Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:28-12-2015 Uruchomiony przez Ela&Mariusz (administrator) INDYGO (29-12-2015 02:38:07) Uruchomiony z C:\Users\Ela&Mariusz\Downloads\McAffe Załadowane profile: Ela&Mariusz (Dostępne profile: Ela&Mariusz) Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE (ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe (TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe (TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe () C:\Windows\SysWOW64\Codecs\TrayMenu.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosOBEX.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [ThpSrv] => C:\Windows\system32\thpsrv /logon HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated) HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-05-01] (TOSHIBA CORPORATION.) HKLM-x32\...\Run: [ITSecMng] => %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START HKLM-x32\...\Run: [Codec Settings UAC Manager] => C:\Windows\SysWOW64\Codecs\CodecUACManager.exe [60432 2015-06-10] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation) HKU\S-1-5-21-1915761083-1818409099-4065131491-1000\...\Run: [IVONA ControlCenter] => "C:\Program Files (x86)\IVONA\IVONA ControlCenter\IVONA ControlCenter.exe" -action=run-silent HKU\S-1-5-21-1915761083-1818409099-4065131491-1000\...\Run: [ChomikBox] => C:\Program Files (x86)\ChomikBox\chomikbox.exe HKU\S-1-5-21-1915761083-1818409099-4065131491-1000\...\Run: [Codec Pack Update Checker] => "C:\Windows\system32\Codecs\UpdateChecker.exe" HKU\S-1-5-21-1915761083-1818409099-4065131491-1000\...\Run: [Google Update] => C:\Users\Ela&Mariusz\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-11-02] (Google Inc.) HKU\S-1-5-21-1915761083-1818409099-4065131491-1000\...\MountPoints2: {ae1f592a-486b-11e4-8aa2-b482fed8104a} - H:\SISetup.exe HKU\S-1-5-21-1915761083-1818409099-4065131491-1000\...\MountPoints2: {afb0ee89-2718-11e4-9cc4-b482fed8104a} - H:\AutoRun.exe HKU\S-1-5-21-1915761083-1818409099-4065131491-1000\...\MountPoints2: {afb0ee96-2718-11e4-9cc4-b482fed8104a} - H:\AutoRun.exe HKU\S-1-5-21-1915761083-1818409099-4065131491-1000\...\MountPoints2: {d777f883-84a2-11e5-9b22-b482fed8104a} - G:\Start.exe HKU\S-1-5-21-1915761083-1818409099-4065131491-1000\...\MountPoints2: {d777f88e-84a2-11e5-9b22-b482fed8104a} - H:\Start.exe HKU\S-1-5-21-1915761083-1818409099-4065131491-1000\...\MountPoints2: {d777f890-84a2-11e5-9b22-b482fed8104a} - I:\Start.exe HKU\S-1-5-21-1915761083-1818409099-4065131491-1000\...\MountPoints2: {f3bb6687-27ba-11e3-8093-b482fed8104a} - G:\Startme.exe HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-09] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2013-10-14] ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk [2015-06-22] ShortcutTarget: CodecPackTrayMenu.lnk -> C:\Windows\SysWOW64\Codecs\TrayMenu.exe () ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{CE2DFAA5-8FAB-48DF-BACC-743102EC517A}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1915761083-1818409099-4065131491-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM-x32 -> DefaultScope - brak wartości SearchScopes: HKU\S-1-5-21-1915761083-1818409099-4065131491-1000 -> DefaultScope {42E4E326-C278-45D4-8CAD-E62074DCFD48} URL = hxxp://www.google.com/search?hl=pl&q={searchTerms} SearchScopes: HKU\S-1-5-21-1915761083-1818409099-4065131491-1000 -> {42E4E326-C278-45D4-8CAD-E62074DCFD48} URL = hxxp://www.google.com/search?hl=pl&q={searchTerms} BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL => Brak pliku Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - Brak pliku FireFox: ======== FF ProfilePath: C:\Users\Ela&Mariusz\AppData\Roaming\Mozilla\Firefox\Profiles\iu52od6c.default-1402683697466 FF Homepage: www.onet.pl FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-13] () FF Plugin: @cuminas.jp/DjVuPlugin -> C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-13] () FF Plugin-x32: @cuminas.jp/DjVuPlugin -> C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [Brak pliku] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [Brak pliku] FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [Brak pliku] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [Brak pliku] FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [Brak pliku] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [Brak pliku] FF Plugin HKU\S-1-5-21-1915761083-1818409099-4065131491-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Ela&Mariusz\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-1915761083-1818409099-4065131491-1000: @talk.google.com/O1DPlugin -> C:\Users\Ela&Mariusz\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-1915761083-1818409099-4065131491-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Ela&Mariusz\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-02] (Google Inc.) FF Plugin HKU\S-1-5-21-1915761083-1818409099-4065131491-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Ela&Mariusz\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-02] (Google Inc.) FF Plugin HKU\S-1-5-21-1915761083-1818409099-4065131491-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ela&Mariusz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Users\Ela&Mariusz\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Ela&Mariusz\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google) FF Extension: Snip It! Button for eBay - C:\Users\Ela&Mariusz\AppData\Roaming\Mozilla\Firefox\Profiles\iu52od6c.default-1402683697466\extensions\{aab35b56-0206-4472-9993-9cb5c09bb722} [2015-05-29] FF Extension: Star Stable Online - C:\Users\Ela&Mariusz\AppData\Roaming\Mozilla\Firefox\Profiles\iu52od6c.default-1402683697466\Extensions\plugin@starstable.com [2015-02-14] [Brak podpisu cyfrowego] FF Extension: Transferuj.pl - C:\Users\Ela&Mariusz\AppData\Roaming\Mozilla\Firefox\Profiles\iu52od6c.default-1402683697466\Extensions\trtransferfill@transferuj.pl.xpi [2015-01-26] [Brak podpisu cyfrowego] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 ABBYY.Licensing.FineReader.Corporate.11.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [821840 2012-07-19] (ABBYY) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5830656 2013-09-26] (Broadcom Corporation) [Brak podpisu cyfrowego] S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X] S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X] S3 IDriverT; "C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe" [X] S4 mfemms; "C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe" [X] S3 Sony PC Companion; "C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe" [X] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-11-06] (Disc Soft Ltd) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [133632 2010-01-04] (Huawei Technologies Co., Ltd.) [Brak podpisu