Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 30-04-2017 Uruchomiony przez Tomasz J (administrator) TOMASZ-LENOVO (01-05-2017 18:37:15) Uruchomiony z C:\Users\Tomasz J\Desktop Załadowane profile: Tomasz J & UpdatusUser (Dostępne profile: Tomasz J & UpdatusUser & DefaultAppPool) Platform: Windows 7 Ultimate Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Dassault Systemes) C:\Program Files\Dassault Systemes\B21\win_b64\code\bin\CATSysDemon.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe () C:\Windows\KMS-R@1n.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Intel(R) Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe (Highresolution Enterprises) D:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe (Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Highresolution Enterprises) C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe () C:\Windows\KMS-R@1nHook.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Lenovo) C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\WINWORD.EXE ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [IntelWirelessWiMAX] => C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1626112 2011-12-01] (Intel® Corporation) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2773232 2013-10-17] (Synaptics Incorporated) HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1487896 2017-02-08] (Highresolution Enterprises) Winlogon\Notify\igfxcui: c:\windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-513388345-2481954787-3041473172-1000\...\MountPoints2: H - H:\AutoRun.exe HKU\S-1-5-21-513388345-2481954787-3041473172-1000\...\MountPoints2: {549f197f-01e8-11e3-9c62-689423ff5cca} - F:\SETUP.EXE HKU\S-1-5-21-513388345-2481954787-3041473172-1000\...\MountPoints2: {6f5b8ad4-94aa-11e6-abe1-806e6f6e6963} - H:\AutoRun.exe HKU\S-1-5-21-513388345-2481954787-3041473172-1000\...\MountPoints2: {6f5b8bbf-94aa-11e6-abe1-20898449a356} - H:\AutoRun.exe HKU\S-1-5-21-513388345-2481954787-3041473172-1000\...\MountPoints2: {6f5b8bd1-94aa-11e6-abe1-20898449a356} - H:\AutoRun.exe HKU\S-1-5-21-513388345-2481954787-3041473172-1246\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [247144 2012-11-06] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [203112 2012-11-06] (NVIDIA Corporation) IFEO\OSppSvc.exe: [Debugger] KMS-R@1nHook.exe IFEO\SppSvc.exe: [Debugger] KMS-R@1nHook.exe Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => c:\windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 217.172.224.160 89.231.1.206 Tcpip\..\Interfaces\{26014E5F-0B79-4971-9D61-8D07DEB94415}: [DhcpNameServer] 217.172.224.160 89.231.1.206 Tcpip\..\Interfaces\{99D6FE59-48F3-4D53-AF53-65403FA39E20}: [NameServer] 212.2.96.51 212.2.96.52 Tcpip\..\Interfaces\{E2D0EA85-99E5-4EB2-9485-192CC5FDDC4D}: [NameServer] 212.2.96.51 212.2.96.52 Tcpip\..\Interfaces\{E2D0EA85-99E5-4EB2-9485-192CC5FDDC4D}: [DhcpNameServer] 212.2.96.51 212.2.96.52 Internet Explorer: ================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = SearchScopes: HKU\S-1-5-21-513388345-2481954787-3041473172-1000 -> {E9DB9E7B-A275-41D1-8158-D0423FBEBDEB} URL = hxxp://www.google.com/cse?cx=partner-pub-3540673482024757:xbhdw8hkfz5&cof=&q={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-08] (Oracle Corporation) BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-04-28] (Atheros Commnucations) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-08] (Oracle Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-10-11] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Tomasz J\AppData\Roaming\Mozilla\Firefox\Profiles\wlqf67qd.default [2017-05-01] FF Extension: (Firefox Hotfix) - C:\Users\Tomasz J\AppData\Roaming\Mozilla\Firefox\Profiles\wlqf67qd.