Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 16-04-2017 Uruchomiony przez Paweł (administrator) DESKTOP-IV3P379 (16-04-2017 20:10:20) Uruchomiony z E:\ Załadowane profile: Paweł (Dostępne profile: Paweł & E13) Platform: Windows 10 Home Wersja 1511 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\BHipsSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\BavSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Malwarebytes) E:\Programy\Anti-Malware\MBAMService.exe (Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\bavhm.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe () C:\Windows\PLFSetI.exe (Malwarebytes) E:\Programy\Anti-Malware\mbamtray.exe () E:\Programy\Rainlendar2\Rainlendar2.exe (Disc Soft Ltd) E:\Programy\DAEMON Tools Lite\DiscSoftBusService.exe (Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\BavTray.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.36020.0_x64__8wekyb3d8bbwe\Calculator.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2015-10-18] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2015-10-18] (Synaptics Incorporated) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-06-09] () HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation) HKLM\...\Run: [Malwarebytes TrayApp] => E:\PROGRAMY\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes) HKLM-x32\...\Run: [Baidu Antivirus] => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\BavTray.exe [1998832 2015-10-18] (Baidu, Inc.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28330072 2017-04-14] (Dropbox, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595504 2016-01-29] (Oracle Corporation) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKU\S-1-5-21-4151379413-4055332468-1672967919-1001\...\Run: [GUDelayStartup] => E:\Programy\Glary Utilities 5\StartupManager.exe [36776 2015-12-21] (Glarysoft Ltd) HKU\S-1-5-21-4151379413-4055332468-1672967919-1001\...\Run: [Rainlendar2] => E:\Programy\Rainlendar2\Rainlendar2.exe [2739240 2015-11-13] () HKU\S-1-5-21-4151379413-4055332468-1672967919-1001\...\Run: [Napisy24.pl] => C:\Program Files (x86)\Napisy24\Napisy24.exe [5509064 2015-07-29] (Napisy24.pl) HKU\S-1-5-21-4151379413-4055332468-1672967919-1001\...\Run: [CCleaner Monitoring] => E:\Programy\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd) HKU\S-1-5-21-4151379413-4055332468-1672967919-1001\...\Run: [DAEMON Tools Lite Automount] => E:\Programy\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd) HKU\S-1-5-21-4151379413-4055332468-1672967919-1001\...\MountPoints2: {0b988118-d982-11e6-8f04-88ae1d8f6ad5} - "D:\LG_PC_Programs.exe" HKU\S-1-5-21-4151379413-4055332468-1672967919-1001\...\MountPoints2: {a0e6e578-41cf-11e6-8e59-88ae1d8f6ad5} - "G:\autorun.exe" HKU\S-1-5-21-4151379413-4055332468-1672967919-1001\...\MountPoints2: {e61c18fb-8968-11e5-8d96-88ae1d8f6ad5} - "X:\Setup.exe" ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.) BootExecute: autocheck autochk * ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 62.179.1.62 62.179.1.63 Tcpip\..\Interfaces\{3698149a-ef21-44f3-9bf4-37288b6d84dd}: [DhcpNameServer] 194.204.159.1 Tcpip\..