Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:06-09-2015 01 Uruchomiony przez PATRYK (administrator) SAMSUNG-550P7C (06-09-2015 23:16:43) Uruchomiony z C:\Users\PATRYK\Desktop\skan-picasso Załadowane profile: PATRYK & UpdatusUser (Dostępne profile: PATRYK & UpdatusUser) Platform: Windows 7 Ultimate Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 9 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (PC Tools) C:\Program Files (x86)\PC Tools Firewall Plus\FWService.exe (Softros Systems, Inc.) C:\Program Files\Softros Systems\Process Blocker\Process Blocker.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\SmartSetting.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (PC Tools) C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [177936 2012-02-17] (Intel Corporation) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2867984 2012-01-05] (Synaptics Incorporated) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-04] (Intel Corporation) HKLM-x32\...\Run: [00PCTFW] => C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe [2672600 2011-04-07] (PC Tools) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-25] (Avast Software s.r.o.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2317999145-589141382-465507331-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd) HKU\S-1-5-21-2317999145-589141382-465507331-1004\...\Run: [Paseczek] => C:\Program Files (x86)\Paseczek\Paseczek.exe HKU\S-1-5-21-2317999145-589141382-465507331-1004\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399224 2015-08-20] (BitTorrent, Inc.) HKU\S-1-5-21-2317999145-589141382-465507331-1004\...\Run: [ChomikBox] => C:\Program Files (x86)\ChomikBox\chomikbox.exe [6033408 2014-03-24] ( ) HKU\S-1-5-21-2317999145-589141382-465507331-1004\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30520936 2014-11-18] (Skype Technologies S.A.) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [260968 2012-05-27] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [215400 2012-05-27] (NVIDIA Corporation) HKLM\...\AppCertDlls: [ProcessBlocker] -> C:\Program Files\Softros Systems\Process Blocker\HelperLib.dll [114176 2015-07-23] (Softros Systems, inc.) HKLM\...\AppCertDlls: [ProcessBlocker86] -> C:\Program Files\Softros Systems\Process Blocker\HelperLib86.dll [95744 2015-07-23] (Softros Systems, inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-25] (Avast Software s.r.o.) ShellIconOverlayIdentifiers: [Uchwyt nakładania ikony podpisu cyfrowego] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2009-02-09] (Autodesk, Inc.) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci..) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{2B453FAF-C0FD-47C0-BDC7-E25D869FB3A0}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{5393AD2D-DBA3-4677-927F-B1CAD987F1DB}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{B2C204C1-1DFF-4860-BE00-2231E62C8C92}: [DhcpNameServer] 194.204.152.34 194.204.159.1 Internet Explorer: ================== HKU\S-1-5-21-2317999145-589141382-465507331-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.pl/ SearchScopes: HKLM-x32 -> DefaultScope - brak wartości SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2317999145-589141382-465507331-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2317999145-589141382-465507331-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-25] (Avast Software s.r.o.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-26] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-25] (Avast Software s.r.o.) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-26] (Oracle Corporation) Toolbar: HKLM - Brak nazwy - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Brak pliku DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\PATRYK\AppData\Roaming\Mozilla\Firefox\Profiles\zwsu9vxd.default FF Homepage: google.pl FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-19] () FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-19] () FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-26] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-26] (Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.) FF user.js: detected! => C:\Users\PATRYK\AppData\Roaming\Mozilla\Firefox\Profiles\zwsu9vxd.default\user.js [2013-10-19] FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2012-09-23] (Adobe Systems Inc.) FF SearchPlugin: C:\Users\PATRYK\AppData\Roaming\Mozilla\Firefox\Profiles\zwsu9vxd.default\searchplugins\ebaycouk-search.xml [2014-11-11] FF SearchPlugin: C:\Users\PATRYK\AppData\Roaming\Mozilla\Firefox\Profiles\zwsu9vxd.default\searchplugins\googlemaps.xml [2014-04-08] FF SearchPlugin: C:\Users\PATRYK\AppData\Roaming\Mozilla\Firefox\Profiles\zwsu9vxd.default\searchplugins\googletranslate.xml [2014-04-08] FF SearchPlugin: C:\Users\PATRYK\AppData\Roaming\Mozilla\Firefox\Profiles\zwsu9vxd.default\searchplugins\youtube.xml [2014-04-08] FF SearchPlugin: C:\Users\PATRYK\AppData\Roaming\Mozilla\Firefox\Profiles\11p9zsy8.PRACA\searchplugins\googletranslate.xml [2015-08-04] FF SearchPlugin: C:\Users\PATRYK\AppData\Roaming\Mozilla\Firefox\Profiles\yva4s3kj.PN\searchplugins\googletranslate.xml [2015-08-21] FF SearchPlugin: C:\Users\PATRYK\AppData\Roaming\Mozilla\Firefox\Profiles\yva4s3kj.PN\searchplugins\kickassto.xml [2015-08-21] FF SearchPlugin: C:\Users\PATRYK\AppData\Roaming\Mozilla\Firefox\Profiles\yva4s3kj.PN\searchplugins\privatelee-https.xml [2015-08-21] FF SearchPlugin: C:\Users\PATRYK\AppData\Roaming\Mozilla\Firefox\Profiles\yva4s3kj.PN\searchplugins\youtube.xml [2015-08-21] FF Extension: Forecastfox (fix version) - C:\Users\PATRYK\AppData\Roaming\Mozilla\Firefox\Profiles\zwsu9vxd.default\Extensions\forecastfox@s3_fix_version.xpi [2015-08-21] FF Extension: Gmail Notifier (restartless) - C:\Users\PATRYK\AppData\Roaming\Mozilla\Firefox\Profiles\zwsu9vxd.default\Extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi [2015-08-21] FF Extension: Google Translator for Firefox - C:\Users\PATRYK\AppData\Roaming\Mozilla\Firefox\Profiles\zwsu9vxd.default\Extensions\translator@zoli.bod.xpi [2013-11-06] FF Extension: Password Exporter - C:\Users\PATRYK\AppData\Roaming\Mozilla\Firefox\Profiles\zwsu9vxd.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2015-07-31] FF Extension: Download YouTube Videos as MP4 - C:\Users\PATRYK\AppData\Roaming\Mozilla\Firefox\Profiles\zwsu9vxd.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2015-08-21] FF Extension: Adblock Plus - C:\Users\PATRYK\AppData\Roaming\Mozilla\Firefox\Profiles\zwsu9vxd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-17] FF Extension: Brak nazwy - C:\Users\PATRYK\AppData\Roaming\Mozilla\Firefox\Profiles\11p9zsy8.PRACA\Extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi [2015-08-21] FF Extension: Brak nazwy - C:\Users\PATRYK\AppData\Roaming\Mozilla\Firefox\Profiles\11p9zsy8.PRACA\Extensions\jid1-aqwHRwQpv3JUMs@jetpack.xpi [2015-08-21] FF Extension: Brak nazwy - C:\Users\PATRYK\AppData\Roaming\Mozilla\Firefox\Profiles\11p9zsy8.PRACA\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-08-21] FF Extension: Brak nazwy - C:\Users\PATRYK\AppData\Roaming\Mozilla\Firefox\Profiles\yva4s3kj.PN\Extensions\https-by-default@robwu.nl.xpi [2015-08-21] FF Extension: Gmail Notifier (restartless) - C:\Users\PATRYK\AppData\Roaming\Mozilla\Firefox\Profiles\yva4s3kj.PN\Extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi [2015-08-21] FF Extension: Brak nazwy - C:\Users\PATRYK\AppData\Roaming\Mozilla\Firefox\Profiles\yva4s3kj.PN\Extensions\jid1-82bQxmQ0klINKg@jetpack.xpi [2015-08-21] FF Extension: Brak nazwy - C:\Users\PATRYK\AppData\Roaming\Mozilla\Firefox\Profiles\yva4s3kj.PN\Extensions\jid1-hhBMO3ij7xRsEw@jetpack.xpi [2015-08-21] FF Extension: Download YouTube Videos as MP4 - C:\Users\PATRYK\AppData\Roaming\Mozilla\Firefox\Profiles\yva4s3kj.PN\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2015-08-21] FF Extension: Adblock Plus - C:\Users\PATRYK\AppData\Roaming\Mozilla\Firefox\Profiles\yva4s3kj.PN\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-08-21] FF Extension: Brak nazwy - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-10] Chrome: ======= CHR Profile: C:\Users\PATRYK\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\PATRYK\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-17] CHR Extension: (Google Docs) - C:\Users\PATRYK\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-17] CHR Extension: (Google Drive) - C:\Users\PATRYK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-17] CHR Extension: (YouTube) - C:\Users\PATRYK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-17] CHR Extension: (Adblock Plus) - C:\Users\PATRYK\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-08-17] CHR Extension: (Google Search) - C:\Users\PATRYK\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-17] CHR Extension: (Spotflux Lite) - C:\Users\PATRYK\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcakbkpmlidimpglgiaclbpgbedlmpfl [2015-08-17] CHR Extension: (Google Sheets) - C:\Users\PATRYK\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-17] CHR Extension: (HTTPS Everywhere) - C:\Users\PATRYK\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2015-08-17] CHR Extension: (Avast Online Security) - C:\Users\PATRYK\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-08-17] CHR Extension: (Black Wood) - C:\Users\PATRYK\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlfigpljkonjldfhkfgbbmibfbcggnhj [2015-08-21] CHR Extension: (Google Mail Checker) - C:\Users\PATRYK\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-08-21] CHR Extension: (Chrome Web Store Payments) - C:\Users\PATRYK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-17] CHR Extension: (Gmail) - C:\Users\PATRYK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-17] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-22] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S4 Autodesk Network Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskNetSrv.exe [1539224 2008-06-13] (Autodesk, Inc.) [Brak podpisu cyfrowego] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-25] (Avast Software s.r.o.) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-06-25] (Avast Software) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation) R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [63968 2015-05-21] (CyberGhost S.R.L) S3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1030600 2013-10-20] (Macrovision Europe Ltd.) [Brak podpisu cyfrowego] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Brak podpisu cyfrowego] R2 PCToolsFirewallPlus; C:\Program Files (x86)\PC Tools Firewall Plus\FWService.exe [286000 2011-01-24] (PC Tools) R2 Process Blocker; C:\Program Files\Softros Systems\Process Blocker\Process Blocker.exe [2198352 2015-07-23] (Softros Systems, Inc.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-25] () R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-06-25] (Avast Software s.r.o.) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-25] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-25] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-25] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-25] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.) S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-25] (Avast Software s.r.o.) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-25] () R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-10-20] (Disc Soft Ltd) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S2 Kmm4xNT; C:\Windows\SysWow64\Drivers\Kmm4xNT.sys [95484 2002-04-26] (DATOM Dariusz Cielebąk) R3 PCTFW-PacketFilter; C:\Windows\system32\drivers\pctNdis-PacketFilter64.sys [119688 2011-01-12] (PC Tools) R1 pctgntdi; C:\Windows\System32\drivers\pctgntdi64.sys [334976 2011-01-17] (PC Tools) S3 pctNdis; C:\Windows\System32\DRIVERS\pctNdis64.sys [79000 2010-07-08] (PC Tools) R3 pctNdisMP; C:\Windows\System32\DRIVERS\pctNdis64.sys [79000 2010-07-08] (PC Tools) R3 pctplfw; C:\Windows\System32\drivers\pctplfw64.sys [179976 2011-01-17] (PC Tools) S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2015-07-31] (Spotflux, Inc.) U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-06-25] (Avast Software) R1 xlkfs; C:\Windows\System32\DRIVERS\xlkfs.sys [31960 2014-06-03] (XOSLAB.COM) S3 hfFilter; system32\drivers\hfFilter.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 vdrive; system32\DRIVERS\vdrive.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-09-06 23:16 - 2015-09-06 23:16 - 00000000 ____D C:\FRST 2015-09-06 23:14 - 2015-09-06 23:16 - 00000000 ____D C:\Users\PATRYK\Desktop\skan-picasso 2015-09-05 19:19 - 2015-09-06 22:45 - 00000224 _____ C:\Windows\setupact.log 2015-09-05 19:19 - 2015-09-05 19:19 - 00000000 _____ C:\Windows\setuperr.log 2015-09-03 09:42 - 2015-09-03 09:42 - 21148058 _____ C:\Users\PATRYK\Desktop\WZM_B8_B13_Branza_Budowlana.zip 2015-09-03 09:40 - 2015-09-03 09:41 - 00000000 ____D C:\Users\PATRYK\Desktop\WZM_B8_B13_Branza_Budowlana 2015-09-02 09:26 - 2015-09-02 09:26 - 00000014 _____ C:\Users\PATRYK\Desktop\klucz-zabezpieczen-belkin.txt 2015-09-02 08:46 - 2015-09-04 13:53 - 00000000 ____D C:\Users\PATRYK\Desktop\inne 2015-09-01 15:21 - 2015-09-01 15:21 - 06861574 _____ C:\Users\PATRYK\Desktop\WZM_B14-B19_Branza_Budowlana.zip 2015-08-31 08:10 - 2015-08-31 08:10 - 00000011 _____ C:\Users\PATRYK\Documents\passkey_PL.txt 2015-08-30 10:05 - 2015-09-06 09:09 - 00000000 ____D C:\ProgramData\BB6CE16A-A721-4572-8C50-B9260170B2AD 2015-08-30 10:04 - 2015-08-30 10:04 - 00000000 ____D C:\Users\PATRYK\AppData\Roaming\Downloaded Installations 2015-08-28 12:43 - 2015-08-28 12:43 - 00010331 _____ C:\Users\PATRYK\Desktop\PZO_XX_ALNUS_do_UNIMAX.xlsx.xlsx 2015-08-27 18:50 - 2015-08-27 18:50 - 23137752 _____ C:\Users\PATRYK\Desktop\B10_WZM_BRANZA_SANITARNA.zip 2015-08-27 18:50 - 2015-08-27 18:50 - 13027341 _____ C:\Users\PATRYK\Desktop\B10_WZM_BRANZA_BUDOWLANA.zip 2015-08-27 16:50 - 2015-08-27 17:09 - 00010340 _____ C:\Users\PATRYK\Desktop\PZO_XX_UNIMAX_do_ALNUS.xlsx 2015-08-27 11:23 - 2015-08-27 11:52 - 00026112 _____ C:\Users\PATRYK\Documents\01_PROTOKOLY_WASKIE.zdl 2015-08-26 22:32 - 2015-08-26 22:32 - 00077312 _____ C:\Users\PATRYK\Documents\06_korespondecja.zdl 2015-08-26 20:30 - 2015-08-28 19:22 - 00000000 ____D C:\Users\PATRYK\Desktop\ETYKETY 2015-08-26 09:33 - 2015-08-26 09:33 - 00002132 _____ C:\Users\Public\Desktop\DesignPro 5.lnk 2015-08-26 09:33 - 2015-08-26 09:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avery Dennison 2015-08-26 09:33 - 2015-08-26 09:33 - 00000000 ____D C:\ProgramData\Avery 2015-08-26 09:33 - 2015-08-26 09:33 - 00000000 ____D C:\Program Files (x86)\Avery Dennison 2015-08-25 16:44 - 2015-08-26 08:33 - 00000000 ____D C:\Users\PATRYK\Desktop\Skroty 2015-08-25 