Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:14-12-2015 Uruchomiony przez Paweł Górniak (administrator) PAWEŁ (15-12-2015 20:52:15) Uruchomiony z C:\Users\Paweł Górniak\Downloads Załadowane profile: Paweł Górniak (Dostępne profile: Paweł Górniak) Platform: Windows 10 Home (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Taiwan Shui Mu Chih Ching Technology Limited) C:\Program Files (x86)\WinZipper\winzipersvc.exe (Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\BHipsSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\BavSvc.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (tsvr.com) C:\Users\Paweł Górniak\AppData\Roaming\TSv\TSvr.exe (TFuns LIMITED) C:\ProgramData\FWdMF\WdMan.exe (TODO: <公司名>) C:\Program Files (x86)\SFK\SSFK.exe (Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\bavhm.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files (x86)\screenSHU\screenSHU.exe (CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\BavTray.exe (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4645\Agent.exe (Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.6382\Battle.net.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files\lenovo\iMController\AutoUpdate.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16565_none_1162030161f5c19b\TiWorker.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe () C:\Program Files\lenovo\iMController\LegacyFeatures.exe () C:\Program Files\lenovo\iMController\PluginCommunication.exe (Lenovo) C:\Program Files\lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17097200 2014-07-19] (Lenovo (Beijing) Limited) HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2014-07-19] (Lenovo(beijing) Limited) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-19] (Intel Corporation) HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.) HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [Baidu Antivirus] => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\BavTray.exe [1998832 2015-11-23] (Baidu, Inc.) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe HKU\S-1-5-21-720095144-239407429-1005869762-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation) HKU\S-1-5-21-720095144-239407429-1005869762-1001\...\Run: [GoogleChromeAutoLaunch_03E7FA4B0EEF7E8A4953036F2F3F8D27] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [741704 2015-12-04] (Google Inc.) HKU\S-1-5-21-720095144-239407429-1005869762-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50137728 2015-11-17] (Skype Technologies S.A.) HKU\S-1-5-21-720095144-239407429-1005869762-1001\...\Run: [screenSHU] => C:\Program Files (x86)\screenSHU\screenSHU.exe [2112000 2013-09-04] () HKU\S-1-5-21-720095144-239407429-1005869762-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [2946096 2015-11-20] (Blizzard Entertainment) HKU\S-1-5-21-720095144-239407429-1005869762-1001\...\RunOnce: [Uninstall C:\Users\PaweB G�rniak\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Paweł Górniak\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" HKU\S-1-5-21-720095144-239407429-1005869762-1001\...\RunOnce: [Uninstall C:\Users\PaweB G�rniak\AppData\Local\Microsoft\OneDrive\17.3.5892.0626] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Paweł Górniak\AppData\Local\Microsoft\OneDrive\17.3.5892.0626" HKU\S-1-5-21-720095144-239407429-1005869762-1001\...\RunOnce: [Uninstall C:\Users\PaweB G�rniak\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Paweł Górniak\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64" HKU\S-1-5-21-720095144-239407429-1005869762-1001\...\RunOnce: [Uninstall C:\Users\PaweB G�rniak\AppData\Local\Microsoft\OneDrive\17.3.5907.0716] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Paweł Górniak\AppData\Local\Microsoft\OneDrive\17.3.5907.0716" HKU\S-1-5-21-720095144-239407429-1005869762-1001\...\RunOnce: [Uninstall C:\Users\PaweB G�rniak\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Paweł Górniak\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64" HKU\S-1-5-21-720095144-239407429-1005869762-1001\...\RunOnce: [Uninstall C:\Users\PaweB G�rniak\AppData\Local\Microsoft\OneDrive\17.3.5930.0814] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Paweł Górniak\AppData\Local\Microsoft\OneDrive\17.3.5930.0814" HKU\S-1-5-21-720095144-239407429-1005869762-1001\...\RunOnce: [Uninstall C:\Users\PaweB G�rniak\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Paweł Górniak\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64" HKU\S-1-5-21-720095144-239407429-1005869762-1001\...\RunOnce: [Uninstall C:\Users\PaweB G�rniak\AppData\Local\Microsoft\OneDrive\17.3.5951.0827] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Paweł Górniak\AppData\Local\Microsoft\OneDrive\17.3.5951.0827" HKU\S-1-5-21-720095144-239407429-1005869762-1001\...\RunOnce: [Uninstall C:\Users\PaweB G�rniak\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Paweł Górniak\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64" HKU\S-1-5-21-720095144-239407429-1005869762-1001\...