Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja: 17.01.2018 Uruchomiony przez Sekretariat (administrator) SEKRETARIAT (17-01-2018 14:47:58) Uruchomiony z C:\Users\Sekretariat\Downloads Załadowane profile: Sekretariat (Dostępne profile: Sekretariat & Stażystka & Ewa & ASI) Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: IE) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (Egis Technology Inc. ) C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe () C:\OEM\USBDECTIONX86\USBS3S4Detection.exe (Microsoft Corporation) C:\Windows\System32\makecab.exe (Renesas Electronics Corporation) C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (ESET) C:\Program Files\ESET\ESET Security\egui.exe (Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [NUSB3MON] => C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [300440 2017-12-18] (ESET) Winlogon\Notify\ScCertProp: wlnotify.dll [X] HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-21-2326368182-1617307045-2659704587-1003\...\Policies\system: [DisableCMD] 0 HKU\S-1-5-21-2326368182-1617307045-2659704587-1003\...\MountPoints2: F - F:\Windows/AutoRun.exe HKU\S-1-5-21-2326368182-1617307045-2659704587-1003\...\MountPoints2: {aab00b81-45c2-11e2-901c-c89cdca98801} - F:\LaunchU3.exe -a HKU\S-1-5-21-2326368182-1617307045-2659704587-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter GroupPolicy: Ograniczenia - Chrome <==== UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\..\Interfaces\{433AA000-AF3B-4FB4-88DE-802DE2849120}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{7E6030CF-887A-4577-909D-507742504432}: [NameServer] 192.168.0.1,8.8.8.8 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131515874348436163&GUID=00000000-0000-0000-0000-000000000000 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131515874348436163&GUID=00000000-0000-0000-0000-000000000000 HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1438074236&from=mych123&uid=st3500413as_w2adl5s1xxxxw2adl5s1&z=d0fe1d0ebb80bd866d8606eg7zdc9b8e9m5z1o7c2t HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131515874348436163&GUID=00000000-0000-0000-0000-000000000000 HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1438074236&from=mych123&uid=st3500413as_w2adl5s1xxxxw2adl5s1&z=d0fe1d0ebb80bd866d8606eg7zdc9b8e9m5z1o7c2t HKU\S-1-5-21-2326368182-1617307045-2659704587-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.pl/ SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE SearchScopes: HKU\S-1-5-21-2326368182-1617307045-2659704587-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-2326368182-1617307045-2659704587-1003 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-2326368182-1617307045-2659704587-1003 -> {58BB876C-3187-4A17-9D9A-8ABCD191A59F} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-2326368182-1617307045-2659704587-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-2326368182-1617307045-2659704587-1003 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-2326368182-1617307045-2659704587-1003 -> {EFEAB411-6284-420B-93E1-AA2AF036FD76} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-2326368182-1617307045-2659704587-1003 -> {F0D5D8B0-2CC9-4777-8DD9-8E86D90D43C3} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} BHO: EgisPBIE Sign-in Helper -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files\Acer ProShield\EgisPBIE.dll [2012-02-02] (Egis Technology Inc.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-11] (Oracle Corporation) Toolbar: HKU\S-1-5-21-2326368182-1617307045-2659704587-1003 -> Brak nazwy - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Brak pliku DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_66-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {CAFEEFAC-0018-0000-0040-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_40-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab FireFox: ======== FF DefaultProfile: 7z46xgsr.default FF ProfilePath: C:\Users\Sekretariat\AppData\Roaming\Mozilla\Firefox\Profiles\7z46xgsr.default [2018-01-17] FF Homepage: Mozilla\Firefox\Profiles\7z46xgsr.default -> hxxps://www.google.pl/?gws_rd=ssl FF NewTab: Mozilla\Firefox\Profiles\7z46xgsr.default -> chrome://quick_start/content/index.html FF Extension: (Adblock Plus) - C:\Users\Sekretariat\AppData\Roaming\Mozilla\Firefox\Profiles\7z46xgsr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-21] FF Extension: (Disable JavaScript Shared Memory) - C:\Users\Sekretariat\AppData\Roaming\Mozilla\Firefox\Profiles\7z46xgsr.default\features\{0db16e22-6602-4b0e-b6ae-3a211ca4a341}\disable-js-shared-memory@mozilla.org.xpi [2018-01-16] [Przestarzałe] FF HKLM\...