11:51 - 2015-08-25 11:51 - 00000000 ____D C:\Users\PATRYK\Desktop\KDBKAZ 2015-08-25 11:49 - 2015-08-25 11:50 - 00000000 ____D C:\Users\PATRYK\Desktop\Sterownik_Minolta_C280 2015-08-25 11:46 - 2015-08-25 11:46 - 00000000 ____D C:\Users\PATRYK\Desktop\Kosztorys_TERMOFLEX 2015-08-25 09:49 - 2015-09-04 13:11 - 00000000 ___RD C:\Users\PATRYK\Desktop\Skany 2015-08-25 09:47 - 2011-03-10 15:14 - 00015360 _____ C:\Windows\system32\KOAZ8J_L.DLL 2015-08-24 20:08 - 2015-08-24 20:08 - 00014336 _____ (Omega Computer (www.omega-com.pl)) C:\Windows\system32\kbdPLkaz.dll 2015-08-24 20:08 - 2015-08-24 20:08 - 00012800 _____ (Omega Computer (www.omega-com.pl)) C:\Windows\SysWOW64\kbdPLkaz.dll 2015-08-24 20:08 - 2015-08-24 20:08 - 00001257 _____ C:\Users\Public\Desktop\Ustawienia klawiatury.LNK 2015-08-24 20:08 - 2015-08-24 20:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Omega Computer 2015-08-24 20:08 - 2015-08-24 20:08 - 00000000 ____D C:\Program Files (x86)\Omega Computer 2015-08-24 13:55 - 2015-08-24 13:55 - 00000000 ____D C:\Users\PATRYK\Desktop\2015.08.24_foty_podsypka_i_zasypka_CO 2015-08-24 09:45 - 2015-08-24 09:45 - 00000000 ____D C:\Users\PATRYK\AppData\Local\RBSoft 2015-08-23 09:38 - 2015-08-17 17:50 - 00000102 _____ C:\Users\PATRYK\Desktop\K1P4S.txt 2015-08-22 12:25 - 2015-08-22 12:25 - 00000000 ____D C:\Users\PATRYK\AppData\Roaming\FreeCommander 2015-08-21 14:09 - 2015-08-21 14:09 - 00000000 ____D C:\Users\PATRYK\AppData\Roaming\Innovative Solutions 2015-08-21 14:09 - 2015-08-21 14:09 - 00000000 ____D C:\Users\PATRYK\AppData\Local\Innovative Solutions 2015-08-21 12:59 - 2015-08-21 12:59 - 00001001 _____ C:\Users\PATRYK\Desktop\MiPony.lnk 2015-08-21 12:59 - 2015-08-21 12:59 - 00000000 ____D C:\Users\PATRYK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiPony 2015-08-21 12:59 - 2015-08-21 12:59 - 00000000 ____D C:\Program Files (x86)\MiPony 2015-08-21 12:58 - 2015-08-21 12:59 - 00000000 ____D C:\Users\PATRYK\AppData\Local\AdFender 2015-08-21 12:58 - 2015-08-21 12:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AdFender 2015-08-21 12:58 - 2015-08-21 12:58 - 00000000 ____D C:\ProgramData\AdFender 2015-08-21 12:58 - 2015-08-21 12:58 - 00000000 ____D C:\Program Files (x86)\AdFender 2015-08-19 08:42 - 2015-09-04 08:20 - 00000000 ____D C:\Users\PATRYK\Downloads\FIREFOX-B10 2015-08-19 00:19 - 2015-08-25 14:58 - 00000000 ____D C:\Users\PATRYK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Process Blocker 2015-08-19 00:19 - 2015-08-19 00:19 - 00000000 ____D C:\Program Files\Softros Systems 2015-08-18 23:33 - 2015-08-19 09:22 - 00000000 ____D C:\Users\PATRYK\AppData\Roaming\SecretFolder 2015-08-18 23:30 - 2015-08-18 23:30 - 00000000 _RSHD C:\Winmend~Folder~Hidden 2015-08-18 23:12 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.bak 2015-08-18 23:07 - 2015-08-18 23:07 - 00000000 ____D C:\Users\Public\Documents\EFL 2015-08-18 23:07 - 2015-08-18 23:07 - 00000000 ____D C:\Users\PATRYK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Easy File Locker 2015-08-18 23:07 - 2015-08-18 23:07 - 00000000 ____D C:\Program Files\Easy File Locker 2015-08-18 21:00 - 2015-08-18 21:00 - 00000038 _____ C:\Users\PATRYK\Documents\mac111.txt 2015-08-18 16:49 - 2015-08-18 16:49 - 00000000 ____D C:\Users\PATRYK\AppData\Roaming\SubiSoft 2015-08-18 16:48 - 2015-08-18 16:48 - 00000000 ____D C:\Users\PATRYK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Secure Folder 2015-08-18 16:48 - 2015-08-18 16:48 - 00000000 ____D C:\Program Files (x86)\SubiSoft 2015-08-18 13:09 - 2015-08-18 19:59 - 00000000 ____D C:\Program Files (x86)\MetaX 2015-08-17 17:46 - 2015-08-19 20:15 - 00000000 ____D C:\ProgramData\spotflux 2015-08-17 17:46 - 