\Interfaces\{ccde6c41-a9e1-4fa3-ba08-8ff2dae2174c}: [DhcpNameServer] 62.179.1.62 62.179.1.63 Internet Explorer: ================== BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-03-21] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-21] (Oracle Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation) FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-21] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-21] (Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-13] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-13] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Profile 1 CHR HomePage: Profile 1 -> hxxp://www.google.pl/ CHR Profile: C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-04-16] CHR Extension: (Tłumacz Google) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-04-16] CHR Extension: (Dokumenty Google) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-16] CHR Extension: (Web Developer) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2017-04-16] CHR Extension: (Plemiona) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bfcoihkppmlaldchalnpmolekhkmdoej [2017-04-16] CHR Extension: (Kalendarz Google) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-04-16] CHR Extension: (Fontface Ninja) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eljapbgkmlngdpckoiiibecpemleclhh [2017-04-16] CHR Extension: (Tribal Wars 2) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eobjhojdadaenpabnnicegiibjiagibj [2017-04-16] CHR Extension: (AdBlock) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-16] CHR Extension: (LastPass: Free Password Manager) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2017-04-16] CHR Extension: (Inoreader - RSS, News and Social Reader) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hhglljfmpijadbpkalkclnhlncncdono [2017-04-16] CHR Extension: (AirDroid) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hkgndiocipalkpejnpafdbdlfdjihomd [2017-04-16] CHR Extension: (The West) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ilkgeioneoemibpddeiamfgiofnpjifm [2017-04-16] CHR Extension: (Dropbox) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2017-04-16] CHR Extension: (Forest: stay focused, be present) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kjacjjdnoddnpbbcjilcajfhhbdhkpgk [2017-04-16] CHR Extension: (Momentum) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2017-04-16] CHR Extension: (Jak mogę usunąć Easy Search – Odinsta...) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lclmjckjhofbilagngplphonifhoffmm [2017-04-16] CHR Extension: (Sprawdzanie poczty Google) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2017-04-16] CHR Extension: (Awesome Screenshot: Screen capture, Annotate) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nlipoenfbbikpbjkfpfillcgkoblgpmj [2017-04-16] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-16] CHR Extension: (Better History) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\obciceimmggglbmelaidpjlmodcebijb [2017-04-16] CHR Extension: (Online Budzik Muzyka) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pblohfmipkhnjcgpoamnmjelcajhpcjg [2017-04-16] CHR Extension: (Outlook.com) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2017-04-16] CHR Extension: (Chrome Media Router) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-16] Opera: ======= StartMenuInternet: (HKLM) Operadeveloper - C:\Program Files\Opera developer\Launcher.exe ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 BavSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\BavSvc.exe [2791312 2015-10-18] (Baidu, Inc.) S3 BdSandboxSrv; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\BdSandboxSrv64.exe [264688 2015-10-18] (Baidu, Inc.) R2 BHipsSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\BHipsSvc.exe [531232 2015-10-18] (Baidu, Inc.) S3 BsrSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\BavAdvTools\128B4BEC-5D89-43AD-BAA8-207084AA0E4F\tool\BsrSvc.exe [3464504 2015-05-22] (Baidu, Inc.) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46408 2017-04-14] (Dropbox, Inc.) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-10-15] (Digital Wave Ltd.) R3 Disc Soft Lite Bus Service; E:\Programy\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd) S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [395024 2017-01-10] (EasyAntiCheat Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-15] (NVIDIA Corporation) S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-09-23] (Hi-Rez Studios) [Brak podpisu cyfrowego] R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2017-01-06] (Microsoft Corporation) R2 MBAMService; E:\Programy\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation) S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation) S2 SkypeUpdate; E:\Programy\Skype\Updater\Updater.exe [327296 2015-07-09] (Skype Technologies) S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [139264 2017-01-05] (Microsoft Corporation) [Brak podpisu cyfrowego] R2 TMKernelHelpU; C:\WINDOWS\SysWOW64\TMKernelU.dll [470016 2016-03-11] (Smart Software, Inc.) S3 TMService; C:\Program Files (x86)\WindowsTM\TMService.exe [232448 2016-03-11] (Smart Software, Inc.) S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [128232 2017-01-09] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BdApiUtil; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\BdApiUtil64.sys [116968 2015-10-18] (Baidu, Inc.) S3 bdark64; C:\Windows\system32\drivers\bdark64.sys [78792 2015-05-28] () S3 BdCameraProtect; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\BdCameraProtect64.sys [25032 2015-10-18] (Baidu, Inc.) S3 BdSandbox; C:\Windows\System32\drivers\BdSandbox.sys [232392 2015-10-18] (Baidu, Inc.) R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [61896 2015-10-18] (Baidu, Inc.) R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [38344 2015-10-18] (Baidu, Inc.) S0 Bhbase; C:\WINDOWS\System32\drivers\Bhbase.sys [83144 2015-10-18] (Baidu, Inc.) R1 Bnbase; C:\WINDOWS\System32\drivers\bnbasex64.sys [62792 2015-10-18] (Baidu, Inc.) R1 Bndef; C:\Windows\System32\drivers\bndef64.sys [485672 2015-10-18] (Baidu, Inc.) R3 Bnmon; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\Bnmon64.sys [82376 2015-10-18] (Baidu, Inc.) R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [262088 2015-10-18] (Baidu, Inc.) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-11-14] (Disc Soft Ltd) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-03-22] () R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-12-23] (Glarysoft Ltd) R3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [54736 2017-04-16] () R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-04-16] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-04-16] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-04-16] (Malwarebytes) R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-04-16] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92096 2017-04-16] (Malwarebytes) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation) R2 TMKernel; C:\WINDOWS\system32\drivers\TMKernel.sys [180264 2016-03-11] (Smart Software, Inc.) S1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-10-02] (Oracle Corporation) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [146584 2015-10-02] (Oracle Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) S3 dbx; system32\DRIVERS\dbx.sys [X] S2 trayhttps; \??\C:\Windows\system32\drivers\avcismmn.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-04-16 18:44 - 2017-04-16 18:44 - 00001162 _____ C:\WINDOWS\system32\.crusader 2017-04-16 18:14 - 2017-04-16 18:46 - 00054736 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys 2017-04-16 18:13 - 2017-04-16 18:44 - 00000000 ____D C:\ProgramData\HitmanPro 2017-04-16 18:13 - 2017-04-16 18:13 - 00000000 ____D C:\Program Files\HitmanPro 2017-04-16 18:12 - 2017-04-16 18:13 - 11583584 _____ (SurfRight B.V.) C:\Users\Paweł\Downloads\hitmanpro_x64.exe 2017-04-16 16:57 - 2017-04-16 18:48 - 00092096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2017-04-16 16:57 - 2017-04-16 18:47 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-04-16 16:57 - 2017-04-16 18:47 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-04-16 16:57 - 2017-04-16 16:57 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys 2017-04-16 16:57 - 2017-04-16 16:57 - 00000782 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-04-16 16:56 - 2017-03-22 11:02 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-04-16 16:55 - 2017-04-16 16:56 - 60107896 _____ (Malwarebytes ) C:\Users\Paweł\Downloads\mb3-setup-consumer-3.0.6.1469-10103 (1).exe 2017-04-16 16:55 - 2017-04-16 16:55 - 60107896 _____ (Malwarebytes ) C:\Users\Paweł\Downloads\mb3-setup-consumer-3.0.6.1469-10103.exe 2017-04-16 16:43 - 2017-04-16 16:44 - 04089296 _____ C:\Users\Paweł\Downloads\adwcleaner_6.045.exe 2017-04-15 21:38 - 2017-04-15 21:39 - 117042085 _____ C:\Users\Paweł\Downloads\Kali x Pawbeats - Chakra (Album)(2017).rar 2017-04-14 21:23 - 2017-04-14 21:42 - 00000271 _____ C:\Users\Paweł\Desktop\app.js 2017-04-14 21:19 - 2017-04-14 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-04-14 01:22 - 2017-04-14 01:22 - 00046408 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2017-04-12 20:36 - 2017-04-12 20:36 - 00000000 ____D C:\Users\Paweł\Documents\SkidRow 2017-04-12 20:36 - 2017-04-12 20:36 - 00000000 ____D C:\Users\Paweł\AppData\LocalLow\JutsuGames 2017-04-12 20:23 - 2017-04-12 20:23 - 00000431 _____ C:\Users\Public\Desktop\911 Operator.lnk 2017-04-12 20:23 - 2017-04-12 20:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\911 Operator 2017-04-12 19:49 - 2017-04-12 20:01 - 381439229 _____ C:\Users\Paweł\Downloads\911 Operator-SKIDROW (2017) v 1.0.rar 2017-04-11 14:23 - 2017-04-11 14:29 - 00000311 _____ C:\Users\Paweł\Desktop\style.css 2017-04-11 14:22 - 2017-04-14 21:25 - 00000262 _____ C:\Users\Paweł\Desktop\index.html 2017-04-10 17:34 - 2017-04-10 17:34 - 00276176 _____ (Spotify Ltd) C:\Users\Paweł\Downloads\SpotifySetup (1).exe 2017-04-08 20:11 - 2017-04-08 20:11 - 00000000 ____D C:\Users\Paweł\AppData\Roaming\java 2017-04-08 20:10 - 2017-04-08 20:10 - 00002173 _____ C:\Users\Paweł\Desktop\Minecraft.lnk 2017-04-08 20:10 - 2017-04-08 20:10 - 00000000 ____D C:\Users\Paweł\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft 2017-04-08 20:09 - 2017-04-08 20:12 - 00000000 ____D C:\Users\Paweł\AppData\Roaming\.minecraft 2017-04-05 16:16 - 2017-04-05 16:16 - 00090861 _____ C:\Users\Paweł\Downloads\Nowe-mundury-w-Policji.pdf 2017-04-02 12:56 - 2017-04-02 12:56 - 00551060 _____ C:\Users\Paweł\Downloads\ibe-poradnik-matura-jezyk-polski-rozprawka (2).pdf 2017-04-02 12:52 - 2017-04-02 12:55 - 00000000 ____D C:\Users\Paweł\Desktop\Polski 2017-04-02 12:51 - 2017-04-02 12:52 - 11821700 _____ C:\Users\Paweł\Downloads\matura_polski.zip 2017-04-02 11:02 - 2017-04-02 11:02 - 03486848 _____ C:\Users\Paweł\Downloads\Grzesiak M. - Psychologia Zmiany - najskuteczniejsze narzędzia pracy z ludzkimi emocjami.pdf 2017-04-02 10:04 - 2017-04-02 10:04 - 05688298 _____ C:\Users\Paweł\Downloads\The Power of Your Other Hand - A Course in Channeling the Inner Wisdom of the Right Brain.pdf 2017-04-01 16:09 - 2017-04-01 16:09 - 00002112 _____ C:\Users\Public\Desktop\Action!.lnk 2017-04-01 16:05 - 2017-04-01 16:05 - 22684436 _____ C:\Users\Paweł\Downloads\2oi7_mrls_act_2.3.O.zip 2017-04-01 15:49 - 2017-04-01 16:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis 2017-04-01 15:49 - 2017-04-01 16:08 - 00000000 ____D C:\Program Files (x86)\Mirillis 2017-04-01 15:49 - 2017-04-01 16:03 - 00000000 ____D C:\Users\Paweł\AppData\Local\Mirillis 2017-04-01 15:49 - 2017-04-01 15:49 - 00000000 ____D C:\Users\Paweł\AppData\Roaming\Mirillis 2017-04-01 15:49 - 2017-04-01 15:49 - 00000000 ____D C:\ProgramData\Mirillis 2017-04-01 15:49 - 2017-04-01 15:49 - 00000000 ____D C:\Action! 2017-04-01 15:48 - 2017-04-01 15:49 - 23022704 _____ (Mirillis Ltd.) C:\Users\Paweł\Downloads\action_2_3_0_setup.exe 2017-04-01 12:10 - 2017-04-01 12:10 - 02079845 _____ C:\Users\Paweł\Downloads\D19970602Lj (2).pdf 2017-03-30 21:57 - 2017-03-30 21:57 - 00068634 _____ C:\Users\Paweł\Downloads\kwestionariusz_osobowy_kandydata_do_sluzby (4).pdf 2017-03-30 21:16 - 2017-03-30 21:16 - 00061372 _____ C:\Users\Paweł\Downloads\LISTA_RANKINGOWA_22_02_2017_R_ (1).pdf 2017-03-30 20:57 - 2017-03-30 20:57 - 00103074 _____ C:\Users\Paweł\Downloads\D20111245.pdf 2017-03-30 14:47 - 2017-03-30 14:47 - 01184859 _____ C:\Users\Paweł\Downloads\D2014000189801 (1).pdf 2017-03-30 14:44 - 2017-03-30 14:44 - 01184859 _____ C:\Users\Paweł\Downloads\ROZPORZADZENIE_MINISTRA_SPRAW_WEWNETRZNYCH_z_dnia_19_grudnia_2014_r__w_sprawie_wykazu_chorob_i_ulomnosci__wraz_z_kategoriami_zdolnosci_do_sluzby_w_Policji__Strazy_Granicznej__Panstwowej_Strazy_Pozarnej_oraz_Biurze_O (2).pdf 2017-03-27 12:34 - 2017-03-27 12:34 - 00001653 _____ C:\Users\Public\Desktop\Path of Exile.lnk 2017-03-27 12:34 - 2017-03-27 12:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grinding Gear Games 2017-03-27 12:33 - 2017-03-27 12:34 - 11328672 _____ (Grinding Gear Games) C:\Users\Paweł\Downloads\PathOfExileInstaller.exe 