Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 15-06-2017 01
Uruchomiony przez lucca (administrator)  LUCCA-ASUS (16-06-2017 07:36:05)
Uruchomiony z E:\FILMY DOWNLOAD
Załadowane profile: lucca (Dostępne profile: lucca)
Platform: Windows 10 Home Wersja 1607 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(阿里巴巴(中国)有限公司) C:\Program Files (x86)\AliSafeEngine\5.0.2\AliSafeEngine.exe
(深圳市猫哈网络科技发展有限公司) C:\Program Files (x86)\Maoha\JiSuZip\JszipSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
() C:\SMARTSYSTEM\Smart\serwer\bin\mysqld.exe
(Alibaba Group) C:\Program Files (x86)\Alibaba\wwbizsrv\wwbizsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Windows\Temp\gBCBC.tmp.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Rejestr (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2016-01-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-28] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-646645915-3493183111-878668481-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9803992 2017-06-13] (Piriform Ltd)
ShellIconOverlayIdentifiers: [JzShlobj] -> {9A0700D2-920A-4E52-8697-9B5230C92612} => C:\Program Files (x86)\Maoha\JiSuZip\JZipExt.dll [2016-12-27] (深圳市猫哈网络科技发展有限公司)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Brak pliku
GroupPolicy: Ograniczenia - Chrome <======= UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.88.1 82.177.142.246 88.220.167.167
Tcpip\..\Interfaces\{75997473-0814-450c-93ce-da3a0a442c86}: [NameServer] 192.168.88.1
Tcpip\..\Interfaces\{b8839a58-9405-41ec-916b-a4f4447e8848}: [DhcpNameServer] 192.168.88.1 82.177.142.246 88.220.167.167

Internet Explorer:
==================
HKU\S-1-5-21-646645915-3493183111-878668481-1001\Software\Microsoft\Internet Explorer\Main,Start Page = 
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-10-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-10-17] (Oracle Corporation)
DPF: HKLM-x32 {021AFC0F-30F4-474D-9903-CE42D9539B17} hxxp://192.168.0.10/dvr_ocx.cab

FireFox:
========
FF ProfilePath: C:\Users\lucca\AppData\Roaming\Nvu\Profiles\vq7asih9.default [2016-03-06]
FF Plugin-x32: @alibaba.com/nptrademanager;version=1.0 -> C:\Program Files (x86)\TradeManager\nptrademanager.dll [2017-01-17] ( )
FF Plugin-x32: @alibaba.com/npwangwang;version=1.0 -> C:\Program Files (x86)\TradeManager\npwangwang.dll [2017-01-17] ( )
FF Plugin-x32: @alipay.com/npaliedit -> C:\Program Files (x86)\alipay\aliedit\4.0.0.101\npaliedit.dll [2015-03-24] (Alipay.com co.,ltd)
FF Plugin-x32: @alipay.com/npAliSecCtrl -> C:\Program Files (x86)\alipay\aliedit\4.0.0.101\npAliSecCtrl.dll [2015-03-24] (Alipay.com Inc. )
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-10-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-10-17] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-646645915-3493183111-878668481-1001: @alibaba.com/npAliSSOLogin;version=1.0 -> C:\Program Files (x86)\TradeManager\npAliSSOLogin.dll [2014-10-08] (Alibaba software (Shanghai) Corporation.)
FF Plugin HKU\S-1-5-21-646645915-3493183111-878668481-1001: @alibaba.com/nptrademanager;version=1.0 -> "C:\Program Files (x86)\TradeManager\nptrademanager.dll" [Brak pliku]
FF Plugin HKU\S-1-5-21-646645915-3493183111-878668481-1001: @alibaba.com/npwangwang;version=1.0 -> "C:\Program Files (x86)\TradeManager\npwangwang.dll" [Brak pliku]
FF Plugin HKU\S-1-5-21-646645915-3493183111-878668481-1001: @alipay.com/npalicert -> C:\Users\lucca\AppData\Roaming\alipay\cf\npalicdo.dll [2014-10-21] (alipay.com)

Chrome: 
=======
CHR Profile: C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default [2017-06-16]
CHR Extension: (Prezentacje Google) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-16]
CHR Extension: (Dokumenty Google) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-16]
CHR Extension: (Dysk Google) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-16]
CHR Extension: (ifirma.pl - faktury offline) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbghjinfbcclimbebalnhedfeconigkn [2016-08-13]
CHR Extension: (YouTube) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-16]
CHR Extension: (Facebook) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2016-02-16]
CHR Extension: (Google Search) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-16]
CHR Extension: (Multiple Account Checker for Gmail™) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnimhgelcnggigekhdjlifjpndgmnglm [2016-02-16]
CHR Extension: (Adobe Acrobat) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04]
CHR Extension: (Kalendarz Google) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-08]
CHR Extension: (Arkusze Google) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-16]
CHR Extension: (Tables) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2017-06-14]
CHR Extension: (Pulpit zdalny Chrome) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-06-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Mapy Google) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-02-16]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-16]
CHR Extension: (Chrome Media Router) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13]
CHR Extension: (Radio) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\plaapjbgohfgkalmmjpakodbpomahebn [2017-01-20]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Usługi (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R2 AliSafeEngine Service; C:\Program Files (x86)\AliSafeEngine\5.0.2\AliSafeEngine.exe [594080 2016-05-10] (阿里巴巴(中国)有限公司)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2016-01-12] (ELAN Microelectronics Corp.)
