Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:16-12-2015 03 Uruchomiony przez Tomasz (administrator) TOSHIBA (17-12-2015 19:35:20) Uruchomiony z C:\ Załadowane profile: Tomasz (Dostępne profile: Tomasz) Platform: Windows 8.1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe () C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe (ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe () C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (GoPro) C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe (Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_235.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_235.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13261456 2012-11-29] (Realtek Semiconductor) HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2565544 2012-10-31] () HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] () HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA Corporation) HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation) HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2172816 2012-10-22] (SRS Labs, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-28] (Synaptics Incorporated) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595336 2014-10-01] (ESET) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [TPUReg] => C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe [7152640 2012-12-05] (Pegatron Corporation) HKLM-x32\...\Run: [TRUUpdater] => C:\Program Files (x86)\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe [562456 2009-09-21] (Sierra Wireless, Inc.) HKLM-x32\...\Run: [WatcherHelper] => C:\Program Files (x86)\Sierra Wireless Inc\3G Watcher\WaHelper.exe [58648 2009-09-25] (Sierra Wireless Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [GoPro Studio Importer] => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [3217672 2015-07-02] (GoPro) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Brak pliku Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aggiorna ESET license.lnk [2015-04-08] ShortcutTarget: Aggiorna ESET license.lnk -> C:\Program Files (x86)\ESET\MiNODLogin\launcher.exe (Brak pliku) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GoPro Importer.lnk [2015-01-10] ShortcutTarget: GoPro Importer.lnk -> C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe (GoPro) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-07-28] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.) GroupPolicy: Ograniczenia - Chrome <======= UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: 0.0.0.1 mssplus.mcafee.com Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{26BA52A4-0C96-4250-B5C1-52C16AF79C9F}: [NameServer] 89.108.195.20 89.108.202.20 Tcpip\..\Interfaces\{5AC16BAD-4352-4210-8007-7C6CAD8C1900}: [DhcpNameServer] 127.0.0.1 Tcpip\..\Interfaces\{84824010-22DD-4F94-8427-8A78E6502F5B}: [NameServer] 89.108.195.20 89.108.202.20 Tcpip\..\Interfaces\{EE85773F-F4BC-4C48-AE82-0872568458C4}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-1681403894-334063220-2750973403-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 HKU\S-1-5-21-1681403894-334063220-2750973403-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://fr.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_30¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0CtDyDtDyBtAtAtC0DyEzy0B0AyEzztN0D0Tzu0StCtBzyzytN1L2XzutAtFtCtBtFyDtFyCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyEyDyBtB0E0B0FtAtGyC0E0B0BtG0Ezz0DyDtGyC0FyE0DtGzz0AtA0FyBzy0C0C0BtAtA0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyCzztC0C0C0EyEtG0D0D0BtDtGyEzztAyEtG0B0DyCyCtGtA0A0BtDtCzy0A0D0C0DtAtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzuzzzzyC%26cr%3D997527101%26a%3Dwncy_ir_15_30%26os%3DWindows%2B8.1 HKU\S-1-5-21-1681403894-334063220-2750973403-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01 SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1681403894-334063220-2750973403-1001 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_30¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0CtDyDtDyBtAtAtC0DyEzy0B0AyEzztN0D0Tzu0StCtBzyzytN1L2XzutAtFtCtBtFyDtFyCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyEyDyBtB0E0B0FtAtGyC0E0B0BtG0Ezz0DyDtGyC0FyE0DtGzz0AtA0FyBzy0C0C0BtAtA0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyCzztC0C0C0EyEtG0D0D0BtDtGyEzztAyEtG0B0DyCyCtGtA0A0BtDtCzy0A0D0C0DtAtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzuzzzzyC%26cr%3D997527101%26a%3Dwncy_ir_15_30%26os%3DWindows%2B8.1&p={searchTerms} SearchScopes: HKU\S-1-5-21-1681403894-334063220-2750973403-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKU\S-1-5-21-1681403894-334063220-2750973403-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_30¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0CtDyDtDyBtAtAtC0DyEzy0B0AyEzztN0D0Tzu0StCtBzyzytN1L2XzutAtFtCtBtFyDtFyCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyEyDyBtB0E0B0FtAtGyC0E0B0BtG0Ezz0DyDtGyC0FyE0DtGzz0AtA0FyBzy0C0C0BtAtA0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyCzztC0C0C0EyEtG0D0D0BtDtGyEzztAyEtG0B0DyCyCtGtA0A0BtDtCzy0A0D0C0DtAtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzuzzzzyC%26cr%3D997527101%26a%3Dwncy_ir_15_30%26os%3DWindows%2B8.1&p={searchTerms} SearchScopes: HKU\S-1-5-21-1681403894-334063220-2750973403-1001 -> {E42D9249-EB39-477F-9647-9127E803E00C} URL = Toolbar: HKLM - Brak nazwy - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Brak pliku StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Tomasz\AppData\Roaming\Mozilla\Firefox\Profiles\xv63wch3.default-1450297515004 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-09-23] (VideoLAN) FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nie znaleziono Chrome: ======= CHR HomePage: Default -> hxxp://fr.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_30¶m1=1¶m2=f%3D1%26b%3DChrome%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0CtDyDtDyBtAtAtC0DyEzy0B0AyEzztN0D0Tzu0StCtBzyzytN1L2XzutAtFtCtBtFyDtFyCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyEyDyBtB0E0B0FtAtGyC0E0B0BtG0Ezz0DyDtGyC0FyE0DtGzz0AtA0FyBzy0C0C0BtAtA0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyCzztC0C0C0EyEtG0D0D0BtDtGyEzztAyEtG0B0DyCyCtGtA0A0BtDtCzy0A0D0C0DtAtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzuzzzzyC%26cr%3D997527101%26a%3Dwncy_ir_15_30%26os%3DWindows%2B8.1 CHR StartupUrls: Default -> "hxxp://fr.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_30¶m1=1¶m2=f%3D7%26b%3DChrome%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0CtDyDtDyBtAtAtC0DyEzy0B0AyEzztN0D0Tzu0StCtBzyzytN1L2XzutAtFtCtBtFyDtFyCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyEyDyBtB0E0B0FtAtGyC0E0B0BtG0Ezz0DyDtGyC0FyE0DtGzz0AtA0FyBzy0C0C0BtAtA0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyCzztC0C0C0EyEtG0D0D0BtDtGyEzztAyEtG0B0DyCyCtGtA0A0BtDtCzy0A0D0C0DtAtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzuzzzzyC%26cr%3D997527101%26a%3Dwncy_ir_15_30%26os%3DWindows%2B8.1" CHR DefaultSearchURL: Default -> hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_15_42_wncy_ir_15_30¶m1=1¶m2=f%3D4%26b%3DChrome%26cc%3Dpl%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyB0CtDyDtDyBtAtAtC0DyEzy0B0AyEzztN0D0Tzu0StCtAzzyDtN1L2XzutAtFtCtBtFyDtFtBtBtN1L1Czu1M1Q1CtCyDtN1L1G1B1V1N2Y1L1Qzu2SyCtCyEyB0BtD0F0BtGyD0DtC0EtGzyyByEyCtGtBtDyDtDtG0B0FyEyByB0EyByE0D0CyCyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyCzztC0C0C0EyEtG0D0D0BtDtGyEzztAyEtG0B0DyCyCtGtA0A0BtDtCzy0A0D0C0DtAtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCtCyE%26cr%3D863345526%26a%3Dhdr_s_15_42_wncy_ir_15_30%26os%3DWindows%2B8.1&p={searchTerms} CHR DefaultSearchKeyword: Default -> search provided by yahoo.com CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms} CHR Profile: C:\Users\Tomasz\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (BestY NewTab) - C:\Users\Tomasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajcmdlkeklfmbjffnlofgfkjcnpfckab [2015-12-09] CHR Extension: (Chrome Web Store Payments) - C:\Users\Tomasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-19] CHR HKLM\...