Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:05-03-2016 01 Uruchomiony przez Kamil (administrator) KAMILOS (29-03-2016 14:19:36) Uruchomiony z C:\Users\Kamil\Desktop Załadowane profile: Kamil (Dostępne profile: Kamil) Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 8 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AMD) C:\Windows\System32\atiesrxx.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe (HP) C:\Windows\System32\HPSIsvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe (National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe (National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe (Autodesk, Inc.) D:\INVENTOR\Inventor 2016\Moldflow\bin\mitsijm.exe (National Instruments Corporation) D:\NI Vision\MAX\nimxs.exe (National Instruments Corporation) D:\NI Vision\Shared\Security\nidmsrv.exe (National Instruments Corporation) C:\Windows\SysWOW64\nisvcloc.exe (National Instruments Corporation) D:\NI Vision\Shared\Tagger\tagsrv.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Mentor Graphics Corporation) D:\Solidworks\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe (Mentor Graphics Corporation) D:\Solidworks\SOLIDWORKS Flow Simulation\binCFW\dispatcher.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe (Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe (Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [5774664 2013-09-10] (Dell Inc.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-19] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor) HKLM\...\Run: [SpaceSoundPro] => "C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe" HKLM\...\Run: [cpuminer] => C:\Users\Kamil\AppData\Roaming\cpuminer\cpm.exe [1402880 2016-02-29] () HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-11] (Synaptics Incorporated) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-12-21] (Intel Corporation) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-12-11] (Intel Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642816 2013-05-05] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [win_en_77] => [X] HKLM-x32\...\Run: [PWRISOVM.EXE] => D:\PowerISO\PWRISOVM.EXE [408888 2015-06-08] (Power Software Ltd) HKLM-x32\...\Run: [DivXMediaServer] => D:\DivX\DivX Media Server\DivXMediaServer.exe HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation) HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [523144 2015-09-07] (Autodesk Inc.) HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1627032 2015-01-28] (Autodesk, Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-14] (Adobe Systems Incorporated) HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [55264 2016-03-10] (Malwarebytes) HKLM\...\Winlogon: [Userinit] wscript, HKLM-x32\...\Winlogon: [Userinit] wscript, [X] Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [134784 2014-10-28] (Atheros Communications) HKU\S-1-5-21-3509479204-2606407586-2876318186-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Kamil\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-3509479204-2606407586-2876318186-1000\...\Run: [screenSHU] => D:\screenSHU\screenSHU.exe [2112000 2013-09-04] () HKU\S-1-5-21-3509479204-2606407586-2876318186-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony) HKU\S-1-5-21-3509479204-2606407586-2876318186-1000\...\Run: [DAEMON Tools Lite] => D:\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd) HKU\S-1-5-21-3509479204-2606407586-2876318186-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.) HKU\S-1-5-21-3509479204-2606407586-2876318186-1000\...\Policies\Explorer: [] HKU\S-1-5-21-3509479204-2606407586-2876318186-1000\...