Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:05-03-2016 01 Uruchomiony przez G580 (administrator) LENOVO (09-04-2016 12:54:06) Uruchomiony z C:\Users\G580\Downloads Załadowane profile: G580 & UpdatusUser (Dostępne profile: G580 & UpdatusUser) Platform: Windows 8 Pro (X64) Język: Polski (Polska) Internet Explorer Wersja 10 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe (ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2872720 2012-10-03] (ELAN Microelectronics Corp.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-07-08] (ESET) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161728 2015-11-12] (IvoSoft) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-05-14] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-752980834-4026949763-570849984-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation) HKU\S-1-5-21-752980834-4026949763-570849984-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd) HKU\S-1-5-21-752980834-4026949763-570849984-1001\...\MountPoints2: {5c9d2be4-5d22-11e4-be80-c0143dcadeb2} - "D:\Startme.exe" ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-11-12] (IvoSoft) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-11-12] (IvoSoft) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2016-04-03] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\..\Interfaces\{0828365C-C592-46DE-AC92-2049293824D8}: [NameServer] 149.156.67.233,149.156.89.30 Internet Explorer: ================== URLSearchHook: [S-1-5-21-752980834-4026949763-570849984-1002] UWAGA => Brak domyślnego URLSearchHook BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-11-12] (IvoSoft) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-04-03] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-03] (Oracle Corporation) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-11-12] (IvoSoft) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-11-12] (IvoSoft) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-11-12] (IvoSoft) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-11-12] (IvoSoft) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-11-12] (IvoSoft) FireFox: ======== FF ProfilePath: C:\Users\G580\AppData\Roaming\Mozilla\Firefox\Profiles\ummmg4fm.default-1460197919862 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-08] () FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-03] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-03] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\9.0.1.4092550\npmathplugin.dll [2013-02-07] (Wolfram Research, Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-752980834-4026949763-570849984-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\G580\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-17] (Unity Technologies ApS) FF Extension: Tree Style Tab - C:\Users\G580\AppData\Roaming\Mozilla\Firefox\Profiles\ummmg4fm.default-1460197919862\extensions\treestyletab@piro.sakura.ne.jp.xpi [2016-04-09] FF Extension: Adblock Plus - C:\Users\G580\AppData\Roaming\Mozilla\Firefox\Profiles\ummmg4fm.default-1460197919862\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-09] FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-20] [Brak podpisu cyfrowego] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2227992 2012-10-02] (Broadcom Corporation.) R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [957816 2012-10-21] (Broadcom Corporation.) S3 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [256568 2016-02-16] (Connectify) R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1353720 2015-07-08] (ESET) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [83968 2012-09-05] (ELAN Microelectronics Corp.) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [40999448 2008-07-10] (Microsoft Corporation) S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation) S4 SQLAgent$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-10] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [169240 2012-10-02] (Broadcom Corporation.) R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation) R1 cfywlan1; C:\Windows\system32\DRIVERS\cfywlan1.sys [36736 2016-03-20] (Connectify) R1 cnnctfy3; C:\Windows\system32\DRIVERS\cnnctfy3.sys [43872 2016-03-20] (Connectify) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation) R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-14] (ESET) R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET) R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [231520 2015-07-14] (ESET) R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [53360 2015-07-14] (ESET) R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [72400 2015-07-14] (ESET) S3 ffusb2audio; C:\Windows\system32\DRIVERS\ffusb2audio.sys [127280 2013-09-25] (Focusrite Audio Engineering Limited.) S3 ggsomc; C:\Windows\system32\DRIVERS\ggsomc.sys [30424 2016-01-06] (Sony Mobile Communications) S3 MAUSBFASTTRACK; C:\Windows\system32\DRIVERS\MAudioFastTrack.sys [187912 2010-12-07] (Avid Technology, Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-09] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) S3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-04-09 12:32 - 2016-04-09 12:32 - 00000000 ____D C:\Users\G580\Desktop\Stare dane programu Firefox 2016-04-09 12:15 - 2016-04-09 12:15 - 00678560 _____ (ESET) C:\Windows\SysWOW64\%InstallDir%speclean.new 2016-04-09 12:13 - 2016-04-09 12:14 - 00004057 _____ C:\Users\G580\Downloads\Fixlog.txt 2016-04-09 12:13 - 2016-04-09 12:12 - 00001162 _____ C:\Users\G580\Downloads\fixlist — kopia.txt 2016-04-09 11:51 - 2016-04-09 11:52 - 00301816 _____ C:\Windows\Minidump\040916-39859-01.dmp 2016-04-09 02:48 - 2016-04-09 02:48 - 00000000 ____D C:\Users\G580\AppData\LocalLow\uTorrent 2016-04-09 02:04 - 2016-04-09 02:20 - 00000000 ____D C:\Users\G580\Downloads\Vikings.S04E08.HDTV.x264-KILLERS[ettv] 2016-04-06 19:29 - 2016-04-06 19:29 - 01195603 _____ C:\Users\G580\Downloads\top1_wykl(1).pdf 2016-04-06 19:28 - 2016-04-06 19:28 - 01195603 _____ C:\Users\G580\Downloads\top1_wykl.pdf 2016-04-06 19:28 - 2016-04-06 19:28 - 00088549 _____ C:\Users\G580\Downloads\top1_spr.pdf 2016-04-05 14:32 - 2016-04-05 14:32 - 00000000 ____D C:\Users\G580\Downloads\Zbiór zadań z topologii ogólnej z rozwiązaniami - I. Domnik Z. Lewandowska 2016-04-05 12:32 - 2016-04-05 12:33 - 91282166 _____ C:\Users\G580\Downloads\A. W. Archangielski, W. I. Ponomariow - Podstawy topologii ogólnej w zadaniach.pdf 2016-04-05 12:29 - 2016-04-05 12:29 - 05486111 _____ C:\Users\G580\Downloads\M. Malec - Przestrzenie metryczne.pdf 2016-04-05 12:29 - 2016-04-05 12:29 - 01707169 _____ C:\Users\G580\Downloads\M. Malec - Przestrzenie metryczne. Zbiór zadań z rozwiązaniami.pdf 2016-04-05 12:29 - 2016-04-05 12:29 - 00910599 _____ C:\Users\G580\Downloads\A. Nowicki - Topologia i geometria różniczkowa.pdf 2016-04-05 12:27 - 2016-04-05 12:27 - 57933153 _____ C:\Users\G580\Downloads\Zbiór zadań z topologii ogólnej z rozwiązaniami - I. Domnik Z. Lewandowska.zip 2016-04-03 15:47 - 2016-04-03 15:47 - 11836850 _____ C:\Users\G580\Downloads\arcana_12_2015.pdf 2016-04-03 11:56 - 2016-04-03 11:56 - 00293176 _____ C:\Windows\Minidump\040316-17734-01.dmp 2016-04-03 11:55 - 2016-04-09 11:51 - 702703822 _____ C:\Windows\MEMORY.DMP 2016-04-02 18:39 - 2016-04-02 19:08 - 00000000 ____D C:\Users\G580\Downloads\Vikings.S04E07.HDTV.x264-KILLERS[ettv] 2016-04-02 18:16 - 2016-04-02 18:16 - 05757388 _____ C:\Users\G580\Desktop\GEOGEBRA.pdf 