\RunOnce: [Uninstall C:\Users\PaweB G�rniak\AppData\Local\Microsoft\OneDrive\17.3.6201.1019] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Paweł Górniak\AppData\Local\Microsoft\OneDrive\17.3.6201.1019" ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Brak pliku ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\BavShx64.dll [2015-11-23] (Baidu, Inc.) ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{d658056e-109f-499d-8161-3eed9c61ec50}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1450098558&z=0dcc66ecc53dc5d9e42c5dfg7z4w6e8e4t4b5w1q2c&from=wpm07173&uid=ST500LT012-1DG142_S3PA77MPXXXXS3PA77MP HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1450098558&z=0dcc66ecc53dc5d9e42c5dfg7z4w6e8e4t4b5w1q2c&from=wpm07173&uid=ST500LT012-1DG142_S3PA77MPXXXXS3PA77MP HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1450098558&z=0dcc66ecc53dc5d9e42c5dfg7z4w6e8e4t4b5w1q2c&from=wpm07173&uid=ST500LT012-1DG142_S3PA77MPXXXXS3PA77MP&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1450098558&z=0dcc66ecc53dc5d9e42c5dfg7z4w6e8e4t4b5w1q2c&from=wpm07173&uid=ST500LT012-1DG142_S3PA77MPXXXXS3PA77MP&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1450098558&z=0dcc66ecc53dc5d9e42c5dfg7z4w6e8e4t4b5w1q2c&from=wpm07173&uid=ST500LT012-1DG142_S3PA77MPXXXXS3PA77MP HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1450098558&z=0dcc66ecc53dc5d9e42c5dfg7z4w6e8e4t4b5w1q2c&from=wpm07173&uid=ST500LT012-1DG142_S3PA77MPXXXXS3PA77MP HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1450098558&z=0dcc66ecc53dc5d9e42c5dfg7z4w6e8e4t4b5w1q2c&from=wpm07173&uid=ST500LT012-1DG142_S3PA77MPXXXXS3PA77MP&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1450098558&z=0dcc66ecc53dc5d9e42c5dfg7z4w6e8e4t4b5w1q2c&from=wpm07173&uid=ST500LT012-1DG142_S3PA77MPXXXXS3PA77MP&q={searchTerms} HKU\S-1-5-21-720095144-239407429-1005869762-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1450098558&z=0dcc66ecc53dc5d9e42c5dfg7z4w6e8e4t4b5w1q2c&from=wpm07173&uid=ST500LT012-1DG142_S3PA77MPXXXXS3PA77MP HKU\S-1-5-21-720095144-239407429-1005869762-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1450098558&z=0dcc66ecc53dc5d9e42c5dfg7z4w6e8e4t4b5w1q2c&from=wpm07173&uid=ST500LT012-1DG142_S3PA77MPXXXXS3PA77MP HKU\S-1-5-21-720095144-239407429-1005869762-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com HKU\S-1-5-21-720095144-239407429-1005869762-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-720095144-239407429-1005869762-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1450098558&z=0dcc66ecc53dc5d9e42c5dfg7z4w6e8e4t4b5w1q2c&from=wpm07173&uid=ST500LT012-1DG142_S3PA77MPXXXXS3PA77MP&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1450098558&z=0dcc66ecc53dc5d9e42c5dfg7z4w6e8e4t4b5w1q2c&from=wpm07173&uid=ST500LT012-1DG142_S3PA77MPXXXXS3PA77MP&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1450098558&z=0dcc66ecc53dc5d9e42c5dfg7z4w6e8e4t4b5w1q2c&from=wpm07173&uid=ST500LT012-1DG142_S3PA77MPXXXXS3PA77MP&q={searchTerms} SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1450098558&z=0dcc66ecc53dc5d9e42c5dfg7z4w6e8e4t4b5w1q2c&from=wpm07173&uid=ST500LT012-1DG142_S3PA77MPXXXXS3PA77MP&q={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-720095144-239407429-1005869762-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1450098558&z=0dcc66ecc53dc5d9e42c5dfg7z4w6e8e4t4b5w1q2c&from=wpm07173&uid=ST500LT012-1DG142_S3PA77MPXXXXS3PA77MP&q={searchTerms} SearchScopes: HKU\S-1-5-21-720095144-239407429-1005869762-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1450098558&z=0dcc66ecc53dc5d9e42c5dfg7z4w6e8e4t4b5w1q2c&from=wpm07173&uid=ST500LT012-1DG142_S3PA77MPXXXXS3PA77MP&q={searchTerms} BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation) BHO-x32: Outrageous Deal -> {4e2d2bf0-159f-4257-acf0-b1f29b376fa0} -> C:\Program Files (x86)\Outrageous Deal\Extensions\4e2d2bf0-159f-4257-acf0-b1f29b376fa0.dll => Brak pliku BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE hxxp://www.yoursites123.com/?type=sc&ts=1450098558&z=0dcc66ecc53dc5d9e42c5dfg7z4w6e8e4t4b5w1q2c&from=wpm07173&uid=ST500LT012-1DG142_S3PA77MPXXXXS3PA77MP Edge: ====== Edge HomeButtonPage: HKU\S-1-5-21-720095144-239407429-1005869762-1001 -> hxxp://www.yoursites123.com/?type=hp&ts=1450098558&z=0dcc66ecc53dc5d9e42c5dfg7z4w6e8e4t4b5w1q2c&from=wpm07173&uid=ST500LT012-1DG142_S3PA77MPXXXXS3PA77MP FireFox: ======== FF ProfilePath: C:\Users\Paweł Górniak\AppData\Roaming\Mozilla\Firefox\Profiles\oiieohpc.default FF NewTab: hxxp://www.yoursites123.com/newtab/?type=nt&ts=1450098558&z=0dcc66ecc53dc5d9e42c5dfg7z4w6e8e4t4b5w1q2c&from=wpm07173&uid=ST500LT012-1DG142_S3PA77MPXXXXS3PA77MP FF DefaultSearchEngine: yoursites123 FF SelectedSearchEngine: yoursites123 FF Homepage: hxxp://www.yoursites123.com/?type=hp&ts=1450098558&z=0dcc66ecc53dc5d9e42c5dfg7z4w6e8e4t4b5w1q2c&from=wpm07173&uid=ST500LT012-1DG142_S3PA77MPXXXXS3PA77MP FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2014-12-05] (Unity Technologies ApS) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-720095144-239407429-1005869762-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Paweł