\Firefox\Extensions: [{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}] - C:\Program Files\Acer ProShield\FFExt FF Extension: ( Online Accounts Extension ) - C:\Program Files\Acer ProShield\FFExt [2012-07-18] [Przestarzałe] [Brak podpisu cyfrowego] FF HKLM\...\Firefox\Extensions: [{d4da7309-b89a-45ec-8ebb-cfb2ae13618b}] - C:\Program Files\Acer ProShield\FFExt20 FF Extension: ( Online Accounts Extension ) - C:\Program Files\Acer ProShield\FFExt20 [2012-07-18] [Przestarzałe] [Brak podpisu cyfrowego] FF HKLM\...\Firefox\Extensions: [quick_searchff@gmail.com] - C:\Users\Sekretariat\AppData\Roaming\Mozilla\Firefox\Profiles\7z46xgsr.default\extensions\quick_searchff@gmail.com => nie znaleziono FF HKLM\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\Sekretariat\AppData\Roaming\Mozilla\Firefox\Profiles\7z46xgsr.default\extensions\sweetsearch@gmail.com => nie znaleziono FF HKLM\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\Sekretariat\AppData\Roaming\Mozilla\Firefox\Profiles\7z46xgsr.default\extensions\defsearchp@gmail.com => nie znaleziono FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2016-01-11] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2016-01-11] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://v9.com?type=hp&ts=1450257587&from=mych123&uid=st3500413as_w2adl5s1xxxxw2adl5s1&z=59695ad791a8ebb7f0bff21g3z6wfe7o4w1m4w0tfo CHR StartupUrls: Default -> "hxxp://v9.com?type=hp&ts=1450257587&from=mych123&uid=st3500413as_w2adl5s1xxxxw2adl5s1&z=59695ad791a8ebb7f0bff21g3z6wfe7o4w1m4w0tfo" CHR Profile: C:\Users\Sekretariat\AppData\Local\Google\Chrome\User Data\Default [2018-01-17] CHR Extension: (Dokumenty Google) - C:\Users\Sekretariat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-26] CHR Extension: (Dysk Google) - C:\Users\Sekretariat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-17] CHR Extension: (YouTube) - C:\Users\Sekretariat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Google Search) - C:\Users\Sekretariat\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-01] CHR Extension: (Adobe Acrobat) - C:\Users\Sekretariat\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-10-11] CHR Extension: (Round World) - C:\Users\Sekretariat\AppData\Local\Google\Chrome\User Data\Default\Extensions\egkpojibogaemajbehmhdkfadcjmnnae [2015-02-05] [UpdateUrl: hxxp://wwwmyroundworldc-a.akamaihd.net/update/chrome] <==== UWAGA CHR Extension: (Dokumenty Google offline) - C:\Users\Sekretariat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-10] CHR Extension: (Online Accounts Extension ) - C:\Users\Sekretariat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ladimmjldcgbeamniagencjbodhnmgen [2017-10-10] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Sekretariat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-06] CHR Extension: (Gmail) - C:\Users\Sekretariat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-05] CHR Extension: (Chrome Media Router) - C:\Users\Sekretariat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-06] CHR HKLM\...\Chrome\Extension: [ladimmjldcgbeamniagencjbodhnmgen] - C:\Program Files\Acer ProShield\ChromeEx\EgisPBChromeExt.crx [2012-02-02] CHR HKU\S-1-5-21-2326368182-1617307045-2659704587-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279000 2014-01-29] (Intel Corporation) R2 EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [180272 2012-02-02] (Egis Technology Inc. ) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [1539560 2017-12-18] (ESET) R2 Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [255376 2012-02-07] (Acer Incorporated) R2 USBS3S4Detection; C:\oem\usbdectionx86\USBS3S4Detection.exe [76320 2009-12-09] () R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 cxbu0wdm; C:\Windows\System32\DRIVERS\cxbu0wdm.sys [131064 2014-05-14] (HID Global Corporation) R3 e1cexpress; C:\Windows\System32\DRIVERS\e1c6232.sys [262824 2011-02-08] (Intel Corporation) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [114552 2017-11-07] (ESET) R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [90640 2017-11-07] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141480 2017-11-07] (ESET) R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [42816 2017-11-07] (ESET) R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [71856 2017-11-07] (ESET) R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [53184 2017-11-07] (ESET) R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [90136 2017-11-07] (ESET) R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation) R1 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [21600 2012-07-18] (Egis Technology Inc.) R1 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16936 2012-07-18] (Egis Technology Inc.) R1 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [62240 2012-07-18] (Egis Technology Inc.) S3 vpcbus; C:\Windows\system32\drivers\vpchbus.sys [165376 2009-09-23] (Microsoft Corporation) R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [55040 2009-09-23] (Microsoft Corporation) S3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2009-09-23] (Microsoft Corporation) R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [295936 2009-12-31] (Microsoft Corporation) S3 cpuz134; \??\C:\Users\SEKRET~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-01-17 14:47 - 2018-01-17 14:51 - 000017246 _____ C:\Users\Sekretariat\Downloads\FRST.txt 2018-01-17 14:43 - 2018-01-17 14:43 - 000001947 _____ C:\Users\Public\Desktop\ESET Ochrona bankowości internetowej.lnk 2018-01-17 14:43 - 2018-01-17 14:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2018-01-17 14:43 - 2018-01-17 14:43 - 000000000 ____D C:\ProgramData\ESET 2018-01-17 14:43 - 2018-01-17 14:43 - 000000000 ____D C:\Program Files\ESET 2018-01-17 14:31 - 2018-01-17 14:31 - 000108816 _____ C:\Users\ASI\AppData\Local\GDIPFONTCACHEV1.DAT 2018-01-17 14:15 - 2018-01-17 14:15 - 000294948 _____ C:\Users\ASI\Downloads\SharedAccess.reg 2018-01-17 14:15 - 2018-01-17 14:15 - 000172952 _____ C:\Users\ASI\Downloads\BFE.reg 2018-01-17 14:15 - 2018-01-17 14:15 - 000007500 _____ C:\Users\ASI\Downloads\MpsSvc.reg 2018-01-17 14:15 - 2018-01-17 14:15 - 000001378 _____ C:\Users\ASI\Downloads\mpsdrv.reg 2018-01-17 14:11 - 2018-01-17 14:19 - 000001782 _____ C:\Users\ASI\Desktop\fix.txt 2018-01-17 14:11 - 2018-01-17 14:19 - 000001782 _____ C:\fix.txt 2018-01-17 14:10 - 2018-01-17 14:10 - 000000000 ____D C:\Users\ASI\Downloads\SetACL (executable version) 2018-01-17 14:10 - 2012-09-10 22:25 - 000454056 _____ (Helge Klein) C:\Windows\SetACL.exe 2018-01-17 14:09 - 2018-01-17 14:09 - 001110564 _____ (Igor Pavlov) C:\Users\ASI\Downloads\7z1604.exe 2018-01-17 14:09 - 2018-01-17 14:09 - 000455739 _____ C:\Users\ASI\Downloads\SetACL (executable version).zip 2018-01-17 14:09 - 2018-01-17 14:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2018-01-17 14:09 - 2018-01-17 14:09 - 000000000 ____D C:\Program Files\7-Zip 2018-01-17 14:05 - 2018-01-17 14:05 - 000294948 _____ C:\Users\ASI\Desktop\SharedAccess.reg 2018-01-17 14:05 - 2018-01-17 14:05 - 000007500 _____ C:\Users\ASI\Desktop\MpsSvc.reg 2018-01-17 14:05 - 2018-01-17 14:05 - 000001378 _____ C:\Users\ASI\Desktop\mpsdrv.reg 2018-01-17 14:05 - 2018-01-17 14:05 - 000000000 _____ C:\Users\ASI\Desktop\BFE.reg 2018-01-17 14:03 - 2018-01-17 14:28 - 000000000 ____D C:\Users\ASI\AppData\LocalLow\Mozilla 2018-01-17 13:28 - 2018-01-17 13:31 - 152301328 _____ (Microsoft Corporation) C:\Users\Sekretariat\Downloads\msert.exe 2018-01-17 13:27 - 2018-01-17 14:47 - 000000000 ____D C:\FRST 2018-01-17 13:26 - 2018-01-17 13:26 - 001753600 _____ (Farbar) C:\Users\Sekretariat\Downloads\FRST.exe 2018-01-17 13:24 - 2018-01-17 13:26 - 000000000 ____D C:\AdwCleaner 2018-01-17 13:14 - 2018-01-17 13:21 - 004254840 _____ (ESET) C:\Users\Sekretariat\Downloads\eset_internet_security_live_installer.exe 2018-01-17 13:06 - 2018-01-17 13:06 - 000072090 _____ C:\Windows\ntbtlog.txt 2018-01-17 13:03 - 2018-01-17 13:03 - 000000039 _____ C:\Users\Sekretariat\Desktop\test.txt 2018-01-17 13:00 - 2018-01-17 13:00 - 000002934 _____ C:\NetworkSettings.txt 2018-01-11 11:56 - 2018-01-11 11:58 - 000028715 _____ C:\Users\Sekretariat\Downloads\Dagma_pro_forma_100610042.pdf 2018-01-09 14:24 - 2018-01-09 14:25 - 000014097 _____ C:\Users\Sekretariat\Downloads\S01_09-01-2018.xlsx 2018-01-09 14:19 - 2018-01-09 14:19 - 000063024 _____ C:\Users\Sekretariat\Downloads\S01_09-01-2018.pdf 2018-01-08 16:56 - 2018-01-08 16:56 - 000099225 _____ C:\Users\Sekretariat\Downloads\KDR - wniosek od 1 stycznia 2018.pdf 2018-01-05 09:26 - 2018-01-01 03:02 - 001310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 012880384 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 001499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 001417728 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 001390080 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 001155584 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 001062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 001004032 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000741888 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000564736 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000463360 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000377344 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000328192 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000269824 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\wshnetbs.dll 2018-01-05 09:26 - 2018-01-01 03:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 001806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2018-01-05 09:26 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2018-01-05 09:26 - 2018-01-01 02:54 - 004013800 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2018-01-05 09:26 - 2018-01-01 02:54 - 003959016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2018-01-05 09:26 - 2018-01-01 02:54 - 001214184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2018-01-05 09:26 - 2018-01-01 02:54 - 000712936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2018-01-05 09:26 - 2018-01-01 02:54 - 000201960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys 2018-01-05 09:26 - 2018-01-01 02:54 - 000198888 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll 2018-01-05 09:26 - 2018-01-01 02:54 - 000198888 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2018-01-05 09:26 - 2018-01-01 02:54 - 000173288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys 2018-01-05 09:26 - 2018-01-01 02:54 - 000139496 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll 2018-01-05 09:26 - 2018-01-01 02:54 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2018-01-05 09:26 - 2018-01-01 02:54 - 000105192 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2018-01-05 09:26 - 2018-01-01 02:54 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2018-01-05 09:26 - 2018-01-01 02:50 - 000317952 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe 2018-01-05 09:26 - 2018-01-01 02:44 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll 2018-01-05 09:26 - 2018-01-01 02:43 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys 2018-01-05 09:26 - 2018-01-01 02:43 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys 2018-01-05 09:26 - 2018-01-01 02:43 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys 2018-01-05 09:26 - 2018-01-01 02:43 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll 2018-01-05 09:26 - 2018-01-01 02:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll 2018-01-05 09:26 - 2018-01-01 02:41 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll 2018-01-05 09:26 - 2018-01-01 02:40 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2018-01-05 09:26 - 2018-01-01 02:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2018-01-05 09:26 - 2018-01-01 02:40 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2018-01-05 09:26 - 2018-01-01 02:40 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2018-01-05 09:26 - 2018-01-01 02:39 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2018-01-05 09:26 - 2018-01-01 02:38 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2018-01-05 09:26 - 2018-01-01 