Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:16-11-2015 Uruchomiony przez Primol (administrator) PRIMOL-KOMPUTER (16-11-2015 23:23:43) Uruchomiony z C:\Users\Primol\Desktop\frst Załadowane profile: Primol (Dostępne profile: Primol) Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (www.shadowexplorer.com) C:\Program Files (x86)\ShadowExplorer\sesvc.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (LogMeIn Inc.) D:\Hamachi\hamachi-2.exe (LogMeIn, Inc.) D:\Hamachi\LMIGuardianSvc.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (LogMeIn Inc.) D:\Hamachi\hamachi-2-ui.exe (LogMeIn, Inc.) D:\Hamachi\LMIGuardianSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe () C:\Windows\SysWOW64\HsMgr.exe () C:\Windows\system\HsMgr64.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Spotify Ltd) C:\Users\Primol\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Akamai Technologies, Inc.) C:\Users\Primol\AppData\Local\Akamai\netsession_win.exe (CMedia) C:\Program Files\ASUS Xonar DG Audio\Customapp\AsusAudioCenter.exe (Akamai Technologies, Inc.) C:\Users\Primol\AppData\Local\Akamai\netsession_win.exe (Google Inc.) D:\Gmail Notifier\gnotify.exe (ASUSTeK COMPUTER INC.) D:\USB-N10 WLAN Card Utilities\Wireless.exe () D:\DeathAdderBlackEdition\razerhid.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe (Autodesk, Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe (Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe () D:\DeathAdderBlackEdition\razertra.exe (Razer Inc.) D:\DeathAdderBlackEdition\razerofa.exe () D:\DeathAdderBlackEdition\vdDaemon.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe (Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe (Advanced Micro Devices, Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MMLoadDrv.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2011-12-20] (Realtek Semiconductor) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation) HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc.) HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] () HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] () HKLM-x32\...\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] => d:\Gmail Notifier\gnotify.exe [479232 2005-07-15] (Google Inc.) HKLM-x32\...\Run: [DeathAdderBlackEdition] => d:\DeathAdderBlackEdition\razerhid.exe [246272 2011-03-21] () HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-02-09] (Brother Industries, Ltd.) HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1641368 2013-02-01] (Autodesk, Inc.) HKLM-x32\...\Run: [Nuance PDF Create 7-reminder] => "C:\Program Files (x86)\Nuance\PDF Create 7\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Create 7\Ereg\Ereg.ini" HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-11-13] (Raptr, Inc) HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [592704 2015-07-08] (Razer Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-28] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Hamachi\hamachi-2-ui.exe [5565448 2015-10-26] (LogMeIn Inc.) HKU\S-1-5-21-1571191598-4212959213-3768767430-1000\...\Run: [Spotify Web Helper] => C:\Users\Primol\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-11-15] (Spotify Ltd) HKU\S-1-5-21-1571191598-4212959213-3768767430-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Primol\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-1571191598-4212959213-3768767430-1000\...