Jump to content

juniorwc

Members
  • Posts

    8
  • Joined

  • Last visited

Reputation

0 Neutral
  1. That doesn't help. Still the browser is the main problem, so slow...
  2. UPDATE: There is a problem only with playing online.
  3. Through origin/ steam. Usage of processor or memory is normal, but for exaple browser's pages are loading much longer then before.
  4. I think the malware is gone for good but computer's performance is worse what makes playing games difficult.
  5. Here, but i think the problem is gone anyway after previous steps. Thank you for your help. Fixlog.txt
  6. Thank you again, every step completed without any issues. 1. # AdwCleaner v6.047 - Logfile created 24/05/2017 at 15:10:05 # Updated on 19/05/2017 by Malwarebytes # Database : 2017-05-23.1 [Local] # Operating System : Windows 8.1 Pro (X64) # Username : Andrzej - HIROSZIMA # Running from : C:\Users\Andrzej\Desktop\adwcleaner_6.047.exe # Mode: Clean # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** ***** [ Folders ] ***** [-] Folder deleted: C:\Users\Andrzej\AppData\LocalLow\IObit\Advanced SystemCare [-] Folder deleted: C:\Users\Andrzej\AppData\Roaming\IObit\Advanced SystemCare [-] Folder deleted: C:\ProgramData\IObit\ASCDownloader [-] Folder deleted: C:\ProgramData\IObit\Advanced SystemCare [#] Folder deleted on reboot: C:\ProgramData\Application Data\IObit\ASCDownloader [#] Folder deleted on reboot: C:\ProgramData\Application Data\IObit\Advanced SystemCare [-] Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare [#] Folder deleted on reboot: C:\Program Files (x86)\IObit\Advanced SystemCare [-] Folder deleted: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare [-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare ***** [ Files ] ***** [-] File deleted: C:\Users\Andrzej\AppData\Local\Temp\reimage.log ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled Tasks ] ***** [-] Task deleted: ASC10_PerformanceMonitor ***** [ Registry ] ***** [-] Key deleted: HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu [-] Key deleted: HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu.1 [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu.1 [-] Key deleted: HKLM\SOFTWARE\IOBIT\ASC [-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Advanced SystemCare_is1 [-] Key deleted: [x64] HKLM\SOFTWARE\Reimage [-] Value deleted: HKU\S-1-5-21-857644689-942761481-472397388-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Advanced SystemCare 10] [-] Key deleted: HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare [-] Key deleted: HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare [-] Key deleted: HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare ***** [ Web browsers ] ***** ************************* :: "Tracing" keys deleted :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [9070 Bytes] - [23/05/2017 17:40:28] C:\AdwCleaner\AdwCleaner[C2].txt - [2653 Bytes] - [24/05/2017 15:10:05] C:\AdwCleaner\AdwCleaner[S0].txt - [8557 Bytes] - [23/05/2017 17:23:51] C:\AdwCleaner\AdwCleaner[S1].txt - [3043 Bytes] - [24/05/2017 15:07:26] C:\AdwCleaner\AdwCleaner[S2].txt - [2918 Bytes] - [24/05/2017 15:09:37] ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2945 Bytes] ########## 2. Emsisoft Emergency Kit - Version 2017.4 Scan log Date Scan Method Objects Scanned Objects Detected Duration Type Computer Name 2017-05-24 15:18:00 Malware 82042 1 0:02:31 Manual scan HIROSZIMA Emsisoft Emergency Kit -Wersja 2017.4 Ostatnia aktualizacja: 2017-05-24 15:17:25 Nazwa użytkownika: HIROSZIMA\Andrzej Computer name: HIROSZIMA OS version: Windows 8.1x64 Ustawienia skanera: Typ skanu: Malware skan Obiekty: Rootkity, Pamięć, Ślady, Pliki Wykrywanie PNP: Włączone Skanowanie plików skompresowanych: Wyłączone Skanowanie ADS: Włączone Filtr rozszerzeń plików: Wyłączone Bezpośredni dostęp do dysku: Wyłączone Skanowanie uruchomiono: 2017-05-24 15:18:00 C:\Users\Andrzej\AppData\Roaming\software informer Wykryto: Application.AppInstall (A) [225393] Przeskanowano: 82042 Wykryto: 1 Koniec skanu: 2017-05-24 15:20:31 Skan trwał: 0:02:31 C:\Users\Andrzej\AppData\Roaming\software informer Application.AppInstall (A) Przeniesiono do kwarantanny 1 malwarebytes_log.txt