Górniak\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-15] (Unity Technologies ApS) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\istartsurf.xml [2015-11-08] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yoursites123.xml [2015-12-14] FF Extension: Brak nazwy - C:\Users\Paweł Górniak\AppData\Roaming\Mozilla\Firefox\Profiles\oiieohpc.default\extensions\{8a167a0d-2593-78be-dffa-baa301a8d989} [nie znaleziono] FF Extension: Outrageous Deal - C:\Users\Paweł Górniak\AppData\Roaming\Mozilla\Firefox\Profiles\oiieohpc.default\Extensions\{603e7ffb-43ec-48e6-ad82-08c42b81a913}.xpi [2015-12-12] [Brak podpisu cyfrowego] FF Extension: Strong Signal - C:\Users\Paweł Górniak\AppData\Roaming\Mozilla\Firefox\Profiles\oiieohpc.default\Extensions\{9d204d90-67ed-4674-ad22-ac0bd52d6ba6}.xpi [2015-02-08] [Brak podpisu cyfrowego] FF Extension: Brak nazwy - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [Brak podpisu cyfrowego] Chrome: ======= CHR Profile: C:\Users\Paweł Górniak\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Dokumenty Google) - C:\Users\Paweł Górniak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-13] CHR Extension: (Dysk Google) - C:\Users\Paweł Górniak\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-15] CHR Extension: (YouTube) - C:\Users\Paweł Górniak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-15] CHR Extension: (Google Search) - C:\Users\Paweł Górniak\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-15] CHR Extension: (Dokumenty Google offline) - C:\Users\Paweł Górniak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-15] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Paweł Górniak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-15] CHR Extension: (Gmail) - C:\Users\Paweł Górniak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-13] CHR Profile: C:\Users\Paweł Górniak\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Prezentacje Google) - C:\Users\Paweł Górniak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-08] CHR Extension: (Dokumenty Google) - C:\Users\Paweł Górniak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-08] CHR Extension: (Dysk Google) - C:\Users\Paweł Górniak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-08] CHR Extension: (YouTube) - C:\Users\Paweł Górniak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-08] CHR Extension: (Adblock Plus) - C:\Users\Paweł Górniak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-29] CHR Extension: (Google Search) - C:\Users\Paweł Górniak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-08] CHR Extension: (Arkusze Google) - C:\Users\Paweł Górniak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-08] CHR Extension: (Dokumenty Google offline) - C:\Users\Paweł Górniak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Paweł Górniak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-08] CHR Extension: (Gmail) - C:\Users\Paweł Górniak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-08] CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12] CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.yoursites123.com/?type=sc&ts=1450098558&z=0dcc66ecc53dc5d9e42c5dfg7z4w6e8e4t4b5w1q2c&from=wpm07173&uid=ST500LT012-1DG142_S3PA77MPXXXXS3PA77MP ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 BavSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\BavSvc.exe [2791312 2015-11-23] (Baidu, Inc.) S3 BdSandboxSrv; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\BdSandboxSrv64.exe [264736 2015-01-08] (Baidu, Inc.) R2 BHipsSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\BHipsSvc.exe [531232 2015-11-23] (Baidu, Inc.) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation) R2 EMUpdateCerter; C:\WINDOWS\SysWOW64\acmphelper.dll [413312 2015-08-11] () R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-14] (Intel Corporation) R2 IhPul; C:\Users\Paweł Górniak\AppData\Roaming\TSv\TSvr.exe [580752 2015-12-08] (tsvr.com) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [164736 2012-11-08] (Intel Corporation) R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO INCORPORATED.) R2 SSFK; C:\Program Files (x86)\SFK\SSFK.exe [170144 2015-11-27] (TODO: <公司名>) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated) R2 WdMan; C:\ProgramData\FWdMF\WdMan.exe [333312 2015-12-04] (TFuns LIMITED) [Brak podpisu cyfrowego] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [711344 2015-12-14] (Taiwan Shui Mu Chih Ching Technology Limited) <==== UWAGA R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-02-28] (Atheros) [Brak podpisu cyfrowego] S2 Update Mgr StrongSignal; "C:\Program Files (x86)\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce\updater.exe" [X] <==== UWAGA ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) U3 BdApiUtil; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\BdApiUtil64.sys [116968 2015-11-23] (Baidu, Inc.) S3 bdark64; C:\WINDOWS\system32\drivers\bdark64.sys [78792 2015-05-28] () U3 