2017-03-27 12:12 - 2017-03-27 12:13 - 44303191 _____ C:\Users\Paweł\Downloads\PoESkillTree-Ascendancy-2.2.4.zip 2017-03-26 23:07 - 2017-03-26 23:07 - 01184859 _____ C:\Users\Paweł\Downloads\D2014000189801.pdf 2017-03-26 20:37 - 2017-03-26 20:37 - 00293929 _____ C:\Users\Paweł\Downloads\D19970483Lj (2).pdf 2017-03-26 17:32 - 2017-03-26 17:39 - 21789243 _____ C:\Users\Paweł\Downloads\Cieślar P. - Operacje i techniki operacyjne.pdf 2017-03-26 17:30 - 2017-03-26 17:30 - 00511070 _____ C:\Users\Paweł\Downloads\44-WÓJCIK (2).pdf 2017-03-26 13:34 - 2017-03-28 23:14 - 00282624 _____ C:\Users\Paweł\Desktop\ezd_home.mdb 2017-03-26 13:33 - 2017-03-26 13:34 - 00099840 _____ () C:\Users\Paweł\Desktop\EZD_HOME.exe 2017-03-26 13:33 - 2017-03-26 13:33 - 00366302 _____ C:\Users\Paweł\Downloads\OneDrive-2017-03-26.zip 2017-03-26 13:33 - 2017-03-26 13:33 - 00099840 _____ () C:\Users\Paweł\Downloads\EZD_HOME.exe 2017-03-26 11:48 - 2017-04-07 16:10 - 00004020 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1490521678 2017-03-26 11:48 - 2017-04-07 16:10 - 00001152 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera developer.lnk 2017-03-26 11:48 - 2017-03-26 11:48 - 00001240 _____ C:\Users\Public\Desktop\Opera developer.lnk 2017-03-26 11:48 - 2017-03-26 11:48 - 00000000 ____D C:\Users\Paweł\AppData\Roaming\Opera Software 2017-03-26 11:48 - 2017-03-26 11:48 - 00000000 ____D C:\Users\Paweł\AppData\Local\Opera Software 2017-03-26 11:46 - 2017-04-07 16:10 - 00000000 ____D C:\Program Files\Opera developer 2017-03-26 11:45 - 2017-03-26 11:46 - 02188264 _____ (Opera Software) C:\Users\Paweł\Downloads\OperaSetupDeveloper.exe 2017-03-26 11:45 - 2017-03-26 11:45 - 01182296 _____ (Opera Software) C:\Users\Paweł\Downloads\Opera_PortableSetupDeveloper.exe 2017-03-24 21:47 - 2017-03-24 21:47 - 00068634 _____ C:\Users\Paweł\Downloads\kwestionariusz_osobowy_kandydata_do_sluzby (3).pdf 2017-03-23 22:45 - 2017-03-23 22:45 - 00046607 _____ C:\Users\Paweł\Downloads\bw_i_st_niestacj._i_rok_2016_2017 (1).xlsx 2017-03-23 22:45 - 2017-03-23 22:45 - 00046101 _____ C:\Users\Paweł\Downloads\bw_i_st_niestacj._ii_i_iii_rok_2016_2017.xlsx 2017-03-23 17:01 - 2017-03-23 17:01 - 00583398 _____ C:\Users\Paweł\Downloads\INFORMATOR ASzWoj.pdf 2017-03-23 16:28 - 2017-03-23 16:28 - 00950972 _____ C:\Users\Paweł\Downloads\Zakup_kontrolowany.pdf 2017-03-22 20:43 - 2017-03-22 20:43 - 01123801 _____ C:\Users\Paweł\Desktop\Moj agent Masa - Piotr Pytlakowski.pdf 2017-03-22 05:57 - 2017-03-22 05:57 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2017-03-22 05:57 - 2017-03-22 05:57 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2017-03-22 05:57 - 2017-03-22 05:57 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2017-03-21 21:11 - 2017-03-21 21:11 - 00695039 _____ C:\Users\Paweł\Downloads\D20070877.pdf 2017-03-21 21:09 - 2017-03-21 21:10 - 01745746 _____ C:\Users\Paweł\Downloads\D20101381.pdf 2017-03-20 22:30 - 2017-03-20 22:30 - 00273036 _____ C:\Users\Paweł\Downloads\71afba2e2d3c087bae09a616dea66d19 (1).pdf 2017-03-20 22:28 - 2017-03-20 22:28 - 00273036 _____ C:\Users\Paweł\Downloads\71afba2e2d3c087bae09a616dea66d19.pdf 2017-03-20 21:40 - 2017-03-20 21:40 - 01083091 _____ C:\Users\Paweł\Downloads\O-wiadczenie maj-tkowe za 2014 