Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 06.06.2018 01 Uruchomiony przez ja (administrator) A-KOMPUTER (18-06-2018 18:39:33) Uruchomiony z C:\Users\ja\Desktop\Nowy folder (3) Załadowane profile: ja (Dostępne profile: ja) Platform: Windows 7 Ultimate Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: "C:\Program Files\Slimjet\slimjet.exe" -- "%1") Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (FlashPeak Inc.) C:\Program Files\Slimjet\slimjet.exe (FlashPeak Inc.) C:\Program Files\Slimjet\slimjet.exe (FlashPeak Inc.) C:\Program Files\Slimjet\slimjet.exe (FlashPeak Inc.) C:\Program Files\Slimjet\slimjet.exe (FlashPeak Inc.) C:\Program Files\Slimjet\slimjet.exe (FlashPeak Inc.) C:\Program Files\Slimjet\slimjet.exe (FlashPeak Inc.) C:\Program Files\Slimjet\slimjet.exe (FlashPeak Inc.) C:\Program Files\Slimjet\slimjet.exe (FlashPeak Inc.) C:\Program Files\Slimjet\slimjet.exe (FlashPeak Inc.) C:\Program Files\Slimjet\slimjet.exe (FlashPeak Inc.) C:\Program Files\Slimjet\slimjet.exe (FlashPeak Inc.) C:\Program Files\Slimjet\slimjet.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-3991928589-2277646456-2872176512-1001\...\MountPoints2: {3093d4d0-186e-11e2-bc54-806e6f6e6963} - I:\aoesetup.exe /autorun HKU\S-1-5-21-3991928589-2277646456-2872176512-1001\...\MountPoints2: {6ee140bd-1698-11e5-8494-001e33745fde} - J:\LGAutoRun.exe HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 62.179.1.62 62.179.1.63 Tcpip\..\Interfaces\{5F0320FA-D06A-419B-87F5-E2719B497916}: [DhcpNameServer] 62.179.1.62 62.179.1.63 Tcpip\..\Interfaces\{E2F5BB9D-B69E-426A-80FD-FCF7EDC89AD2}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3991928589-2277646456-2872176512-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gazeta.pl/0,0.html?p=183 BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.9.0.cab DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [2018-06-07] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-06-07] () FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://www.gazeta.allplayer.org/ CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Profile: C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default [2018-06-17] CHR Extension: (uBlock Origin) - C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-06-17] CHR Extension: (Skype) - C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-02] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-17] CHR Extension: (e-pity - dodatek) - C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofoeigeaodhbjogdigckajfhjbonaofg [2017-03-04] CHR Extension: (Chrome Media Router) - C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-17] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01] CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S4 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation) S4 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Brak podpisu cyfrowego] R2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation) R2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2016-07-17] (The OpenVPN Project) R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [416768 2009-06-10] (Realtek Semiconductor Corporation ) S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [14368 1968-04-08] () [Brak podpisu cyfrowego] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-06-18 18:38 - 2018-06-18 18:39 - 000000000 ____D C:\Users\ja\Desktop\Nowy folder (3) 2018-06-17 12:45 - 2018-06-17 12:47 - 050602816 _____ C:\Users\ja\Downloads\sjtsetup_x64.exe 2018-06-15 21:13 - 2018-06-15 21:13 - 000000000 ___SD C:\Users\ja\Documents\Moje źródła danych 2018-06-08 23:46 - 2018-06-08 23:46 - 000000000 ____D C:\Users\ja\AppData\Roaming\SmartSteamEmu 2018-06-08 23:46 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2018-06-08 23:46 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2018-06-08 23:46 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll 2018-06-08 23:46 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2018-06-08 23:46 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2018-06-08 23:46 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2018-06-08 23:46 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2018-06-08 23:46 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2018-06-08 23:46 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2018-06-08 23:46 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2018-06-08 23:46 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2018-06-08 23:46 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll 2018-06-08 23:46 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2018-06-08 23:46 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2018-06-08 23:46 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2018-06-08 23:46 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2018-06-08 23:46 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2018-06-08 23:46 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll 2018-06-08 23:46 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll 2018-06-08 23:46 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2018-06-08 23:46 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2018-06-08 23:46 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll 2018-06-08 23:46 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll 2018-06-08 23:46 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll 2018-06-08 23:46 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll 2018-06-08 23:46 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll 2018-06-08 23:46 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll 2018-06-08 23:46 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll 2018-06-08 23:46 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll 2018-06-08 23:46 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll 2018-06-08 23:46 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll 2018-06-08 23:46 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll 2018-06-08 23:46 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll 2018-06-08 23:46 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll 2018-06-08 23:46 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll 2018-06-08 23:46 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll 2018-06-08 23:46 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll 2018-06-08 23:46 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll 2018-06-08 23:46 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll 2018-06-08 23:46 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll 2018-06-08 23:46 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll 2018-06-08 23:46 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll 2018-06-08 23:46 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll 2018-06-08 23:46 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll 2018-06-08 23:46 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll 2018-06-08 23:46 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll 2018-06-08 23:46 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll 2018-06-08 23:46 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll 2018-06-08 23:46 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll 2018-06-08 23:46 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll 2018-06-08 23:46 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll 2018-06-08 23:46 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll 2018-06-08 23:46 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll 2018-06-08 23:46 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll 2018-06-08 23:43 - 2018-06-08 23:46 - 000000000 ____D C:\Windows\SysWOW64\directx 2018-06-08 23:43 - 2018-06-08 23:45 - 000000000 ___HD C:\Windows\msdownld.tmp 2018-06-08 23:43 - 2018-06-08 23:43 - 000292184 _____ (Microsoft Corporation) C:\Users\ja\Downloads\dxwebsetup.exe 2018-06-08 22:12 - 2018-06-08 23:18 - 000000000 ____D C:\Users\ja\Desktop\Nowy folder (2) 2018-06-07 17:02 - 2018-06-07 17:02 - 000384114 _____ C:\Users\ja\Downloads\15.pdf ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-06-18 18:39 - 2018-02-28 13:23 - 000000000 ____D C:\FRST 2018-06-18 18:06 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-06-18 17:51 - 2014-05-08 19:55 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-06-18 17:45 - 2013-08-15 14:49 - 000000000 ____D C:\Users\ja\AppData\Local\CrashDumps 2018-06-18 17:27 - 2009-07-14 06:45 - 000010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-06-18 17:27 - 2009-07-14 06:45 - 000010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-06-18 17:21 - 2009-07-14 07:08 - 000032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2018-06-18 13:30 - 2009-07-14 19:55 - 000739932 _____ C:\Windows\system32\perfh015.dat 2018-06-18 13:30 - 2009-07-14 19:55 - 000155474 _____ C:\Windows\system32\perfc015.dat 2018-06-18 13:30 - 2009-07-14 07:13 - 001668226 _____ C:\Windows\system32\PerfStringBackup.INI 2018-06-18 13:30 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2018-06-18 13:10 - 2018-02-28 19:17 - 000710348 _____ C:\Windows\ntbtlog.txt 2018-06-17 12:51 - 2018-03-01 13:50 - 000000000 ____D C:\Program Files\Slimjet 2018-06-16 13:24 - 2018-05-10 18:21 - 000028225 _____ C:\Users\ja\Desktop\PGNIG.xlsx 2018-06-13 00:14 - 2018-02-28 12:54 - 000002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-06-12 06:07 - 2014-03-07 21:58 - 000000000 ____D C:\Users\ja\AppData\Local\Paint.NET 2018-06-11 13:58 - 2018-03-22 21:59 - 000000000 ____D C:\Users\ja\Desktop\materiały 2018-06-09 23:02 - 2017-10-23 18:36 - 000000000 ____D C:\Users\ja\Desktop\analiza sprawozdań finansowych, Micherda, Górka 2018-06-09 20:11 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF 2018-06-09 00:08 - 2014-04-12 16:40 - 000000000 ____D C:\Users\ja\AppData\Local\ElevatedDiagnostics 2018-06-08 23:43 - 2013-11-25 20:23 - 000000000 ____D C:\Temp 2018-06-08 19:12 - 2012-10-13 13:11 - 000109136 _____ C:\Users\ja\AppData\Local\GDIPFONTCACHEV1.DAT 2018-06-07 21:34 - 2018-03-17 23:24 - 000004572 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2018-06-07 21:34 - 2015-05-30 18:11 - 000004412 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2018-06-07 21:34 - 2012-10-12 22:40 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2018-06-07 21:34 - 2012-10-12 22:40 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2018-06-07 21:34 - 2012-10-12 22:40 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2018-06-07 21:34 - 2012-10-12 22:40 - 000000000 ____D C:\Windows\system32\Macromed 2018-06-07 20:34 - 2018-03-13 23:34 - 000004560 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier 2018-06-07 15:58 - 2017-12-07 12:03 - 000000000 ____D C:\Users\ja\Desktop\Magisterka 2018-06-07 14:06 - 2015-11-18 14:26 - 000000000 ____D C:\Users\ja\Desktop\CV 2018-06-07 10:59 - 2009-07-14 06:45 - 000408376 _____ C:\Windows\system32\FNTCACHE.DAT 2018-06-06 21:26 - 2012-10-17 20:50 - 000000000 ____D C:\Users\ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2018-06-06 21:08 - 2012-10-13 13:07 - 000000000 ____D C:\Users\ja\AppData\Roaming\DAEMON Tools Lite 2018-06-03 13:59 - 2018-04-23 20:49 - 000000000 ____D C:\Users\ja\Desktop\angol ==================== Pliki w katalogu głównym wybranych folderów ======= 2016-07-29 01:32 - 2016-07-29 01:32 - 007065600 _____ () C:\Program Files (x86)\GUT2B99.tmp Niektóre pliki w TEMP: ==================== 2018-04-26 19:09 - 2018-04-26 19:09 - 049842838 _____ (Igor Pavlov) C:\Users\ja\AppData\Local\Temp\sjt7z_x64_console.exe ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2018-06-08 18:44 ==================== Koniec FRST.txt ============================