\MountPoints2: {042d3c92-e0ea-11e4-a870-74867a428c15} - F:\Startme.exe HKU\S-1-5-21-3509479204-2606407586-2876318186-1000\...\MountPoints2: {1751558a-d9e2-11e4-ab2e-74867a428c15} - H:\setup.exe HKU\S-1-5-21-3509479204-2606407586-2876318186-1000\...\MountPoints2: {af7cc2ee-52dc-11e5-af84-74867a428c15} - F:\SISetup.exe HKU\S-1-5-21-3509479204-2606407586-2876318186-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Corporation) HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2015 Fast Start.lnk [2016-03-03] ShortcutTarget: SOLIDWORKS 2015 Fast Start.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC) Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Download Autodesk 2016 32 Bit and 64 Bit CRACK ONLY-XFORCE Torrent - KickassTorrents.lnk [2015-04-08] ShortcutTarget: Download Autodesk 2016 32 Bit and 64 Bit CRACK ONLY-XFORCE Torrent - KickassTorrents.lnk -> C:\ProgramData\{aa492333-700a-1aeb-aa49-923337008ccd}\Download Autodesk 2016 32 Bit and 64 Bit CRACK ONLY-XFORCE Torrent - KickassTorrents.exe (Brak pliku) CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{6C770965-8C7F-44B3-A06D-7409F6C918B5}: [DhcpNameServer] 10.30.0.132 10.30.0.133 Tcpip\..\Interfaces\{AC9C2C93-2203-42E7-A708-FC35C3A3B17A}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com SearchScopes: HKU\S-1-5-21-3509479204-2606407586-2876318186-1000 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-04-02] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-04-02] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-11] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-11] (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) Chrome: ======= CHR HomePage: Default -> hxxp://google.pl/ CHR StartupUrls: Default -> "hxxp://google.pl/" CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms} CHR DefaultSearchKeyword: Default -> http://www.google.com/ CHR Profile: C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Dokumenty Google) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-26] CHR Extension: (agar.io server browser) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\hongpdkjnjhijmdnogoicadboadgllhi [2016-03-26] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-03-26] StartMenuInternet: Google Chrome - Chrome.exe ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1136520 2015-09-07] (Autodesk Inc.) R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [322176 2014-10-28] (Windows (R) Win 7 DDK provider) [Brak podpisu cyfrowego] S2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.) S3 CoordinatorServiceHost; D:\Solidworks\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [81400 2015-11-11] (Dassault Systèmes SolidWorks Corporation) R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.) S3 Disc Soft Lite Bus Service; D:\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-11] (Intel Corporation) S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2015-04-03] () [Brak podpisu cyfrowego] R2 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2008-06-17] (National Instruments, Inc.) R2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [40488 2008-06-17] (National Instruments Corporation) R2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [50736 2008-06-17] (National Instruments Corporation) R2 mitsijm2016; D:\INVENTOR\Inventor 2016\Moldflow\bin\mitsijm.exe [968480 2014-09-30] (Autodesk, Inc.) R2 mxssvr; D:\NI Vision\MAX\nimxs.exe [12696 2008-04-02] (National Instruments Corporation) R2 NIDomainService; D:\NI Vision\Shared\Security\nidmsrv.exe [213552 2008-06-17] (National Instruments Corporation) S4 NILM License Manager; D:\NI Vision\Shared\License Manager\Bin\lmgrd.exe [1007616 2008-11-18] (Macrovision Corporation) [Brak podpisu cyfrowego] R2 