R2 JszipService; C:\Program Files (x86)\Maoha\JiSuZip\JszipSvc.exe [130072 2017-02-16] (深圳市猫哈网络科技发展有限公司)
R2 mptpmdxm; C:\Windows\SysWow64\mptpmdxm.dll [460072 2017-06-14] ()
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29181272 2008-12-18] (Microsoft Corporation)
R2 nlsX86cc; C:\WINDOWS\SysWOW64\nlssrv32.exe [66560 2010-11-22] (Nalpeiron Ltd.) [Brak podpisu cyfrowego]
R2 SMART SYSTEM SERWER; C:\SMARTSYSTEM\Smart\serwer\my.ini [9369 2016-05-14] () [Brak podpisu cyfrowego]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
R2 wwbizsrv; C:\Program Files (x86)\Alibaba\wwbizsrv\wwbizsrv.exe [2904176 2016-07-14] (Alibaba Group)

===================== Sterowniki (filtrowane) ======================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2016-01-12] (Advanced Micro Devices)
R1 cytdsk; C:\WINDOWS\System32\drivers\cytdsk.sys [195496 2017-06-13] ()
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R1 JszipProtect; C:\Program Files (x86)\Maoha\JiSuZip\JsZipProtect64.sys [39256 2016-12-27] ()
R1 LanmaMaster; C:\WINDOWS\system32\drivers\lanmamaster.sys [2978920 2016-11-11] () [Brak podpisu cyfrowego]
S3 leusbser; C:\WINDOWS\system32\DRIVERS\leusbser.sys [238080 2015-12-23] (QUALCOMM Incorporated)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ATK64AMD.sys [13680 2016-01-12] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETJME; C:\WINDOWS\System32\drivers\NETJME.sys [137728 2016-07-16] (JMicron Technology Corp.)
S3 qcfilter; C:\WINDOWS\System32\drivers\qcusbfilter.sys [48672 2015-09-25] (QUALCOMM Incorporated)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [252448 2015-09-25] (QUALCOMM Incorporated)
R3 SNP2UVC; C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
R2 UefGdstor; C:\WINDOWS\system32\drivers\UefGdstor.sys [192552 2016-11-11] ()
U4 UnlockerDriver5; C:\Program Files (x86)\TC UP\Plugins\Media\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [Brak podpisu cyfrowego]
R1 VD_FileDisk; C:\Windows\System32\Drivers\VD_FileDisk.sys [30312 2011-01-26] (CaptainFlint Software)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 WiserIso; C:\WINDOWS\System32\Drivers\vcdrom.sys [25432 2016-12-27] ()

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2017-06-16 07:35 - 2017-06-16 07:36 - 00000000 ____D C:\FRST
2017-06-15 20:28 - 2017-06-15 20:31 - 00000000 ____D C:\Program Files\Unlocker
2017-06-15 20:28 - 2017-06-15 20:28 - 00000000 ____D C:\Users\lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2017-06-15 13:01 - 2017-06-15 18:47 - 00001002 _____ C:\WINDOWS\wininit.ini
2017-06-15 12:38 - 2017-06-16 07:21 - 00000000 ____D C:\AdwCleaner
2017-06-14 12:48 - 2017-06-15 12:34 - 00000000 ____D C:\ProgramData\WinCacheData
2017-06-14 12:29 - 2017-06-14 12:29 - 00000266 __RSH C:\Users\lucca\ntuser.pol
2017-06-14 12:27 - 2017-06-14 12:27 - 00000266 __RSH C:\ProgramData\ntuser.pol
2017-06-14 12:27 - 2017-06-14 12:27 - 00000000 ____D C:\Program Files (x86)\UCBrowser
2017-06-14 12:26 - 2017-06-14 12:52 - 00000000 ____D C:\Program Files (x86)\WindowsTM
2017-06-14 12:26 - 2017-06-14 12:45 - 00000000 ____D C:\ProgramData\Cache