cyfrowego] S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [117120 2010-01-04] (Huawei Technologies Co., Ltd.) [Brak podpisu cyfrowego] S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2010-01-04] (Huawei Technologies Co., Ltd.) [Brak podpisu cyfrowego] S4 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [413432 2015-08-10] (McAfee, Inc.) R3 mod7700; C:\Windows\System32\Drivers\dvb7700all.sys [961536 2009-06-11] (DiBcom) S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security, S.L.) S3 s1039bus; C:\Windows\System32\DRIVERS\s1039bus.sys [127600 2010-03-15] (MCCI Corporation) S3 s1039mdfl; C:\Windows\System32\DRIVERS\s1039mdfl.sys [19568 2010-03-15] (MCCI Corporation) S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [161904 2010-03-15] (MCCI Corporation) S3 s1039mgmt; C:\Windows\System32\DRIVERS\s1039mgmt.sys [141424 2010-03-15] (MCCI Corporation) S3 s1039nd5; C:\Windows\System32\DRIVERS\s1039nd5.sys [34416 2010-03-15] (MCCI Corporation) S3 s1039obex; C:\Windows\System32\DRIVERS\s1039obex.sys [137328 2010-03-15] (MCCI Corporation) S3 s1039unic; C:\Windows\System32\DRIVERS\s1039unic.sys [158320 2010-03-15] (MCCI Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-12-29 02:05 - 2015-12-07 04:24 - 03480040 _____ (McAfee, Inc.) C:\MCPR.exe 2015-12-29 01:39 - 2015-12-29 01:39 - 00286376 _____ C:\Windows\Minidump\122915-16832-01.dmp 2015-12-29 00:54 - 2015-12-29 02:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-12-27 09:09 - 2015-12-27 09:09 - 00061970 _____ C:\Users\Ela&Mariusz\Documents\ResultReportReader.html 2015-12-27 09:09 - 2015-12-27 09:09 - 00000000 ____D C:\Users\Ela&Mariusz\Documents\ResultReportReader_pliki 2015-12-27 01:36 - 2015-12-29 02:00 - 00000912 _____ C:\Fixlog.txt 2015-12-27 01:28 - 2015-12-07 16:29 - 02369024 _____ (Farbar) C:\FRST64.exe 2015-12-26 11:43 - 2015-12-26 11:43 - 00291064 _____ C:\Windows\Minidump\122615-18688-01.dmp 2015-12-25 23:13 - 2015-12-25 23:13 - 00339553 _____ C:\Users\Ela&Mariusz\Documents\Resolution Center - eBay.pdf 2015-12-22 23:16 - 2015-12-22 23:16 - 00291080 _____ C:\Windows\Minidump\122215-18408-01.dmp 2015-12-21 06:10 - 2015-12-21 06:11 - 00289168 _____ C:\Windows\Minidump\122115-17815-01.dmp 2015-12-20 13:26 - 2015-12-20 13:26 - 00291128 _____ C:\Windows\Minidump\122015-20451-01.dmp 2015-12-18 11:52 - 2015-12-18 11:52 - 00288968 _____ C:\Windows\Minidump\121815-18954-01.dmp 2015-12-16 22:14 - 2015-12-16 22:14 - 00291160 _____ C:\Windows\Minidump\121615-18642-01.dmp 2015-12-16 10:48 - 2015-12-16 10:48 - 00290832 _____ C:\Windows\Minidump\121615-22292-01.dmp 2015-12-15 22:57 - 2015-12-15 22:58 - 00290864 _____ C:\Windows\Minidump\121515-21309-01.dmp 2015-12-15 11:39 - 2015-12-15 11:39 - 00291080 _____ C:\Windows\Minidump\121515-17846-01.dmp 2015-12-15 04:04 - 2015-12-15 04:04 - 00000000 ____D C:\Program Files (x86)\Panda Security 2015-12-15 04:03 - 2015-12-15 04:03 - 35192968 _____ (Panda Security ) C:\Users\Ela&Mariusz\Downloads\PandaCloudCleaner.exe 2015-12-14 12:18 - 2015-12-14 12:18 - 00148496 _____ C:\Users\Ela&Mariusz\Documents\PayPal_ Send & Request.pdf 2015-12-14 10:39 - 2015-12-14 10:39 - 00291064 _____ C:\Windows\Minidump\121415-21122-01.dmp 2015-12-13 10:35 - 2015-12-13 10:35 - 00291120 _____ C:\Windows\Minidump\121315-18158-01.dmp 2015-12-13 00:53 - 2015-12-13 01:06 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-12-13 00:53 - 2015-12-13 01:06 