  7. Thank you Kevin for your respond. Here is the FRST log: Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 22-05-2017 Uruchomiony przez Andrzej (administrator) HIROSZIMA (23-05-2017 23:52:00) Uruchomiony z C:\Users\Andrzej\Desktop Załadowane profile: Andrzej (Dostępne profile: Andrzej) Platform: Windows 8.1 Pro (Update) (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\afwServ.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe (Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe (Electronic Arts) D:\Origin\OriginWebHelperService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (GIGABYTE Technology Co.,Ltd.) C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\Xtreme.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Electronic Arts) D:\Origin\OriginThinSetupInternal.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16404224 2017-01-14] (Realtek Semiconductor) HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-04-27] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [263232 2017-05-20] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [Genesis mouse] => "C:\Program Files (x86)\Genesis\GX69 Mouse\Monitor.exe" HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5296416 2017-04-11] (IObit) HKU\S-1-5-21-857644689-942761481-472397388-1001\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [3670472 2015-07-28] (ALLPlayer Group Ltd.) HKU\S-1-5-21-857644689-942761481-472397388-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2016-12-22] (Disc Soft Ltd) HKU\S-1-5-21-857644689-942761481-472397388-1001\...\Run: [Advanced SystemCare 10] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [3921184 2017-04-10] (IObit) HKU\S-1-5-21-857644689-942761481-472397388-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1 ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku Startup: C:\Users\Andrzej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE XTREME GAMING ENGINE.lnk [2017-01-14] ShortcutTarget: GIGABYTE XTREME GAMING ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\autorun.exe () Startup: C:\Users\Andrzej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WO Mic Client.lnk [2017-02-25] ShortcutTarget: WO Mic Client.lnk -> C:\Program Files (x86)\WOMic\WOMicClient.exe () GroupPolicy: Ograniczenia <======= UWAGA GroupPolicy\User: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 217.172.224.160 192.168.0.1 Tcpip\..\Interfaces\{48649A02-B600-4221-BEC4-2307583F0D50}: [DhcpNameServer] 217.172.224.160 192.168.0.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-857644689-942761481-472397388-1001\Software\Microsoft\Internet Explorer\Main,Start Page = HKU\S-1-5-21-857644689-942761481-472397388-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp BHO: Brak nazwy -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> Brak pliku BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll [2016-06-23] (IObit) FireFox: ======== FF DefaultProfile: 3n2suptr.default FF ProfilePath: C:\Users\Andrzej\AppData\Roaming\Mozilla\Firefox\Profiles\3n2suptr.default [2017-05-23] FF user.js: detected! => C:\Users\Andrzej\AppData\Roaming\Mozilla\Firefox\Profiles\3n2suptr.default\user.js [2017-03-07] FF NewTab: Mozilla\Firefox\Profiles\3n2suptr.default -> about:newtab FF Homepage: Mozilla\Firefox\Profiles\3n2suptr.default -> google.pl FF Keyword.URL: Mozilla\Firefox\Profiles\3n2suptr.default -> hxxp://go.mail.ru/distib/ep/?product_id=%7B36868384-4180-4790-AE5C-5AA1E5698C38%7D&gp=811037 FF Extension: (Adblock Plus) - C:\Users\Andrzej\AppData\Roaming\Mozilla\Firefox\Profiles\3n2suptr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-01-14] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-14] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-14] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-04-20] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-04-20] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) Chrome: ======= CHR HomePage: Default -> hxxp://google.pl/ CHR StartupUrls: Default -> "hxxp://google.pl/" CHR Profile: C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default [2017-05-23] CHR Extension: (Prezentacje Google) - C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-14] CHR