02:38 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe 2018-01-05 09:26 - 2018-01-01 02:38 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll 2018-01-05 09:26 - 2018-01-01 02:38 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll 2018-01-05 09:26 - 2018-01-01 02:37 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2018-01-05 09:26 - 2018-01-01 02:36 - 000314368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2018-01-05 09:26 - 2018-01-01 02:36 - 000313344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2018-01-05 09:26 - 2018-01-01 02:36 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2018-01-05 09:26 - 2018-01-01 02:35 - 000514048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2018-01-05 09:26 - 2018-01-01 02:35 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2018-01-05 09:26 - 2018-01-01 02:35 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2018-01-05 09:26 - 2018-01-01 02:35 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2018-01-05 09:26 - 2018-01-01 02:35 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys 2018-01-05 09:26 - 2018-01-01 02:35 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2018-01-05 09:26 - 2018-01-01 02:35 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2018-01-05 09:26 - 2018-01-01 02:35 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2018-01-05 09:26 - 2018-01-01 02:35 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2018-01-05 09:26 - 2018-01-01 02:35 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2018-01-05 09:26 - 2018-01-01 02:35 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2018-01-05 09:26 - 2018-01-01 02:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2018-01-05 09:26 - 2018-01-01 02:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2018-01-05 09:26 - 2017-12-30 07:42 - 000347328 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2018-01-05 09:26 - 2017-12-29 19:39 - 020274688 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2018-01-05 09:26 - 2017-12-29 19:24 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2018-01-05 09:26 - 2017-12-29 19:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2018-01-05 09:26 - 2017-12-29 19:13 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2018-01-05 09:26 - 2017-12-29 19:13 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2018-01-05 09:26 - 2017-12-29 19:12 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2018-01-05 09:26 - 2017-12-29 19:12 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2018-01-05 09:26 - 2017-12-29 19:11 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2018-01-05 09:26 - 2017-12-29 19:09 - 002294272 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2018-01-05 09:26 - 2017-12-29 19:06 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2018-01-05 09:26 - 2017-12-29 19:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2018-01-05 09:26 - 2017-12-29 19:04 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2018-01-05 09:26 - 2017-12-29 19:03 - 000662528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2018-01-05 09:26 - 2017-12-29 19:03 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2018-01-05 09:26 - 2017-12-29 19:03 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2018-01-05 09:26 - 2017-12-29 19:03 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2018-01-05 09:26 - 2017-12-29 18:57 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2018-01-05 09:26 - 2017-12-29 18:55 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2018-01-05 09:26 - 2017-12-29 18:51 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2018-01-05 09:26 - 2017-12-29 18:50 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2018-01-05 09:26 - 2017-12-29 18:50 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2018-01-05 09:26 - 2017-12-29 18:47 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2018-01-05 09:26 - 2017-12-29 18:47 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2018-01-05 09:26 - 2017-12-29 18:46 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2018-01-05 09:26 - 2017-12-29 18:45 - 004508160 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2018-01-05 09:26 - 2017-12-29 18:44 