\Run: [Copy] => C:\Users\Primol\AppData\Roaming\Copy\CopyAgent.exe [15410832 2015-04-08] (Barracuda Networks, Inc.) HKU\S-1-5-21-1571191598-4212959213-3768767430-1000\...\Run: [Facebook Update] => C:\Users\Primol\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-10-11] (Facebook Inc.) HKU\S-1-5-21-1571191598-4212959213-3768767430-1000\...\Run: [Google Update] => C:\Users\Primol\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-02-19] (Google Inc.) ShellIconOverlayIdentifiers: [1aCopyShExtError] -> {83BEA36E-7680-4598-A4DF-994426F6E78D} => C:\Users\Primol\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-01-09] (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: [2aCopyShExtSynced] -> {845B7388-6F85-4F32-9FD5-F02DC7882B89} => C:\Users\Primol\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-01-09] (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: [3aCopyShExtSyncing] -> {F6378A7A-F753-449B-AE1B-997A96132E61} => C:\Users\Primol\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-01-09] (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: [4aCopyShExtSyncingProg1] -> {3A511828-777D-46F8-82F4-5B530C1B3D9E} => C:\Users\Primol\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-01-09] (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: [5aCopyShExtSyncingProg2] -> {C8C88204-5B14-40EC-BA72-8AEBC762047E} => C:\Users\Primol\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-01-09] (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: [6aCopyShExtSyncingProg3] -> {ACFF45C3-3EEB-4351-86C2-6696BA264239} => C:\Users\Primol\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-01-09] (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: [7aCopyShExtSyncingProg4] -> {29AF997F-488B-46F0-AE78-7146F1B89CC3} => C:\Users\Primol\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-01-09] (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: [8aCopyShExtSyncingProg5] -> {03F9AD29-1C78-4B66-8890-B177B5430C53} => C:\Users\Primol\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-01-09] (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2012-02-07] (Autodesk, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ASUS USB-N10 WLAN Control Center.lnk [2014-07-04] ShortcutTarget: ASUS USB-N10 WLAN Control Center.lnk -> D:\USB-N10 WLAN Card Utilities\Center.exe (ASUSTeK COMPUTER INC.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{BD01F852-700C-456C-8A84-42213E1F448E}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{CC84C3B9-4FFF-4420-AFDB-7188EB40DD9B}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{D179A14E-9117-42F7-BA45-4DA0E3F4ECAC}: [DhcpNameServer] 62.179.1.63 62.179.1.62 Internet Explorer: ================== HKU\S-1-5-21-1571191598-4212959213-3768767430-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-01-15] (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-01-15] (Oracle Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Primol\AppData\Roaming\Mozilla\Firefox\Profiles\m74d7t5z.