Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja:05-03-2016
Uruchomiony przez daria (administrator)  DARIA-PC (08-04-2016 14:52:34)
Uruchomiony z C:\Users\daria\Downloads
Załadowane profile: daria (Dostępne profile: daria)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) Język: Polski (Polska)
Internet Explorer Wersja 9 (Domyślna przeglądarka: FF)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\ACER\Mobility Center\MobilityService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NewTech InfoSystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
() C:\Windows\PLFSetI.exe
() C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\Cyberlink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Rejestr (filtrowane) ===========================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [690720 2008-12-18] (Acer Incorporated)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-06-30] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1418536 2009-01-09] (Synaptics, Inc.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1865664 2015-06-12] (Bitdefender)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-09-12] (Apple Inc.)
HKU\S-1-5-21-1611919641-228698746-1015890716-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1611919641-228698746-1015890716-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1611919641-228698746-1015890716-1000\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [671400 2015-06-12] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Tcpip\Parameters: [DhcpNameServer] 85.202.144.12 85.202.144.11
Tcpip\..\Interfaces\{2E92BF68-7576-4098-8D51-8CD29C69AC8E}: [DhcpNameServer] 85.202.144.12 85.202.144.11

Internet Explorer:
==================
HKU\S-1-5-21-1611919641-228698746-1015890716-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.pl/
HKU\S-1-5-21-1611919641-228698746-1015890716-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-04-03] (Bitdefender)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Pomocnik rejestracji usługi Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17] (Microsoft Corporation)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-04-03] (Bitdefender)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\daria\AppData\Roaming\Mozilla\Firefox\Profiles\51aujuby.default-1457293032300
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-22] [Brak podpisu cyfrowego]
FF HKLM\...\Firefox\Extensions: [bdwteffv19@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\\bdwteff [2016-01-13]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-06-22] [Brak podpisu cyfrowego]

==================== Usługi (filtrowane) ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [69880 2014-12-09] (Bitdefender)
R2 BUNAgentSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [16384 2008-03-03] (NewTech Infosystems, Inc.) [Brak podpisu cyfrowego]
R2 ePowerSvc; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [653856 2008-12-18] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [922400 2015-10-12] (NVIDIA Corporation)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [Brak podpisu cyfrowego]
R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-12-06] () [Brak podpisu cyfrowego]
R2 NTIBackupSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [45056 2008-04-25] (NewTech InfoSystems, Inc.) [Brak podpisu cyfrowego]
R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072 2008-04-25] () [Brak podpisu cyfrowego]
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files\Cyberlink\Shared files\RichVideo.exe [272024 2007-01-09] ()
S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [81704 2013-07-08] (Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [54424 2014-10-27] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1306416 2015-06-18] (Bitdefender)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