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2018-01-05 09:26 - 2017-12-29 18:39 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2018-01-05 09:26 - 2017-12-29 18:38 - 013680128 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2018-01-05 09:26 - 2017-12-29 18:38 - 000694272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2018-01-05 09:26 - 2017-12-29 18:37 - 002058752 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2018-01-05 09:26 - 2017-12-29 18:37 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2018-01-05 09:26 - 2017-12-29 18:36 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2018-01-05 09:26 - 2017-12-29 18:19 - 002767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2018-01-05 09:26 - 2017-12-29 18:15 - 001313792 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2018-01-05 09:26 - 2017-12-29 18:13 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2018-01-05 09:26 - 2017-12-21 07:27 - 000535656 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2018-01-05 09:26 - 2017-12-13 17:15 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2018-01-05 09:26 - 2017-12-13 17:11 - 000071168 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2018-01-05 09:26 - 2017-12-13 17:11 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2018-01-05 09:26 - 2017-12-13 17:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2018-01-05 09:26 - 2017-12-13 16:50 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2018-01-05 09:26 - 2017-12-05 18:08 - 000481792 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll 2018-01-05 09:26 - 2017-12-05 18:08 - 000215040 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll 2018-01-05 09:26 - 2017-12-05 16:50 - 002402816 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2018-01-05 09:26 - 2017-12-05 16:49 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll 2018-01-04 14:07 - 2018-01-04 14:07 - 000094517 _____ C:\Users\Sekretariat\Downloads\Wzór wniosku KDR.4.pdf 2018-01-04 13:55 - 2018-01-04 13:55 - 000727583 _____ C:\Users\Sekretariat\Downloads\Pismo w sprawie zmian w SI KDR.pdf 2018-01-02 12:24 - 2018-01-02 12:24 - 000000000 ____D C:\Users\Ewa\AppData\Roaming\ESET 2017-12-22 15:34 - 2017-12-22 15:34 - 000000000 ____D C:\Windows\OEMTemp 2017-12-22 15:09 - 2018-01-17 14:08 - 000000000 ____D C:\Users\ASI\AppData\Local\Mozilla 2017-12-22 15:09 - 2018-01-17 14:03 - 000000000 ____D C:\Users\ASI\AppData\Roaming\Mozilla 2017-12-22 15:08 - 2017-12-22 15:08 - 000000000 ____D C:\Users\ASI\AppData\Roaming\Macromedia 2017-12-22 15:08 - 2017-12-22 15:08 - 000000000 ____D C:\Users\ASI\AppData\Local\ESET 2017-12-22 15:07 - 2018-01-17 14:01 - 000000000 ___RD C:\Users\ASI\Virtual Machines 2017-12-22 15:07 - 2017-12-22 15:20 - 000000000 ____D C:\Users\ASI\AppData\Local\Google 2017-12-22 15:07 - 2017-12-22 15:12 - 000002215 _____ C:\Users\ASI\Desktop\Google Chrome.lnk 2017-12-22 15:06 - 2017-12-22 15:07 - 000000000 ____D C:\Users\ASI 2017-12-22 15:06 - 2017-12-22 15:06 - 000001429 _____ C:\Users\ASI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2017-12-22 15:06 - 2017-12-22 15:06 - 000000020 ___SH C:\Users\ASI\ntuser.ini 2017-12-22 15:06 - 2017-12-22 15:06 - 000000000 _SHDL C:\Users\ASI\Ustawienia lokalne 2017-12-22 15:06 - 2017-12-22 15:06 - 000000000 _SHDL C:\Users\ASI\Szablony 2017-12-22 15:06 - 2017-12-22 15:06 - 000000000 _SHDL C:\Users\ASI\Moje dokumenty 2017-12-22 15:06 - 2017-12-22 15:06 - 000000000 _SHDL C:\Users\ASI\Menu Start 2017-12-22 15:06 - 2017-12-22 15:06 - 000000000 _SHDL C:\Users\ASI\Documents\Moje wideo 2017-12-22 15:06 - 2017-12-22 15:06 - 000000000 _SHDL C:\Users\ASI\Documents\Moje obrazy 2017-12-22 15:06 - 2017-12-22 15:06 - 000000000 _SHDL C:\Users\ASI\Documents\Moja muzyka 2017-12-22 15:06 - 2017-12-22 15:06 - 000000000 _SHDL C:\Users\ASI\Dane aplikacji 2017-12-22 15:06 - 2017-12-22 15:06 - 000000000 _SHDL C:\Users\ASI\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2017-12-22 15:06 - 2017-12-22 15:06 - 000000000 _SHDL C:\Users\ASI\AppData\Local\Historia 2017-12-22 15:06 - 2017-12-22 15:06 - 000000000 _SHDL C:\Users\ASI\AppData\Local\Dane aplikacji 2017-12-22 15:06 - 2017-12-22 15:06 - 000000000 ____D C:\Users\ASI\AppData\Roaming\Adobe 