niSvcLoc; C:\Windows\SysWOW64\nisvcloc.exe [8656 2007-11-06] (National Instruments Corporation) [Brak podpisu cyfrowego] R2 NITaggerService; D:\NI Vision\Shared\Tagger\tagsrv.exe [609384 2007-07-23] (National Instruments Corporation) S3 OpcEnum; C:\Windows\SysWOW64\OpcEnum.exe [98304 2007-05-09] (OPC Foundation) [Brak podpisu cyfrowego] S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2078216 2015-10-05] (Electronic Arts) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-09-13] () R2 RemoteSolverDispatcher; D:\Solidworks\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe [238848 2015-11-10] (Mentor Graphics Corporation) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor) S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2016-03-03] (SolidWorks) [Brak podpisu cyfrowego] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) S2 Hixtocb; "C:\Users\Kamil\AppData\Roaming\MymseAde\Poirdor.exe" -cms [X] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [35936 2013-04-10] (Advanced Micro Devices, Inc.) S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2014-10-28] (Qualcomm Atheros) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-04-03] (Disc Soft Ltd) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2011-05-28] (hxxp://libusb-win32.sourceforge.net) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2013-12-11] (Intel Corporation) S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Marvell Semiconductor, Inc.) S3 nipalfwedl; C:\Windows\System32\drivers\nipalfwedl.sys [12928 2008-12-16] (National Instruments Corporation) R0 NIPALK; C:\Windows\System32\drivers\nipalk.sys [883288 2008-12-16] (National Instruments Corporation) S3 nipalusbedl; C:\Windows\System32\drivers\nipalusbedl.sys [12920 2008-12-16] (National Instruments Corporation) R0 nipbcfk; C:\Windows\System32\drivers\nipbcfk.sys [16472 2008-08-21] (National Instruments Corporation) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-11] (Synaptics Incorporated) R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [117768 2015-10-15] (Oracle Corporation) R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [146584 2015-10-15] (Oracle Corporation) R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2014-02-26] (WinISO.com) S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-03-29 14:19 - 2016-03-29 14:19 - 00018499 _____ C:\Users\Kamil\Desktop\FRST.txt 2016-03-29 14:18 - 2016-03-29 14:19 - 00000000 ____D C:\FRST 2016-03-29 14:18 - 2016-03-29 14:18 - 02374144 _____ (Farbar) C:\Users\Kamil\Desktop\FRST64.exe 2016-03-28 12:16 - 2016-03-28 12:16 - 00408385 _____ C:\Users\Kamil\Desktop\xp-AntiSpy_setup-polish.exe 2016-03-28 12:16 - 2016-03-28 12:16 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\xp-AntiSpy 2016-03-27 19:00 - 2016-03-28 12:53 - 00000000 ____D C:\Users\Kamil\Desktop\Nowy folder 2016-03-26 19:24 - 2016-03-26 19:24 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-03-26 19:22 - 2016-03-26 19:22 - 22851472 _____ (Malwarebytes ) C:\Users\Kamil\Downloads\mbam-setup-2.2.1.1043.exe 2016-03-26 19:13 - 2016-03-27 23:49 - 00000000 ____D C:\Users\Kamil\AppData\Local\node-webkit 2016-03-26 19:10 - 2016-03-26 19:10 - 00000000 ____D C:\Windows\system32\ruic 2016-03-26 19:04 - 2016-03-27 19:04 - 00001455 _____ C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-03-26 19:02 - 2016-03-26 19:02 - 00000000 ____D C:\Users\Kamil\AppData\Local\Sparta 2016-03-26 19:02 - 2016-03-26 19:02 - 00000000 ____D C:\ProgramData\DWdMD 2016-03-26 19:01 - 2016-03-27 19:00 - 00000000 ____D C:\Users\Kamil\AppData\LocalLow\Company 2016-03-26 19:01 - 2016-03-26 19:02 - 00000074 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat 2016-03-26 19:01 - 2016-03-26 19:01 - 00003578 _____ C:\Windows\System32\Tasks\{EF125343-172B-459F-9C32-108F13F10D9D} 2016-03-26 19:01 - 2016-03-26 19:01 - 00003342 _____ C:\Windows\System32\Tasks\Circhmig 2016-03-26 19:01 - 2016-03-26 19:01 - 00000000 ____D C:\uninst 2016-03-26 19:00 - 2016-03-27 23:50 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\Abesju 2016-03-26 19:00 - 2016-03-26 19:47 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner 2016-03-26 19:00 - 2016-03-26 19:08 - 00000000 ____D C:\Program Files\Matqacgu 2016-03-26 19:00 - 2016-03-26 19:00 - 00000000 ____D C:\Users\Kamil\AppData\Local\Tempfolder 2016-03-26 19:00 - 2016-03-26 19:00 - 00000000 _____ C:\Windows\SysWOW64\Number of results 2016-03-26 18:55 - 2016-03-26 18:56 - 00000000 ____D C:\Users\Kamil\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108 2016-03-26 18:54 - 2016-03-26 18:54 - 00000000 ____D C:\Program Files (x86)\WinTaske 2016-03-26 18:54 - 2016-03-26 18:54 - 00000000 ____D C:\extensions 2016-03-26 18:53 - 2016-03-26 18:53 - 00000000 ____D C:\Users\Public\Documents\dmp 2016-03-26 18:53 - 2016-03-26 18:51 - 00001103 _____ C:\Windows\system32\Drivers\etc\hp.bak 2016-03-26 18:51 - 2016-03-26 19:02 - 00000000 ____D C:\Users\Kamil\AppData\Local\app 2016-03-26 18:46 - 2016-03-26 18:47 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\BESTplayer 2016-03-26 18:34 - 2016-03-26 19:03 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\DivX 2016-03-26 18:32 - 2016-03-26 18:32 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\Mozilla 2016-03-26 18:32 - 2016-03-26 18:32 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\cpuminer 2016-03-26 18:32 - 2016-03-26 18:32 - 00000000 ____D C:\ProgramData\Quoteexs 2016-03-26 18:31 - 2016-03-26 19:03 - 00000000 ____D C:\ProgramData\DivX 2016-03-26 18:31 - 2016-03-26 18:31 - 06493696 _____ C:\Users\Kamil\AppData\Roaming\agent.dat 2016-03-26 18:31 - 2016-03-26 18:31 - 01621509 _____ C:\Users\Kamil\AppData\Roaming\Holdin.tst 2016-03-26 18:31 - 2016-03-26 18:31 - 00127488 _____ C:\Users\Kamil\AppData\Roaming\Installer.dat 2016-03-26 18:31 - 2016-03-26 18:31 - 00072711 _____ C:\Users\Kamil\AppData\Roaming\Goldening.tst 2016-03-26 18:31 - 2016-03-26 18:31 - 00018432 _____ C:\Users\Kamil\AppData\Roaming\Main.dat 2016-03-26 18:06 - 2016-03-26 18:06 - 00000000 ____D C:\Users\Kamil\Desktop\Luther.S03.PL 2016-03-26 18:05 - 2016-03-26 18:06 - 00000000 ____D C:\Users\Kamil\Desktop\Luther.S02.PL 2016-03-26 18:05 - 2016-03-26 18:05 - 00000000 ____D C:\Users\Kamil\Desktop\Luther.S01.PL 2016-03-23 03:08 - 2016-03-23 03:13 - 00617873 _____ C:\Users\Kamil\Desktop\Złożenie.SLDASM 2016-03-22 00:44 - 2016-03-22 00:44 - 00000000 _____ C:\Users\Kamil\Desktop\Deadpool.2016.HD-TS.720p.x264.mkv 2016-03-21 17:44 - 2016-03-21 17:45 - 00000000 ____D C:\Users\Kamil\Desktop\drone-quadcopter-modeling-catia-v5-1.snapshot.2 2016-03-21 17:44 - 2016-03-21 17:44 - 17733061 _____ C:\Users\Kamil\Desktop\drone-quadcopter-modeling-catia-v5-1.snapshot.2.zip 2016-03-21 17:44 - 2016-02-07 03:06 - 02704014 _____ C:\Users\Kamil\Desktop\PIC_DRONE_QUADCOPTER.bmp 2016-03-19 21:03 - 2016-03-19 21:03 - 00022809 _____ C:\Users\Kamil\Desktop\AUTMO-kolos1.rar 2016-03-19 20:39 - 2015-05-25 16:06 - 00000000 ____D C:\Users\Kamil\Desktop\LABORKI-MOJE 2016-03-19 19:01 - 2016-03-21 12:39 - 00000000 ____D C:\Users\Kamil\Desktop\AUTMO-kolos1 2016-03-17 15:19 - 2016-03-23 17:08 - 00000000 ____D C:\Users\Kamil\Desktop\KNAP 2016-03-16 12:47 - 2016-03-16 12:47 - 00035476 _____ C:\Users\Kamil\Desktop\NP PA.pdf 2016-03-14 16:22 - 2016-03-14 16:22 - 00000000 ____D C:\Users\Kamil\.imagej 2016-03-14 15:18 - 2016-03-21 16:42 - 00000000 ____D C:\Users\Kamil\Desktop\ImageJ 