BdCameraProtect; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\BdCameraProtect64.sys [25032 2015-11-23] (Baidu, Inc.) S3 BdSandbox; C:\WINDOWS\System32\drivers\BdSandbox.sys [236920 2015-03-05] (Baidu, Inc.) R1 Bfilter; C:\WINDOWS\System32\drivers\Bfilter.sys [61896 2015-11-23] (Baidu, Inc.) R1 Bfmon; C:\WINDOWS\System32\drivers\Bfmon.sys [38344 2015-11-23] (Baidu, Inc.) S0 Bhbase; C:\Windows\System32\drivers\Bhbase.sys [83144 2015-11-23] (Baidu, Inc.) R1 Bnbase; C:\Windows\System32\drivers\bnbasex64.sys [62792 2015-11-23] (Baidu, Inc.) R1 Bndef; C:\WINDOWS\System32\drivers\bndef64.sys [485672 2015-11-23] (Baidu, Inc.) R3 Bnmon; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\Bnmon64.sys [82376 2015-11-23] (Baidu, Inc.) R1 Bprotect; C:\WINDOWS\System32\drivers\Bprotect.sys [262088 2015-11-23] (Baidu, Inc.) S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-12-15] () R2 hyperdatapkg; C:\WINDOWS\system32\drivers\appnetfilemgr.sys [140464 2015-08-11] () R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek ) R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Realsil Semiconductor Corporation) S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [163644 2015-11-24] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Brak podpisu cyfrowego] R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () R3 voxaldriver; C:\Windows\system32\DRIVERS\voxaldriverx64.sys [34512 2015-04-22] () S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-12-15 20:51 - 2015-12-15 20:52 - 00000000 ____D C:\FRST 2015-12-15 20:51 - 2015-12-15 20:51 - 02369536 _____ (Farbar) C:\Users\Paweł Górniak\Downloads\FRST64.exe 2015-12-15 20:47 - 2015-12-15 20:47 - 00016148 _____ C:\WINDOWS\system32\PAWEŁ_Paweł Górniak_HistoryPrediction.bin 2015-12-15 20:39 - 2015-12-15 20:39 - 00003320 _____ C:\WINDOWS\System32\Tasks\GridinSoft Anti-Malware 2015-12-15 20:38 - 2015-12-15 20:38 - 00000000 ____D C:\ProgramData\GridinSoft 2015-12-15 20:37 - 2015-12-15 20:37 - 01104336 _____ C:\Users\Paweł Górniak\Downloads\gsamNL.exe 2015-12-15 20:33 - 2015-12-15 20:34 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Paweł Górniak\Downloads\SpyHunter-Installer (1).exe 2015-12-15 20:28 - 2015-12-15 20:29 - 00000000 ___RD C:\Users\Paweł Górniak\Documents\Scanned Documents 2015-12-15 20:28 - 2015-12-15 20:28 - 00000000 ____D C:\Users\Paweł Górniak\Documents\Fax 2015-12-15 19:23 - 2015-12-15 19:23 - 00000000 _____ C:\autoexec.bat 2015-12-15 19:22 - 2015-12-15 19:22 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Paweł Górniak\Downloads\SpyHunter-Installer.exe 2015-12-15 19:22 - 2015-12-15 19:22 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys 2015-12-15 19:21 - 2015-12-15 20:53 - 00030635 _____ C:\Users\Paweł Górniak\Downloads\FRST.txt 2015-12-14 21:11 - 2015-12-14 21:12 - 436185568 _____ C:\Users\Paweł Górniak\Desktop\Top Music 2015 ¦ Top 100 New Songs of 2015 New songs Playlist Best songs 2015.mp4 2015-12-14 14:09 - 2015-12-15 20:49 - 00000000 ____D C:\Program Files (x86)\WinZipper 2015-12-14 14:09 - 2015-12-15 20:48 - 00000000 ____D C:\Program Files (x86)\SFK 2015-12-14 14:09 - 2015-12-14 14:10 - 00000000 ____D C:\ProgramData\FWdMF 2015-12-14 14:09 - 2015-12-14 14:09 - 00000376 _____ C:\WINDOWS\SysWOW64\data.bin 2015-12-14 14:09 - 2015-12-14 14:09 - 00000000 ____D C:\Users\Paweł Górniak\AppData\Roaming\WinZipper 2015-12-14 14:09 - 2015-12-14 14:09 - 00000000 ____D C:\Users\Paweł Górniak\AppData\Roaming\TSv 2015-12-14 14:09 - 2015-12-14 14:09 - 00000000 ____D C:\ProgramData\UWdMU 2015-12-14 14:09 - 2015-12-14 14:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper 2015-12-13 16:40 - 2015-12-13 16:40 - 00000000 ____D C:\Users\Paweł Górniak\AppData\Roaming\YoutubeToMp3Converter 2015-12-13 16:39 - 2015-12-13 16:53 - 00000000 ____D C:\ProgramData\Freemake 2015-12-13 16:39 - 2015-12-13 16:53 - 00000000 ____D C:\Program Files (x86)\Freemake 2015-12-13 16:25 - 2015-12-13 16:53 - 00000000 ____D C:\Program Files (x86)\AVG 2015-12-13 16:24 - 2015-12-13 16:52 - 00000000 ____D C:\Users\Paweł Górniak\AppData\Local\AvgSetupLog 2015-12-13 16:24 - 2015-12-13 16:39 - 00000000 ____D C:\Users\Paweł Górniak\AppData\Roaming\RPEng 2015-12-13 16:24 - 2015-12-13 16:36 - 00000000 ____D C:\Users\Paweł Górniak\AppData\Roaming\DVDVideoSoft 2015-12-13 16:24 - 2015-12-13 16:24 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack 2015-12-13 16:21 - 2015-12-13 16:21 - 00000000 ____D C:\Users\Paweł Górniak\AppData\Local\4kdownload.com 2015-12-12 23:36 - 2015-12-12 23:36 - 00000000 ____D C:\Users\Paweł Górniak\AppData\Local\Wondershare 2015-12-12 23:36 - 2015-12-12 23:36 - 00000000 ____D C:\ProgramData\Wondershare 2015-12-12 23:35 - 2015-12-12 23:38 - 00000000 ____D C:\Users\Paweł Górniak\Documents\Wondershare Video Editor 2015-12-12 23:35 - 2015-12-12 23:35 - 00001279 _____ C:\Users\Public\Desktop\Wondershare Video Editor.lnk 2015-12-12 23:35 - 2015-12-12 23:35 - 00000000 ____D C:\ProgramData\Wondershare Video Editor 2015-12-12 23:35 - 2015-12-12 23:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2015-12-12 