r. - pocz-tek kadencji.pdf 2017-03-20 15:40 - 2017-03-20 15:40 - 00364098 _____ C:\Users\Paweł\Downloads\Projekt_-_uzgodnienia_-_wersja_wyszukiwalna (1).pdf 2017-03-19 20:15 - 2017-03-19 20:15 - 00786006 _____ C:\Users\Paweł\Downloads\Uzycie_lub_wykorzystanie_srodkow_przymusu_bezposredniego_przez_policjantow__L__Dyduch__K__Swierczewski__W__Biedrzycki__nr_116_.pdf 2017-03-19 17:35 - 2017-03-19 17:35 - 00511070 _____ C:\Users\Paweł\Downloads\44-WÓJCIK (1).pdf 2017-03-19 17:18 - 2017-03-19 17:18 - 00511070 _____ C:\Users\Paweł\Downloads\44-WÓJCIK.pdf 2017-03-19 17:18 - 2017-03-19 17:18 - 00065676 _____ C:\Users\Paweł\Downloads\Minister-Mariusz-Blaszczak-Techniki-operacyjne-sa-niezbedne-w-dzialalnosci-polic.pdf 2017-03-19 17:07 - 2017-04-08 20:03 - 00000000 ____D C:\Users\Paweł\AppData\LocalLow\uTorrent 2017-03-19 16:09 - 2017-03-19 16:09 - 00019751 _____ C:\Users\Paweł\Downloads\Beautiful Creatures (2013) [1080p] [YTS.AG].torrent 2017-03-19 15:34 - 2017-03-19 15:34 - 00021264 _____ C:\Users\Paweł\Downloads\Logan.2017.HDTS.v2.720p.YIFYTORRENT.[CO].torrent 2017-03-19 00:12 - 2017-03-19 00:12 - 00384509 _____ C:\Users\Paweł\Downloads\Taktyka-i-techniki-przesluchan.pdf ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-04-16 20:10 - 2016-06-13 21:29 - 00000000 ____D C:\FRST 2017-04-16 18:50 - 2015-10-18 19:18 - 00000000 ___RD C:\Users\Paweł\Dropbox 2017-04-16 18:49 - 2015-12-23 22:49 - 00000000 ___HD C:\Users\Paweł\.rainlendar2 2017-04-16 18:47 - 2016-06-13 20:10 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-04-16 18:46 - 2015-12-24 00:07 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-04-16 18:46 - 2015-12-23 23:51 - 00000000 ____D C:\ProgramData\NVIDIA 2017-04-16 18:45 - 2015-10-30 08:28 - 01048576 ___SH C:\WINDOWS\system32\config\BBI 2017-04-16 16:56 - 2016-06-13 20:10 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-04-16 16:49 - 2016-03-21 14:24 - 00000000 ____D C:\AdwCleaner 2017-04-16 16:49 - 2015-12-23 23:54 - 00000000 ____D C:\Users\Paweł 2017-04-16 16:37 - 2015-10-30 21:19 - 00781672 _____ C:\WINDOWS\system32\perfh015.dat 2017-04-16 16:37 - 2015-10-30 21:19 - 00150190 _____ C:\WINDOWS\system32\perfc015.dat 2017-04-16 16:37 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF 2017-04-16 16:37 - 2015-10-18 13:07 - 01755848 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-04-16 12:45 - 2015-10-19 13:18 - 00005352 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-IV3P379-Paweł DESKTOP-IV3P379 2017-04-15 21:44 - 2015-12-25 02:54 - 00000000 ____D C:\Users\Paweł\AppData\Roaming\AIMP 2017-04-15 20:33 - 2016-04-18 13:38 - 00004226 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{85546DB4-839F-481B-B1F7-00158CA73672} 2017-04-15 12:38 - 2015-11-01 00:49 - 00000000 ____D C:\Users\Paweł\AppData\Local\CrashDumps 2017-04-14 22:09 - 2015-12-12 15:09 - 00000000 ____D C:\Users\Paweł\AppData\Roaming\ipla 2017-04-14 22:09 - 2015-12-12 15:09 - 00000000 ____D C:\ProgramData\ipla 2017-04-14 21:20 - 2015-10-18 19:14 - 00000000 ____D C:\Program Files (x86)\Dropbox 2017-04-13 15:30 - 2015-10-18 13:28 - 00003566 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2017-04-13 15:30 - 2015-10-18 13:28 - 00003442 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2017-04-10 10:33 - 2016-07-14 