2016-03-08 22:43 - 2016-03-08 22:43 - 00000000 ____D C:\Users\Kamil\Documents\SW Log Files 2016-03-08 22:28 - 2016-03-08 22:28 - 00000000 ____D C:\Users\Kamil\Documents\LabVIEW Data 2016-03-08 22:22 - 2016-03-27 19:05 - 00000677 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\National Instruments Vision Builder AI 3.6.lnk 2016-03-08 22:22 - 2016-03-08 22:22 - 00000107 _____ C:\Windows\SysWOW64\Vision Builder.ini 2016-03-08 22:22 - 2016-03-08 22:22 - 00000000 ____D C:\Users\Public\Documents\National Instruments 2016-03-08 22:22 - 2016-03-08 22:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 2016-03-08 22:21 - 2016-03-08 22:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\National Instruments 2016-03-08 22:21 - 2016-03-08 22:22 - 00000000 ____D C:\Program Files\National Instruments 2016-03-08 22:18 - 2016-03-08 22:22 - 00000000 ____D C:\ProgramData\National Instruments 2016-03-07 11:55 - 2016-03-07 12:12 - 00000000 ____D C:\Users\Kamil\Desktop\MEMS 2016-03-03 16:56 - 2016-03-23 17:19 - 00000000 ____D C:\Users\Kamil\AppData\Local\TempSW Katalog dla kopii zapasowych 2016-03-03 16:56 - 2016-03-03 16:56 - 00000000 ____D C:\Users\Kamil\Documents\SOLIDWORKSComposer 2016-03-03 16:52 - 2016-03-17 16:46 - 00000000 ____D C:\Users\Kamil\AppData\Local\SolidWorks 2016-03-03 15:53 - 2016-03-03 15:53 - 00000000 ____D C:\ProgramData\Simpoe 2016-03-03 15:52 - 2016-03-03 15:52 - 00000000 ____D C:\ProgramData\SOLIDWORKS Flow Simulation 2016-03-03 15:52 - 2016-03-03 15:52 - 00000000 ____D C:\ProgramData\COSMOS Applications 2016-03-03 15:50 - 2016-03-23 00:27 - 00000000 ____D C:\ProgramData\DassaultSystemes 2016-03-03 15:50 - 2016-03-03 15:50 - 00000000 ____D C:\Users\Kamil\Documents\SOLIDWORKS Visual Studio Tools for Applications 2016-03-03 15:50 - 2016-03-03 15:50 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\DassaultSystemes 2016-03-03 15:50 - 2016-03-03 15:50 - 00000000 ____D C:\Users\Kamil\AppData\Local\DassaultSystemes 2016-03-03 15:38 - 2016-03-03 15:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS 2015 2016-03-03 15:35 - 2016-03-03 15:37 - 00000000 ____D C:\Program Files\Common Files\SOLIDWORKS Shared 2016-03-03 15:35 - 2016-03-03 15:35 - 00000000 ____D C:\ProgramData\SOLIDWORKS 2016-03-03 15:35 - 2016-03-03 15:35 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2016-03-03 15:34 - 2016-03-03 15:34 - 00000000 ____D C:\Users\Kamil\Documents\Visual Studio 2005 2016-03-03 15:34 - 2016-03-03 15:34 - 00000000 ____D C:\ProgramData\Apple 2016-03-03 15:34 - 2016-03-03 15:34 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 8 2016-03-03 15:33 - 2016-03-03 15:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005 2016-03-03 15:33 - 2016-03-03 15:33 - 00000000 ____D C:\Program Files (x86)\MSECache 2016-03-03 15:33 - 2016-03-03 15:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8 2016-03-02 23:34 - 2016-03-02 23:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eXtreme Burner - AVR 2016-03-02 23:34 - 2011-06-11 18:05 - 00075200 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\libusb0.dll 2016-03-02 23:34 - 2011-06-11 18:05 - 00043456 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\libusb0.sys 2016-03-02 21:37 - 2016-03-04 01:34 - 00000000 ____D C:\Programowanie 2016-03-02 21:26 - 2016-03-02 21:26 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinAVR-20100110 2016-03-02 12:41 - 2016-03-02 21:26 - 00000000 ____D C:\WinAVR-20100110 2016-03-02 11:57 - 2010-01-27 22:38 - 00000000 ____D C:\avrdude 2016-03-01 23:19 - 2011-05-28 10:25 - 00067008 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\libusb0.dll 2016-03-01 23:19 - 2011-05-28 10:25 - 00044480 