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-16] () FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB) FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\system32\npDeployJava1.dll [2013-03-22] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-16] () FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB) FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-01-15] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-01-15] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1571191598-4212959213-3768767430-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Primol\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-1571191598-4212959213-3768767430-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Primol\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google) FF Plugin HKU\S-1-5-21-1571191598-4212959213-3768767430-1000: @talk.google.com/O1DPlugin -> C:\Users\Primol\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google) FF Plugin HKU\S-1-5-21-1571191598-4212959213-3768767430-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Primol\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.) FF Plugin HKU\S-1-5-21-1571191598-4212959213-3768767430-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Primol\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-27] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2011-12-09] (Nullsoft, Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Primol\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Primol\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google) FF SearchPlugin: C:\Users\Primol\AppData\Roaming\Mozilla\Firefox\Profiles\m74d7t5z.default\searchplugins\duckduckgo.xml [2014-06-25] FF Extension: Transferuj.pl - C:\Users\Primol\AppData\Roaming\Mozilla\Firefox\Profiles\m74d7t5z.default\Extensions\trtransferfill@transferuj.pl.xpi [2015-06-03] [Brak podpisu cyfrowego] FF Extension: Adblock Plus - C:\Users\Primol\AppData\Roaming\Mozilla\Firefox\Profiles\m74d7t5z.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24] FF Extension: Brak nazwy - C:\Users\Primol\AppData\Roaming\Mozilla\Firefox\Profiles\m74d7t5z.default\extensions\{85D5939E-85A9-5C88-43B7-612ABE9DADBA} [nie znaleziono] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [245544 2015-08-15] (EasyAntiCheat Ltd) S3 GalaxyClientService; D:\GalaxyClient\GalaxyClientService.exe [1744952 2015-05-16] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6517304 2015-05-18] (GOG.com) R2 Hamachi2Svc; D:\Hamachi\hamachi-2.exe [2546184 2015-10-26] (LogMeIn Inc.) S2 MBAMService; C:\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S3 Origin Client Service; D:\Origin\OriginClientService.exe [1996144 2015-05-18] (Electronic Arts) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-02-24] () R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] () R2 sesvc; C:\Program Files (x86)\ShadowExplorer\sesvc.exe [9216 2013-01-02] (www.shadowexplorer.com) [Brak podpisu cyfrowego] S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-01-16] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2725376 2011-03-10] (C-Media Inc) S3 DABlackFltr; C:\Windows\System32\drivers\DABlack.sys [23040 2010-11-29] (Razer (Asia-Pacific) Pte Ltd) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 ESLvnic1; C:\Windows\System32\DRIVERS\ESLvnic.sys [25528 2011-11-28] (Turtle Entertainment GmbH) R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [41704 2012-08-01] (AnchorFree Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-14] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [115272 2011-11-10] (MotioninJoy) [Brak podpisu cyfrowego] R3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [45704 2011-01-10] (Printing Communications Assoc., Inc. (PCAUSA)) R3 rzdaendpt; C:\Windows\System32\DRIVERS\rzdaendpt.sys [33448 2014-12-30] (Razer Inc) R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.) R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129472 