11:57 - 02960224 _____ C:\WINDOWS\system32\Drivers\vonetframe.sys 2017-04-08 21:48 - 2015-10-18 19:47 - 00000000 ____D C:\Users\Paweł\AppData\Roaming\uTorrent 2017-04-05 22:00 - 2015-10-18 13:05 - 00000000 ____D C:\Users\Paweł\AppData\Local\Packages 2017-04-03 21:13 - 2015-10-18 19:16 - 00000000 ____D C:\Users\Paweł\AppData\Roaming\DVDVideoSoft 2017-03-31 07:24 - 2015-10-18 13:29 - 00002278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-03-27 12:38 - 2016-02-16 01:22 - 00000000 ____D C:\Users\Paweł\Documents\My Games 2017-03-27 12:34 - 2015-10-18 22:49 - 00000000 ____D C:\ProgramData\Package Cache 2017-03-27 12:17 - 2016-02-29 04:03 - 00000000 ____D C:\Users\Paweł\Desktop\PoESkillTree 2017-03-21 21:01 - 2017-02-04 12:09 - 00001617 _____ C:\Users\Paweł\Desktop\LEKTURY OBOWIĄZKOWE.txt 2017-03-19 23:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2017-03-19 13:10 - 2017-03-06 12:18 - 00000000 ____D C:\Users\Paweł\Desktop\Lektury ==================== Pliki w katalogu głównym wybranych folderów ======= 2016-08-14 00:12 - 2016-08-14 00:12 - 26640264 _____ () C:\Users\Paweł\AppData\Roaming\gameboxsetup.exe 2015-10-18 17:59 - 2015-10-18 18:04 - 0008623 _____ () C:\Users\Paweł\AppData\Local\HWVendorDetection.log 2016-03-07 19:25 - 2016-03-07 19:25 - 0002386 _____ () C:\Users\Paweł\AppData\Local\recently-used.xbel 2017-02-02 16:18 - 2017-02-02 16:18 - 0007606 _____ () C:\Users\Paweł\AppData\Local\Resmon.ResmonCfg 2016-05-27 19:44 - 2016-05-27 19:44 - 0000016 _____ () C:\ProgramData\mntemp 2016-03-11 17:16 - 2016-03-11 17:16 - 1384504 _____ (Smart Software, Inc.) C:\ProgramData\TMSetup0303.exe Pliki do przeniesienia lub usunięcia: ==================== C:\ProgramData\TMSetup0303.exe C:\Users\Paweł\.mongorc.js Niektóre pliki w TEMP: ==================== 2017-02-28 23:20 - 2017-02-28 23:20 - 40360648 _____ () C:\Users\Paweł\AppData\Local\Temp\ipl1176.tmp.exe 2017-03-07 00:00 - 2017-03-07 00:00 - 40360648 _____ () C:\Users\Paweł\AppData\Local\Temp\ipl3B77.tmp.exe 2017-03-08 00:24 - 2017-03-08 00:24 - 39527696 _____ () C:\Users\Paweł\AppData\Local\Temp\ipl5113.tmp.exe 2017-03-01 23:55 - 2017-03-01 23:55 - 40360648 _____ () C:\Users\Paweł\AppData\Local\Temp\ipl5C43.tmp.exe 2017-02-27 23:07 - 2017-02-27 23:08 - 40360648 _____ () C:\Users\Paweł\AppData\Local\Temp\ipl78D8.tmp.exe 2016-08-28 18:16 - 2016-08-28 18:16 - 40360648 _____ () C:\Users\Paweł\AppData\Local\Temp\iplCC7F.tmp.exe 2017-03-05 00:57 - 2017-03-05 00:57 - 40360648 _____ () C:\Users\Paweł\AppData\Local\Temp\iplE130.tmp.exe 2016-03-28 17:13 - 2016-05-09 07:08 - 2458672 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\Paweł\AppData\Local\Temp\libeay32.dll 2016-03-28 17:13 - 2013-10-05 02:38 - 0970912 _____ (Microsoft Corporation) C:\Users\Paweł\AppData\Local\Temp\msvcr120.dll 2016-10-15 16:57 - 2016-12-02 15:40 - 4046242 _____ (Napisy24.pl ) C:\Users\Paweł\AppData\Local\Temp\Napisy24.exe 2016-03-03 11:50 - 2016-05-09 07:08 - 0772672 _____ () C:\Users\Paweł\AppData\Local\Temp\sqlite3.dll 2016-05-15 18:23 - 2016-05-15 18:23 - 0119408 _____ () C:\Users\Paweł\AppData\Local\Temp\Sublime Text Update Installer.exe ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-04-16 12:44 ==================== Koniec FRST.txt ============================