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-12-08] FF Extension: (Zotero) - C:\Users\Tomasz J\AppData\Roaming\Mozilla\Firefox\Profiles\wlqf67qd.default\Extensions\zotero@chnm.gmu.edu.xpi [2017-02-27] FF Extension: (Zotero Word for Windows Integration) - C:\Users\Tomasz J\AppData\Roaming\Mozilla\Firefox\Profiles\wlqf67qd.default\Extensions\zoteroWinWordIntegration@zotero.org [2017-02-25] FF Extension: (Walnut for Firefox) - C:\Users\Tomasz J\AppData\Roaming\Mozilla\Firefox\Profiles\wlqf67qd.default\Extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}.xpi [2016-12-08] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-08-10] [Brak podpisu cyfrowego] FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon => nie znaleziono FF HKU\S-1-5-21-513388345-2481954787-3041473172-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-25] () FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.0-git-20130801-0403 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-08-01] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-25] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-08] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-08] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-13] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> D:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [Brak pliku] FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-513388345-2481954787-3041473172-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Tomasz J\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2013-11-06] (Skype Limited) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-12-13] (Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR StartupUrls: Default -> "" CHR Profile: C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default [2017-05-01] CHR Extension: (Prezentacje Google) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-15] CHR Extension: (Dokumenty Google) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-15] CHR Extension: (Dysk Google) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-15] CHR Extension: (YouTube) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-15] CHR Extension: (Ósemka) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\cedbddnnmhgnedpamoenmdkhnpnfbpjb [2016-12-28] CHR Extension: (Google Search) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-15] CHR Extension: (Facebook Aktualności) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\edoadhjjfgeniilpmnoaddaihjkkhheb [2016-08-05] CHR Extension: (Arkusze Google) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-15] CHR Extension: (Dokumenty Google offline) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16] CHR Extension: (AdBlock) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-23] CHR Extension: (Curling) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhalnajmigjnpjpdbpkpgfhekbjmolhp [2016-01-13] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-24] CHR Extension: (Mój motyw Chrome) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2015-10-24] CHR Extension: (Gmail) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-15] CHR Extension: (Chrome Media Router) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-25] Opera: ======= StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S4 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [119424 2012-04-28] (Atheros Commnucations) [Brak podpisu cyfrowego] S4 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.) R2 BBDemon; C:\Program Files\Dassault Systemes\B21\win_b64\code\bin\CATSysDemon.exe [46592 2011-01-08] (Dassault Systemes) [Brak podpisu cyfrowego] R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [1005944 2012-07-02] (Broadcom Corporation.) R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [514048 2011-11-30] (Red Bend Ltd.) [Brak podpisu cyfrowego] R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2771848 2016-11-13] (ESET) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-29] (Intel Corporation) R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2016-10-31] () [Brak podpisu cyfrowego] S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [Brak podpisu cyfrowego] S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit) R2 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [21552 2014-02-21] (Lenovo) S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273544 2016-12-07] (Lenovo) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes) S4 mitsijm2016; D:\Program Files\Autodesk_INVENTOR_2016\Inventor 2016\Moldflow\bin\mitsijm.exe [968480 2014-09-30] (Autodesk, Inc.) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] () R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Brak podpisu cyfrowego] S3 PAExec; C:\Windows\PAExec.exe [189112 2017-05-01] (Power Admin LLC) S4 PeerDistSvc; C:\Windows\system32\peerdistsvc.dll [1361920 2009-07-14] (Microsoft Corporation) [Brak podpisu cyfrowego] R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Brak podpisu cyfrowego] S2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [61232 2014-10-01] (Lenovo Group Limited) R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [317224 2014-10-01] (Lenovo Group Limited) S4 TeamViewer; D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH) R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [979456 2011-11-30] (Intel(R) Corporation) [Brak podpisu cyfrowego] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 XMouseButton Launcher; D:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe [87040 2012-06-23] (Highresolution Enterprises) [Brak podpisu cyfrowego] R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [163456 2012-04-28] (Atheros) [Brak podpisu cyfrowego] R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation) S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [X] ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S4 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus64.sys [29184 2015-05-12] (LG Electronics Inc.) S4 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2015-05-12] (LG Electronics Inc.) S4 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2015-05-12] (LG Electronics Inc.) R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-04-02] (Broadcom Corporation.) R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2016-10-17] (Bytemobile, Inc.) [Brak podpisu cyfrowego] S3 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [24032 2013-10-08] (IVT Corporation.) S4 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-08-10] (Disc Soft Ltd) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [262792 2016-11-13] (ESET) U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241880 2015-02-23] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [197248 2016-11-13] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [181384 2016-11-13] (ESET) R1 funfrm; C:\Windows\System32\Drivers\funfrm.sys [73744 2017-03-18] () S4 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [34793 2007-05-23] (Compuware Corporation) [Brak podpisu cyfrowego] S4 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [212992 2016-10-17] (Huawei Technologies Co., Ltd.) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-08-10] (REALiX(tm)) S3 IvtAudioBusSrv; C:\Windows\System32\Drivers\IvtBtBus.sys [27256 2012-12-24] (IVT Corporation.) S3 IvtPanBusSrv; C:\Windows\System32\Drivers\btnetBus.sys [31480 2012-12-24] (IVT Corporation.) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2015-08-10] (Qualcomm Atheros Co., Ltd.) S4 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [Brak podpisu cyfrowego] R1 LUMDriver; C:\Windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2017-05-01] (Malwarebytes) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2015-08-10] (Intel Corporation) S2 NSHE; C:\Windows\SysWOW64\Drivers\NSHE.SYS [97792 2010-07-28] (Tecar Forum) [Brak podpisu cyfrowego] S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [66608 2017-04-01] (NVIDIA Corporation) S3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [76840 2017-04-01] (NVIDIA Corporation) S3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8225680 2012-06-29] (Realtek Semiconductor Corp.) R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit) R3 