Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja: 18-02-2019 Uruchomiony przez Soska (administrator) SOSKA-KOMPUTER (20-02-2019 11:13:34) Uruchomiony z C:\Users\Soska\Downloads Załadowane profile: Soska (Dostępne profile: Soska) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Język: Polski (Polska) Internet Explorer Wersja 8 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.1.355.0\BBSvc.EXE (Microsoft Corporation) C:\Windows\System32\msiexec.exe (© pdfforge GmbH.) C:\Program Files\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Lenovo(beijing) Limited) C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo (Beijing) Limited) C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-02-26] (Nero AG -> Nero AG) HKLM\...\Run: [EnergyUtility] => C:\Program Files\Lenovo\Energy Management\utility.exe [4114288 2009-09-01] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) HKLM\...\Run: [Energy Management] => C:\Program Files\Lenovo\Energy Management\Energy Management.exe [5064520 2009-06-25] (Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited) HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-13] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7703072 2009-08-05] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle America, Inc. -> Oracle Corporation) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-1196631564-2932191510-2940953793-1000\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize HKU\S-1-5-21-1196631564-2932191510-2940953793-1000\...\MountPoints2: {33bd55f4-1c9d-11e9-b684-705ab6551158} - F:\HiSuiteDownLoader.exe HKU\S-1-5-21-1196631564-2932191510-2940953793-1000\...\MountPoints2: {c44b5ef8-11e4-11e9-b719-705ab6551158} - F:\HiSuiteDownLoader.exe HKU\S-1-5-21-1196631564-2932191510-2940953793-1000\...\MountPoints2: {d7f63514-485e-11e7-b0ea-705ab6551158} - F:\AutoRun.exe HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> IFEO\Polygen.exe: [GlobalFlag] C:\ProgramData\Windows Monitor\Monitor.exe %i deviceId=4379fd39-de27-dc7c-e869-241fb871ff62 channelId=3 distributer=APSF360dev processName=Polygen.exe statsAddress=hxxp://stats.utyuytjn.com/StatisticsService.svc/V1/JSON/LogEvent HKLM\...\SilentProcessExit\Polygen.exe: [MonitorProcess] C:\ProgramData\Windows Monitor\Monitor.exe %i deviceId=4379fd39-de27-dc7c-e869-241fb871ff62 channelId=3 distributer=APSF360dev processName=Polygen.exe statsAddress=hxxp://stats.utyuytjn.com/StatisticsService.svc/V1/JSON/LogEvent Startup: C:\Users\Soska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Powiadomienia monitorowania tuszu - HP Deskjet 2050 J510 series.lnk [2019-02-20] ShortcutTarget: Powiadomienia monitorowania tuszu - HP Deskjet 2050 J510 series.lnk -> C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{2BBC475E-B9AA-4F20-A730-F4AF5B170C16}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{4EB492E1-6937-4904-BB71-CEC4E63848B6}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Internet Explorer: ================== HKU\S-1-5-21-1196631564-2932191510-2940953793-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2019-02-10] (Oracle America, Inc. -> Oracle Corporation) BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation -> Microsoft Corporation.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2019-02-10] (Oracle America, Inc. -> Oracle Corporation) Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation -> Microsoft Corporation.) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-26] (Microsoft Corporation -> Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF DefaultProfile: hb9fh4my.default-1550605003895 FF ProfilePath: C:\Users\Soska\AppData\Roaming\Mozilla\Firefox\Profiles\hb9fh4my.default-1550605003895 [2019-02-20] FF Homepage: Mozilla\Firefox\Profiles\hb9fh4my.default-1550605003895 -> onet.pl FF Extension: (Polski Language Pack) - C:\Users\Soska\AppData\Roaming\Mozilla\Firefox\Profiles\hb9fh4my.default-1550605003895\Extensions\langpack-pl@firefox.mozilla.org.xpi [2019-02-19] FF Extension: (Polish Spellchecker Dictionary) - C:\Users\Soska\AppData\Roaming\Mozilla\Firefox\Profiles\hb9fh4my.default-1550605003895\Extensions\pl@dictionaries.addons.mozilla.org.xpi [2019-02-19] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-26] () FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2019-02-10] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2019-02-10] (Oracle Corporation) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems Inc.) ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [172032 2009-08-13] (Microsoft Windows Hardware Compatibility Publisher -> AMD) R2 PDF Architect 5 Manager; C:\Program Files\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985848 2017-05-16] (pdfforge GmbH -> © pdfforge GmbH.) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 ACPIVPC; C:\Windows\System32\DRIVERS\AcpiVpc.sys [21520 2009-05-19] (Lenovo (Beijing) Limited -> Lenovo Corporation) R3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [5172224 2009-08-14] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.) S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [93632 2016-02-01] (Future Technology Devices International Ltd -> FTDI Ltd.) S3 FTSER2K; C:\Windows\System32\drivers\ftser2k.sys [82880 2016-02-01] (Future Technology Devices International Ltd -> FTDI Ltd.) S3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [169472 2009-06-26] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [157536 2009-05-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) R3 RTL8167; C:\Windows\System32\DRIVERS\Rt86win7.sys [167936 2009-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Realtek ) S3 Ser2pl; C:\Windows\System32\DRIVERS\ser2pl.sys [81920 2010-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.) S3 Ser2plx86; C:\Windows\System32\DRIVERS\ser2pl.sys [81920 2010-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [323736 2018-12-17] (Disc Soft Ltd -> Duplex Secure Ltd.) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-02-20 11:13 - 2019-02-20 11:14 - 000010778 _____ C:\Users\Soska\Downloads\FRST.txt 2019-02-20 11:01 - 2019-02-20 11:04 - 000013435 _____ C:\Users\Soska\Downloads\Fixlog.txt 2019-02-20 08:45 - 2019-02-20 08:45 - 000001029 _____ C:\Users\Soska\Desktop\ScanTool.net for Windows v1.13.lnk 2019-02-20 08:45 - 2019-02-20 08:45 - 000000000 ____D C:\Users\Soska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OBD-II Software 2019-02-20 08:45 - 2019-02-20 08:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBD-II Software 2019-02-20 08:45 - 2019-02-20 08:45 - 000000000 ____D C:\Program Files\ScanTool.net_win 2019-02-20 08:13 - 2019-02-20 08:13 - 000039294 _____ C:\Users\Soska\Downloads\Shortcut1.txt 2019-02-19 22:46 - 2019-02-20 08:13 - 000024553 _____ C:\Users\Soska\Downloads\Addition.txt 2019-02-19 22:31 - 2019-02-20 11:13 - 000000000 ____D C:\FRST 2019-02-19 22:31 - 2019-02-20 11:00 - 000006399 _____ C:\Users\Soska\Downloads\FRST2.txt 2019-02-19 22:31 - 2019-02-20 08:12 - 000044393 _____ C:\Users\Soska\Downloads\FRST1.txt 2019-02-19 22:31 - 2019-02-19 22:31 - 001793024 _____ (Farbar) C:\Users\Soska\Downloads\FRST.exe 2019-02-19 21:57 - 2019-02-19 22:09 - 000000000 ____D C:\Windows\pss 2019-02-19 20:30 - 2019-02-19 20:30 - 000001121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2019-02-19 20:30 - 2019-02-19 20:30 - 000001109 _____ C:\Users\Public\Desktop\Firefox.lnk 2019-02-19 20:29 - 2019-02-19 20:30 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service 