Extension: (Dokumenty Google) - C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-14] CHR Extension: (Dysk Google) - C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-14] CHR Extension: (YouTube) - C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-14] CHR Extension: (Adobe Acrobat) - C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-03] CHR Extension: (Video Downloader professional) - C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2017-01-14] CHR Extension: (Arkusze Google) - C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-14] CHR Extension: (Dokumenty Google offline) - C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-14] CHR Extension: (AdBlock) - C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-13] CHR Extension: (Infinite HD App) - C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Extensions\laealigljflmglcgncipdbmbjgjdpiim [2017-01-14] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09] CHR Extension: (Gmail) - C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-14] CHR Extension: (Chrome Media Router) - C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdvancedSystemCareService10; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [462624 2017-03-21] (IObit) R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [264432 2017-05-20] (AVG Technologies CZ, s.r.o.) R2 AVG Firewall; C:\Program Files (x86)\AVG\Antivirus\afwServ.exe [311624 2017-05-23] (AVG Technologies CZ, s.r.o.) R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7396872 2017-05-20] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428656 2017-04-27] (AVG Technologies CZ, s.r.o.) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2016-12-22] (Disc Soft Ltd) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [395024 2017-01-19] (EasyAntiCheat Ltd) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [333272 2016-11-15] (Intel Corporation) R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [1764640 2017-04-11] (IObit) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-04-20] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-05-03] (NVIDIA Corporation) S3 Origin Client Service; D:\Origin\OriginClientService.exe [2162064 2017-05-11] (Electronic Arts) R2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [3136920 2017-05-11] (Electronic Arts) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Brak podpisu cyfrowego] R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [8515952 2017-05-14] (Reimage®) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 avgbdisk; C:\Windows\system32\drivers\avgbdiska.sys [166624 2017-05-20] (AVG Technologies CZ, s.r.o.) R1 avgbidsdriver; C:\Windows\system32\drivers\avgbidsdrivera.sys [314128 2017-05-20] (AVG Technologies CZ, s.r.o.) R0 avgbidsh; C:\Windows\system32\drivers\avgbidsha.sys [192584 2017-05-20] (AVG Technologies CZ, s.r.o.) R0 avgblog; C:\Windows\system32\drivers\avgbloga.sys [336896 2017-05-20] (AVG Technologies CZ, s.r.o.) R0 avgbuniv; C:\Windows\system32\drivers\avgbuniva.sys [51336 2017-05-20] (AVG Technologies CZ, s.r.o.) S3 avgHwid; C:\Windows\system32\drivers\avgHwid.sys [39424 2017-05-20] (AVG Technologies CZ, s.r.o.) R2 avgMonFlt; C:\Windows\system32\drivers\avgMonFlt.sys [129776 2017-05-20] (AVG Technologies CZ, s.r.o.) R1 avgNetSec; C:\Windows\system32\drivers\avgNetSec.sys [509056 2017-05-23] (AVG Technologies CZ, s.r.o.) R1 avgRdr; C:\Windows\system32\drivers\avgRdr2.sys [102280 2017-05-20] (AVG Technologies CZ, s.r.o.) R0 avgRvrt; C:\Windows\system32\drivers\avgRvrt.sys [76832 2017-05-20] (AVG Technologies CZ, s.r.o.) R1 avgSnx; C:\Windows\system32\drivers\avgSnx.sys [1008288 2017-05-20] (AVG Technologies CZ, s.r.o.) R1 avgSP; C:\Windows\system32\drivers\avgSP.sys [570320 2017-05-20] (AVG Technologies CZ, s.r.o.) R2 avgStm; C:\Windows\system32\drivers\avgStm.sys [160008 2017-05-20] (AVG Technologies CZ, s.r.o.) R0 avgVmm; C:\Windows\system32\drivers\avgVmm.sys [340824 2017-05-20] (AVG Technologies CZ, s.r.o.) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-01-14] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-01-14] (Disc Soft Ltd) R1 IMFCameraProtect; C:\Windows\system32\drivers\IMFCameraProtect.sys [26272 2017-03-29] (IObit.com) R3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFDownProtect.sys [21360 2017-03-08] (IObit.com) S3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [22440 2016-12-22] (IObit) R3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFForceDelete.sys [16216 2017-03-29] (IObit.com) R3 iusb3adp; C:\Windows\System32\drivers\iusb3adp.sys [37472 2016-07-14] (Intel) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57976 2017-05-03] (NVIDIA Corporation) S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34752 2016-11-03] (IObit.com) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation) R3 wovad_micarray; C:\Windows\system32\drivers\womic.sys [35328 2017-02-15] (Windows (R) Win 7 DDK provider) U0 aswVmm; Brak ImagePath S0 MBAMSwissArmy; system32\drivers\MBAMSwissArmy.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-05-23 23:52 - 2017-05-23 23:52 - 00018405 _____ C:\Users\Andrzej\Desktop\FRST.txt 2017-05-23 23:50 - 2017-05-23 23:52 - 00000000 ____D C:\FRST 2017-05-23 23:49 - 2017-05-23 23:49 - 02429952 _____ (Farbar) C:\Users\Andrzej\Desktop\FRST64.exe 2017-05-23 23:43 - 2017-05-23 23:43 - 00001133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-05-23 23:43 - 2017-05-23 23:43 - 00001121 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2017-05-23 23:43 - 2017-05-23 23:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-05-23 23:43 - 2017-05-23 23:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-05-23 18:39 - 2017-05-23 18:39 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com 2017-05-23 18:03 - 2017-05-23 18:03 - 00003026 _____ C:\Windows\System32\Tasks\ASC10_PerformanceMonitor 2017-05-23 18:03 - 2017-05-23 18:03 - 00002830 _____ C:\Windows\System32\Tasks\ASC10_SkipUac_Andrzej 2017-05-23 18:03 - 2017-05-23 18:03 - 00002234 _____ C:\Users\Public\Desktop\Advanced SystemCare 10.lnk 2017-05-23 18:03 - 2017-05-23 18:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 2017-05-23 17:55 - 2017-05-23 17:55 - 00000000 _____ C:\autoexec.bat 2017-05-23 17:46 - 2017-05-23 17:46 - 00004280 _____ C:\Windows\System32\Tasks\ReimageUpdater 2017-05-23 17:45 - 2017-05-23 17:54 - 00000000 ____D C:\ProgramData\Reimage Protector 2017-05-23 17:45 - 2017-05-23 17:54 - 00000000 ____D C:\Program Files\Reimage 2017-05-23 17:45 - 2017-05-23 17:53 - 00000150 _____ C:\Windows\Reimage.ini 2017-05-23 17:45 - 2017-05-23 17:45 - 00003920 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update 2017-05-23 17:45 - 2017-05-23 17:44 - 00509056 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetSec.sys 2017-05-23 17:45 - 2017-05-20 10:45 - 01008288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys 2017-05-23 17:45 - 2017-05-20 10:45 - 00570320 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys 2017-05-23 17:45 - 2017-05-20 10:45 - 00401584 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe 2017-05-23 17:45 - 2017-05-20 10:45 - 00340824 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys 2017-05-23 17:45 - 2017-05-20 10:45 - 00336896 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbloga.sys 2017-05-23 17:45 - 2017-05-20 10:45 - 00314128 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdrivera.sys 2017-05-23 17:45 - 2017-05-20 10:45 - 00192584 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsha.sys 2017-05-23 17:45 - 2017-05-20 10:45 - 00166624 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbdiska.sys 2017-05-23 17:45 - 2017-05-20 10:45 - 00160008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys 2017-05-23 17:45 - 2017-05-20 10:45 - 00129776 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys 2017-05-23 17:45 - 2017-05-20 10:45 - 00102280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys 2017-05-23 17:45 - 2017-05-20 10:45 - 00076832 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys 2017-05-23 17:45 - 2017-05-20 10:45 - 00051336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniva.sys 2017-05-23 17:45 - 2017-05-20 10:45 - 00039424 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys 2017-05-23 17:22 - 2017-05-23 17:40 - 00000000 ____D C:\AdwCleaner 2017-05-22 23:27 - 2017-05-22 23:27 - 00054862 _____ C:\Users\Andrzej\Desktop\GTD350.rar 2017-05-22 22:59 - 2017-05-22 22:59 