 - 2018-12-06 16:04 - 000000000 ____D C:\Users\Mariusz\AppData\Roaming\RealVNC
2018-12-05 20:50 - 2018-12-05 20:50 - 000176976 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
2018-12-05 20:50 - 2018-12-05 20:50 - 000123152 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klbackupflt.sys
2018-12-05 20:50 - 2018-12-05 20:50 - 000089168 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\kldisk.sys
2018-12-05 20:50 - 2018-12-05 20:50 - 000073416 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klbackupdisk.sys
2018-12-05 20:50 - 2018-12-05 20:50 - 000045768 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klpnpflt.sys

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2018-12-26 11:35 - 2015-11-14 07:43 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-12-26 11:35 - 2015-11-13 22:58 - 000000000 __SHD C:\Users\Mariusz\IntelGraphicsProfiles
2018-12-26 11:34 - 2013-08-22 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-12-26 11:32 - 2013-08-22 14:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2018-12-26 11:18 - 2015-11-13 20:47 - 000003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2102368143-2728945569-3422748965-1001
2018-12-26 11:13 - 2018-10-14 17:21 - 000000000 ____D C:\Users\Mariusz\AppData\Roaming\DMCache
2018-12-26 10:59 - 2018-05-07 15:34 - 000000000 ____D C:\FRST
2018-12-26 10:59 - 2015-12-24 09:02 - 000000000 ____D C:\Users\Mariusz\AppData\Local\CrashDumps
2018-12-26 08:41 - 2014-11-21 05:46 - 002150432 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-12-26 08:41 - 2014-11-21 05:07 - 001044482 _____ C:\WINDOWS\system32\perfh015.dat
2018-12-26 08:41 - 2014-11-21 05:07 - 000244386 _____ C:\WINDOWS\system32\perfc015.dat
2018-12-26 08:41 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf
2018-12-26 08:40 - 2018-10-14 17:21 - 000000000 ____D C:\Users\Mariusz\AppData\Roaming\IDM
2018-12-26 08:37 - 2013-08-22 14:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2018-12-26 08:36 - 2012-07-26 09:12 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-12-26 08:29 - 2015-12-01 07:31 - 000003984 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1FC22EA2-3DBF-4B44-96BC-E69E6E85AC10}
2018-12-25 09:41 - 2016-12-27 16:27 - 000000000 ____D C:\Program Files (x86)\360
2018-12-25 09:32 - 2016-12-27 18:42 - 000000000 __SHD C:\$360Section
2018-12-25 09:25 - 2017-07-31 20:20 - 000000000 ____D C:\Users\Mariusz\Desktop\Programów
2018-12-25 09:25 - 2017-07-08 07:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gwint [GOG.com]
2018-12-25 08:23 - 2015-11-18 16:00 - 000000266 __RSH C:\ProgramData\ntuser.pol
2018-12-25 08:08 - 2016-08-05 10:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-12-25 07:08 - 2017-01-01 08:07 - 000000000 ____D C:\WINDOWS\AutoKMS
2018-12-25 07:07 - 2017-06-18 15:22 - 000000000 ____D C:\Program Files\CCleaner
2018-12-25 07:00 - 2017-11-05 06:59 - 000000000 ____D C:\AdwCleaner
2018-12-25 06:59 - 2016-10-03 03:08 - 000000000 ____D C:\WINDOWS\Minidump
2018-12-25 06:59 - 2015-11-14 08:15 - 000000000 ____D C:\Users\Mariusz\AppData\Roaming\MPC-HC
2018-12-24 12:45 - 2015-12-03 22:21 - 000000338 _____ C:\Users\Mariusz\Desktop\Raty.txt
2018-12-21 07:09 - 2015-11-14 06:49 - 000000000 ____D C:\Users\Mariusz
2018-12-21 05:52 - 2012-07-26 08:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-12-21 05:51 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-12-21 05:16 - 2018-02-02 15:55 - 000003550 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-lenovo-Mariusz
2018-12-20 20:23 - 2015-11-13 20:40 - 000000000 ____D C:\Users\Mariusz\AppData\Local\Packages
2018-12-20 06:27 - 2017-07-25 23:12 - 000003172 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2102368143-2728945569-3422748965-1001
2018-12-20 06:27 - 2016-04-23 17:41 - 000002388 _____ C:\Users\Mariusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive dla Firm.lnk
2018-12-19 18:04 - 2017-02-17 17:06 - 000012400 _____ (Macrovision Europe Ltd) C:\WINDOWS\SysWOW64\Drivers\SECDRV.SYS
2018-12-19 18:02 - 2015-11-14 09:34 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-12-19 17:14 - 2017-12-16 12:18 - 000003482 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-19 17:14 - 2017-12-16 12:18 - 000003354 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-17 20:10 - 2015-11-14 07:50 - 000000000 ____D C:\Users\Mariusz\AppData\Local\JDownloader v2.0
2018-12-16 11:17 - 2016-09-13 17:28 - 000000000 ____D C:\Users\Mariusz\AppData\Roaming\vlc
2018-12-15 15:02 - 2017-08-03 06:24 - 000000000 ____D C:\Users\Mariusz\Desktop\Gry
2018-12-15 10:07 - 2018-05-13 06:19 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-15 10:07 - 2017-05-21 09:13 - 000004146 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-15 10:07 - 2017-05-21 09:13 - 000003790 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-15 10:07 - 2017-01-28 18:35 - 000003798 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-15 10:07 - 2017-01-28 18:35 - 000003738 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-15 10:07 - 2017-01-28 18:35 - 000003738 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-15 10:07 - 2017-01-28 18:35 - 000003730 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-15 10:07 - 2017-01-28 18:35 - 000003494 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-15 10:07 - 2016-06-18 16:13 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-12-15 10:07 - 2016-06-18 16:13 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-12-15 10:07 - 2016-03-18 14:37 - 000000000 ____D C:\Temp
2018-12-15 10:07 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\Help
2018-12-14 21:45 - 2018-10-06 10:20 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-12-14 09:26 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\rescache
2018-12-13 17:43 - 2017-12-16 11:44 - 000003870 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-12-13 17:29 - 2017-06-08 20:21 - 000554376 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-12-13 17:23 - 2018-10-23 05:28 - 000000000 ____D C:\Users\Gość\AppData\Roaming\Comodo
2018-12-13 17:23 - 2018-02-19 18:12 - 000000000 ____D C:\Users\GUEST\AppData\Roaming\Comodo
2018-12-13 06:02 - 2015-11-13 21:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-12-13 05:59 - 2015-11-13 21:31 - 137260640 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-12-13 05:42 - 2015-11-14 07:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-12-12 22:30 - 2017-12-16 12:19 - 000002250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-11 17:39 - 2015-12-02 06:50 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-12-09 17:17 - 2017-12-16 11:31 - 000001225 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2018-12-06 16:29 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\tracing
2018-12-06 16:04 - 2015-12-28 00:21 - 000000000 ____D C:\Users\Mariusz\AppData\Local\RealVNC
2018-12-05 06:56 - 2015-11-14 15:42 - 000000000 ____D C:\Users\Mariusz\AppData\Roaming\DAEMON Tools Lite
2018-12-04 18:43 - 2016-12-27 18:47 - 000000000 ____D C:\Users\Mariusz\AppData\LocalLow\Mozilla
2018-12-04 18:43 - 2015-11-14 07:45 - 000000000 ____D C:\Users\Mariusz\AppData\Roaming\Thunderbird
2018-12-04 18:43 - 2015-11-14 07:45 - 000000000 ____D C:\Users\Mariusz\AppData\Roaming\Mozilla
2018-12-01 00:43 - 2018-03-14 16:41 - 000835688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-12-01 00:43 - 2018-03-14 16:41 - 000179808 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Pliki w katalogu głównym wybranych folderów =======