===================== Sterowniki (filtrowane) ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1129792 2015-05-28] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [252184 2015-05-29] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [610624 2015-05-28] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [77632 2014-12-15] (BitDefender LLC)
R1 bdftdif; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys [131432 2012-02-07] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [66832 2015-01-09] (BitDefender SRL)
R1 bdselfpr; C:\Program Files\Bitdefender\Bitdefender 2015\bdselfpr.sys [135600 2013-07-26] (BitDefender LLC)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [72704 2012-04-17] (BitDefender)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [173832 2015-04-29] (BitDefender LLC)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [422664 2015-06-02] (BitDefender S.R.L.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2016-04-08 10:05 - 2016-04-08 10:05 - 00053347 _____ C:\Users\daria\Downloads\Shortcut.txt
2016-04-08 09:32 - 2016-04-08 09:32 - 00136360 _____ C:\Windows\Minidump\Mini040816-01.dmp
2016-04-01 17:50 - 2016-04-08 12:52 - 00011913 _____ C:\Users\daria\Downloads\Fixlog.txt
2016-04-01 17:43 - 2016-04-01 17:43 - 00002946 _____ C:\Users\daria\Desktop\fixlist.txt
2016-04-01 17:40 - 2016-04-08 10:05 - 00034459 _____ C:\Users\daria\Downloads\Addition.txt
2016-04-01 17:31 - 2016-04-08 14:52 - 00012938 _____ C:\Users\daria\Downloads\FRST.txt
2016-04-01 17:31 - 2016-04-08 14:52 - 00000000 ____D C:\FRST
2016-04-01 17:29 - 2016-04-01 17:29 - 01725440 _____ (Farbar) C:\Users\daria\Downloads\FRST.exe
2016-04-01 17:21 - 2016-04-01 17:21 - 03102720 _____ C:\Users\daria\Downloads\adwcleaner_5.108.exe
2016-04-01 16:51 - 2016-04-01 16:51 - 00106684 _____ C:\Users\daria\Desktop\marzec utarg.pdf
2016-04-01 16:51 - 2016-04-01 16:51 - 00059565 _____ C:\Users\daria\Desktop\marzec indywidualna.pdf
2016-03-22 21:01 - 2016-04-08 12:51 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-03-14 21:23 - 2016-02-19 23:34 - 01208776 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-14 21:23 - 2016-02-06 04:17 - 03609024 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-03-14 21:23 - 2016-02-06 04:17 - 03556800 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-14 21:23 - 2016-02-06 04:12 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-14 21:23 - 2016-02-06 04:11 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-14 21:23 - 2016-02-06 04:11 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-14 21:23 - 2016-02-06 02:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-14 21:19 - 2016-02-06 04:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-14 21:19 - 2016-02-06 04:11 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-14 21:19 - 2016-02-06 02:33 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-14 21:16 - 2016-02-02 17:30 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-14 21:15 - 2016-02-03 19:06 - 00564736 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-14 21:15 - 2016-02-03 19:06 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2016-03-14 21:15 - 2016-02-03 19:05 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-14 21:02 - 2016-02-04 17:25 - 02068992 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-12 11:18 - 2016-02-09 02:12 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-12 11:18 - 2016-02-09 02:10 - 01804800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-12 11:18 - 2016-02-09 02:10 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-12 11:18 - 2016-02-09 02:10 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-12 11:18 - 2016-02-09 02:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-12 11:18 - 2016-02-09 02:10 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-03-12 11:18 - 2016-02-09 02:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-03-12 11:18 - 2016-02-09 02:09 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-03-12 11:18 - 2016-02-09 02:09 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-12 11:18 - 2016-02-09 02:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-03-12 11:18 - 2016-02-09 02:09 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-03-12 11:18 - 2016-02-09 02:09 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-03-12 11:17 - 2016-02-09 02:17 - 01815552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-12 11:17 - 2016-02-09 02:15 - 12392960 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-12 11:17 - 2016-02-09 02:13 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-03-12 11:17 - 2016-02-09 02:12 - 09753600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-12 11:17 - 2016-02-09 02:11 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-12 11:17 - 2016-02-09 02:10 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-03-12 11:17 - 2016-02-09 02:09 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-03-12 11:17 - 2016-02-09 02:09 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-03-12 11:17 - 2016-02-09 02:09 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-03-12 11:17 - 2016-02-09 02:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2016-04-08 14:54 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-08 14:54 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-08 14:50 - 2013-07-13 10:40 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-08 12:54 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-08 12:52 - 2015-09-06 13:37 - 00221110 _____ C:\bdlog.txt
2016-04-08 12:52 - 2006-11-02 15:01 - 00032560 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-04-08 12:51 - 2015-10-04 23:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2016-04-08 12:51 - 2014-05-15 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer
2016-04-08 12:49 - 2012-11-02 22:41 - 00000000 ____D C:\Program Files\Java
2016-04-08 10:26 - 2012-11-02 23:01 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-04-08 10:26 - 2012-11-02 23:01 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-04-08 09:51 - 2008-01-21 08:24 - 01616880 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-08 09:51 - 2008-01-21 08:24 - 00715356 _____ C:\Windows\system32\perfh015.dat
2016-04-08 09:51 - 2008-01-21 08:24 - 00151250 _____ C:\Windows\system32\perfc015.dat
2016-04-08 09:51 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2016-04-08 09:50 - 2013-05-27 00:03 - 00000000 ____D C:\Users\daria\AppData\Local\CrashDumps
2016-04-08 09:32 - 2015-03-24 18:48 - 254350781 _____ C:\Windows\MEMORY.DMP
2016-04-08 09:32 - 2012-10-28 21:44 - 00000000 ____D C:\Windows\Minidump
2016-04-08 09:29 - 2015-10-12 20:45 - 00000000 ____D C:\ProgramData\Oracle
2016-04-08 09:28 - 2015-10-12 20:46 - 00000000 ____D C:\Users\daria\.oracle_jre_usage
2016-04-08 09:14 - 2012-10-29 23:17 - 00000000 ____D C:\Users\daria\AppData\Roaming\uTorrent
2016-04-05 19:07 - 2013-04-20 16:26 - 00000000 ____D C:\Program Files\The KMPlayer
2016-04-01 17:55 - 2015-09-06 13:21 - 00000000 ____D C:\ProgramData\BDLogging
2016-04-01 17:51 - 2012-12-02 19:16 - 00000000 ____D C:\Users\daria\AppData\LocalLow\Temp
2016-03-28 22:37 - 2016-01-26 20:27 - 00000000 ____D C:\Users\daria\Desktop\fotyy
2016-03-28 22:34 - 2013-10-02 11:24 - 00000000 ____D C:\Users\daria\Desktop\medicine
2016-03-28 22:33 - 2016-03-05 17:06 - 00000000 ____D C:\Users\daria\Desktop\flesh and bone
2016-03-24 18:04 - 2012-11-02 23:13 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-03-22 22:24 - 2013-02-01 01:39 - 00000911 _____ C:\Users\daria\Desktop\str 503.txt
2016-03-17 00:49 - 2015-11-22 18:05 - 00013290 _____ C:\Users\daria\Desktop\wessele.xlsx
2016-03-14 22:04 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2016-03-14 21:44 - 2006-11-02 14:47 - 00390136 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-14 21:41 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2016-03-14 21:41 - 2006-11-02 13:18 - 00000000 ____D C:\Program Files\Common Files\System
2016-03-14 21:15 - 2013-12-16 22:29 - 00000000 ____D C:\Windows\system32\MRT
2016-03-14 21:08 - 2006-11-02 12:24 - 141270216 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