2019-02-19 20:12 - 2019-02-19 20:12 - 000030165 _____ C:\Windows\system32\servers.def.lkg 2019-02-19 20:12 - 2019-02-19 20:12 - 000030165 _____ C:\Windows\system32\servers.def 2019-02-19 20:12 - 2019-02-19 20:12 - 000003333 _____ C:\Windows\system32\servers.def.vpx 2019-02-19 20:12 - 2019-02-19 20:12 - 000002814 _____ C:\Windows\system32\uat.vpx 2019-02-19 20:12 - 2019-02-19 20:12 - 000002158 _____ C:\Windows\system32\.tmp 2019-02-19 20:12 - 2019-02-19 20:12 - 000000526 _____ C:\Windows\system32\prod-pgm.vpx 2019-02-19 20:12 - 2019-02-19 20:12 - 000000341 _____ C:\Windows\system32\prod-vps.vpx 2019-02-19 19:41 - 2019-02-19 19:41 - 000000000 ___HD C:\$AV_ASW 2019-02-19 19:17 - 2019-02-19 19:17 - 000178320 _____ (AVAST Software) C:\Users\Soska\Downloads\avast_free_antivirus_setup_online.exe 2019-02-19 18:36 - 2019-02-19 18:36 - 000000011 _____ C:\Users\Soska\setup24.ini 2019-02-19 18:34 - 2019-02-19 18:34 - 000000009 _____ C:\Users\Soska\rstr4.ini 2019-02-19 18:32 - 2019-02-19 19:40 - 000000004 _____ C:\ProgramData\lock.dat 2019-02-19 18:32 - 2019-02-19 19:30 - 000000008 _____ C:\ProgramData\irw.atsd 2019-02-19 18:32 - 2019-02-19 18:32 - 000000008 _____ C:\ProgramData\ts.dat 2019-02-19 18:18 - 2019-02-19 19:51 - 000000000 ____D C:\SmartData 2019-02-19 18:18 - 2019-02-19 18:41 - 000000000 ____D C:\Users\Soska\AppData\Roaming\WidModule 2019-02-19 18:18 - 2019-02-19 18:39 - 000000000 ____D C:\Users\Soska\AppData\Local\WhiteClick 2019-02-19 18:18 - 2019-02-19 18:18 - 001136176 _____ (Google Inc.) C:\Users\Soska\AppData\Local\ChromeSetup.exe 2019-02-19 18:18 - 2019-02-19 18:18 - 000000000 ____D C:\Users\Soska\AppData\Local\Maurice 2019-02-19 18:18 - 2019-02-19 18:18 - 000000000 ____D C:\Program Files\GUM2DD4.tmp 2019-02-19 18:18 - 2019-02-19 18:18 - 000000000 ____D C:\Program Files\foldershare 2019-02-19 18:18 - 2019-02-19 18:18 - 000000000 ____D C:\DiskScan 2019-02-19 18:17 - 2019-02-19 19:50 - 000000000 ____D C:\ProgramData\localNETService 2019-02-19 18:17 - 2019-02-19 19:31 - 000000000 ____D C:\Program Files\FAP 2019-02-19 18:04 - 2019-02-19 18:04 - 000001353 _____ C:\Users\Soska\pcmscan.cfg 2019-02-19 17:58 - 2010-03-12 18:22 - 000081920 _____ (Prolific Technology Inc.) C:\Windows\system32\Drivers\ser2pl.sys 2019-02-19 17:58 - 2005-08-03 16:05 - 000035892 _____ (Prolific Technology Inc.) C:\Windows\system32\SER9PL.sys 2019-02-19 17:58 - 2005-08-03 16:04 - 000026719 _____ C:\Windows\system32\SERSPL.VXD 2019-02-19 17:05 - 2019-02-19 17:05 - 000000000 ____D C:\SiLabs 2019-02-19 17:03 - 2019-02-19 17:03 - 000000303 _____ C:\Windows\ST6UNST.001 2019-02-19 17:03 - 1998-10-29 14:45 - 000306688 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe 2019-02-19 17:01 - 2019-02-19 17:03 - 000006218 _____ C:\Windows\SETUP.LST 2019-02-19 17:01 - 2019-02-19 17:01 - 000000303 _____ C:\Windows\ST6UNST.000 2019-02-19 16:59 - 2019-02-19 16:59 - 000000000 ____D C:\Users\Soska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PCMSCAN 2019-02-19 16:59 - 2019-02-19 16:59 - 000000000 ____D C:\Program Files\PCMSCAN 2019-02-19 16:58 - 2019-02-19 16:58 - 000000000 ____D C:\Program Files\Common Files\Wise Installation Wizard 2019-02-18 20:18 - 2019-02-18 20:18 - 000069975 _____ C:\Users\Soska\Downloads\PULTUSK-PU-LAB01-20190218123805-33.pdf 2019-02-16 15:16 - 2019-02-17 09:44 - 000000000 ____D C:\Users\Soska\AppData\Local\Roblox 2019-02-16 15:16 - 2019-02-16 15:23 - 000000252 _____ C:\Users\Soska\AppData\LocalLow\rbxcsettings.rbx 2019-02-14 18:15 - 2019-02-19 20:30 - 000000000 ____D C:\Program Files\Mozilla Firefox 2019-02-10 18:07 - 2019-02-10 18:07 - 000000000 ____D C:\Users\Soska\.testycdt 2019-02-10 17:55 - 2019-02-10 17:55 - 000002001 _____ C:\Users\Public\Desktop\Testy kategorie