2018-06-12 21:22 - 2018-06-12 21:30 - 000002417 _____ () C:\Users\Mariusz\AppData\Roaming\vidiot.ini
2017-05-18 16:35 - 2017-09-19 14:11 - 000000600 _____ () C:\Users\Mariusz\AppData\Roaming\winscp.rnd
2018-09-30 05:16 - 2018-09-30 05:16 - 000000000 _____ () C:\Users\Mariusz\AppData\Local\oobelibMkey.log
2015-11-24 10:37 - 2017-10-26 14:48 - 000000600 _____ () C:\Users\Mariusz\AppData\Local\PUTTY.RND
2017-07-02 08:42 - 2017-07-02 08:42 - 000000001 _____ () C:\Users\Mariusz\AppData\Local\RawCopy.1.10.agreement
2017-07-02 09:50 - 2017-07-02 09:52 - 000000024 _____ () C:\Users\Mariusz\AppData\Local\RawCopy.opendialog.dir
2017-07-02 09:50 - 2017-07-02 09:52 - 000000001 _____ () C:\Users\Mariusz\AppData\Local\RawCopy.opendialog.filterindex
2017-07-02 09:52 - 2017-07-02 09:52 - 000000092 _____ () C:\Users\Mariusz\AppData\Local\RawCopy.sourcedisk.filepath
2017-07-02 09:50 - 2017-07-02 10:27 - 000000001 _____ () C:\Users\Mariusz\AppData\Local\RawCopy.sourcedisk.index
2017-08-05 10:35 - 2017-08-05 10:35 - 000000017 _____ () C:\Users\Mariusz\AppData\Local\resmon.resmoncfg

Niektóre pliki w TEMP:
====================
2018-12-16 11:18 - 2018-12-16 11:18 - 000077824 _____ () C:\Users\Mariusz\AppData\Local\Temp\94147d8d-9eb8-4266-9dd4-cbd20bcbadc4.tmp.dll
2018-12-12 22:40 - 2018-12-12 22:40 - 000040448 ____N () C:\Users\Mariusz\AppData\Local\Temp\proxy_vole7545236240735068301.dll
2018-12-12 22:40 - 2018-12-12 22:40 - 000040448 ____N () C:\Users\Mariusz\AppData\Local\Temp\proxy_vole7644560903329354834.dll
2018-12-12 22:40 - 2018-12-12 22:40 - 000040448 ____N () C:\Users\Mariusz\AppData\Local\Temp\proxy_vole7812016790919646762.dll

==================== Bamital & volsnap ======================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\WINDOWS\system32\winlogon.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\wininit.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\explorer.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\explorer.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\svchost.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\svchost.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\services.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\User32.dll = & gt; Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\User32.dll = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\userinit.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\userinit.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\rpcss.dll = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\Drivers\volsnap.sys = & gt; Plik podpisany cyfrowo

LastRegBack: 2018-12-18 16:29

==================== Koniec FRST.txt ============================