Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 29-09-2017 Uruchomiony przez Ola (administrator) OLA-KOMPUTER (30-09-2017 20:53:16) Uruchomiony z C:\Users\Ola\Downloads Załadowane profile: Ola (Dostępne profile: Ola) Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 8 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Lenovo.) C:\Windows\System32\ibmpmsvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe (Lenovo) C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe (ALCPU) C:\Program Files\Core Temp\Core Temp.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe (Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) C:\Windows\System32\rundll32.exe () C:\Program Files (x86)\Lenovo\System Update\SUService.exe (Lenovo) C:\Users\Ola\AppData\Local\Apps\2.0\4GKTXOYQ.0M2\WJAO5VT9.4DL\lsb...tion_2d7b41b05b24775e_0001.0006_3b0a905c8de4f74a\LSB.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe (Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe (Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated) HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [60920 2013-05-29] (Lenovo Group Limited) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation) HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation) HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-604180192-1442903964-936779649-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2016-12-22] (Disc Soft Ltd) HKU\S-1-5-21-604180192-1442903964-936779649-1000\...\MountPoints2: {a71904c7-d3fd-11e6-9c2c-60d819bd8a69} - F:\FATE_setup.exe Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2017-01-05] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{4979BC2B-A33E-4C18-B06F-A2F626149D05}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{E7C09974-CEA8-4CF7-893C-7B8F7CF1A288}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{F6D5E820-73A4-4385-B137-19693A47B4AE}: [DhcpNameServer] 192.168.42.129 Internet Explorer: ================== HKU\S-1-5-21-604180192-1442903964-936779649-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation) FireFox: ======== FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll [2014-07-09] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll [2014-07-09] (Intel Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.) Chrome: ======= CHR HomePage: Default -> hxxps://www.google.pl/?gfe_rd=cr&ei=_XJuWOTZN6_i8AfbrbyICw CHR Profile: C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default [2017-09-30] CHR Extension: (Prezentacje Google) - C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-05] CHR Extension: (Dokumenty Google) - C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-05] CHR Extension: (Dysk Google) - C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-05] CHR Extension: (YouTube) - C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-05] CHR Extension: (Adobe Acrobat) - C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-13] CHR Extension: (Arkusze Google) - C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-05] CHR Extension: (Dokumenty Google offline) - C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-05] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22] CHR Extension: (Adblock plus uBlock - Bloker reklam) - C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oofnbdifeelbaidfgpikinijekkjcicg [2017-09-13] CHR Extension: (Gmail) - C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-05] CHR Extension: (Chrome Media Router) - C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-15] CHR HKU\S-1-5-21-604180192-1442903964-936779649-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com) R2 connect2hotspot; C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe [100680 2016-11-29] (Lenovo) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2016-12-22] (Disc Soft Ltd) S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [326160 2016-04-14] (Lenovo.) S2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [711256 2016-11-01] (Lenovo.) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation) R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23928 2017-08-16] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-01-06] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-01-06] (Disc Soft Ltd) S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [119680 2017-03-08] (Future Technology Devices International Ltd.) S3 FTSER2K; C:\Windows\System32\drivers\ftser2k.sys [89792 2017-03-08] (Future Technology Devices International Ltd.) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation) R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation) S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2017-09-27] () R3 ALSysIO; \??\C:\Users\Ola\AppData\Local\Temp\ALSysIO64.sys [X] <==== UWAGA U0 Partizan; system32\drivers\Partizan.