2017-06-14 12:26 - 2017-06-14 12:26 - 00930816 _____ C:\Users\lucca\AppData\Local\test_db_cara.db
2017-06-14 12:26 - 2017-06-14 12:26 - 00460072 _____ C:\WINDOWS\SysWOW64\mptpmdxm.dll
2017-06-14 12:26 - 2017-06-14 12:26 - 00140800 _____ C:\Users\lucca\AppData\Local\installer.dat
2017-06-14 12:26 - 2017-06-14 12:26 - 00016794 _____ C:\WINDOWS\System32\Tasks\CloneList
2017-06-14 12:26 - 2017-06-14 12:26 - 00011568 _____ C:\Users\lucca\AppData\Local\InstallationConfiguration.xml
2017-06-14 12:26 - 2017-06-14 12:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\极速压缩
2017-06-14 12:26 - 2017-06-14 12:26 - 00000000 ____D C:\Program Files (x86)\Maoha
2017-06-14 12:26 - 2016-12-27 04:34 - 00025432 _____ C:\WINDOWS\system32\Drivers\vcdrom.sys
2017-06-13 04:26 - 2017-06-13 04:26 - 00195496 _____ C:\WINDOWS\system32\Drivers\cytdsk.sys
2017-06-03 11:59 - 2017-06-03 11:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetClientOCX
2017-06-03 11:59 - 2017-06-03 11:59 - 00000000 ____D C:\Program Files (x86)\NetClientOCX
2017-06-03 08:33 - 2017-06-03 08:33 - 00000089 _____ C:\Users\lucca\.ubnt-discovery.properties
2017-06-02 10:38 - 2017-06-02 10:38 - 01588750 _____ C:\Users\lucca\Downloads\winbox.exe
2017-06-02 10:38 - 2017-06-02 10:38 - 00000000 ____D C:\Users\lucca\AppData\Roaming\Mikrotik
2017-06-02 06:45 - 2017-06-02 06:45 - 00109550 _____ C:\Users\lucca\Downloads\faktura_121_2017_02-06-2017 (1).pdf
2017-06-02 06:44 - 2017-06-02 06:44 - 00110313 _____ C:\Users\lucca\Downloads\faktura_121_2017_02-06-2017.pdf
2017-06-02 06:41 - 2017-06-02 06:41 - 00109944 _____ C:\Users\lucca\Downloads\faktura_109_2017_26-05-2017 (1).pdf
2017-06-02 05:37 - 2017-06-02 05:37 - 00110434 _____ C:\Users\lucca\Downloads\faktura_120_2017_02-06-2017.pdf
2017-06-02 05:36 - 2017-06-02 05:36 - 00110683 _____ C:\Users\lucca\Downloads\faktura_120_2017_31-05-2017 (1).pdf
2017-06-01 14:15 - 2017-06-01 14:45 - 00025024 _____ C:\Users\lucca\Desktop\Faktura i specyfikacja NR 3.xlsx
2017-06-01 07:14 - 2017-06-01 07:14 - 00111183 _____ C:\Users\lucca\Downloads\faktura_120_2017_31-05-2017.pdf
2017-05-31 11:19 - 2017-05-31 11:19 - 00133108 _____ C:\Users\lucca\Downloads\faktura_exp_tow_119_2017_31-05-2017 (1).pdf
2017-05-31 11:17 - 2017-05-31 11:17 - 00133092 _____ C:\Users\lucca\Downloads\faktura_exp_tow_119_2017_31-05-2017.pdf
2017-05-31 10:20 - 2017-05-31 10:20 - 00111268 _____ C:\Users\lucca\Downloads\faktura_118_2017_31-05-2017.pdf
2017-05-31 07:10 - 2017-05-31 07:10 - 00132960 _____ C:\Users\lucca\Downloads\faktura_exp_tow_117_2017_31-05-2017.pdf
2017-05-30 12:56 - 2017-05-30 12:56 - 00033375 _____ C:\Users\lucca\Downloads\Potwierdzenie_transakcji_nr_0006456297_300517.pdf
2017-05-30 11:26 - 2017-05-30 11:26 - 00110727 _____ C:\Users\lucca\Downloads\faktura_116_2017_30-05-2017.pdf
2017-05-30 07:27 - 2017-06-06 05:45 - 00000000 ____D C:\RecData
2017-05-29 09:54 - 2017-05-29 09:54 - 00249489 _____ C:\Users\lucca\Downloads\seryjny_wydruk (6).pdf
2017-05-29 08:29 - 2017-05-29 08:31 - 41177556 _____ C:\Users\lucca\Downloads\Ucho15-16 (1).rar