C, D, T.lnk 2019-02-10 17:55 - 2019-02-10 17:55 - 000000000 ____D C:\Users\Soska\ePrawko 2019-02-10 17:55 - 2019-02-10 17:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Testy kategorie C, D, T 2019-02-10 17:49 - 2019-02-10 17:49 - 000000000 ____D C:\Program Files\Testy kategorie C, D, T 2019-02-10 17:48 - 2019-02-10 17:48 - 000264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2019-02-10 17:48 - 2019-02-10 17:48 - 000175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2019-02-10 17:48 - 2019-02-10 17:48 - 000174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2019-02-10 17:48 - 2019-02-10 17:48 - 000094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2019-02-10 17:48 - 2019-02-10 17:48 - 000000000 ____D C:\ProgramData\Sun 2019-02-10 17:48 - 2019-02-10 17:48 - 000000000 ____D C:\ProgramData\Oracle 2019-02-10 17:48 - 2019-02-10 17:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2019-02-10 17:48 - 2019-02-10 17:48 - 000000000 ____D C:\Program Files\Java 2019-02-10 17:48 - 2019-02-10 17:48 - 000000000 ____D C:\Program Files\Common Files\Java 2019-02-10 17:47 - 2019-02-10 17:47 - 000000000 ____D C:\Users\Soska\AppData\LocalLow\Sun 2019-01-30 19:19 - 2019-01-30 19:19 - 000000000 ____D C:\ProgramData\Mozilla 2019-01-28 11:20 - 2019-01-28 12:55 - 000000000 ____D C:\Users\Soska\Desktop\seat ==================== Jeden miesiąc (zmodyfikowane) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-02-20 11:10 - 2009-07-14 05:34 - 000028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-02-20 11:10 - 2009-07-14 05:34 - 000028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-02-20 11:09 - 2016-11-19 18:54 - 000000000 ____D C:\Users\Soska\AppData\LocalLow\Mozilla 2019-02-20 11:03 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-02-20 11:01 - 2016-10-23 20:53 - 000000000 ____D C:\Users\Soska 2019-02-19 20:46 - 2018-12-17 14:52 - 000000000 ____D C:\Users\Soska\AppData\Local\AVAST Software 2019-02-19 20:46 - 2017-05-26 15:36 - 000000000 ____D C:\ProgramData\AVAST Software 2019-02-19 18:49 - 2018-01-01 13:51 - 000000000 ____D C:\Program Files\Google 2019-02-19 18:47 - 2018-01-01 13:51 - 000000000 ____D C:\Users\Soska\AppData\Local\Google 2019-02-19 18:46 - 2016-10-24 06:37 - 000000000 ___HD C:\Program Files\InstallShield Installation Information 2019-02-19 18:42 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf 2019-02-19 18:26 - 2016-10-23 20:54 - 000001437 _____ C:\Users\Soska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2019-02-19 18:17 - 2016-11-02 16:47 - 000000000 ___HD C:\Program Files\Temp 2019-02-19 17:27 - 2011-04-12 06:08 - 000738706 _____ C:\Windows\system32\perfh015.dat 2019-02-19 17:27 - 2011-04-12 06:08 - 000154784 _____ C:\Windows\system32\perfc015.dat 2019-02-19 17:27 - 2010-11-20 22:01 - 001664708 _____ C:\Windows\system32\PerfStringBackup.INI 2019-02-19 17:16 - 2017-06-20 13:29 - 000000000 ____D C:\Program Files\DIFX 2019-02-18 17:24 - 2018-02-24 21:03 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2019-02-18 13:16 - 2016-12-28 19:07 - 000000000 ____D C:\Users\Soska\AppData\Local\Deployment 2019-01-30 19:30 - 2018-12-04 20:58 - 000000000 ____D C:\Users\Soska\Desktop\Asia ==================== Pliki w katalogu głównym wybranych folderów ======= 2019-02-19 18:32 - 2019-02-19 19:40 - 000000004 _____ () C:\ProgramData\lock.dat 2019-02-19 18:32 - 2019-02-19 18:32 - 000000008 _____ () C:\ProgramData\ts.dat 2019-02-19 18:18 - 2019-02-19 18:18 - 001136176 _____ (Google Inc.) C:\Users\Soska\AppData\Local\ChromeSetup.exe ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\dllhost.exe => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2019-02-16 17:29 ==================== Koniec FRST.txt ============================