2015-06-27] (Razer, Inc.) R3 rzvkeyboard; C:\Windows\System32\DRIVERS\rzvkeyboard.sys [31912 2014-12-30] (Razer Inc) S3 salmosa; C:\Windows\System32\drivers\salmosa.sys [11904 2008-03-20] (Razer (Asia-Pacific) Pte Ltd) S3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-11-16 21:23 - 2015-11-16 21:24 - 00538362 _____ C:\Users\Primol\Desktop\GMER.txt 2015-11-16 19:32 - 2015-11-16 19:32 - 00919040 _____ (Farbar) C:\Windows\mod_frst.exe 2015-11-16 17:03 - 2015-11-16 17:03 - 00274944 _____ C:\Windows\Minidump\111615-32963-01.dmp 2015-11-16 16:20 - 2015-11-16 16:20 - 00274944 _____ C:\Windows\Minidump\111615-31028-01.dmp 2015-11-16 14:00 - 2015-11-16 14:00 - 00045056 _____ C:\Users\Primol\Downloads\Harmonogram Belgia Jarosław Primka tydzień 46.xls 2015-11-16 01:03 - 2015-11-16 13:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-11-16 00:36 - 2015-11-16 00:36 - 03452054 _____ C:\Users\Primol\Desktop\HOWTO_RESTORE_FILES.bmp 2015-11-16 00:36 - 2015-11-16 00:36 - 00006679 _____ C:\Users\Primol\Desktop\HOWTO_RESTORE_FILES.htm 2015-11-16 00:36 - 2015-11-16 00:36 - 00002547 _____ C:\Users\Primol\Desktop\HOWTO_RESTORE_FILES.txt 2015-11-16 00:18 - 2015-11-16 00:18 - 00000254 _____ C:\Users\Primol\Documents\recover_file_aslsrbidr.txt 2015-11-16 00:05 - 2015-11-16 00:05 - 18843848 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2015-11-15 22:49 - 2015-11-15 22:49 - 00000254 _____ C:\Users\Primol\Documents\recover_file_fjusaasls.txt 2015-11-06 22:23 - 2015-11-06 22:23 - 00000254 _____ C:\Users\Primol\Documents\recover_file_lvlrnvomf.txt 2015-11-06 22:18 - 2015-11-06 22:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-11-16 23:24 - 2015-08-13 20:53 - 00000000 ____D C:\FRST 2015-11-16 23:24 - 2015-02-07 19:27 - 00000000 ____D C:\Users\Primol\AppData\Roaming\Raptr 2015-11-16 23:23 - 2015-08-13 20:58 - 00000000 ____D C:\Users\Primol\Desktop\frst 2015-11-16 23:23 - 2013-11-11 18:14 - 00000000 ____D C:\Users\Primol\AppData\Local\LogMeIn Hamachi 2015-11-16 23:23 - 2013-05-21 22:25 - 00000000 ____D C:\Users\Primol\AppData\Roaming\Copy 2015-11-16 23:22 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-11-16 23:22 - 2009-07-14 05:51 - 00212639 _____ C:\Windows\setupact.log 2015-11-16 23:20 - 2009-07-14 04:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2015-11-16 23:17 - 2009-07-14 05:45 - 00022224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-11-16 23:17 - 2009-07-14 05:45 - 00022224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-11-16 23:01 - 2012-03-30 13:45 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-11-16 23:00 - 2015-02-19 13:27 - 00001062 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1571191598-4212959213-3768767430-1000UA.job 2015-11-16 22:08 - 2015-02-19 13:27 - 00001010 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1571191598-4212959213-3768767430-1000Core.job 2015-11-16 21:46 - 2013-01-20 17:32 - 00000000 ____D C:\Users\Primol\AppData\Roaming\TS3Client 2015-11-16 21:45 - 2014-10-11 17:40 - 00000932 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1571191598-4212959213-3768767430-1000UA.job 2015-11-16 21:04 - 2011-04-12 14:21 - 00828740 _____ C:\Windows\system32\perfh015.dat 2015-11-16 21:04 - 2011-04-12 14:21 - 00212504 _____ C:\Windows\system32\perfc015.dat 2015-11-16 21:04 - 2009-07-14 06:13 - 01817240 _____ C:\Windows\system32\PerfStringBackup.INI 2015-11-16 20:59 - 2015-08-14 05:20 - 00538362 _____ C:\Users\Primol\Desktop\gmer.log 2015-11-16 18:45 - 2014-10-11 17:40 - 00000910 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1571191598-4212959213-3768767430-1000Core.job 2015-11-16 17:03 - 2013-12-19 15:33 - 1072820872 _____ C:\Windows\MEMORY.DMP 2015-11-16 17:03 - 2013-12-19 15:33 - 00000000 ____D C:\Windows\Minidump 2015-11-16 16:22 - 2013-05-21 15:10 - 00000000 ____D C:\Users\Primol\AppData\Local\Akamai 2015-11-16 16:20 - 2012-05-05 14:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-11-16 16:20 - 2010-11-21 04:47 - 00230584 _____ C:\Windows\PFRO.log 2015-11-16 00:21 - 2015-02-07 19:27 - 00000000 ____D C:\Program Files (x86)\Raptr 2015-11-16 00:05 - 2012-03-30 13:45 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-11-16 00:05 - 2012-03-30 13:45 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-11-16 00:05 - 2011-12-20 20:05 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-15 23:47 - 2015-08-09 20:03 - 00004686 _____ C:\Users\Public\HELP_DECRYPT.TXT.ccc 2015-11-15 23:46 - 2015-08-09 20:03 - 00045902 _____ C:\Users\Public\HELP_DECRYPT.PNG.ccc 2015-11-15 23:46 - 2015-08-09 20:03 - 00045902 _____ C:\Users\Public\Documents\HELP_DECRYPT.PNG.ccc 2015-11-15 23:46 - 2015-08-09 20:03 - 00004686 _____ C:\Users\Public\Documents\HELP_DECRYPT.TXT.ccc 2015-11-15 23:46 - 2015-08-09 20:02 - 00045902 _____ C:\Users\Primol\HELP_DECRYPT.PNG.ccc 2015-11-15 23:46 - 2015-08-09 20:02 - 00004686 _____ C:\Users\Primol\HELP_DECRYPT.TXT.ccc 2015-11-15 23:46 - 2015-08-09 20:01 - 00045902 _____ C:\Users\Primol\Downloads\HELP_DECRYPT.PNG.ccc 2015-11-15 23:46 - 2015-08-09 20:01 - 00045902 _____ C:\Users\Primol\Documents\HELP_DECRYPT.PNG.ccc 2015-11-15 23:46 - 2015-08-09 20:01 - 00004686 _____ C:\Users\Primol\Downloads\HELP_DECRYPT.TXT.ccc 2015-11-15 23:46 - 2015-08-09 20:01 - 00004686 _____ C:\Users\Primol\Documents\HELP_DECRYPT.TXT.ccc 2015-11-15 23:46 - 2015-05-19 07:34 - 00000000 ____D C:\Users\Primol\Documents\The Witcher 3 2015-11-15 23:46 - 2015-05-07 16:44 - 00000000 ____D C:\Users\Primol\Tracing 2015-11-15 23:46 - 2015-02-09 20:54 - 00000000 ____D C:\Users\Primol\Documents\Heroes of the Storm 2015-11-15 23:46 - 2015-01-20 16:45 - 00015390 _____ C:\Users\Primol\Downloads\Spis treści.docx.ccc 2015-11-15 23:46 - 2015-01-07 16:25 - 00068958 _____ C:\Users\Primol\Downloads\Zeszyt1.xlsx.ccc 2015-11-15 23:46 - 2014-11-11 19:01 - 00000000 ____D C:\Users\Primol\Documents\Sports Interactive 2015-11-15 23:46 - 2014-03-29 13:53 - 00000000 ____D C:\Users\Public\Documents\PTV Vision 2015-11-15 23:46 - 2013-07-07 17:23 - 00000000 ____D C:\Users\Primol\Documents\My Games 2015-11-15 23:46 - 2013-01-06 15:38 - 00000000 ____D C:\Users\Primol\Documents\StarCraft II Beta 2015-11-15 23:46 - 2012-11-28 20:45 - 00000000 ____D C:\Users\Primol\Documents\StarCraft II 2015-11-15 23:46 - 2011-12-20 02:20 - 00000000 ____D C:\Users\Primol 2015-11-15 23:45 - 2015-09-24 11:24 - 00000000 ____D C:\Users\Primol\Desktop\zaw 2015-11-15 23:45 - 2015-09-24 10:45 - 120073790 _____ C:\Users\Primol\Desktop\Shared photos 24-9-2015.zip.ccc 2015-11-15 23:45 - 2015-09-23 15:30 - 00077742 _____ C:\Users\Primol\Desktop\PJK_W05_06 temat-pracy_mgr.doc.ccc 2015-11-15 23:45 - 2015-09-23 12:32 - 00064382 _____ C:\Users\Primol\Desktop\pko_trans_details_150923_133210.pdf.ccc 2015-11-15 23:45 - 2015-09-23 12:17 - 05705054 _____ C:\Users\Primol\Desktop\ŁKubiś_JPrimka_TD_mgr.pdf.ccc 2015-11-15 23:45 - 2015-09-23 12:16 - 09235262 _____ C:\Users\Primol\Desktop\ŁKubiś_JPrimka_TD_mgr.docx.ccc 