2017-05-29 08:22 - 2017-05-29 08:23 - 15487352 _____ C:\Users\lucca\Downloads\Ucho15-16.rar
2017-05-29 06:56 - 2017-05-29 07:12 - 37847152 _____ (Meteoryt Sp z o.o. ) C:\Users\lucca\Downloads\AsystentMagazyn_2016.exe
2017-05-29 06:53 - 2017-06-14 03:15 - 00000027 _____ C:\Users\lucca\OneDrive\Dokumenty\Asystent7-21.dat
2017-05-29 04:42 - 2017-05-29 04:42 - 09338196 _____ C:\Users\lucca\Downloads\3516C_IMX322_X_6.1.6.1.FLS.zip
2017-05-29 04:33 - 2017-05-29 04:33 - 04861184 _____ C:\Users\lucca\Downloads\Searcher_6.1.4.2.exe
2017-05-29 04:33 - 2017-05-29 04:33 - 00001975 _____ C:\Users\lucca\Desktop\IPCSearch.lnk
2017-05-29 04:31 - 2017-05-29 04:31 - 01467751 _____ C:\Users\lucca\Downloads\6357136446017020001813519055.zip
2017-05-29 04:08 - 2017-05-29 04:08 - 00110333 _____ C:\Users\lucca\Downloads\faktura_113_2017_29-05-2017 (1).pdf
2017-05-29 04:07 - 2017-05-29 04:07 - 00110268 _____ C:\Users\lucca\Downloads\faktura_113_2017_29-05-2017.pdf
2017-05-29 02:16 - 2017-05-29 02:16 - 03240512 _____ C:\Users\lucca\Downloads\IPCOCX_X.exe
2017-05-27 07:16 - 2017-05-27 07:16 - 00376646 _____ C:\Users\lucca\Downloads\kontakt-do-kuriera.pdf.pdf
2017-05-27 05:02 - 2017-05-27 05:02 - 00079609 _____ C:\Users\lucca\Downloads\etykieta_2017-05-27_05-02-02.pdf
2017-05-27 04:39 - 2017-05-27 04:39 - 00079269 _____ C:\Users\lucca\Downloads\etykieta_2017-05-27_04-38-12.pdf
2017-05-27 04:35 - 2017-05-27 04:35 - 00058804 _____ C:\Users\lucca\Downloads\etykieta_2017-05-27_04-34-10.pdf
2017-05-26 11:05 - 2017-05-26 11:05 - 00109802 _____ C:\Users\lucca\Downloads\faktura_110_2017_26-05-2017 (1).pdf
2017-05-26 10:46 - 2017-05-26 10:46 - 00110091 _____ C:\Users\lucca\Downloads\faktura_113_2017_26-05-2017.pdf
2017-05-26 10:42 - 2017-05-26 10:42 - 00249310 _____ C:\Users\lucca\Downloads\seryjny_wydruk (5).pdf
2017-05-26 08:13 - 2017-05-31 07:15 - 00000000 ____D C:\Users\lucca\Desktop\ZDJECIA NITTIS
2017-05-26 07:23 - 2017-05-26 07:23 - 00110280 _____ C:\Users\lucca\Downloads\faktura_111_2017_26-05-2017.pdf
2017-05-26 06:19 - 2017-05-26 06:19 - 00110661 _____ C:\Users\lucca\Downloads\faktura_110_2017_26-05-2017.pdf
2017-05-26 05:49 - 2017-05-26 05:49 - 00110589 _____ C:\Users\lucca\Downloads\faktura_109_2017_26-05-2017.pdf
2017-05-25 12:18 - 2017-05-25 12:18 - 00110635 _____ C:\Users\lucca\Downloads\faktura_106_2017_24-05-2017 (1).pdf
2017-05-25 12:16 - 2017-05-25 12:16 - 00123575 _____ C:\Users\lucca\Downloads\podglad_faktura_106_2017_24-05-2017.pdf
2017-05-25 12:06 - 2017-05-25 12:06 - 00110794 _____ C:\Users\lucca\Downloads\faktura_108_2017_25-05-2017 (1).pdf
2017-05-25 10:50 - 2017-05-25 10:50 - 01767163 _____ C:\Users\lucca\Downloads\gkPlugin.exe
2017-05-25 10:50 - 2017-05-25 10:50 - 00000000 ____D C:\Users\lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\gkPlugin
2017-05-25 10:50 - 2017-05-25 10:50 - 00000000 ____D C:\gkPlugin
2017-05-25 10:16 - 2017-06-12 09:59 - 00000579 _____ C:\Users\lucca\Desktop\CMS.lnk
2017-05-25 09:15 - 2017-05-25 09:15 - 00110554 _____ C:\Users\lucca\Downloads\faktura_108_2017_25-05-2017.pdf
2017-05-24 12:04 - 2017-05-24 12:04 - 00078862 _____ C:\Users\lucca\Downloads\etykieta_2017-05-24_12-03-15.pdf