2017-12-22 15:06 - 2017-12-22 15:06 - 000000000 ____D C:\Users\ASI\AppData\Local\VirtualStore 2017-12-22 15:06 - 2012-09-06 13:08 - 000000000 ____D C:\Users\ASI\AppData\Local\Microsoft Help 2017-12-22 15:06 - 2010-11-21 01:47 - 000000000 ____D C:\Users\ASI\AppData\Roaming\Media Center Programs 2017-12-21 14:45 - 2017-12-21 14:45 - 000312462 _____ C:\Users\Sekretariat\Downloads\instrukcja wype_nienia formularza oceny 15.05.pdf 2017-12-21 14:40 - 2017-12-21 14:40 - 000057435 _____ C:\Users\Sekretariat\Downloads\R02_21-12-2017.pdf 2017-12-21 14:39 - 2017-12-21 14:39 - 000058264 _____ C:\Users\Sekretariat\Downloads\R04_21-12-2017.pdf 2017-12-21 14:36 - 2017-12-21 14:36 - 000062018 _____ C:\Users\Sekretariat\Downloads\R05_21-12-2017.pdf 2017-12-21 14:35 - 2017-12-21 14:35 - 000057518 _____ C:\Users\Sekretariat\Downloads\R03_21-12-2017.pdf ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-01-17 14:49 - 2016-12-28 13:40 - 000000000 ____D C:\Users\Sekretariat\AppData\LocalLow\Mozilla 2018-01-17 14:45 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-01-17 14:44 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf 2018-01-17 14:36 - 2009-07-14 05:34 - 000027568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-01-17 14:36 - 2009-07-14 05:34 - 000027568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-01-17 14:30 - 2012-09-06 13:19 - 000000358 _____ C:\Windows\Tasks\Acer Registration - Reminder Recall task.job 2018-01-17 14:00 - 2015-02-04 12:59 - 000000000 ____D C:\Program Files\WinRAR 2018-01-17 13:59 - 2012-09-06 13:43 - 000000000 ____D C:\Users\Sekretariat\Documents\Pliki programu Outlook 2018-01-17 13:55 - 2015-03-19 18:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Krajowa Izba Rozliczeniowa S.A 2018-01-17 13:55 - 2011-08-16 09:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer 2018-01-17 13:55 - 2011-08-16 09:19 - 000000000 ____D C:\Program Files\Acer 2018-01-17 13:53 - 2015-03-19 18:20 - 000000000 ____D C:\Program Files\Krajowa Izba Rozliczeniowa S.A 2018-01-17 13:53 - 2013-12-18 18:05 - 000000000 ____D C:\Users\Sekretariat\AppData\Local\Google 2018-01-17 13:52 - 2013-12-18 18:04 - 000000000 ____D C:\Program Files\Google 2018-01-17 13:49 - 2011-08-16 09:49 - 000000000 ____D C:\Windows\system32\Macromed 2018-01-17 13:46 - 2016-09-28 18:00 - 000000000 ____D C:\Windows\system32\SupportAppPBZTE MF823 2018-01-17 13:29 - 2016-01-22 18:42 - 000000000 ____D C:\Users\Sekretariat\AppData\Local\ElevatedDiagnostics 2018-01-16 18:12 - 2012-06-23 02:26 - 000741836 _____ C:\Windows\system32\perfh015.dat 2018-01-16 18:12 - 2012-06-23 02:26 - 000156480 _____ C:\Windows\system32\perfc015.dat 2018-01-16 18:12 - 2010-11-20 22:01 - 001669906 _____ C:\Windows\system32\PerfStringBackup.INI 2018-01-16 16:58 - 2017-11-22 13:20 - 000000000 ____D C:\Users\Sekretariat\Desktop\Wigilija 2017 2018-01-16 14:51 - 2017-01-04 15:36 - 000000000 ____D C:\Users\Sekretariat\Desktop\Programy i sprawozdania za 2016 r 2018-01-16 10:40 - 2016-07-06 14:43 - 000000000 ____D C:\Users\Sekretariat\Documents\Materiały na komisję UM 2018-01-16 10:38 - 2017-03-07 16:22 - 000000000 ____D C:\Users\Sekretariat\Desktop\ZTU 2017 2018-01-16 10:33 - 2017-10-11 09:36 - 000000000 ____D C:\Users\Sekretariat\Desktop\profilaktyka szkolna2017-18 2018-01-16 10:31 - 2012-09-06 12:06 - 000000000 ____D C:\Users\Sekretariat\Documents\Narkomania 2018-01-15 17:32 - 2015-03-11 16:38 - 000000000 ____D C:\Users\Sekretariat\Documents\Kampania Przeciw pijanym kierowcom 2018-01-12 18:44 - 2017-03-01 12:10 - 000000000 ____D C:\Users\Sekretariat\Desktop\Placówka Wsparcia Dziennego 2018-01-12 13:57 - 2017-01-04 15:30 - 000000000 ____D C:\Users\Sekretariat\Desktop\Ogólnopolska Karta Dużej Rodziny 2018-01-12 13:09 - 2012-09-06 12:03 - 000000000 ____D C:\Users\Sekretariat\Documents\Gminna Komisja 2018-01-12 11:47 - 2012-09-06 12:04 - 000000000 ____D C:\Users\Sekretariat\Documents\Konkursy 2018-01-11 16:10 - 2013-11-08 12:56 - 000000000 ____D C:\Users\Sekretariat\Desktop\Program Rodzinny Konstantynów Łd 2018-01-11 09:27 - 2012-09-06 12:28 - 000000000 ____D C:\Users\Sekretariat\Documents\Zaświadczenia 2018-01-10 14:52 - 2013-07-31 17:21 - 000000000 ____D C:\Windows\system32\MRT 2018-01-10 