2015-11-15 23:45 - 2015-09-23 11:37 - 00084462 _____ C:\Users\Primol\Desktop\Praca_dyplomowa-Oswiadczenie.pdf.ccc 2015-11-15 23:45 - 2015-09-22 07:49 - 00112030 _____ C:\Users\Primol\Desktop\Oświadczenie Men Expert Survival Race - Poznań.pdf.ccc 2015-11-15 23:45 - 2015-09-21 18:12 - 02723854 _____ C:\Users\Primol\Desktop\Prezentacja.pptx.ccc 2015-11-15 23:45 - 2015-09-20 17:40 - 08583598 _____ C:\Users\Primol\Desktop\Wiekopomne Dzieło- Całosc_1 - Kopia.docx.ccc 2015-11-15 23:45 - 2015-09-05 12:16 - 01203582 _____ C:\Users\Primol\Desktop\Praca_w o 7.docx.ccc 2015-11-15 23:45 - 2015-09-05 12:11 - 02763358 _____ C:\Users\Primol\Desktop\spis treści.jpg.ccc 2015-11-15 23:45 - 2015-08-18 12:59 - 00071134 _____ C:\Users\Primol\Desktop\plan pracy.pdf.ccc 2015-11-15 23:45 - 2015-08-14 16:06 - 00003582 _____ C:\Users\Primol\Desktop\protection-log-2015-08-09.txt.ccc 2015-11-15 23:45 - 2015-07-11 21:15 - 00000000 ____D C:\Users\Primol\Desktop\muza 2015-11-15 23:45 - 2015-06-30 09:18 - 00000000 ____D C:\Users\Primol\Desktop\procedury 2015-11-15 23:45 - 2015-05-14 12:49 - 00000000 ____D C:\Users\Primol\Desktop\Redmer 2015-11-15 23:45 - 2015-05-12 08:54 - 00000000 ____D C:\Users\Primol\Desktop\tpih 2015-11-15 23:45 - 2015-03-26 20:32 - 00000000 ____D C:\Users\Primol\Desktop\Podstawy przedsiębiorczościs 2015-11-15 23:45 - 2015-03-25 10:02 - 00000000 ____D C:\Users\Primol\Desktop\TOFD 2015-11-15 23:45 - 2015-03-18 06:04 - 00000000 ____D C:\Users\Primol\Desktop\rt 2015-11-15 23:45 - 2014-12-05 15:48 - 00000000 ____D C:\Users\Primol\Documents\DonationCoder 2015-11-15 23:45 - 2014-06-26 21:42 - 00000000 ____D C:\Users\Primol\Desktop\Różne 2015-11-15 23:45 - 2014-06-13 22:00 - 00000000 ____D C:\Users\Primol\Documents\FIFA World 2015-11-15 23:45 - 2014-05-11 10:57 - 00000000 ____D C:\Users\Primol\Desktop\mgrxxx 2015-11-15 23:45 - 2013-06-18 16:13 - 00040254 _____ C:\Users\Primol\Documents\drzwi.dwg.ccc 2015-11-15 23:45 - 2012-05-14 20:10 - 00000000 ____D C:\Users\Primol\Documents\Diablo III 2015-11-15 23:45 - 2012-02-14 20:54 - 00000000 ____D C:\Users\Primol\Documents\BioWare 2015-11-15 23:44 - 2015-10-03 21:23 - 00028910 _____ C:\Users\Primol\Desktop\Harmonogram Belgia Michał Andrzejewski tydz 37(3).xlsx.ccc 2015-11-15 23:44 - 2015-09-24 11:00 - 00000000 ____D C:\Users\Primol\Desktop\ham 2015-11-15 23:44 - 2015-09-21 16:20 - 05027694 _____ C:\Users\Primol\Desktop\MGR.pdf.ccc 2015-11-15 23:44 - 2015-09-20 17:02 - 08585806 _____ C:\Users\Primol\Desktop\MGR.docx.ccc 2015-11-15 23:44 - 2015-09-05 12:20 - 00000000 ____D C:\Users\Primol\Desktop\mgr 2015-11-15 23:44 - 2015-08-14 16:06 - 00013918 _____ C:\Users\Primol\Desktop\mbam-log-2015-08-09 (21-44-21).txt.ccc 2015-11-15 23:44 - 2015-08-14 16:03 - 00186270 _____ C:\Users\Primol\Desktop\gmer_log.txt.ccc 2015-11-15 23:38 - 2015-09-27 15:47 - 00250382 _____ C:\Users\Primol\Desktop\216-1_34_NDT_15_RT.docx.ccc 2015-11-15 23:38 - 2015-09-02 17:10 - 00482766 _____ C:\Users\Primol\Desktop\document.pdf.ccc 2015-11-15 23:38 - 2015-08-18 13:05 - 00716302 _____ C:\Users\Primol\Desktop\chleb Dunkana.docx.ccc 2015-11-15 23:38 - 2015-06-28 20:02 - 00000000 ____D C:\Users\Primol\Desktop\dok obrona 2015-11-15 23:38 - 2014-11-23 12:12 - 00000000 ____D C:\Users\Primol\Desktop\format 2015-11-15 23:38 - 2014-05-09 18:08 - 00000000 ____D C:\Users\Primol\AppData\Roaming\RST 2015-11-15 23:38 - 2013-03-24 08:48 - 00000000 ____D C:\Users\Primol\AppData\Roaming\Wargaming.net 2015-11-15 