2015-08-19 20:10 - 00000000 ____D C:\Program Files (x86)\Spotflux 2015-08-17 17:46 - 2015-07-31 06:11 - 00049424 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\netfilter2.sys 2015-08-17 17:20 - 2015-08-18 09:39 - 00000135 _____ C:\Windows\mgboss_reg.ini 2015-08-17 17:19 - 2015-08-25 11:01 - 00000000 ____D C:\Program Files (x86)\Magicboss 2015-08-17 17:19 - 2015-08-18 09:38 - 00000021 _____ C:\Windows\mgboss_win.ini 2015-08-17 17:13 - 2015-09-04 14:31 - 00002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-08-17 17:13 - 2015-08-17 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-08-17 17:12 - 2015-09-06 22:46 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-08-17 17:12 - 2015-09-06 22:28 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-08-17 17:12 - 2015-08-29 14:23 - 00004044 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-08-17 17:12 - 2015-08-29 14:23 - 00003792 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-08-17 17:09 - 2015-08-29 14:06 - 00000000 ____D C:\Program Files (x86)\Opera 2015-08-17 17:09 - 2015-08-18 14:06 - 00003884 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1439824182 2015-08-17 17:09 - 2015-08-17 17:09 - 00001141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2015-08-17 17:09 - 2015-08-17 17:09 - 00000000 ____D C:\Users\PATRYK\AppData\Roaming\Opera Software 2015-08-17 17:09 - 2015-08-17 17:09 - 00000000 ____D C:\Users\PATRYK\AppData\Local\Opera Software 2015-08-17 16:01 - 2015-08-17 16:01 - 00000000 ____D C:\Program Files (x86)\VS Revo Group 2015-08-17 07:50 - 2015-08-17 07:50 - 00024938 _____ C:\Users\PATRYK\Documents\cc_20150817_075031.reg 2015-08-17 07:47 - 2015-08-28 22:09 - 00007611 _____ C:\Users\PATRYK\AppData\Local\Resmon.ResmonCfg 2015-08-16 23:14 - 2015-08-16 23:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Metadata 2015-08-16 23:14 - 2015-08-16 23:14 - 00000000 ____D C:\Program Files\File Metadata 2015-08-16 11:49 - 2015-08-16 11:50 - 00000000 ____D C:\Users\PATRYK\AppData\Roaming\TrueCrypt 2015-08-16 11:47 - 2015-08-16 11:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt 2015-08-15 07:08 - 2015-08-17 20:31 - 00000000 ____D C:\Users\PATRYK\AppData\Roaming\MediaInfo 2015-08-15 07:08 - 2015-08-15 07:08 - 00000915 _____ C:\Users\PATRYK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk 2015-08-15 07:08 - 2015-08-15 07:08 - 00000000 ____D C:\Program Files\MediaInfo 2015-08-14 15:55 - 2015-09-06 23:14 - 00000000 ___RD C:\Users\PATRYK\Desktop\K1P4S 2015-08-14 15:44 - 2015-08-25 21:19 - 00001013 _____ C:\Users\UpdatusUser\Desktop\µpdater.lnk 2015-08-14 15:44 - 2015-08-25 21:19 - 00000993 _____ C:\Users\PATRYK\Desktop\µpdater.lnk 2015-08-14 15:42 - 2015-08-20 15:19 - 00000955 _____ C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk 2015-08-14 15:42 - 2015-08-20 15:19 - 00000000 ____D C:\Program Files (x86)\uTorrent 2015-08-07 14:00 - 2015-08-07 14:00 - 00000000 ____D C:\Users\PATRYK\Documents\Free DocusTree 2015-08-07 13:57 - 2015-08-17 16:06 - 00000000 ____D C:\Users\PATRYK\AppData\Local\Free PDF Splitter Merger 2015-08-07 13:56 - 2015-08-17 07:58 - 00000000 ____D C:\ProgramData\Free DocusTree 2015-08-07 13:56 - 2015-08-17 07:58 - 00000000 ____D C:\ProgramData\4dots Software 2015-08-07 13:42 - 2015-08-07 13:42 - 00000000 ____D C:\Users\PATRYK\.pdfsam 2015-08-07 11:14 - 2015-09-06 22:50 - 00221681 _____ C:\Windows\WindowsUpdate.log ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-09-06 23:15 - 2013-08-18 20:01 - 00000000 ____D C:\Users\PATRYK\AppData\Roaming\HaoZip 2015-09-06 23:08 - 2014-03-19 11:08 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-09-06 22:54 - 2009-07-14 06:45 - 00010528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-09-06 