23:35 - 2015-12-12 23:35 - 00000000 ____D C:\Program Files (x86)\Wondershare 2015-12-12 23:35 - 2015-02-27 11:33 - 02140712 _____ (MainConcept GmbH) C:\WINDOWS\SysWOW64\mcmpgvout.004 2015-12-12 23:35 - 2015-02-27 11:33 - 00531496 _____ (MainConcept GmbH) C:\WINDOWS\SysWOW64\mcmpeg2mux.ax 2015-12-12 23:35 - 2015-02-27 11:33 - 00375848 _____ (MainConcept GmbH) C:\WINDOWS\SysWOW64\mcm2ve.ax 2015-12-12 23:35 - 2015-02-27 11:33 - 00257064 _____ (MainConcept GmbH) C:\WINDOWS\SysWOW64\mcl2ae.ax 2015-12-12 23:35 - 2015-02-27 11:33 - 00244776 _____ (MainConcept GmbH) C:\WINDOWS\SysWOW64\mcmpgaout.dll 2015-12-12 23:35 - 2015-02-27 11:33 - 00020520 _____ (MainConcept GmbH) C:\WINDOWS\SysWOW64\mcmpgvout.dll 2015-12-12 23:34 - 2015-12-12 23:35 - 00000000 ____D C:\Users\Public\Documents\Wondershare 2015-12-12 22:19 - 2015-12-12 22:19 - 00000000 ____D C:\Users\Paweł Górniak\AppData\Local\VideoEditor 2015-12-12 22:19 - 2015-12-12 22:19 - 00000000 ____D C:\Users\Paweł Górniak\AppData\Local\Movavi 2015-12-12 22:18 - 2015-12-12 22:18 - 00004133 _____ C:\ProgramData\rxsmznjf.zcp 2015-12-12 22:18 - 2015-12-12 22:18 - 00000016 _____ C:\ProgramData\mntemp 2015-12-12 22:18 - 2015-12-12 22:18 - 00000000 ____D C:\ProgramData\Movavi Video Editor 11 2015-12-09 20:40 - 2015-12-09 20:40 - 09498816 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe 2015-12-09 20:21 - 2015-11-25 05:44 - 21872640 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-12-09 20:21 - 2015-11-25 05:42 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-12-09 20:20 - 2015-12-01 08:01 - 02115936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2015-12-09 20:20 - 2015-12-01 07:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys 2015-12-09 20:20 - 2015-12-01 06:54 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2015-12-09 20:20 - 2015-12-01 06:51 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2015-12-09 20:20 - 2015-12-01 06:49 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-12-09 20:20 - 2015-12-01 06:02 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-12-09 20:20 - 2015-12-01 05:59 - 05455360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2015-12-09 20:20 - 2015-11-25 06:42 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2015-12-09 20:20 - 2015-11-25 06:42 - 00168288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe 2015-12-09 20:20 - 2015-11-25 06:41 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2015-12-09 20:20 - 2015-11-25 06:40 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2015-12-09 20:20 - 2015-11-25 06:33 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-12-09 20:20 - 2015-11-25 06:32 - 00113184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll 2015-12-09 20:20 - 2015-11-25 06:27 - 01366680 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2015-12-09 20:20 - 2015-11-25 06:12 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2015-12-09 20:20 - 2015-11-25 06:11 - 01532984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2015-12-09 20:20 - 2015-11-25 06:09 - 01310880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2015-12-09 20:20 - 2015-11-25 06:01 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-12-09 20:20 - 2015-11-25 05:59 - 00092992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll 2015-12-09 20:20 - 2015-11-25 05:49 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2015-12-09 20:20 - 2015-11-25 05:49 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll 2015-12-09 20:20 - 2015-11-25 05:49 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2015-12-09 20:20 - 2015-11-25 05:49 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll 2015-12-09 20:20 - 2015-11-25 05:48 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EthernetMediaManager.dll 2015-12-09 20:20 - 2015-11-25 05:48 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMediaManager.dll 2015-12-09 20:20 - 2015-11-25 05:37 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-12-09 20:20 - 2015-11-25 05:36 - 01710592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2015-12-09 20:20 - 2015-11-25 05:36 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys 2015-12-09 20:20 - 2015-11-25 05:35 - 00929792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2015-12-09 20:20 - 2015-11-25 05:35 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe 2015-12-09 20:20 - 2015-11-25 05:34 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-12-09 20:20 - 2015-11-25 05:31 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll 2015-12-09 20:20 - 2015-11-25 05:30 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll 2015-12-09 20:20 - 2015-11-25 05:30 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys 2015-12-09 20:20 - 2015-11-25 05:30 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys 2015-12-09 20:20 - 2015-11-25 05:29 - 01649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll 2015-12-09 20:20 - 2015-11-25 05:29 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll 2015-12-09 20:20 - 2015-11-25 05:28 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-12-09 20:20 - 2015-11-25 05:28 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll 2015-12-09 20:20 - 2015-11-25 05:27 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-12-09 20:20 - 2015-11-25 05:26 - 00849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2015-12-09 20:20 - 2015-11-25 05:26 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2015-12-09 20:20 - 2015-11-25 05:25 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2015-12-09 20:20 - 2015-11-25 05:25 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll 2015-12-09 20:20 - 2015-11-25 05:23 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-12-09 20:20 - 2015-11-25 05:23 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-12-09 20:20 - 2015-11-25 05:23 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2015-12-09 20:20 - 2015-11-25 05:22 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2015-12-09 20:20 - 2015-11-25 05:22 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-12-09 20:20 - 2015-11-25 05:22 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll 2015-12-09 20:20 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll 2015-12-09 20:20 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL 2015-12-09 20:20 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL 2015-12-09 20:20 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL 2015-12-09 20:20 - 2015-11-25 05:19 - 01795584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-12-09 20:20 - 2015-11-25 05:19 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2015-12-09 20:20 - 2015-11-25 05:18 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2015-12-09 20:20 - 2015-11-25 05:17 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2015-12-09 20:20 - 2015-11-25 05:16 - 01442816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll 2015-12-09 20:20 - 2015-11-25 05:16 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe 2015-12-09 20:20 - 2015-11-25 05:13 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-12-09 20:20 - 2015-11-25 05:11 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll 2015-12-09 20:20 - 2015-11-25 05:10 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-12-09 20:20 - 2015-11-25 05:10 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll 2015-12-09 20:20 - 2015-11-25 05:10 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-12-09 20:20 - 2015-11-25 05:10 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll 2015-12-09 20:20 - 2015-11-25 05:08 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2015-12-09 20:20 - 2015-11-25 05:07 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll 2015-12-09 20:20 - 2015-11-25 05:05 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-12-09 20:20 - 2015-11-25 05:04 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2015-12-09 20:20 - 2015-11-25 05:04 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll 2015-12-09 20:20 - 2015-11-25 05:04 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll 2015-12-09 20:20 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll 2015-12-09 20:20 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL 2015-12-09 20:20 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL 2015-12-09 20:20 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL 2015-12-09 20:20 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\SysWOW64\locale.nls 2015-12-09 20:20 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\system32\locale.nls 2015-12-07 12:07 - 2015-12-07 12:07 - 00000000 ____D C:\Users\Paweł Górniak\AppData\Roaming\dvdcss 2015-12-03 15:01 - 2015-12-03 15:01 - 00000000 ____D C:\ProgramData\Cache 2015-12-03 14:51 - 2015-12-03 14:51 - 00000000 ____D C:\Users\Public\Documents\XMUpdate 2015-12-02 22:29 - 2015-12-02 22:29 - 00001551 _____ C:\Users\Paweł Górniak\AppData\Local\recently-used.xbel 2015-11-24 21:24 - 2015-11-24 21:32 - 00163644 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\WINDOWS\SysWOW64\Drivers\SECDRV.SYS 2015-11-24 21:24 - 1998-11-13 13:10 - 00307200 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUn0415.exe 2015-11-24 21:23 - 2015-11-24 21:23 - 00003198 _____ C:\WINDOWS\System32\Tasks\{AF520519-AF68-49F7-A239-84C1AC1ED8AA} 2015-11-23 17:24 - 2015-12-15 20:51 - 00000000 ____D C:\ProgramData\BavSvc_exe 2015-11-23 16:42 - 2015-11-23 16:42 - 00286064 _____ C:\WINDOWS\Minidump\112315-33593-01.dmp 2015-11-23 16:35 - 2015-03-05 06:12 - 00421784 _____ (Baidu, Inc.) C:\WINDOWS\system32\BdSandboxDll64.dll 2015-11-23 16:35 - 2015-03-05 06:12 - 00236920 _____ (Baidu, Inc.) C:\WINDOWS\system32\Drivers\BdSandbox.sys 2015-11-23 16:35 - 2015-01-08 09:01 - 00330272 _____ (Baidu, Inc.) C:\WINDOWS\SysWOW64\BdSandboxDll32.dll 2015-11-23 16:32 - 2015-05-28 12:45 - 00078792 _____ C:\WINDOWS\system32\Drivers\bdark64.sys 2015-11-23 16:26 - 2015-11-23 16:26 - 00485672 _____ (Baidu, Inc.) C:\WINDOWS\system32\Drivers\bndef64.sys 2015-11-23 16:26 - 2015-11-23 16:26 - 00262088 _____ (Baidu, Inc.) C:\WINDOWS\system32\Drivers\Bprotect.sys 2015-11-23 16:26 - 2015-11-23 16:26 - 00083144 _____ (Baidu, Inc.) C:\WINDOWS\system32\Drivers\Bhbase.sys 2015-11-23 16:26 - 2015-11-23 16:26 - 00075248 _____ (Baidu, Inc.) C:\WINDOWS\system32\bdhookx64.dll 2015-11-23 16:26 - 2015-11-23 16:26 - 00062792 _____ (Baidu, Inc.) C:\WINDOWS\system32\Drivers\bnbasex64.sys 2015-11-23 16:26 - 2015-11-23 16:26 - 00061896 _____ (Baidu, Inc.) C:\WINDOWS\system32\Drivers\Bfilter.sys 2015-11-23 16:26 - 2015-11-23 16:26 - 00038344 _____ (Baidu, Inc.) C:\WINDOWS\system32\Drivers\Bfmon.sys 2015-11-23 16:26 - 2015-11-23 16:26 - 00032752 _____ (Baidu, Inc.) C:\WINDOWS\SysWOW64\bdhookx86.dll 2015-11-23 16:26 - 2015-11-23 16:26 - 00003694 _____ C:\WINDOWS\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 2015-11-23 16:26 - 2015-11-23 16:26 - 00001022 _____ C:\Users\Public\Desktop\Baidu Antivirus.lnk 2015-11-23 16:26 - 2015-11-23 16:26 - 00000000 ____D C:\Users\Paweł Górniak\AppData\LocalLow\BAVData 2015-11-23 16:26 - 2015-11-23 16:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus 2015-11-23 16:26 - 2015-11-23 16:26 - 00000000 ____D C:\ProgramData\Baidu Security 2015-11-23 16:25 - 2015-11-23 16:31 - 00000000 ____D C:\Users\Paweł Górniak\AppData\Roaming\BavMini 2015-11-23 16:25 - 2015-11-23 16:25 - 00000000 ____D C:\Users\Public\Documents\Baidu 2015-11-23 16:25 - 2015-11-23 16:25 - 00000000 ____D C:\ProgramData\Baidu 2015-11-23 16:25 - 2015-11-23 16:25 - 00000000 ____D C:\Program Files (x86)\Baidu Security 2015-11-22 19:46 - 2015-11-22 19:48 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2015-11-22 19:46 - 2015-11-22 19:46 - 00000000 ____D C:\Program Files (x86)\Adobe 2015-11-20 21:47 - 2015-11-23 16:42 - 00000000 ____D C:\WINDOWS\Minidump 2015-11-20 21:47 - 2015-11-20 21:47 - 00286008 _____ C:\WINDOWS\Minidump\112015-47781-01.dmp 2015-11-20 21:46 - 2015-11-23 16:42 - 587440718 _____ C:\WINDOWS\MEMORY.DMP 2015-11-19 21:15 - 2015-11-19 21:15 - 00001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk 2015-11-19 21:15 - 2015-11-19 21:15 - 00001087 _____ C:\Users\Public\Desktop\Audacity.lnk 2015-11-19 21:14 - 2015-11-19 21:15 - 00000000 ____D C:\Program Files (x86)\Audacity 2015-11-17 17:35 - 2015-12-15 19:51 - 00000000 ____D C:\Users\Paweł Górniak\Desktop\Tajemne obrazy ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-12-15 20:52 - 2015-01-21 18:05 - 00000000 ____D C:\Users\Paweł Górniak\AppData\Local\Battle.net 2015-12-15 20:51 - 2015-07-10 10:05 - 00000000 ____D C:\Windows 2015-12-15 20:49 - 2015-02-10 16:17 - 00000000 ____D C:\Users\Paweł Górniak\AppData\Roaming\Skype 2015-12-15 20:48 - 2015-02-04 16:40 - 00000000 ____D C:\Program Files (x86)\Steam 2015-12-15 20:48 - 2015-01-21 18:05 - 00000000 ____D C:\Program Files (x86)\Battle.net 2015-12-15 20:47 - 2015-04-29 19:32 - 00000000 ____D C:\Users\Paweł Górniak\AppData\Local\screenSHU 2015-12-15 20:47 - 2015-02-26 15:39 - 00001064 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-12-15 20:47 - 2015-01-15 20:05 - 00000000 __SHD C:\Users\Paweł Górniak\IntelGraphicsProfiles 2015-12-15 20:46 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-12-15 20:45 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-12-15 20:41 - 2015-02-26 15:39 - 00001068 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-12-15 20:00 - 2015-02-09 16:07 - 00000000 ____D C:\Users\Paweł Górniak\.gimp-2.8 2015-12-15 19:57 - 2015-01-16 14:55 - 00000000 ____D C:\Users\Paweł Górniak\AppData\Roaming\vlc 2015-12-15 19:27 - 2015-11-08 19:11 - 00002329 _____ C:\Users\Paweł Górniak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk 2015-12-15 19:23 - 2015-07-31 14:28 - 00000000 ____D C:\Users\Paweł Górniak 2015-12-15 19:09 - 2015-02-20 20:49 - 00000000 ____D C:\Gry 2015-12-15 17:17 - 2015-06-07 11:12 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm 2015-12-15 14:58 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps 2015-12-15 14:58 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-12-14 14:09 - 2015-11-08 19:12 - 00000074 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat 2015-12-14 14:09 - 2015-11-08 19:12 - 00000000 ____D C:\ProgramData\5WMiniPro5 2015-12-14 14:09 - 2015-01-16 14:41 - 00001488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-12-14 13:39 - 2015-07-31 14:50 - 01839522 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-12-14 13:39 - 2015-07-10 17:30 - 00814800 _____ C:\WINDOWS\system32\perfh015.dat 2015-12-14 13:39 - 2015-07-10 17:30 - 00156796 _____ C:\WINDOWS\system32\perfc015.dat 2015-12-14 13:39 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF 2015-12-14 02:07 - 2015-07-31 15:18 - 00000000 ___DC C:\WINDOWS\Panther 2015-12-14 02:02 - 2015-10-30 20:56 - 00000000 ___HD C:\$WINDOWS.