\Chrome\Extension: [ajcmdlkeklfmbjffnlofgfkjcnpfckab] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1681403894-334063220-2750973403-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ajcmdlkeklfmbjffnlofgfkjcnpfckab] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ajcmdlkeklfmbjffnlofgfkjcnpfckab] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2014-10-01] (ESET) R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [156672 2011-10-13] () [Brak podpisu cyfrowego] R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.) S2 PLAY ONLINE. RunOuc; C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe [246112 2015-09-03] () R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 2012-12-05] (Realtek Semiconductor) R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-18] (Toshiba Europe GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-10-10] (ESET) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241368 2014-10-10] (ESET) R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169280 2014-10-10] (ESET) R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [222280 2014-10-10] (ESET) R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44632 2014-10-10] (ESET) R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [63160 2014-10-10] (ESET) S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [229376 2015-09-03] (Huawei Technologies Co., Ltd.) R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [24208 2012-07-11] (Realtek Microelectronics) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation ) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31032 2012-11-29] (Synaptics Incorporated) S3 swmsflt; C:\Windows\System32\drivers\swmsflt.sys [34304 2009-01-14] () R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S3 ewusbnet; \SystemRoot\system32\DRIVERS\ewusbnet.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-12-17 19:35 - 2015-12-17 19:35 - 00018594 _____ C:\FRST.txt 2015-12-17 19:35 - 2015-12-17 19:35 - 00000000 ____D C:\FRST 2015-12-17 09:11 - 2015-12-17 09:17 - 00015740 _____ C:\Users\Tomasz\Downloads\Godziny grzesiek.ods 2015-12-17 08:30 - 2015-12-17 08:30 - 00817056 _____ C:\WINDOWS\Minidump\121715-58343-01.dmp 2015-12-17 08:29 - 2015-12-17 08:29 - 611879771 ____N C:\WINDOWS\MEMORY.DMP 2015-12-16 22:30 - 2015-12-16 22:30 - 00000000 ____D C:\Nowy folder 2015-12-16 22:24 - 2015-12-16 22:24 - 00003232 _____ C:\Users\Tomasz\Downloads\Fixlog.txt 2015-12-16 22:24 - 2015-12-16 22:06 - 00002420 _____ C:\Users\Tomasz\Downloads\fixlist.txt 2015-12-16 22:16 - 2015-12-16 22:16 - 00042350 _____ C:\Users\Tomasz\Downloads\Shortcut.txt 2015-12-16 21:57 - 2015-12-16 22:16 - 00038340 _____ C:\Users\Tomasz\Downloads\Addition.txt 2015-12-16 21:55 - 2015-12-16 22:17 - 00040527 _____ C:\Users\Tomasz\Downloads\FRST.txt 2015-12-16 21:49 - 2015-12-16 21:49 - 02370048 _____ (Farbar) C:\Users\Tomasz\Downloads\FRST64(1).exe 2015-12-16 21:47 - 2015-12-16 21:47 - 02370048 _____ (Farbar) C:\FRST64.exe 2015-12-12 00:05 - 2015-12-12 00:05 - 06801752 _____ (Piriform Ltd) C:\Users\Tomasz\Downloads\ccsetup512.exe 2015-12-12 00:03 - 2015-12-12 00:04 - 00962128 _____ (Installer Soft Program ) C:\Users\Tomasz\Downloads\CCleaner-13061-dp.exe 2015-12-08 23:55 - 2015-11-05 09:59 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys 2015-12-08 23:54 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-12-08 23:54 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-12-08 23:54 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2015-12-08 23:54 - 2015-11-11 16:44 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2015-12-08 23:54 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-12-08 23:54 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2015-12-08 23:54 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-12-08 23:54 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2015-12-08 23:54 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-12-08 23:54 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll 2015-12-08 23:54 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-12-08 23:54 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-12-08 23:54 - 2015-11-10 00:41 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2015-12-08 23:54 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2015-12-08 23:54 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-12-08 23:54 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-12-08 23:54 - 2015-11-10 00:36 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-12-08 23:54 - 2015-11-10 00:25 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2015-12-08 23:54 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-12-08 23:54 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-12-08 23:54 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-12-08 