2017-05-24 12:03 - 2017-05-24 12:03 - 00058819 _____ C:\Users\lucca\Downloads\etykieta_2017-05-24_12-02-50.pdf
2017-05-24 11:57 - 2017-05-24 11:57 - 00078862 _____ C:\Users\lucca\Downloads\etykieta_2017-05-24_11-56-07.pdf
2017-05-24 09:13 - 2017-05-24 09:13 - 00133214 _____ C:\Users\lucca\Downloads\faktura_exp_tow_107_2017_24-05-2017 (2).pdf
2017-05-24 09:03 - 2017-05-24 09:03 - 00133481 _____ C:\Users\lucca\Downloads\faktura_exp_tow_107_2017_24-05-2017 (1).pdf
2017-05-24 08:57 - 2017-05-24 08:57 - 00132920 _____ C:\Users\lucca\Downloads\faktura_exp_tow_107_2017_24-05-2017.pdf
2017-05-24 08:29 - 2017-05-24 08:29 - 00110873 _____ C:\Users\lucca\Downloads\faktura_106_2017_24-05-2017.pdf
2017-05-24 05:50 - 2017-05-24 05:50 - 00110160 _____ C:\Users\lucca\Downloads\faktura_105_2017_24-05-2017.pdf
2017-05-24 05:49 - 2017-05-24 05:49 - 00110097 _____ C:\Users\lucca\Downloads\faktura_104_2017_24-05-2017.pdf
2017-05-23 08:23 - 2017-05-23 08:23 - 00111049 _____ C:\Users\lucca\Downloads\faktura_103_2017_23-05-2017.pdf
2017-05-23 05:50 - 2017-05-23 05:50 - 00109796 _____ C:\Users\lucca\Downloads\faktura_102_2017_23-05-2017.pdf
2017-05-22 11:05 - 2017-05-22 11:05 - 00233060 _____ C:\Users\lucca\Downloads\OFERTA TAPETY P. DABROWSCY C.D.pdf
2017-05-22 09:48 - 2017-05-22 09:48 - 00110835 _____ C:\Users\lucca\Downloads\faktura_100_2017_22-05-2017 (1).pdf
2017-05-22 09:46 - 2017-05-22 09:46 - 00109899 _____ C:\Users\lucca\Downloads\faktura_101_2017_22-05-2017.pdf
2017-05-22 09:44 - 2017-05-22 09:44 - 00110835 _____ C:\Users\lucca\Downloads\faktura_100_2017_22-05-2017.pdf
2017-05-22 09:31 - 2017-05-22 09:31 - 00110556 _____ C:\Users\lucca\Downloads\faktura_99_2017_22-05-2017.pdf
2017-05-22 07:48 - 2017-05-22 07:49 - 137736642 _____ C:\Users\lucca\Downloads\2017-05-22_06-58-37.mp4
2017-05-20 12:47 - 2017-05-20 12:47 - 00014648 _____ C:\Users\lucca\OneDrive\Dokumenty\REKLAMACJA BROOMAN MODO.odt
2017-05-20 08:25 - 2017-05-20 08:25 - 00109915 _____ C:\Users\lucca\Downloads\faktura_99_2017_20-05-2017.pdf
2017-05-20 05:38 - 2017-05-20 05:42 - 00000000 ____D C:\Users\lucca\Desktop\Nowy folder (3)
2017-05-19 11:13 - 2017-05-19 11:13 - 00111710 _____ C:\Users\lucca\Downloads\faktura_98_2017_19-05-2017.pdf
2017-05-19 06:50 - 2017-05-19 06:50 - 00109960 _____ C:\Users\lucca\Downloads\faktura_97_2017_19-05-2017 (1).pdf
2017-05-19 06:49 - 2017-05-19 06:49 - 00110372 _____ C:\Users\lucca\Downloads\faktura_97_2017_19-05-2017.pdf
2017-05-19 06:05 - 2017-05-19 06:05 - 00079577 _____ C:\Users\lucca\Downloads\etykieta_2017-05-19_06-04-36.pdf
2017-05-19 06:05 - 2017-05-19 06:05 - 00079151 _____ C:\Users\lucca\Downloads\etykieta_2017-05-19_06-04-57.pdf
2017-05-19 06:04 - 2017-05-19 06:04 - 00080275 _____ C:\Users\lucca\Downloads\etykieta_2017-05-19_06-03-59.pdf
2017-05-19 06:00 - 2017-05-19 06:00 - 00059872 _____ C:\Users\lucca\Downloads\etykieta_2017-05-19_05-59-56.pdf
2017-05-18 11:55 - 2017-05-18 11:55 - 00033535 _____ C:\Users\lucca\Downloads\Potwierdzenie_transakcji_nr_0006014922_180517.pdf