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705} 2017-05-22 22:58 - 2017-05-22 22:58 - 00001157 _____ C:\Users\Public\Desktop\IObit Malware Fighter.lnk 2017-05-22 22:58 - 2017-05-22 22:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter 2017-05-22 22:58 - 2017-03-29 18:05 - 00026272 _____ (IObit.com) C:\Windows\system32\Drivers\IMFCameraProtect.sys 2017-05-22 17:00 - 2017-05-22 17:00 - 00004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-05-22 17:00 - 2017-05-22 17:00 - 00003852 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-05-22 17:00 - 2017-05-22 17:00 - 00003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-05-22 17:00 - 2017-05-22 17:00 - 00003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-05-22 17:00 - 2017-05-22 17:00 - 00003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-05-22 17:00 - 2017-05-22 17:00 - 00003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-05-22 17:00 - 2017-05-22 17:00 - 00003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-05-22 17:00 - 2017-05-22 17:00 - 00003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-05-22 17:00 - 2017-05-22 17:00 - 00000000 ____D C:\Windows\LastGood 2017-05-22 17:00 - 2017-05-03 22:21 - 01893496 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2017-05-22 17:00 - 2017-05-03 22:21 - 01477240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2017-05-22 17:00 - 2017-05-03 22:21 - 00175736 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2017-05-22 17:00 - 2017-05-03 22:21 - 00143480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2017-05-22 17:00 - 2017-05-03 22:21 - 00057976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys 2017-05-22 17:00 - 2017-05-03 22:21 - 00048248 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2017-05-21 23:07 - 2017-05-21 23:07 - 00003596 _____ C:\Windows\System32\Tasks\myblog10comrfvsm 2017-05-20 10:45 - 2017-05-20 10:45 - 00159496 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgstm.sys.149526995710901 2017-05-16 16:47 - 2017-05-16 16:47 - 00000000 ____D C:\Users\Andrzej\Desktop\dupka 2017-05-15 16:45 - 2017-05-15 16:48 - 00000000 ____D C:\Users\Andrzej\Desktop\adamaczan 2017-05-15 14:13 - 2017-05-15 14:13 - 00000000 ____H C:\asc_rdflag 2017-05-14 21:28 - 2017-05-14 21:28 - 00000000 ____D C:\Users\Andrzej\Desktop\KOŁO-WIREK1 2017-05-12 21:20 - 2017-05-12 21:24 - 00000000 ____D C:\Users\Andrzej\Documents\FIFA 17 2017-05-12 21:15 - 2017-05-12 21:15 - 00000000 ____D C:\Program Files\ShanWan 2017-05-12 21:15 - 2017-05-12 21:15 - 00000000 ____D C:\Program Files (x86)\ShanWan 2017-05-12 21:10 - 2017-05-12 21:14 - 00000860 _____ C:\Users\Public\Desktop\FIFA 17.lnk 2017-05-12 21:10 - 2017-05-12 21:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 17 2017-05-06 22:08 - 2017-05-06 22:08 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2017-05-04 21:09 - 2017-05-04 21:09 - 00001028 _____ C:\Users\Public\Desktop\AVG.lnk 2017-04-29 10:36 - 2017-04-29 10:36 - 00002752 _____ C:\Windows\System32\Tasks\ASCTaskASC 2017-04-28 20:24 - 2017-04-28 20:24 - 00000000 ___HD C:\$AV_AVG 2017-04-28 18:58 - 2017-04-28 18:58 - 00000000 __SHD C:\Users\Andrzej\AppData\Local\EmieUserList 2017-04-28 18:58 - 2017-04-28 18:58 - 00000000 __SHD C:\Users\Andrzej\AppData\Local\EmieSiteList 2017-04-28 18:27 - 2017-04-28 18:27 - 00000000 ____D C:\Users\Andrzej\Cheathappens 2017-04-28 18:14 - 2017-04-28 18:14 - 00000000 ____D C:\Users\Andrzej\AppData\Roaming\Google 2017-04-28 16:38 - 2017-04-20 02:18 - 00134776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2017-04-28 16:38 - 2017-03-10 23:17 - 00536864 _____ C:\Windows\system32\vulkan-1.dll 2017-04-28 16:38 - 2017-03-10 23:17 - 00525600 _____ C:\Windows\SysWOW64\vulkan-1.dll 2017-04-28 16:38 - 2017-03-10 23:17 - 00254240 _____ C:\Windows\system32\vulkaninfo.exe 2017-04-28 16:38 - 2017-03-10 23:17 - 00233760 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2017-04-28 16:36 - 2017-04-20 03:57 - 40201152 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 35313600 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 35280320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 28558784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 20057176 