23:54 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-12-08 23:54 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-12-08 23:54 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-12-08 23:54 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2015-12-08 23:54 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-12-08 23:54 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2015-12-08 23:54 - 2015-11-08 22:32 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2015-12-08 23:54 - 2015-11-08 22:25 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2015-12-08 23:54 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2015-12-08 23:54 - 2015-11-08 22:16 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-12-08 23:54 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-12-08 23:54 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2015-12-08 23:54 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-12-08 23:54 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-12-08 23:54 - 2015-11-08 21:53 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2015-12-08 23:54 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-12-08 23:54 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-12-08 23:54 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2015-12-08 23:52 - 2015-11-22 07:59 - 07455064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-12-08 23:52 - 2015-11-22 07:59 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2015-12-08 23:52 - 2015-11-22 07:59 - 01659568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2015-12-08 23:52 - 2015-11-22 07:59 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2015-12-08 23:52 - 2015-11-22 07:59 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2015-12-08 23:52 - 2015-11-22 07:59 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2015-12-08 23:52 - 2015-11-22 07:58 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2015-12-08 23:52 - 2015-11-21 19:32 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll 2015-12-08 23:52 - 2015-11-21 18:50 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll 2015-12-08 23:52 - 2015-11-21 17:59 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll 2015-12-08 23:52 - 2015-11-21 17:49 - 01344000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll 2015-12-08 23:52 - 2015-11-21 17:47 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll 2015-12-08 23:52 - 2015-11-21 17:40 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll 2015-12-08 23:52 - 2015-11-20 23:47 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2015-12-08 23:52 - 2015-11-20 19:18 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2015-12-08 23:52 - 2015-11-20 17:58 - 03706880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-12-08 23:52 - 2015-11-20 17:47 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2015-12-08 23:52 - 2015-11-20 17:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2015-12-08 23:52 - 2015-11-20 17:44 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2015-12-08 23:52 - 2015-11-20 17:44 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2015-12-08 23:52 - 2015-11-20 17:43 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2015-12-08 23:52 - 2015-11-20 17:42 - 02243584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2015-12-08 23:52 - 2015-11-20 17:30 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2015-12-08 23:52 - 2015-11-20 17:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2015-12-08 23:52 - 2015-11-20 17:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2015-12-08 23:52 - 2015-11-20 17:27 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2015-12-08 23:52 - 2015-11-09 01:41 - 01540728 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2015-12-08 23:52 - 2015-11-08 23:30 - 04176384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-12-08 23:52 - 2015-11-08 22:23 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2015-12-08 23:52 - 2015-11-08 22:13 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2015-12-08 23:52 - 2015-11-08 22:01 - 01753600 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2015-12-08 23:52 - 2015-11-08 21:52 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2015-12-08 23:52 - 2015-11-08 21:48 - 