2017-05-18 09:09 - 2017-05-18 09:09 - 00111659 _____ C:\Users\lucca\Downloads\faktura_97_2017_18-05-2017.pdf
2017-05-18 06:39 - 2017-05-18 06:39 - 00178188 _____ C:\Users\lucca\Downloads\0025178.pdf
2017-05-18 03:10 - 2017-05-18 03:10 - 00110938 _____ C:\Users\lucca\Downloads\faktura_96_2017_18-05-2017.pdf
2017-05-17 12:08 - 2017-05-17 12:08 - 00110194 _____ C:\Users\lucca\Downloads\faktura_95_2017_17-05-2017.pdf

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2017-06-16 07:24 - 2016-10-01 10:05 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-16 07:23 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-06-16 07:21 - 2016-02-16 07:45 - 00001381 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-16 07:15 - 2017-03-13 04:00 - 00000000 ____D C:\ProgramData\AliAntiVirusED
2017-06-16 06:58 - 2016-01-28 14:48 - 00000000 ____D C:\Users\lucca\AppData\Roaming\Foxmail7
2017-06-16 06:22 - 2016-10-01 09:40 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-16 05:40 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-16 05:25 - 2016-10-01 09:47 - 00000000 ____D C:\Users\lucca
2017-06-16 04:40 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-16 04:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-15 20:10 - 2016-01-12 19:37 - 00000000 ____D C:\Users\lucca\AppData\Local\Packages
2017-06-15 20:00 - 2016-06-20 09:30 - 00000000 ____D C:\Users\lucca\AppData\Local\aef
2017-06-15 20:00 - 2016-06-20 09:30 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-06-15 19:24 - 2016-10-01 09:40 - 04484536 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-15 18:43 - 2017-03-13 07:40 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-06-15 16:58 - 2016-06-20 09:20 - 00000000 ____D C:\Users\lucca\AppData\Roaming\TaobaoProtect
2017-06-15 16:24 - 2016-04-19 08:30 - 00000000 ____D C:\CMS
2017-06-15 12:58 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-15 12:58 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-06-15 12:58 - 2016-03-06 21:56 - 00000000 ____D C:\Program Files\Microsoft Office
2017-06-14 12:37 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-06-14 12:26 - 2016-10-06 07:47 - 00000000 ____D C:\Program Files\PhotoSoft
2017-06-14 12:26 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Portable Devices
2017-06-14 12:26 - 2016-01-15 12:46 - 00000000 ____D C:\Program Files\GIMP 2
2017-06-14 12:26 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2017-06-14 07:08 - 2016-01-12 20:35 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-14 06:51 - 2015-10-30 16:30 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\mrt.exe
2017-06-14 02:54 - 2016-10-06 07:48 - 00000000 ____D C:\ProgramData\firebird
2017-06-13 04:05 - 2016-05-09 08:35 - 00000000 ____D C:\Users\lucca\Desktop\EXPORT EU
2017-06-09 22:38 - 2016-06-22 04:06 - 00000000 ____D C:\KMPlayer
2017-06-09 08:38 - 2016-04-20 15:51 - 00000000 ____D C:\Capture
2017-06-09 04:59 - 2017-01-10 05:40 - 00000000 ____D C:\Users\lucca\Desktop\yunitarget