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 17418792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 16431504 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 14659520 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2017-04-28 16:36 - 2017-04-20 03:57 - 13398512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 11113112 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 11056272 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 10636240 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 09316832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 09014976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 08876456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 04071816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 03588376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 03430520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 03010680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 01988216 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438189.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 01600560 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 01589880 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438189.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 01053304 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 00990144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 00960448 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 00911480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 00895784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 00688968 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 00609912 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 00577728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 00507688 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 00499136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 00491024 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 00426128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 00406736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 00218040 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2017-04-28 16:36 - 2017-04-20 03:57 - 00170176 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 00153368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 00131536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 00046008 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2017-04-28 16:36 - 2017-04-20 03:57 - 00041979 _____ C:\Windows\system32\nvinfo.pb 2017-04-28 16:36 - 2017-04-20 03:57 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json 2017-04-28 16:36 - 2017-04-20 03:57 - 00000669 _____ C:\Windows\system32\nv-vk64.json 2017-04-28 16:31 - 2017-04-28 16:38 - 00000000 ____D C:\Windows\LastGood.Tmp 2017-04-24 23:52 - 2017-04-24 23:52 - 00000000 ____D C:\Users\Andrzej\AppData\LocalLow\Microids ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-05-23 23:49 - 2017-01-14 09:44 - 00000000 ____D C:\Users\Andrzej\AppData\LocalLow\Mozilla 2017-05-23 23:48 - 2017-01-14 03:11 - 00003592 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-857644689-942761481-472397388-1001 2017-05-23 23:43 - 2017-01-18 14:52 - 00000000 ____D C:\ProgramData\Origin 2017-05-23 22:02 - 2017-01-18 14:58 - 00000000 ____D C:\Users\Andrzej\AppData\Roaming\Origin 2017-05-23 22:01 - 2017-01-14 04:02 - 00003332 _____ C:\Windows\System32\Tasks\Launcher GIGABYTE XTREME GAMING ENGINE 2017-05-23 22:00 - 2017-01-14 13:06 - 00000000 ____D C:\Users\Andrzej\Documents\temp 2017-05-23 21:59 - 2017-01-14 09:33 - 00000000 ____D C:\ProgramData\NVIDIA 2017-05-23 18:57 - 2017-01-14 03:01 - 01738750 _____ C:\Windows\system32\PerfStringBackup.INI 2017-05-23 18:57 - 2013-08-23 01:12 - 00770326 _____ C:\Windows\system32\perfh015.dat 2017-05-23 18:57 - 2013-08-23 01:12 - 00156028 _____ C:\Windows\system32\perfc015.dat 2017-05-23 18:57 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf 2017-05-23 18:52 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-05-23 18:52 - 2013-08-22 16:44 - 00484424 _____ C:\Windows\system32\FNTCACHE.DAT 2017-05-23 18:16 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2017-05-23 18:03 - 2017-01-14 17:12 - 00000000 ____D