01376256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2015-12-08 23:52 - 2015-11-08 21:42 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2015-12-08 23:52 - 2015-10-28 16:49 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-12-08 23:52 - 2015-10-28 16:29 - 02462720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-12-08 23:52 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll 2015-12-08 23:52 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL 2015-12-08 23:52 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL 2015-12-08 23:52 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL 2015-12-08 23:52 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll 2015-12-08 23:52 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL 2015-12-08 23:52 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL 2015-12-08 23:52 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL 2015-12-08 23:52 - 2015-10-22 17:21 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2015-12-08 23:52 - 2015-10-22 17:21 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll 2015-12-08 23:52 - 2015-10-22 16:58 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2015-12-08 23:52 - 2015-10-22 16:58 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll 2015-12-08 23:52 - 2015-10-22 15:08 - 00513456 _____ C:\WINDOWS\SysWOW64\locale.nls 2015-12-08 23:52 - 2015-10-22 15:08 - 00513456 _____ C:\WINDOWS\system32\locale.nls 2015-12-08 23:52 - 2015-10-11 07:34 - 00468824 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2015-12-08 23:52 - 2015-10-11 07:34 - 00462168 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2015-12-08 23:52 - 2015-10-11 07:34 - 00443224 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys 2015-12-08 23:52 - 2015-10-11 07:34 - 00092504 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys 2015-12-08 23:52 - 2015-10-11 07:34 - 00027992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys 2015-12-08 23:52 - 2015-10-10 19:41 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys 2015-12-08 23:52 - 2015-10-10 19:41 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbohci.sys 2015-12-08 23:52 - 2015-10-10 18:20 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2015-12-08 23:52 - 2015-10-08 17:11 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll 2015-12-08 23:52 - 2015-10-08 16:50 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll 2015-12-08 23:52 - 2015-10-03 20:41 - 01385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2015-12-08 23:52 - 2015-10-03 20:41 - 01124384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2015-12-08 23:51 - 2015-10-05 19:28 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe 2015-12-08 23:51 - 2015-10-05 19:25 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2015-12-08 17:21 - 2015-12-13 14:52 - 00000000 ____D C:\Users\Tomasz\AppData\Local\AdjudicationsPaleontologists 2015-12-08 17:21 - 2015-12-13 12:21 - 00000312 _____ C:\WINDOWS\Tasks\Price Fountain.job 2015-12-08 17:21 - 2015-12-08 17:21 - 00503012 _____ C:\Users\Tomasz\AppData\Roaming\Setup62601.exe 2015-12-08 17:21 - 2015-12-08 17:21 - 00003476 _____ C:\WINDOWS\System32\Tasks\AdjudicationsPaleontologistsV2 2015-12-08 17:21 - 2015-12-08 17:21 - 00002650 _____ C:\WINDOWS\System32\Tasks\Price Fountain 2015-12-08 17:21 - 2015-12-08 17:21 - 00000000 ____D C:\Users\Tomasz\AppData\Roaming\PriceFountain 2015-12-07 13:06 - 2015-12-07 13:48 - 00000000 ____D C:\Users\Tomasz\Desktop\MAZDA5 2015-12-05 23:48 - 2015-12-12 16:33 - 00000000 ____D C:\Users\Tomasz\Desktop\Nowy folder (2) 2015-12-04 18:08 - 2015-12-04 18:08 - 00004044 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d12eb65de6cdf8 2015-12-04 18:08 - 2015-12-04 18:08 - 00001072 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d12eb65de6cdf8.job ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-12-17 19:35 - 2013-08-22 14:36 - 00000000 ____D C:\Windows 2015-12-17 19:34 - 2015-04-01 16:34 - 00001308 _____ C:\WINDOWS\Tasks\help4u_notification_service.job 2015-12-17 19:29 - 2014-09-15 17:42 - 00003984 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{22DE6D33-7E2B-4342-B6C8-FAB2B6A2228A} 2015-12-17 09:13 - 2014-03-03 21:23 - 00001072 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-12-17 09:01 - 2015-07-23 09:31 - 00000290 _____ C:\WINDOWS\Tasks\UpdateTask.job 2015-12-17 08:48 - 2015-05-06 17:01 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-12-17 08:35 - 2015-04-01 16:35 - 00000670 _____ C:\WINDOWS\Tasks\help4u_updating_service.job 2015-12-17 08:31 - 2015-09-15 14:07 - 00001068 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0efb785827586.job 2015-12-17 08:31 - 2014-03-03 21:23 - 00001068 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-12-17 08:30 - 2015-04-01 16:35 - 00001024 _____ C:\WINDOWS\Tasks\4UKOOyXwbSuEEhQb.job 2015-12-17 08:30 - 2014-09-16 16:53 - 00000000 ____D C:\WINDOWS\Minidump 2015-12-17 08:30 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-12-16 23:20 - 2013-10-31 20:20 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1681403894-334063220-2750973403-1001 2015-12-16 22:08 - 2014-07-25 08:55 - 00000000 ____D C:\Users\Tomasz 2015-12-16 21:25 - 2015-01-15 19:29 - 00000000 ____D C:\Users\Tomasz\Desktop\Stare dane programu Firefox 2015-12-16 21:01 - 2015-07-23 10:31 - 00000254 _____ C:\Users\Tomasz\AppData\Roaming\WB.CFG 2015-12-16 20:57 - 2014-03-03 21:24 - 00002180 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-12-14 22:27 - 2013-11-01 20:46 - 00000000 ____D C:\Users\Tomasz\AppData\Roaming\vlc 2015-12-14 19:53 - 2014-03-18 10:57 - 01825074 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-12-14 19:53 - 2014-03-18 10:28 - 00807160 _____ C:\WINDOWS\system32\perfh015.dat 2015-12-14 19:53 - 2014-03-18 10:28 - 00163478 _____ C:\WINDOWS\system32\perfc015.dat 2015-12-14 19:53 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf 2015-12-13 09:25 - 2015-02-20 09:53 - 00023468 _____ C:\WINDOWS\BRRBCOM.INI 2015-12-12 00:09 - 2014-07-25 09:42 - 00000000 ___DC C:\WINDOWS\Panther 2015-12-11 17:45 - 2015-10-30 20:56 - 00000000 ___HD C:\$WINDOWS.~BT 2015-12-09 18:48 - 2015-05-06 17:01 - 00003818 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2015-12-09 13:56 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache 2015-12-09 13:34 - 2013-08-22 15:44 - 00362136 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-12-09 13:31 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-12-09 13:25 - 2014-03-03 21:23 - 00000000 ____D C:\Users\Tomasz\AppData\Local\Google 2015-12-09 04:13 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-12-09 04:11 - 2014-04-28 02:00 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-12-09 04:06 - 2014-04-28 02:00 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-12-08 16:01 - 2015-10-17 08:00 - 00000000 ____D C:\Users\Tomasz\AppData\Local\{0E9C38C0-2A34-5478-47AC-719063C48D08} 2015-12-06 13:45 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-12-04 18:08 - 2015-09-15 14:07 - 00003808 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d0efb785827586 2015-12-04 18:08 - 2014-03-03 21:23 - 00004044 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-12-01 18:19 - 2015-03-13 06:27 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-12-01 18:19 - 2015-03-13 06:27 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-26 08:31 - 2015-09-17 08:37 - 00000000 ____D C:\Users\Tomasz\Desktop\ALEGRO 2015-11-18 04:56 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-02-20 10:03 - 2007-11-20 08:23 - 0000060 ____R () C:\Program Files (x86)\BRINST.INI 2015-03-31 09:14 - 2015-03-31 09:14 - 0004387 _____ () C:\Users\Tomasz\AppData\Roaming\4UKOOyXwbSuEEhQb 2015-12-08 17:21 - 2015-12-08 17:21 - 0503012 _____ () C:\Users\Tomasz\AppData\Roaming\Setup62601.exe 2015-03-31 09:14 - 2015-03-31 09:14 - 0005655 _____ () C:\Users\Tomasz\AppData\Roaming\Uo9Dd04KrkUvCA7TwXESDJC114h 2015-07-23 10:31 - 2015-12-16 21:01 - 0000254 _____ () C:\Users\Tomasz\AppData\Roaming\WB.CFG Niektóre pliki w TEMP: ==================== C:\Users\ADMINI~1\AppData\Local\Temp\PresentationCore.dll C:\Users\ADMINI~1\AppData\Local\Temp\PresentationFramework.dll C:\Users\ADMINI~1\AppData\Local\Temp\ReachFramework.dll C:\Users\ADMINI~1\AppData\Local\Temp\UIAutomationProvider.dll C:\Users\ADMINI~1\AppData\Local\Temp\UIAutomationTypes.dll C:\Users\ADMINI~1\AppData\Local\Temp\WindowsBase.dll C:\Users\ADMINI~1\AppData\Local\Temp\WindowsFormsIntegration.dll ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2015-12-16 23:20 ==================== Koniec FRST.txt ============================