SmbDrvIntel; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [27408 2012-03-26] (Synaptics Incorporated) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-09-05] (Duplex Secure Ltd.) S4 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.) S4 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2009-09-19] (MCCI Corporation) R3 SuperIO; C:\Windows\System32\DRIVERS\spio.sys [11848 2009-06-05] () R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2016-10-17] (Bytemobile, Inc.) [Brak podpisu cyfrowego] S4 WINIO; C:\Windows\SysWOW64\winio.sys [41324 2001-11-13] () [Brak podpisu cyfrowego] S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [34016 2014-05-27] (Microsoft Corporation) S4 XHASP; c:\windows\SysWOW64\drivers\XHASP.sys [259584 2014-08-07] () [Brak podpisu cyfrowego] U3 ali2nkm4; C:\Windows\System32\Drivers\ali2nkm4.sys [0 ] (Advanced Micro Devices) <==== UWAGA (zerobajtowy plik/folder) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-05-01 17:47 - 2017-05-01 17:48 - 00034827 _____ C:\Users\Tomasz J\Desktop\Fixlog.txt 2017-05-01 16:18 - 2017-05-01 18:40 - 00025312 _____ C:\Users\Tomasz J\Desktop\FRST.txt 2017-05-01 16:18 - 2017-05-01 16:18 - 00220837 _____ C:\Users\Tomasz J\Desktop\GMER.txt 2017-05-01 16:17 - 2017-05-01 16:17 - 00100067 _____ C:\Users\Tomasz J\Desktop\Addition.txt 2017-05-01 16:02 - 2017-05-01 16:02 - 00000000 ____D C:\Windows\SysWOW64\NV 2017-05-01 16:02 - 2017-05-01 16:02 - 00000000 ____D C:\Windows\system32\NV 2017-05-01 15:59 - 2017-05-01 15:59 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini 2017-05-01 15:59 - 2017-05-01 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\Ustawienia lokalne 2017-05-01 15:59 - 2017-05-01 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\Szablony 2017-05-01 15:59 - 2017-05-01 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\Moje dokumenty 2017-05-01 15:59 - 2017-05-01 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\Menu Start 2017-05-01 15:59 - 2017-05-01 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Moje wideo 2017-05-01 15:59 - 2017-05-01 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Moje obrazy 2017-05-01 15:59 - 2017-05-01 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Moja muzyka 2017-05-01 15:59 - 2017-05-01 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\Dane aplikacji 2017-05-01 15:59 - 2017-05-01 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2017-05-01 15:59 - 2017-05-01 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Historia 2017-05-01 15:59 - 2017-05-01 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Dane aplikacji 2017-05-01 15:59 - 2017-05-01 15:59 - 00000000 ____D C:\Users\UpdatusUser 2017-05-01 15:59 - 2015-07-22 13:13 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo 2017-05-01 15:59 - 2015-05-27 18:25 - 00000000 ____D C:\Users\UpdatusUser\Documents\Visual Studio 2012 2017-05-01 15:59 - 2015-05-27 10:38 - 00000000 ____D C:\Users\UpdatusUser\Documents\Visual Studio 2010 2017-05-01 15:59 - 2014-08-30 11:54 - 00002104 _____ C:\Users\UpdatusUser\Desktop\OneKey Recovery.lnk 2017-05-01 15:59 - 2013-08-21 19:37 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Microsoft Help 2017-05-01 15:59 - 2012-11-06 09:44 - 03598665 _____ C:\Windows\system32\nvcoproc.bin 2017-05-01 15:59 - 2012-11-06 09:44 - 03298664 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2017-05-01 15:59 - 2012-11-06 09:42 - 06206312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2017-05-01 15:59 - 2012-11-06 09:42 - 02557800 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2017-05-01 15:59 - 2012-11-06 09:42 - 00891240 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2017-05-01 15:59 - 2012-11-06 09:42 - 00870760 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2017-05-01 15:59 - 2012-11-06 09:42 - 00118120 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2017-05-01 15:59 - 2012-11-06 09:42 - 00063336 