22:54 - 2009-07-14 06:45 - 00010528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-09-06 22:47 - 2013-08-18 10:18 - 00000000 ____D C:\ProgramData\TEMP 2015-09-06 22:45 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-09-06 22:40 - 2013-09-19 16:18 - 00000000 ____D C:\Users\PATRYK\AppData\Roaming\uTorrent 2015-09-06 21:36 - 2013-10-26 20:55 - 00000000 ____D C:\Users\PATRYK\AppData\Roaming\AIMP3 2015-09-06 08:55 - 2014-02-10 17:21 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2015-09-04 17:08 - 2008-07-18 10:13 - 00001170 _____ C:\Windows\xlkfs.dat 2015-09-04 17:08 - 2008-07-18 10:13 - 00000097 _____ C:\Windows\xlkfs.ini 2015-09-04 11:17 - 2015-07-29 09:26 - 00000000 ____D C:\Users\PATRYK\Desktop\N 2015-09-02 08:45 - 2013-10-21 21:03 - 00000000 ____D C:\Users\PATRYK\Documents\Anki 2015-08-30 09:56 - 2013-10-01 01:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-08-30 09:47 - 2015-02-19 21:55 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-08-28 22:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF 2015-08-28 22:11 - 2014-09-11 22:55 - 00000000 ____D C:\Windows\pss 2015-08-26 18:31 - 2013-08-18 17:29 - 00123440 _____ C:\Users\PATRYK\AppData\Local\GDIPFONTCACHEV1.DAT 2015-08-26 18:24 - 2009-07-14 06:45 - 00441904 _____ C:\Windows\system32\FNTCACHE.DAT 2015-08-26 09:33 - 2013-08-18 10:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-08-26 09:20 - 2015-08-05 08:37 - 00000000 ____D C:\Users\PATRYK\Downloads\01 2015-08-22 08:11 - 2014-03-26 03:46 - 00000000 ____D C:\Users\PATRYK\AppData\Roaming\Mipony 2015-08-21 22:50 - 2009-07-14 19:55 - 00737480 _____ C:\Windows\system32\perfh015.dat 2015-08-21 22:50 - 2009-07-14 19:55 - 00154136 _____ C:\Windows\system32\perfc015.dat 2015-08-21 22:50 - 2009-07-14 07:13 - 01661232 _____ C:\Windows\system32\PerfStringBackup.INI 2015-08-21 18:26 - 2013-08-18 08:47 - 00000000 ____D C:\Users\PATRYK 2015-08-21 13:01 - 2014-05-28 21:07 - 00000000 ____D C:\Users\PATRYK\AppData\Roaming\DMCache 2015-08-21 12:59 - 2014-03-26 03:46 - 00001001 _____ C:\Users\UpdatusUser\Desktop\MiPony.lnk 2015-08-20 19:42 - 2013-08-18 19:42 - 00000000 ____D C:\Users\PATRYK\AppData\Local\Microsoft Help 2015-08-20 10:01 - 2009-07-14 07:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-08-18 21:05 - 2014-08-03 13:55 - 00000000 ____D C:\Users\PATRYK\AppData\Local\CrashDumps 2015-08-17 17:13 - 2013-10-21 18:21 - 00000000 ____D C:\Program Files (x86)\Google 2015-08-17 17:13 - 2013-10-04 23:38 - 00000000 ____D C:\Users\PATRYK\AppData\Local\Google 2015-08-17 16:16 - 2013-10-21 18:30 - 00000000 ____D C:\Program Files (x86)\IObit 2015-08-16 12:22 - 2013-08-18 20:32 - 00000000 ____D C:\Program Files\TrueCrypt 2015-08-16 11:47 - 2013-08-18 20:33 - 00231376 _____ (TrueCrypt Foundation) C:\Windows\system32\Drivers\truecrypt.sys 2015-08-16 10:18 - 2013-09-19 23:20 - 00000000 ____D C:\Users\PATRYK\AppData\Local\ChomikBox 2015-08-16 10:16 - 2013-09-19 23:20 - 00000000 ____D C:\Users\PATRYK\.gstreamer-0.10 2015-08-14 15:30 - 2015-06-29 19:47 - 00000000 ____D C:\Users\PATRYK\AppData\Local\CyberGhost ==================== Pliki w katalogu głównym wybranych folderów ======= 2013-11-01 20:55 - 2013-11-01 21:09 - 0004096 ____H () C:\Users\PATRYK\AppData\Local\keyfile3.drm 2015-08-17 07:47 - 2015-08-28 22:09 - 0007611 _____ () C:\Users\PATRYK\AppData\Local\Resmon.ResmonCfg 2013-11-02 17:54 - 2013-09-24 11:53 - 4899544 _____ (COMODO) C:\ProgramData\cisDA76.exe Pliki do przeniesienia lub usunięcia: ==================== C:\ProgramData\cisDA76.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2015-08-12 00:07 ==================== Koniec FRST.txt ============================