14:51 - 2017-10-11 17:35 - 126487616 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe 2018-01-10 14:51 - 2012-10-05 15:12 - 126487616 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2018-01-10 09:00 - 2015-05-10 11:05 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service 2018-01-09 13:35 - 2015-07-08 12:49 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-01-09 09:32 - 2015-01-15 11:30 - 000002151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-01-08 18:44 - 2012-09-06 12:31 - 000000000 ____D C:\Users\Sekretariat\Documents\Centrum informacje -kadry 2018-01-08 16:33 - 2016-03-10 14:19 - 000000000 ____D C:\Users\Sekretariat\Desktop\Programy profilaktyczne 2018-01-08 09:24 - 2012-09-06 13:47 - 000000000 ___RD C:\Users\Sekretariat\Virtual Machines 2018-01-08 09:19 - 2009-07-14 05:33 - 000408272 _____ C:\Windows\system32\FNTCACHE.DAT 2018-01-02 12:24 - 2017-02-17 09:31 - 000271360 _____ C:\Users\Ewa\Documents\mail_sekretariat.pst 2018-01-02 12:21 - 2016-05-25 09:00 - 000000000 ____D C:\Users\Ewa\AppData\Local\ESET 2018-01-02 12:20 - 2012-09-06 15:03 - 000000000 ___RD C:\Users\Ewa\Virtual Machines 2017-12-27 18:43 - 2017-10-25 14:37 - 000000000 ____D C:\Users\Sekretariat\Desktop\Projekt MOK 2017-12-27 16:53 - 2012-09-06 12:24 - 000000000 ____D C:\Users\Sekretariat\Documents\Sąd Pabianice i Prokuratura 2017-12-27 16:50 - 2012-09-06 12:26 - 000000000 ____D C:\Users\Sekretariat\Documents\Umowy 2017-12-27 14:06 - 2017-05-08 14:39 - 000000000 ____D C:\Users\Sekretariat\Desktop\Galeria 2017-12-22 15:34 - 2017-03-09 17:15 - 000000000 ____D C:\Program Files\NirSoft 2017-12-22 15:34 - 2011-08-16 09:19 - 000000000 ___HD C:\Program Files\InstallShield Installation Information 2017-12-22 15:33 - 2011-08-16 09:18 - 000000000 ____D C:\ProgramData\Skype 2017-12-22 14:33 - 2015-02-05 14:53 - 000000472 __RSH C:\ProgramData\ntuser.pol 2017-12-22 14:30 - 2009-07-14 03:37 - 000000000 ___HD C:\Windows\system32\GroupPolicy ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-02-11 17:56 - 2015-02-11 17:56 - 000030270 _____ () C:\Users\Sekretariat\AppData\Local\Bron.tok.A9.em.bin 2013-04-03 15:18 - 2013-04-03 15:18 - 000000051 _____ () C:\Users\Sekretariat\AppData\Local\Kosong.Bron.Tok.txt 2016-04-11 11:19 - 2016-04-11 11:19 - 000000600 _____ () C:\Users\Sekretariat\AppData\Local\PUTTY.RND Niektóre pliki w TEMP: ==================== 2017-02-09 13:53 - 2017-02-09 13:53 - 002467568 _____ (CryptoTech Sp. z o.o.) C:\Users\Sekretariat\AppData\Local\Temp\CCP11s.dll 2014-01-22 09:26 - 2014-01-22 09:26 - 001070088 _____ (Solid State Networks) C:\Users\Sekretariat\AppData\Local\Temp\install_flashplayer12x32axau_gtba_chra_dy_aaa_aih.exe 2014-04-22 09:11 - 2014-04-22 09:11 - 001070088 _____ (Solid State Networks) C:\Users\Sekretariat\AppData\Local\Temp\install_flashplayer12x32axau_gtba_chra_dy_aaa_aih_1.exe 2012-11-07 17:14 - 2012-11-07 17:14 - 000998224 _____ (Solid State Networks) C:\Users\Sekretariat\AppData\Local\Temp\install_reader11_en_gtba_chra_dy_aih.exe 2013-12-31 13:09 - 2013-12-31 13:09 - 001069568 _____ (Solid State Networks) C:\Users\Sekretariat\AppData\Local\Temp\install_reader11_pl_gtba_chra_dy_aaa_aih.exe 2014-01-10 09:30 - 2014-01-10 09:30 - 001069568 _____ (Solid State Networks) C:\Users\Sekretariat\AppData\Local\Temp\install_reader11_pl_gtba_chra_dy_aaa_aih_1.exe 2015-05-05 13:39 - 2015-05-06 15:20 - 000562272 _____ (Oracle Corporation) C:\Users\Sekretariat\AppData\Local\Temp\jre-8u45-windows-au.exe 2017-02-09 13:53 - 2017-02-09 13:53 - 000099328 _____ (IAIK) C:\Users\Sekretariat\AppData\Local\Temp\pkcs11wrapper.dll 2018-01-17 13:51 - 2018-01-17 13:51 - 000099328 ____N (IAIK) C:\Users\Sekretariat\AppData\Local\Temp\pkcs11wrapper7054126515178619326.dll 2015-02-24 10:09 - 2015-02-24 10:09 - 000295912 _____ (Reimage®) C:\Users\Sekretariat\AppData\Local\Temp\ReiSysUpdate.exe 2014-05-25 10:59 - 2014-11-16 11:43 - 000383488 _____ () C:\Users\Sekretariat\AppData\Local\Temp\xuninst.exe 2014-11-16 11:47 - 2014-11-16 11:47 - 000310586 _____ () C:\Users\Sekretariat\AppData\Local\Temp\_inst1.exe ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-12-13 11:01 ==================== Koniec FRST.txt ============================