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\Drivers\libusb0.sys ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-03-29 14:01 - 2011-04-12 15:21 - 00744826 _____ C:\Windows\system32\perfh015.dat 2016-03-29 14:01 - 2011-04-12 15:21 - 00157346 _____ C:\Windows\system32\perfc015.dat 2016-03-29 14:01 - 2009-07-14 07:13 - 01676910 _____ C:\Windows\system32\PerfStringBackup.INI 2016-03-29 14:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2016-03-29 13:56 - 2015-04-08 19:38 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-03-29 13:56 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-03-29 12:51 - 2009-07-14 06:45 - 00016656 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-03-29 12:51 - 2009-07-14 06:45 - 00016656 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-03-28 12:50 - 2015-04-15 16:28 - 00000000 ____D C:\Users\Kamil\Documents\Pliki programu Outlook 2016-03-28 12:50 - 2015-04-02 01:16 - 01697526 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2016-03-28 11:53 - 2015-04-08 19:19 - 00000000 ____D C:\Windows\pss 2016-03-28 00:25 - 2015-04-08 19:38 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-03-27 19:05 - 2015-04-08 19:38 - 00002060 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-03-27 19:05 - 2015-04-02 16:10 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2016-03-27 19:05 - 2015-04-02 00:11 - 00002166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Przełączania Grafiki.lnk 2016-03-27 19:05 - 2015-04-01 23:14 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2016-03-27 19:05 - 2015-04-01 23:14 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2016-03-27 19:05 - 2009-07-14 06:57 - 00001535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-03-27 19:05 - 2009-07-14 06:57 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk 2016-03-27 19:05 - 2009-07-14 06:57 - 00001318 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk 2016-03-27 19:05 - 2009-07-14 06:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk 2016-03-27 19:05 - 2009-07-14 06:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk 2016-03-27 19:04 - 2016-02-24 02:21 - 00000552 _____ C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\screenSHU.lnk 2016-03-27 19:04 - 2016-02-07 00:57 - 00001488 _____ C:\Users\Kamil\Desktop\Diablo II LoD BCM v2.0.lnk 2016-03-27 19:04 - 2015-07-30 17:57 - 00000363 _____ C:\Users\Kamil\Desktop\Komputer.lnk 2016-03-27 19:04 - 2015-05-11 11:15 - 00000654 _____ C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2016-03-27 19:04 - 2015-04-01 23:20 - 00001421 _____ C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2016-03-27 19:04 - 2009-07-14 07:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk 2016-03-27 19:04 - 2009-07-14 06:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk 2016-03-27 19:01 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-03-27 19:00 - 2015-11-27 01:59 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2016-03-27 19:00 - 2015-04-08 19:07 - 00000000 ____D C:\ProgramData\{aa492333-700a-1aeb-aa49-923337008ccd} 2016-03-27 19:00 - 2015-04-08 19:00 - 00000000 ____D C:\Program Files (x86)\SaLePllus 2016-03-27 19:00 - 2015-04-02 17:07 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk 2016-03-27 12:37 - 2016-02-24 02:22 - 00000000 ____D C:\Users\Kamil\AppData\Local\screenSHU 2016-03-26 22:56 - 2015-05-25 19:45 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\vlc 2016-03-26 19:26 - 2015-04-11 12:18 - 00000000 ____D C:\Users\Kamil\AppData\Local\CrashDumps 2016-03-26 19:09 - 2015-04-02 17:00 - 00000000 ____D C:\ProgramData\Package Cache 2016-03-26 19:04 - 2015-11-07 14:03 - 00000000 ___RD C:\Users\Kamil\Virtual Machines 2016-03-26 