23:38 - 2013-02-25 16:03 - 00000000 ____D C:\Users\Primol\AppData\Roaming\Spotify 2015-11-15 23:38 - 2012-09-26 16:46 - 00000000 ____D C:\Users\Primol\AppData\Roaming\WNR 2015-11-15 23:38 - 2012-04-05 15:51 - 00000000 ____D C:\Users\Primol\AppData\Roaming\Winamp 2015-11-15 23:38 - 2012-02-01 18:16 - 00000000 ____D C:\Users\Primol\AppData\Roaming\Skype 2015-11-15 23:38 - 2011-12-28 15:43 - 00000000 ____D C:\Users\Primol\AppData\Roaming\runic games 2015-11-15 23:37 - 2014-03-29 14:28 - 00000000 ____D C:\Users\Primol\AppData\Roaming\PTV Vision 2015-11-15 23:37 - 2012-09-25 14:52 - 00000000 ____D C:\Users\Primol\AppData\Roaming\PrivateTunnel 2015-11-15 23:37 - 2012-02-03 18:10 - 00000000 ____D C:\Users\Primol\AppData\Roaming\Origin 2015-11-15 23:37 - 2011-12-20 02:34 - 00000000 ____D C:\Users\Primol\AppData\Roaming\Mozilla 2015-11-15 23:36 - 2015-08-09 19:23 - 00045902 _____ C:\Users\Primol\AppData\LocalLow\HELP_DECRYPT.PNG.ccc 2015-11-15 23:36 - 2015-08-09 19:23 - 00004686 _____ C:\Users\Primol\AppData\LocalLow\HELP_DECRYPT.TXT.ccc 2015-11-15 23:36 - 2015-06-29 20:11 - 00000000 ____D C:\Users\Primol\AppData\Roaming\AMD 2015-11-15 23:36 - 2014-11-11 19:01 - 00000000 ____D C:\Users\Primol\AppData\Local\Sports Interactive 2015-11-15 23:36 - 2014-08-30 22:08 - 00000000 ____D C:\Users\Primol\AppData\Local\Skype 2015-11-15 23:36 - 2014-03-24 21:26 - 00000000 ____D C:\Users\Primol\AppData\Roaming\MathWorks 2015-11-15 23:36 - 2013-07-07 17:24 - 00000000 ____D C:\Users\Primol\AppData\Local\Skyrim 2015-11-15 23:36 - 2013-06-21 12:19 - 00000000 ____D C:\Users\Primol\AppData\Roaming\Malwarebytes 2015-11-15 23:36 - 2013-03-07 22:50 - 00000000 ____D C:\Users\Primol\AppData\Local\SplitMediaLabs 2015-11-15 23:36 - 2013-02-25 16:03 - 00000000 ____D C:\Users\Primol\AppData\Local\Spotify 2015-11-15 23:36 - 2012-05-19 21:05 - 00000000 ____D C:\Users\Primol\AppData\Roaming\Autodesk 2015-11-15 23:36 - 2012-01-08 14:14 - 00000000 ____D C:\Users\Primol\AppData\LocalLow\Sun 2015-11-15 23:36 - 2012-01-01 16:37 - 00000000 ____D C:\Users\Primol\AppData\LocalLow\Adobe 2015-11-15 23:36 - 2011-12-21 14:38 - 00000000 ____D C:\Users\Primol\AppData\Roaming\Gadu-Gadu 10 2015-11-15 23:36 - 2011-12-20 19:35 - 00000000 ____D C:\Users\Primol\AppData\Roaming\com.w3i.FlipToast 2015-11-15 23:36 - 2011-12-20 19:35 - 00000000 ____D C:\Users\Primol\AppData\Roaming\Adobe 2015-11-15 23:35 - 2012-06-03 23:19 - 00000000 ____D C:\Users\Primol\AppData\Local\PunkBuster 2015-11-15 23:35 - 2012-02-03 18:09 - 00000000 ____D C:\Users\Primol\AppData\Local\Origin 2015-11-15 23:35 - 2011-12-20 02:34 - 00000000 ____D C:\Users\Primol\AppData\Local\Mozilla 2015-11-15 23:28 - 2015-08-09 20:03 - 00045902 _____ C:\Users\HELP_DECRYPT.PNG.ccc 2015-11-15 23:28 - 2015-08-09 20:03 - 00004686 _____ C:\Users\HELP_DECRYPT.TXT.ccc 2015-11-15 23:28 - 2015-05-19 07:34 - 00000000 ____D C:\Users\Primol\AppData\Local\GalaxyCommunicationService 2015-11-15 23:28 - 2014-10-11 17:40 - 00000000 ____D C:\Users\Primol\AppData\Local\Facebook 2015-11-15 23:28 - 2014-03-26 23:18 - 00000000 ____D C:\Users\Primol\AppData\Local\Blizzard 2015-11-15 23:28 - 2013-10-26 20:22 - 00000000 ____D C:\Users\Primol\AppData\Local\Blizzard Entertainment 2015-11-15 23:28 - 2013-10-26 20:22 - 00000000 ____D C:\Users\Primol\AppData\Local\Battle.net 2015-11-15 23:28 - 2013-06-01 16:49 - 00000000 ____D C:\Users\Primol\AppData\Local\gladinet 2015-11-15 23:28 - 2013-03-07 22:49 - 00000000 ____D