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-09-30 20:53 - 2017-09-30 20:53 - 000013841 _____ C:\Users\Ola\Downloads\FRST.txt 2017-09-30 20:18 - 2017-09-30 20:18 - 000000000 ____D C:\ProgramData\RegRun 2017-09-30 20:16 - 2017-09-30 20:50 - 000000000 ____D C:\Program Files (x86)\UnHackMe 2017-09-30 20:16 - 2017-09-30 20:34 - 000000000 ____D C:\Users\Ola\Documents\RegRun2 2017-09-30 20:16 - 2017-09-30 20:16 - 000000002 RSHOT C:\Windows\winstart.bat 2017-09-30 20:16 - 2017-09-30 20:16 - 000000002 RSHOT C:\Windows\SysWOW64\CONFIG.NT 2017-09-30 20:16 - 2017-09-30 20:16 - 000000002 RSHOT C:\Windows\SysWOW64\AUTOEXEC.NT 2017-09-30 20:15 - 2017-09-30 20:33 - 000002896 _____ C:\Windows\System32\Tasks\AutoKMS 2017-09-30 20:15 - 2017-09-30 20:33 - 000000266 _____ C:\Windows\Tasks\AutoKMS.job 2017-09-30 20:15 - 2017-09-30 20:26 - 000000000 ____D C:\Windows\AutoKMS 2017-09-30 20:11 - 2017-09-30 20:11 - 000000000 ____D C:\Users\Ola\Downloads\unhackmeb 2017-09-30 20:09 - 2017-09-30 20:09 - 018866003 _____ C:\Users\Ola\Downloads\unhackmeb.zip 2017-09-30 17:14 - 2017-09-30 20:53 - 000000000 ____D C:\FRST 2017-09-30 17:11 - 2017-09-30 17:12 - 002399744 _____ (Farbar) C:\Users\Ola\Downloads\FRST64.exe 2017-09-29 19:28 - 2017-09-29 19:30 - 000000000 ____D C:\AdwCleaner 2017-09-29 19:28 - 2017-09-29 19:28 - 008249808 _____ (Malwarebytes) C:\Users\Ola\Downloads\adwcleaner_7.0.3.0.exe 2017-09-26 18:10 - 2017-09-26 18:11 - 000014066 _____ C:\Users\Ola\Downloads\[torrenty.to] Rolnik szuka żony (2017) [S04E03] [480p] [WEBRip] [x264] [Lektor PL] [H1].torrent 2017-09-19 18:48 - 2017-09-19 18:48 - 000013845 _____ C:\Users\Ola\Downloads\[torrenty.to] Rolnik szuka żony -2017- [S04E02] [480p] [WEBRip] [x264-B666] [PL].torrent 2017-09-18 17:44 - 2017-09-18 17:44 - 001856760 _____ C:\Users\Ola\Downloads\DOC180917-18092017083729.pdf 2017-09-13 12:40 - 2017-09-13 12:40 - 000000303 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog 2017-09-13 12:40 - 2017-09-13 12:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lenovo 2017-09-09 10:23 - 2017-09-09 10:24 - 000000133 _____ C:\Users\Ola\Desktop\Sweet Dreams Super Simple Songs.url 2017-09-04 12:31 - 2017-09-04 12:31 - 000065832 _____ C:\Users\Ola\Downloads\Z019 (1).pdf 2017-09-04 12:30 - 2017-09-04 12:30 - 000065173 _____ C:\Users\Ola\Downloads\Z019.pdf 2017-09-03 08:34 - 2017-09-20 22:11 - 000000183 _____ C:\Users\Ola\Desktop\Muzyka dla niemowląt.url 2017-09-01 12:13 - 2017-09-01 12:13 - 000015946 _____ C:\Users\Ola\Downloads\Warunki reklamacji (1).pdf 2017-09-01 12:12 - 2017-09-01 12:12 - 000018771 _____ C:\Users\Ola\Downloads\Informacje od sprzedającego.pdf 2017-09-01 12:12 - 2017-09-01 12:12 - 000015946 _____ C:\Users\Ola\Downloads\Warunki reklamacji.pdf 2017-09-01 12:05 - 2017-09-01 11:36 - 008646399 ____N C:\Users\Ola\Desktop\VID_20170901_113637.3gp 2017-09-01 12:05 - 2017-09-01 11:33 - 004415525 ____N C:\Users\Ola\Desktop\VID_20170901_113343.3gp ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-09-30 20:38 - 2009-07-14 06:45 - 000025984 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-09-30 20:38 - 2009-07-14 06:45 - 000025984 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-09-30 20:34 - 2017-01-05 18:11 - 000000000 ____D C:\Users\Ola\AppData\Local\Deployment 2017-09-30 20:32 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-09-30 19:46 - 2009-07-14 19:55 - 000739932 _____ C:\Windows\system32\perfh015.dat 2017-09-30 19:46 - 2009-07-14 19:55 - 000155474 _____ C:\Windows\system32\perfc015.dat 2017-09-30 19:46 - 2009-07-14 07:13 - 001668226 _____ C:\Windows\system32\PerfStringBackup.INI 2017-09-30 19:46 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2017-09-27 20:50 - 2017-01-06 13:52 - 000000000 ____D C:\Users\Ola\AppData\Roaming\BitComet 2017-09-27 17:59 - 2017-07-05 12:40 - 000031152 _____ C:\Windows\system32\Drivers\pmxdrv.sys 2017-09-22 11:41 - 2017-01-05 18:12 - 000002201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-09-22 11:41 - 2017-01-05 18:12 - 000002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-09-15 17:13 - 2017-01-05 20:17 - 000000000 ____D C:\ProgramData\Lenovo 2017-09-13 12:40 - 2017-01-05 20:22 - 000000000 ____D C:\Windows\System32\Tasks\TVT 2017-09-13 12:40 - 2017-01-05 20:17 - 000000000 ____D C:\Program Files (x86)\Lenovo 2017-08-31 17:57 - 2017-01-06 13:04 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk ==================== Pliki w katalogu głównym wybranych folderów ======= 2014-07-09 14:01 - 2014-07-09 14:01 - 000022976 _____ (Intel Corporation) C:\Users\Ola\AppData\Roaming\JomCap.dll 2017-07-07 07:23 - 2017-08-29 20:02 - 000003585 _____ () C:\Users\Ola\AppData\Local\AcStag.ini 2017-08-05 18:36 - 2017-08-29 20:02 - 000006291 _____ () C:\Users\Ola\AppData\Local\AcStag.lyt Niektóre pliki w TEMP: ==================== 2017-04-14 11:05 - 2017-04-14 11:05 - 016312432 _____ () C:\Users\Ola\AppData\Local\Temp\Bit592A.tmp.exe 2017-09-26 18:11 - 2017-09-26 18:11 - 016739360 _____ () C:\Users\Ola\AppData\Local\Temp\Bit5E9.tmp.exe 2017-09-03 20:55 - 2017-09-03 20:55 - 016739360 _____ () C:\Users\Ola\AppData\Local\Temp\Bit678B.tmp.exe 2010-05-13 23:22 - 2010-05-13 23:22 - 000174440 ____R (Microsoft Corporation) C:\Users\Ola\AppData\Local\Temp\ose00000.exe ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-01-05 17:46 ==================== Koniec FRST.txt ============================