==================== Pliki w katalogu głównym wybranych folderów =======

2013-06-04 11:33 - 2013-06-04 11:38 - 0000260 _____ () C:\Users\daria\AppData\Roaming\wklnhst.dat
2012-10-28 20:26 - 2015-10-12 21:12 - 0001356 _____ () C:\Users\daria\AppData\Local\d3d9caps.dat
2012-10-28 22:02 - 2012-10-28 22:04 - 0005086 _____ () C:\Users\daria\AppData\Local\MyWinLockerInstaller.txt-20121028.log
2015-09-06 13:33 - 2015-09-06 13:33 - 0647276 _____ () C:\ProgramData\1441538203.bdinstall.bin
2012-10-28 20:34 - 2012-10-28 20:38 - 0005806 _____ () C:\ProgramData\ArcadeDeluxe2.log
2012-10-28 20:43 - 2015-10-12 21:14 - 0042095 _____ () C:\ProgramData\nvModes.001
2012-10-28 20:43 - 2015-10-12 21:14 - 0042095 _____ () C:\ProgramData\nvModes.dat
2012-10-29 23:23 - 2012-10-29 23:24 - 0000091 _____ () C:\ProgramData\PS.log

==================== Bamital & volsnap =================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\Windows\explorer.exe => Plik podpisany cyfrowo
C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo
C:\Windows\system32\services.exe => Plik podpisany cyfrowo
C:\Windows\system32\User32.dll => Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo


LastRegBack: 2016-04-08 13:08

==================== Koniec  FRST.txt ============================