C:\ProgramData\SplitMediaLabs 2015-11-15 23:28 - 2012-08-28 22:04 - 00000000 ____D C:\Users\Primol\AppData\Local\Google 2015-11-15 23:28 - 2012-05-19 21:11 - 00000000 ____D C:\Users\Primol\AppData\Local\Autodesk 2015-11-15 23:27 - 2015-08-09 19:21 - 00045902 _____ C:\ProgramData\HELP_DECRYPT.PNG.ccc 2015-11-15 23:27 - 2015-08-09 19:21 - 00004686 _____ C:\ProgramData\HELP_DECRYPT.TXT.ccc 2015-11-15 23:27 - 2015-05-18 19:00 - 00000000 ____D C:\ProgramData\GOG.com 2015-11-15 23:27 - 2015-02-07 20:04 - 00000000 ____D C:\ProgramData\Razer 2015-11-15 23:27 - 2014-05-21 22:31 - 00000000 ____D C:\ProgramData\PopCap Games 2015-11-15 23:27 - 2013-06-21 12:18 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-11-15 23:27 - 2012-09-11 10:23 - 00000000 __SHD C:\ProgramData\DSS 2015-11-15 23:27 - 2012-03-16 03:05 - 00000000 ____D C:\ProgramData\Battle.net 2015-11-15 23:27 - 2012-02-03 18:09 - 00000000 ____D C:\ProgramData\Origin 2015-11-15 23:26 - 2013-12-18 00:02 - 00000000 ____D C:\PDFOCR_Output 2015-11-15 23:26 - 2013-06-01 16:46 - 00000000 ____D C:\ReadMe 2015-11-15 23:26 - 2013-06-01 16:46 - 00000000 ____D C:\PDFCreate7 2015-11-15 23:26 - 2012-05-19 21:05 - 00000000 ____D C:\ProgramData\Autodesk 2015-11-15 23:26 - 2012-02-03 23:29 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories 2015-11-15 23:26 - 2011-12-20 19:35 - 00000000 ____D C:\Program Files\Core Temp 2015-11-15 23:26 - 2011-12-20 19:34 - 00000000 ____D C:\Program Files\ATI Technologies 2015-11-15 23:25 - 2014-12-10 17:20 - 00000000 ____D C:\Octave-3.8.2 2015-11-15 23:25 - 2012-01-02 18:34 - 00000000 ____D C:\Microsoft Office 2015-11-15 23:02 - 2015-01-23 09:48 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-11-15 23:00 - 2015-06-25 17:38 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-11-15 22:56 - 2015-08-09 20:03 - 00045902 _____ C:\HELP_DECRYPT.PNG.ccc 2015-11-15 22:56 - 2015-08-09 20:03 - 00004686 _____ C:\HELP_DECRYPT.TXT.ccc 2015-11-15 22:56 - 2015-08-09 18:31 - 00000000 ____D C:\Malwarebytes Anti-Malware 2015-11-15 22:56 - 2014-03-24 18:59 - 00000000 ____D C:\MATLAB 2015-11-15 22:56 - 2013-06-01 16:46 - 00000000 ____D C:\Guides 2015-11-15 22:56 - 2013-05-21 15:18 - 00000000 ____D C:\Autodesk 2015-11-15 22:56 - 2012-03-27 18:46 - 00000000 ____D C:\Brother 2015-11-15 22:52 - 2012-05-19 21:03 - 00000000 ____D C:\AutoCAD_2013_English_Win_64bit 2015-11-06 22:24 - 2011-12-20 02:37 - 00000000 ____D C:\AMD 2015-10-26 11:15 - 2013-11-11 18:14 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys ==================== Pliki w katalogu głównym wybranych folderów ======= 2012-01-08 17:50 - 2012-01-09 00:42 - 0005120 _____ () C:\Users\Primol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-12-05 15:48 - 2014-12-05 15:48 - 0000058 _____ () C:\Users\Primol\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat 2012-12-24 21:58 - 2015-08-09 18:36 - 0007602 _____ () C:\Users\Primol\AppData\Local\Resmon.ResmonCfg 2015-08-09 19:21 - 2015-08-09 19:21 - 0008654 _____ () C:\ProgramData\HELP_DECRYPT.HTML 2015-08-09 19:21 - 2015-11-15 23:27 - 0045902 _____ () C:\ProgramData\HELP_DECRYPT.PNG.ccc 2015-08-09 19:21 - 2015-11-15 23:27 - 0004686 _____ () C:\ProgramData\HELP_DECRYPT.TXT.ccc 2015-08-09 19:21 - 2015-08-09 19:21 - 0000296 _____ () C:\ProgramData\HELP_DECRYPT.URL 2012-05-19 21:11 - 2012-05-19 21:11 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2015-11-16 18:10 ==================== Koniec FRST.txt ============================