C:\ProgramData\IObit 2017-05-23 18:02 - 2017-01-14 17:12 - 00000000 ____D C:\Users\Andrzej\AppData\Roaming\IObit 2017-05-23 17:54 - 2017-01-14 02:57 - 00000000 ____D C:\Users\Andrzej 2017-05-23 17:53 - 2017-01-14 17:12 - 00000000 ____D C:\Users\Andrzej\AppData\LocalLow\IObit 2017-05-23 12:45 - 2017-03-07 00:27 - 00000000 ____D C:\Users\Andrzej\AppData\Local\CrashDumps 2017-05-22 23:01 - 2017-01-14 16:30 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task 2017-05-22 22:58 - 2017-01-14 17:12 - 00000000 ____D C:\ProgramData\ProductData 2017-05-22 22:58 - 2017-01-14 17:12 - 00000000 ____D C:\Program Files (x86)\IObit 2017-05-22 22:57 - 2017-02-20 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks 2017-05-22 17:03 - 2017-01-14 16:19 - 00000000 ____D C:\Users\Andrzej\Desktop\syf 2017-05-22 17:00 - 2017-01-14 09:33 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2017-05-22 17:00 - 2017-01-14 09:33 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-05-22 17:00 - 2017-01-14 09:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2017-05-16 20:39 - 2017-01-14 16:18 - 00002181 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-05-16 20:39 - 2017-01-14 16:18 - 00002169 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-05-15 14:13 - 2017-03-18 11:51 - 69140480 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak 2017-05-15 14:13 - 2017-03-18 11:51 - 04808704 _____ C:\Windows\system32\config\DRIVERS.iodefrag.bak 2017-05-15 14:13 - 2017-03-18 11:51 - 00303104 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak 2017-05-15 14:13 - 2017-03-18 11:51 - 00069632 _____ C:\Windows\system32\config\SAM.iodefrag.bak 2017-05-15 14:13 - 2017-03-18 11:51 - 00024576 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak 2017-05-12 21:15 - 2017-01-14 04:30 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2017-05-12 21:10 - 2017-01-18 16:17 - 00000000 ___HD C:\Program Files\Common Files\EAInstaller 2017-05-12 21:10 - 2017-01-14 03:00 - 00000000 ____D C:\ProgramData\Package Cache 2017-05-10 22:28 - 2017-02-23 21:27 - 00000000 ____D C:\Users\Andrzej\Desktop\techniki cyfrowe 2017-05-08 09:53 - 2017-01-14 19:32 - 00000000 ____D C:\Users\Andrzej\AppData\Local\Microsoft Help 2017-05-05 21:48 - 2017-01-18 16:17 - 00000883 _____ C:\Users\Public\Desktop\Battlefield 1.lnk 2017-05-04 21:09 - 2017-02-23 22:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2017-05-03 22:21 - 2017-01-14 20:10 - 01755256 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2017-05-03 22:21 - 2017-01-14 20:10 - 01317496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2017-05-03 22:21 - 2017-01-14 20:10 - 00121464 _____ C:\Windows\system32\NvRtmpStreamer64.dll 2017-05-03 21:28 - 2017-01-14 20:10 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat 2017-05-03 17:41 - 2017-01-14 20:10 - 00001951 _____ C:\Windows\NvContainerRecovery.bat 2017-04-29 15:33 - 2017-01-14 09:43 - 00003480 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2017-04-29 15:33 - 2017-01-14 09:43 - 00003352 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2017-04-28 20:24 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2017-04-28 20:24 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy 2017-04-28 16:38 - 2017-01-14 09:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2017-04-28 16:38 - 2017-01-14 03:15 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2017-04-24 23:33 - 2017-01-22 22:47 - 00000000 ____D C:\Users\Andrzej\AppData\Roaming\uTorrent ==================== Pliki w katalogu głównym wybranych folderów ======= 2017-01-14 04:30 - 2017-01-14 04:30 - 0000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-05-18 21:01 ==================== Koniec FRST.txt ============================ Addition.txt
  8. Hello, im struggling with such problem for few weeks: Firefox browser keeps popping up automatically every 30-60 mins since i have accidentally downloaded some toxic file. It usualy opens with some russian betting sites (screenshot) or browser games. I've tried several anti malware scanners and it didn't help. (Microsoft Safety Scanner, IObit Malware Fighter, SUPERAntiSpyware, AVG and few more wich names i can't remember)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.