2017-06-09 03:45 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-05 06:51 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-06-03 08:36 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:36 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-31 02:17 - 2016-01-12 20:40 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-05-30 03:48 - 2016-07-17 00:05 - 05898312 _____ C:\WINDOWS\system32\perfh015.dat
2017-05-30 03:48 - 2016-07-17 00:05 - 01692460 _____ C:\WINDOWS\system32\perfc015.dat
2017-05-30 03:48 - 2016-01-12 19:37 - 00005638 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-29 07:15 - 2017-03-03 10:06 - 00001499 _____ C:\Users\lucca\Desktop\Magazyn 2016.lnk
2017-05-29 07:15 - 2017-03-03 10:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magazyn 2016
2017-05-29 04:33 - 2016-04-19 15:24 - 00001999 _____ C:\Users\lucca\AppData\Roaming\Microsoft\Windows\Start Menu\IPCSearch.lnk
2017-05-29 02:16 - 2016-04-19 18:51 - 00000000 ____D C:\WINDOWS\Netview_X OCX
2017-05-29 02:16 - 2016-04-19 18:51 - 00000000 ____D C:\Users\lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Netview_X OCX
2017-05-25 10:16 - 2016-04-19 08:31 - 00000000 ____D C:\Users\lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CMS
2017-05-19 06:52 - 2016-11-06 17:16 - 00000000 ____D C:\kopie zapasowe EasyUploader
2017-05-19 06:51 - 2016-10-06 07:47 - 00001064 _____ C:\Users\lucca\Desktop\EasyUploader v3.lnk
2017-05-18 12:00 - 2017-04-20 10:01 - 00012800 _____ C:\Users\lucca\Desktop\Lucca Заказ не произвели.xls

==================== Pliki w katalogu głównym wybranych folderów =======

2016-07-19 09:47 - 2016-08-26 08:18 - 0005120 _____ () C:\Users\lucca\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-06-14 12:26 - 2017-06-14 12:26 - 0011568 _____ () C:\Users\lucca\AppData\Local\InstallationConfiguration.xml
2017-06-14 12:26 - 2017-06-14 12:26 - 0140800 _____ () C:\Users\lucca\AppData\Local\installer.dat
2016-10-17 06:20 - 2016-10-17 06:36 - 0000600 _____ () C:\Users\lucca\AppData\Local\PUTTY.RND
2017-04-05 13:19 - 2017-04-05 13:19 - 0000737 _____ () C:\Users\lucca\AppData\Local\recently-used.xbel
2016-11-21 15:07 - 2017-03-29 10:28 - 0000744 _____ () C:\Users\lucca\AppData\Local\recently-used.xbel.bak
2017-06-14 12:26 - 2017-06-14 12:26 - 0930816 _____ () C:\Users\lucca\AppData\Local\test_db_cara.db
2016-05-14 09:48 - 2016-05-14 09:48 - 0000115 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Niektóre pliki w TEMP:
====================
2017-06-15 19:03 - 2016-12-27 04:34 - 0128216 _____ () C:\Users\lucca\AppData\Local\Temp\pcid.dll
2017-06-15 19:03 - 2017-02-17 12:54 - 0162840 _____ (深圳市猫哈网络科技发展有限公司) C:\Users\lucca\AppData\Local\Temp\substat.dll
2017-06-15 19:03 - 2017-01-18 12:00 - 0271384 _____ () C:\Users\lucca\AppData\Local\Temp\uninstall.dll
2017-06-14 12:27 - 2017-06-14 12:27 - 3191520 _____ (Microleaves) C:\Users\lucca\AppData\Local\Temp\ww-Online.IO-installer.exe

==================== Bamital & volsnap ======================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo
C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo


UWAGA: ==> Nie można uzyskać dostępu do BCD. 

LastRegBack: 2017-06-06 10:10

==================== Koniec  FRST.txt ============================