~BT 2015-12-13 21:48 - 2015-07-31 15:21 - 00002478 _____ C:\Users\Paweł Górniak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-12-13 21:48 - 2015-07-31 15:21 - 00000000 ___RD C:\Users\Paweł Górniak\OneDrive 2015-12-13 16:59 - 2015-07-10 13:20 - 05048176 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-12-13 16:56 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\oobe 2015-12-13 16:53 - 2015-04-30 19:22 - 00000000 ____D C:\ProgramData\AVG 2015-12-13 16:29 - 2015-01-14 20:07 - 00000000 ____D C:\Users\Paweł Górniak\AppData\Local\VirtualStore 2015-12-13 16:28 - 2015-04-30 19:24 - 00000000 ____D C:\Users\Paweł Górniak\AppData\Roaming\AVG 2015-12-13 16:28 - 2015-04-30 19:23 - 00000000 ____D C:\Users\Paweł Górniak\AppData\Local\Avg 2015-12-13 00:21 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache 2015-12-12 20:01 - 2015-04-25 12:02 - 00000000 ____D C:\Users\Paweł Górniak\AppData\Roaming\TS3Client 2015-12-12 15:56 - 2015-06-07 11:39 - 00000000 ____D C:\Users\Paweł Górniak\Documents\Heroes of the Storm 2015-12-12 11:04 - 2015-04-20 18:23 - 00000000 ____D C:\Users\Paweł Górniak\AppData\Roaming\Audacity 2015-12-11 17:59 - 2015-04-23 13:58 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-12-11 17:44 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-12-11 13:59 - 2015-04-30 19:21 - 00000000 ____D C:\Users\Paweł Górniak\AppData\Local\UmmyVideoDownloader 2015-12-11 13:51 - 2015-01-21 18:05 - 00000000 ____D C:\Users\Paweł Górniak\AppData\Roaming\Battle.net 2015-12-11 13:51 - 2015-01-21 18:03 - 00000000 ____D C:\ProgramData\Battle.net 2015-12-06 16:01 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF 2015-12-05 10:36 - 2015-08-07 21:49 - 00000000 ____D C:\Program Files (x86)\Hearthstone 2015-12-02 22:29 - 2015-02-09 18:27 - 00000000 ____D C:\Users\Paweł Górniak\AppData\Local\gtk-2.0 2015-12-02 17:36 - 2015-02-26 15:39 - 00004126 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-12-02 17:36 - 2015-02-26 15:39 - 00003894 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-12-01 01:32 - 2015-07-10 12:06 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-12-01 01:32 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-28 15:53 - 2015-04-25 12:10 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2015-11-23 17:20 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2015-11-23 17:20 - 2013-08-22 16:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2015-11-23 16:51 - 2015-07-03 11:54 - 00000000 ____D C:\ProgramData\AVAST Software 2015-11-22 23:11 - 2015-11-09 15:58 - 00001099 _____ C:\Users\Paweł Górniak\Desktop\screenSHU.lnk 2015-11-22 23:11 - 2015-02-08 18:58 - 00001074 _____ C:\Users\Paweł Górniak\Desktop\GIMP 2.lnk 2015-11-22 23:11 - 2015-02-04 16:40 - 00000986 _____ C:\Users\Paweł Górniak\Desktop\Steam.lnk 2015-11-22 23:11 - 2015-01-21 18:05 - 00001167 _____ C:\Users\Paweł Górniak\Desktop\Battle.net.lnk 2015-11-22 19:56 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-11-22 19:47 - 2015-06-27 14:55 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2015-11-22 19:45 - 2015-01-16 14:43 - 00000000 ____D C:\ProgramData\Adobe 2015-11-21 16:07 - 2015-01-15 14:48 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-11-19 21:43 - 2015-02-10 16:17 - 00000000 ____D C:\ProgramData\Skype 2015-11-15 20:05 - 2015-11-09 19:23 - 00000000 ____D C:\Users\Paweł Górniak\AppData\Local\Innkeeper ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-04-22 17:24 - 2015-04-22 17:24 - 0001167 _____ () C:\Users\Paweł Górniak\AppData\Roaming\trace_FilterInstaller.1.txt 2015-04-22 17:24 - 2015-05-21 13:44 - 0000905 _____ () C:\Users\Paweł Górniak\AppData\Roaming\trace_FilterInstaller.txt 2015-04-22 17:24 - 2015-05-21 13:44 - 0000000 _____ () C:\Users\Paweł Górniak\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt 2015-12-02 22:29 - 2015-12-02 22:29 - 0001551 _____ () C:\Users\Paweł Górniak\AppData\Local\recently-used.xbel 2015-01-16 15:01 - 2015-01-16 15:01 - 0000184 _____ () C:\Users\Paweł Górniak\AppData\Local\RegisteredPackageInformation.xml 2015-02-11 20:32 - 2015-02-11 20:32 - 0000017 _____ () C:\Users\Paweł Górniak\AppData\Local\resmon.resmoncfg 2015-07-31 14:24 - 2015-07-31 14:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2015-02-23 17:51 - 2014-12-25 17:51 - 0000032 ____R () C:\ProgramData\hash.dat 2015-12-12 22:18 - 2015-12-12 22:18 - 0000016 _____ () C:\ProgramData\mntemp 2015-12-12 22:18 - 2015-12-12 22:18 - 0004133 _____ () C:\ProgramData\rxsmznjf.zcp 2015-11-08 19:12 - 2015-12-14 14:09 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Pliki do przeniesienia lub usunięcia: ==================== C:\ProgramData\hash.dat C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Niektóre pliki w TEMP: ==================== C:\Users\Paweł Górniak\AppData\Local\Temp\FreemakeYouTubeToMP3BoomFull.exe C:\Users\Paweł Górniak\AppData\Local\Temp\Quarantine.exe C:\Users\Paweł Górniak\AppData\Local\Temp\SpotifyUninstall.exe C:\Users\Paweł Górniak\AppData\Local\Temp\sqlite3.dll C:\Users\Paweł Górniak\AppData\Local\Temp\{E2F793B4-BBE7-426B-8D53-FF2766B89B16}.dll C:\Users\Paweł Górniak\AppData\Local\Temp\{ED67D77A-DC25-4419-8F81-9DE681EAA41E}.dll ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2015-12-04 23:00 ==================== Koniec FRST.txt ============================