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-12 09:56 - 2015-12-12 09:56 - 00291064 _____ C:\Windows\Minidump\121215-16348-01.dmp 2015-12-11 10:09 - 2015-12-11 10:09 - 00291080 _____ C:\Windows\Minidump\121115-21871-01.dmp 2015-12-09 16:13 - 2015-12-09 16:13 - 08205800 _____ (McAfee, Inc.) C:\Users\Ela&Mariusz\Downloads\Setup_serial_RxeJYX5HznnNaQeb7ikDbQ2_key.exe 2015-12-09 00:10 - 2015-12-09 00:10 - 08205800 _____ (McAfee, Inc.) C:\Users\Ela&Mariusz\Downloads\Setup_serial_-lbvebewYbo7-Zcu5y4URg2_key.exe 2015-12-09 00:01 - 2015-12-09 00:27 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-12-09 00:01 - 2015-12-09 00:01 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk 2015-12-08 20:57 - 2015-12-08 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2015-12-08 17:45 - 2015-12-08 17:45 - 00000000 ____D C:\Program Files\Common Files\AV 2015-12-07 05:41 - 2015-12-07 05:41 - 00172929 _____ C:\Users\Ela&Mariusz\Documents\ McAfee serial.pdf 2015-12-06 19:36 - 2015-12-06 19:36 - 00324875 _____ C:\Users\Ela&Mariusz\Documents\Koszyk.pdf 2015-12-06 19:03 - 2015-12-06 19:03 - 00272597 _____ C:\Users\Ela&Mariusz\Documents\System Kafeteryjny - kody 400zł.pdf 2015-12-05 00:52 - 2015-12-05 00:52 - 00084557 _____ C:\Users\Ela&Mariusz\Documents\Resul.pdf 2015-12-05 00:40 - 2015-12-27 03:20 - 00000000 ____D C:\MATS 2015-12-05 00:26 - 2015-12-29 02:07 - 00000704 _____ C:\Windows\Tasks\McAfee Cleanup.job 2015-12-04 16:24 - 2015-12-04 17:00 - 00000000 ____D C:\Users\Ela&Mariusz\Documents\logi 2015-12-04 11:25 - 2015-12-29 02:38 - 00000000 ____D C:\Users\Ela&Mariusz\Downloads\McAffe 2015-12-04 01:08 - 2015-12-04 01:08 - 08205800 _____ (McAfee, Inc.) C:\Users\Ela&Mariusz\Downloads\McAfeeSetup-AutoLogin bis.exe 2015-12-04 00:10 - 2015-12-04 00:10 - 00199476 _____ C:\Users\Ela&Mariusz\Documents\Pobierz oprogramowanie McAfee bis.pdf 2015-12-01 11:53 - 2015-12-01 11:53 - 01106135 _____ C:\Users\Ela&Mariusz\Desktop\grafik grudzień 1.pdf 2015-11-30 23:08 - 2015-11-30 23:08 - 00292488 _____ C:\Windows\Minidump\113015-25708-01.dmp 2015-11-30 17:38 - 2015-11-30 17:38 - 00292976 _____ C:\Windows\Minidump\113015-21262-01.dmp 2015-11-30 01:03 - 2015-11-30 01:03 - 00672645 _____ C:\Users\Ela&Mariusz\Documents\Ultra Extreme Rarity Pro Prompt Cart OG Disk OG 9pin Plug Compu Atari 800XL _ eBay.pdf 2015-11-29 14:29 - 2015-11-29 14:29 - 00292968 _____ C:\Windows\Minidump\112915-18985-01.dmp ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-12-29 02:38 - 2014-02-27 14:01 - 00000000 ____D C:\FRST 2015-12-29 02:27 - 2009-07-14 05:45 - 00022976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-12-29 02:27 - 2009-07-14 05:45 - 00022976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-12-29 02:21 - 2015-02-13 16:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-12-29 02:19 - 2014-02-04 16:58 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-12-29 02:19 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-12-29 01:54 - 2015-04-20 23:33 - 02419140 _____ C:\Windows\ntbtlog.txt 2015-12-29 01:54 - 2009-07-14 06:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-12-29 01:41 - 2009-07-14 04:20 - 00000000 ____D C:\Windows 2015-12-29 01:39 - 2013-11-22 22:35 - 00000000 ____D C:\Windows\Minidump 2015-12-29 01:27 - 2014-08-02 19:50 - 00000000 ____D C:\Users\Ela&Mariusz\Documents\Pliki programu Outlook 2015-12-29 01:00 - 2015-11-02 19:55 - 00001082 