18:57 - 2015-11-26 21:55 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\uTorrent 2016-03-26 18:50 - 2009-07-14 04:34 - 00000580 _____ C:\Windows\win.ini 2016-03-26 18:04 - 2016-02-07 01:50 - 00000000 ____D C:\Users\Kamil\AppData\LocalLow\uTorrent 2016-03-26 18:04 - 2015-04-02 19:02 - 00000000 ____D C:\Users\Kamil\AppData\LocalLow\Temp 2016-03-23 17:08 - 2015-04-02 01:15 - 00000000 ____D C:\Users\Kamil\Desktop\#w7 2016-03-17 00:09 - 2015-05-11 11:15 - 00004020 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1431335723 2016-03-14 16:22 - 2015-04-01 23:19 - 00000000 ____D C:\Users\Kamil 2016-03-14 15:18 - 2015-12-03 00:36 - 00000000 ____D C:\Users\Kamil\.oracle_jre_usage 2016-03-13 15:30 - 2015-04-02 16:13 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\Adobe 2016-03-08 22:43 - 2016-02-24 23:29 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\SOLIDWORKS 2016-03-03 17:23 - 2009-07-14 06:45 - 01457600 _____ C:\Windows\system32\FNTCACHE.DAT 2016-03-03 16:52 - 2015-04-01 23:55 - 00171752 _____ C:\Users\Kamil\AppData\Local\GDIPFONTCACHEV1.DAT 2016-03-03 15:34 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2016-03-03 15:33 - 2015-04-03 12:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-03-03 15:31 - 2016-02-24 23:29 - 00000000 ____D C:\Windows\SolidWorks 2016-03-03 15:31 - 2015-04-02 18:56 - 00000000 ____D C:\ProgramData\FLEXnet 2016-03-03 15:26 - 2016-02-24 23:29 - 00000000 ____D C:\Users\Kamil\Documents\SOLIDWORKS Downloads 2016-02-28 13:53 - 2015-12-03 00:36 - 00000000 ____D C:\Users\Kamil\Documents\Arduino 2016-02-28 12:26 - 2015-12-03 00:36 - 00000000 ____D C:\Users\Kamil\AppData\Local\Arduino15 ==================== Pliki w katalogu głównym wybranych folderów ======= 2016-03-26 18:31 - 2016-03-26 18:31 - 6493696 _____ () C:\Users\Kamil\AppData\Roaming\agent.dat 2016-03-26 18:31 - 2016-03-26 18:31 - 0072711 _____ () C:\Users\Kamil\AppData\Roaming\Goldening.tst 2016-03-26 18:31 - 2016-03-26 18:31 - 1621509 _____ () C:\Users\Kamil\AppData\Roaming\Holdin.tst 2016-03-26 18:31 - 2016-03-26 18:31 - 0127488 _____ () C:\Users\Kamil\AppData\Roaming\Installer.dat 2016-03-26 18:31 - 2016-03-26 18:31 - 0018432 _____ () C:\Users\Kamil\AppData\Roaming\Main.dat 2015-04-08 19:10 - 2015-04-08 19:22 - 0011670 _____ () C:\Users\Kamil\AppData\Local\Temp-log.txt 2015-04-01 23:57 - 2015-04-01 23:57 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2015-04-02 17:05 - 2015-04-02 17:05 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc 2016-03-26 19:01 - 2016-03-26 19:02 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Pliki do przeniesienia lub usunięcia: ==================== C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Niektóre pliki w TEMP: ==================== C:\Users\Kamil\AppData\Local\Temp\dxdiag.exe C:\Users\Kamil\AppData\Local\Temp\ose00000.exe C:\Users\Kamil\AppData\Local\Temp\siinst.exe C:\Users\Kamil\AppData\Local\Temp\strings.dll ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll [2010-11-21 05:24] - [2010-11-21 05:24] - 1008640 ____A (Microsoft Corporation) E573BD9AB55C8E333C202B9E255F972E C:\Windows\SysWOW64\User32.dll [2015-04-10 19:41] - [2015-04-10 19:41] - 0833024 ____A (Microsoft Corporation) 2C9CC9F492CA596B1B9FC1AE5E916356 C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll [2010-11-21 05:24] - [2010-11-21 05:24] - 0357888 ____A (Microsoft Corporation) 55868C9FB7CEB14016B0BBBA459420A5 C:\Windows\SysWOW64\dnsapi.dll [2010-11-21 05:24] - [2010-11-21 05:24] - 0270336 ____A (Microsoft Corporation) CB9D27DFA8111F3BD61BB39253E4C67B C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-03-19 14:48 ==================== Koniec FRST.txt ============================