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2017-05-01 15:59 - 2012-11-06 09:42 - 00055144 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2017-05-01 15:59 - 2009-07-14 20:09 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Media Center Programs 2017-05-01 15:58 - 2012-11-06 09:42 - 00440680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\oemdspif.dll 2017-05-01 15:57 - 2017-05-01 15:59 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-05-01 15:57 - 2012-11-06 09:04 - 01760104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco64.dll 2017-05-01 15:57 - 2012-11-06 09:04 - 01482600 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco64.dll 2017-05-01 15:57 - 2012-11-06 09:04 - 00014148 _____ C:\Windows\system32\nvinfo.pb 2017-05-01 15:56 - 2012-11-06 09:04 - 26336616 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2017-05-01 15:56 - 2012-11-06 09:04 - 25256296 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2017-05-01 15:56 - 2012-11-06 09:04 - 19912040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2017-05-01 15:56 - 2012-11-06 09:04 - 18264424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2017-05-01 15:56 - 2012-11-06 09:04 - 17559912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2017-05-01 15:56 - 2012-11-06 09:04 - 15320424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2017-05-01 15:56 - 2012-11-06 09:04 - 14914920 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2017-05-01 15:56 - 2012-11-06 09:04 - 13504872 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2017-05-01 15:56 - 2012-11-06 09:04 - 12494696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2017-05-01 15:56 - 2012-11-06 09:04 - 09132392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2017-05-01 15:56 - 2012-11-06 09:04 - 07710568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2017-05-01 15:56 - 2012-11-06 09:04 - 07415144 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2017-05-01 15:56 - 2012-11-06 09:04 - 06127464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2017-05-01 15:56 - 2012-11-06 09:04 - 02747240 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2017-05-01 15:56 - 2012-11-06 09:04 - 02735976 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2017-05-01 15:56 - 2012-11-06 09:04 - 02575208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2017-05-01 15:56 - 2012-11-06 09:04 - 02431848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2017-05-01 15:56 - 2012-11-06 09:04 - 02218856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2017-05-01 15:56 - 2012-11-06 09:04 - 01867112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2017-05-01 15:56 - 2012-11-06 09:04 - 00974184 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2017-05-01 15:56 - 2012-11-06 09:04 - 00831848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2017-05-01 15:56 - 2012-11-06 09:04 - 00247144 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2017-05-01 15:56 - 2012-11-06 09:04 - 00203112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2017-05-01 15:56 - 2012-11-06 09:04 - 00030056 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys 2017-05-01 15:34 - 2017-05-01 15:42 - 00000000 ____D C:\Users\Tomasz J\Desktop\[Guru3D.com]-DDU 2017-05-01 15:32 - 2017-05-01 15:33 - 01080706 _____ C:\Users\Tomasz J\Desktop\[Guru3D.com]-DDU.zip 2017-05-01 13:31 - 2017-05-01 13:31 - 04102600 _____ C:\Users\Tomasz J\Desktop\adwcleaner_6.046.exe 2017-05-01 13:31 - 2017-05-01 13:31 - 00380928 _____ C:\Users\Tomasz J\Desktop\redpn7s4.exe 2017-05-01 13:30 - 2017-05-01 13:30 - 02428928 _____ (Farbar) C:\Users\Tomasz J\Desktop\FRST64.exe 2017-04-26 23:23 - 2017-04-26 23:24 - 18726142 _____ C:\Users\Tomasz J\Desktop\Dasz radę - ks. Jan Kaczkowski.pdf 2017-04-24 22:58 - 2017-04-24 23:10 - 00000000 ____D C:\Users\Tomasz J\Desktop\Modele 2017-04-22 12:09 - 2017-04-22 12:09 - 00002221 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-04-22 12:05 - 2017-04-28 09:28 - 00003480 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2017-04-22 12:05 - 2017-04-28 09:28 - 00003352 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2017-04-22 12:05 - 2017-04-22 12:06 - 00000000 ____D C:\Program Files (x86)\Google 2017-04-13 11:47 - 2017-04-13 11:47 - 00209449 _____ C:\Users\Tomasz J\Downloads\Aneta-Jandzińska-CV-eng.pdf 2017-04-13 10:15 - 2017-04-13 10:15 - 00001906 _____ C:\Users\Public\Desktop\AutoCAD 2015 — Polski (Polish).lnk 2017-04-13 10:15 - 2017-04-13 10:15 - 00000000 ____D C:\Users\Tomasz J\Documents\Inventor Server SDK ACAD 2015 2017-04-10 16:04 - 2017-04-10 16:04 - 00003882 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1491833056 2017-04-10 16:04 - 2017-04-10 16:04 - 00001093 _____ C:\Users\Public\Desktop\Opera.lnk 2017-04-10 16:04 - 2017-04-10 16:04 - 00001093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2017-04-10 16:03 - 2017-04-18 21:18 - 00000000 ____D C:\Program Files\Opera 2017-04-09 21:42 - 2017-04-09 21:42 - 00000000 ____D C:\ProgramData\Sophos 2017-04-08 21:58 - 2017-04-08 21:58 - 00000000 ____D C:\2b09065f4a1396f30365a224 2017-04-08 17:15 - 2017-04-08 17:15 - 00000000 ____D C:\ProgramData\Dropbox 2017-04-08 16:37 - 2017-04-08 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID 2017-04-08 16:37 - 2017-04-08 16:37 - 00000000 ____D C:\Program Files\CPUID 2017-04-08 16:00 - 2017-04-08 16:00 - 00000000 ____D C:\Users\Tomasz J\AppData\Local\CEF 2017-04-08 15:29 - 2017-05-01 16:02 - 00000000 ____D C:\ProgramData\NVIDIA 2017-04-08 15:28 - 2017-05-01 15:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2017-04-08 15:28 - 2017-04-01 05:20 - 00512960 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2017-04-08 15:28 - 2017-04-01 05:20 - 00420408 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2017-04-08 15:26 - 2017-04-01 02:41 - 00172592 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2017-04-08 15:26 - 2017-04-01 02:41 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2017-04-08 15:26 - 2017-04-01 02:41 - 00076840 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys 2017-04-08 15:26 - 2017-04-01 02:41 - 00066608 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2017-04-08 15:21 - 2017-05-01 15:59 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2017-04-08 14:42 - 2017-05-01 15:42 - 00189112 _____ (Power Admin LLC) C:\Windows\PAExec.exe 2017-04-08 13:40 - 2017-04-08 13:40 - 00000000 ____D C:\NVIDIA 2017-04-06 13:03 - 2017-04-06 13:03 - 05749066 _____ C:\Users\Tomasz J\Desktop\Norma PN-EN ISO 16047.pdf 2017-04-03 15:37 - 2017-04-03 15:37 - 00010523 _____ C:\Users\Tomasz J\Desktop\pomiar.pdf 2017-04-01 12:12 - 2017-04-01 12:12 - 00000000 ____D C:\ProgramData\FLEXnet 2017-04-01 12:02 - 2017-04-01 12:02 - 00000000 ____D C:\ProgramData\FARO 2017-04-01 11:33 - 2017-04-01 11:33 - 00001992 _____ C:\Users\Public\Desktop\Autodesk Inventor Professional 2016.lnk ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-05-01 18:37 - 2015-07-06 13:14 - 00000000 ____D C:\FRST 2017-05-01 18:04 - 2009-07-14 06:45 - 00017296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-05-01 18:04 - 2009-07-14 06:45 - 00017296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-05-01 17:53 - 2013-08-24 11:45 - 00000008 __RSH C:\ProgramData\ntuser.pol 2017-05-01 17:52 - 2017-03-31 23:09 - 00296448 ___SH C:\Users\Tomasz J\Desktop\Thumbs.db 2017-05-01 17:51 - 2014-06-12 16:57 - 00065536 _____ C:\Windows\system32\Ikeext.etl 2017-05-01 17:51 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-05-01 17:48 - 2013-10-24 21:00 - 00000000 ____D C:\Users\Tomasz J\AppData\LocalLow\Temp 2017-05-01 17:47 - 2017-03-31 23:05 - 00000000 ____D C:\Users\Tomasz J\AppData\Local\Akamai 2017-05-01 17:47 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2017-05-01 16:14 - 2014-03-26 23:04 - 00000000 ____D C:\Users\Tomasz J\AppData\Local\ElevatedDiagnostics 2017-05-01 16:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF 2017-05-01 15:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help 2017-05-01 15:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2017-05-01 13:34 - 2013-12-17 21:57 - 00000000 ____D C:\AdwCleaner 2017-05-01 13:27 - 2014-08-08 20:31 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-04-30 20:19 - 2013-08-12 15:41 - 00000000 ____D C:\Users\Tomasz J\AppData\Local\Microsoft Help 2017-04-30 14:44 - 2015-08-10 13:18 - 00000000 ____D C:\ProgramData\ProductData 2017-04-29 22:06 - 2014-07-21 14:56 - 00000000 ____D C:\Users\Tomasz J\Documents\FIFA 14 2017-04-29 19:01 - 2009-07-14 19:55 - 00786982 _____ C:\Windows\system32\perfh015.dat 2017-04-29 19:01 - 2009-07-14 19:55 - 00174354 _____ C:\Windows\system32\perfc015.dat 2017-04-29 19:01 - 2009-07-14 07:13 - 01791178 _____ C:\Windows\system32\PerfStringBackup.INI 2017-04-29 18:45 - 2009-07-14 07:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2017-04-22 12:09 - 2016-07-18 13:28 - 00002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-04-22 12:09 - 2013-08-10 19:26 - 00000000 ____D C:\Users\Tomasz J\AppData\Local\Google 2017-04-14 16:07 - 2014-08-22 18:43 - 00000000 ____D C:\Users\Tomasz J\AppData\Local\CrashDumps 2017-04-13 10:30 - 2009-07-14 06:45 - 00563360 _____ C:\Windows\system32\FNTCACHE.DAT 2017-04-13 10:18 - 2015-04-25 21:24 - 00000000 ____D C:\Users\Tomasz J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk 2017-04-13 10:17 - 2013-08-10 19:11 - 00167552 _____ C:\Users\Tomasz J\AppData\Local\GDIPFONTCACHEV1.DAT 2017-04-13 10:15 - 2013-11-22 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 2017-04-13 10:15 - 2013-11-22 23:25 - 00000000 ____D C:\ProgramData\Autodesk 2017-04-13 10:14 - 2013-11-22 23:39 - 00000000 ____D C:\Users\Tomasz J\AppData\Local\Autodesk 2017-04-13 10:14 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\Downloaded Program Files 2017-04-13 10:07 - 2013-11-22 23:36 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared 2017-04-13 10:05 - 2015-04-25 20:22 - 00000000 ____D C:\Users\Public\Documents\Autodesk 2017-04-13 10:04 - 2013-11-22 23:25 - 00000000 ____D C:\Users\Tomasz J\AppData\Roaming\Autodesk 2017-04-13 09:34 - 2015-05-25 20:54 - 00000000 ____D C:\ProgramData\Package Cache 2017-04-13 09:23 - 2013-11-22 23:28 - 00000000 ____D C:\Program Files\Autodesk 2017-04-13 09:20 - 2015-04-18 12:27 - 00000000 ____D C:\Autodesk 2017-04-10 16:04 - 2016-07-18 17:44 - 00000000 ____D C:\Users\Tomasz J\AppData\Roaming\Opera Software 2017-04-10 16:04 - 2016-07-18 17:44 - 00000000 ____D C:\Users\Tomasz J\AppData\Local\Opera Software 2017-04-10 15:41 - 2013-08-10 18:38 - 00001421 _____ C:\Users\Tomasz J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2017-04-08 17:17 - 2013-08-10 21:24 - 00000000 ____D C:\Users\Tomasz J\AppData\Roaming\Skype 2017-04-08 17:16 - 2013-08-23 07:41 - 00000000 ____D C:\Windows\pss 2017-04-08 16:38 - 2013-08-10 21:18 - 00000000 ____D C:\Users\Tomasz J\AppData\Roaming\DAEMON Tools Lite 2017-04-08 16:25 - 2013-12-17 23:30 - 00007598 _____ C:\Users\Tomasz J\AppData\Local\Resmon.ResmonCfg 2017-04-01 12:16 - 2015-04-25 21:27 - 00000000 ____D C:\Users\Tomasz J\AppData\Local\Autodesk,_Inc 2017-04-01 11:48 - 2015-04-25 21:21 - 00000000 ____D C:\Users\Tomasz J\Documents\Inventor 2017-04-01 11:48 - 2013-11-22 23:35 - 00000000 ____D C:\Program Files (x86)\Autodesk ==================== Pliki w katalogu głównym wybranych folderów ======= 2014-08-25 13:26 - 2014-08-25 13:26 - 0000022 _____ () C:\Users\Tomasz J\AppData\Roaming\UserFlag.ini 2014-11-23 18:56 - 2016-03-11 22:27 - 0009728 _____ () C:\Users\Tomasz J\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-12-17 23:30 - 2017-04-08 16:25 - 0007598 _____ () C:\Users\Tomasz J\AppData\Local\Resmon.ResmonCfg 2013-08-10 19:47 - 2017-02-09 18:06 - 0003785 _____ () C:\ProgramData\hpzinstall.log 2013-11-22 23:41 - 2013-11-22 23:41 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-04-14 17:27 ==================== Koniec FRST.txt ============================