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1915761083-1818409099-4065131491-1000UA.job 2015-12-29 00:55 - 2014-02-04 16:58 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-12-29 00:53 - 2015-11-27 11:09 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-12-28 23:16 - 2015-11-02 19:55 - 00001030 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1915761083-1818409099-4065131491-1000Core.job 2015-12-27 20:26 - 2013-07-09 21:56 - 00000000 ____D C:\Users\Ela&Mariusz\Downloads\ATARI 2015-12-27 02:24 - 2013-10-18 11:25 - 00000000 ____D C:\Program Files\McAfee 2015-12-24 12:37 - 2014-11-23 19:32 - 00000000 ____D C:\Users\Ela&Mariusz\Documents\Atari 8-bit ROM list 2015-12-18 19:47 - 2015-01-31 19:45 - 00000000 ____D C:\Users\Ela&Mariusz\Documents\Allegro 2015-12-16 00:01 - 2013-06-09 08:55 - 00000000 ____D C:\Users\Ela&Mariusz\AppData\Roaming\Mozilla 2015-12-15 04:04 - 2014-01-11 23:56 - 00001286 _____ C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk 2015-12-13 01:06 - 2013-06-10 14:00 - 00000000 ____D C:\Users\Ela&Mariusz\AppData\Local\Adobe 2015-12-09 00:12 - 2014-10-27 17:58 - 00000000 ____D C:\Program Files\stinger 2015-12-09 00:01 - 2015-05-01 11:50 - 00000000 ____D C:\Program Files (x86)\Adobe 2015-12-09 00:01 - 2013-11-02 15:31 - 00000000 ____D C:\Users\Ela&Mariusz\Downloads\programy 2015-12-09 00:01 - 2013-06-09 00:51 - 00000000 ____D C:\ProgramData\Adobe 2015-12-08 19:10 - 2013-11-02 21:35 - 00000000 ____D C:\Program Files (x86)\ABBYY FineReader 11 2015-12-08 17:40 - 2013-08-21 20:57 - 00000214 _____ C:\Users\Ela&Mariusz\Desktop\pedkey.txt 2015-12-07 04:35 - 2015-04-20 23:44 - 00000000 ____D C:\Users\Ela&Mariusz\AppData\Local\ElevatedDiagnostics 2015-12-06 19:52 - 2015-05-01 11:52 - 00000000 ____D C:\Program Files (x86)\Java 2015-12-04 23:22 - 2014-02-27 12:42 - 00000000 ____D C:\AdwCleaner 2015-12-04 01:02 - 2009-07-14 05:54 - 00000749 ___RH C:\Windows\WindowsShell.Manifest 2015-12-04 01:02 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries 2015-12-01 02:23 - 2015-09-02 00:52 - 00000000 ____D C:\Users\Ela&Mariusz\Documents\ZSP Reptowo ==================== Pliki w katalogu głównym wybranych folderów ======= 2014-07-23 01:27 - 2014-07-23 01:27 - 0100037 _____ () C:\Users\Ela&Mariusz\AppData\Roaming\SkrybotConfig.xml 2013-09-11 15:42 - 2013-12-27 23:02 - 0003584 _____ () C:\Users\Ela&Mariusz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-08-25 18:37 - 2015-08-25 18:37 - 0004096 ____H () C:\Users\Ela&Mariusz\AppData\Local\keyfile3.drm 2013-09-05 21:10 - 2013-09-05 21:15 - 0003072 _____ () C:\ProgramData\ppe_fleetdb.vdb Niektóre pliki w TEMP: ==================== C:\Users\Ela&Mariusz\AppData\Local\Temp\0305121449593155mcinst.exe C:\Users\Ela&Mariusz\AppData\Local\Temp\DataCard_Setup64.exe C:\Users\Ela&Mariusz\AppData\Local\Temp\drm_dyndata_7370014.dll C:\Users\Ela&Mariusz\AppData\Local\Temp\GURC273.exe C:\Users\Ela&Mariusz\AppData\Local\Temp\i4jdel0.exe C:\Users\Ela&Mariusz\AppData\Local\Temp\jre-8u65-windows-au.exe C:\Users\Ela&Mariusz\AppData\Local\Temp\jre-8u66-windows-au.exe C:\Users\Ela&Mariusz\AppData\Local\Temp\McCSPInstall.dll C:\Users\Ela&Mariusz\AppData\Local\Temp\mccspuninstall.exe C:\Users\Ela&Mariusz\AppData\Local\Temp\ResetDevice.exe C:\Users\Ela&Mariusz\AppData\Local\Temp\setup.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2015-12-20 02:43 ==================== Koniec FRST.txt ============================