2016-03-31 23:26 - 2016-04-01 15:50 - 00000000 ____D C:\Users\G580\Downloads\Better.Call.Saul.S02E02.HDTV.x264-KILLERS[ettv] 2016-03-30 18:55 - 2016-04-09 12:16 - 00000498 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2016-03-30 17:56 - 2016-03-30 17:56 - 00050802 _____ C:\Users\G580\Downloads\Shortcut.txt 2016-03-30 17:55 - 2016-03-30 17:56 - 00034736 _____ C:\Users\G580\Downloads\Addition.txt 2016-03-30 17:53 - 2016-04-09 12:54 - 00013617 _____ C:\Users\G580\Downloads\FRST.txt 2016-03-29 15:40 - 2016-03-29 15:40 - 00014877 _____ C:\Users\G580\Downloads\Mistrzowie_Pieniedzy_-_The_Money_Masters_ 1996 _[DVDRip XviD-ziar25]_[Napisy_PL][Torrenty.org].torrent 2016-03-27 02:33 - 2016-03-29 15:16 - 00000000 ____D C:\Users\G580\Downloads\SpankingThem - 23 y.o. Katerina [.wmv][PornLeech] 2016-03-26 16:28 - 2016-04-03 10:03 - 00000080 _____ C:\Users\G580\AppData\Roaming\Microsoft\Windows\Start Menu\uTorrent.lnk 2016-03-26 15:16 - 2016-04-04 15:45 - 00000000 ____D C:\Users\G580\Desktop\raporty 2016-03-26 14:48 - 2016-04-09 12:20 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-03-26 14:48 - 2016-03-26 14:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-03-26 14:47 - 2016-03-26 14:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-03-26 14:47 - 2016-03-26 14:47 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-03-26 14:47 - 2016-03-10 15:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-03-26 14:47 - 2016-03-10 15:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-03-26 14:47 - 2016-03-10 15:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-03-26 14:34 - 2016-03-26 14:34 - 22851472 _____ (Malwarebytes ) C:\Users\G580\Downloads\mbam-setup-2.2.1.1043.exe 2016-03-26 14:32 - 2016-03-26 14:36 - 186056048 _____ C:\Users\G580\Downloads\launch.exe 2016-03-26 13:55 - 2016-04-05 08:07 - 00000000 ____D C:\Users\G580\AppData\Local\ClassicShell 2016-03-26 13:55 - 2016-03-26 13:55 - 00000000 ____D C:\Users\G580\AppData\Roaming\ClassicShell 2016-03-26 13:55 - 2016-03-26 13:55 - 00000000 ____D C:\ProgramData\ClassicShell 2016-03-26 13:51 - 2016-03-26 14:05 - 00000000 ____D C:\Program Files\Classic Shell 2016-03-26 13:51 - 2016-03-26 13:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell 2016-03-26 11:31 - 2016-03-26 11:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits 2016-03-26 11:26 - 2016-03-26 11:26 - 01183432 _____ (Microsoft Corporation) C:\Users\G580\Downloads\sdksetup.exe 2016-03-26 11:15 - 2016-03-26 11:15 - 00002784 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2016-03-26 11:15 - 2016-03-26 11:15 - 00000000 ____D C:\Program Files\CCleaner 2016-03-26 11:10 - 2016-03-26 11:11 - 06868672 _____ (Piriform Ltd) C:\Users\G580\Downloads\ccsetup516.exe 2016-03-22 16:15 - 2016-03-22 16:15 - 00102525 _____ C:\Users\G580\Downloads\w12_konspekt.pdf 2016-03-20 12:00 - 2016-04-09 12:54 - 00000000 ____D C:\FRST 2016-03-20 11:57 - 2016-03-20 11:57 - 02374144 _____ (Farbar) C:\Users\G580\Downloads\FRST64.exe 2016-03-20 11:28 - 2016-04-03 10:04 - 00000394 _____ C:\Users\Public\Desktop\Connectify Hotspot 2016.lnk 2016-03-20 11:28 - 2016-03-26 12:25 - 00000000 ____D C:\Program Files (x86)\Connectify 2016-03-20 11:28 - 2016-03-20 11:28 - 00043872 _____ (Connectify) C:\Windows\system32\Drivers\cnnctfy3.sys 2016-03-20 11:28 - 2016-03-20 11:28 - 00036736 _____ (Connectify) C:\Windows\system32\Drivers\cfywlan1.sys 2016-03-20 11:28 - 2016-03-20 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connectify 2016 2016-03-20 11:27 - 2016-03-20 11:31 - 00000000 ____D C:\ProgramData\Connectify 2016-03-20 11:27 - 2016-03-20 11:27 - 09457328 _____ (Connectify) C:\Users\G580\Downloads\Connectify2016Installer.exe 2016-03-13 12:12 - 2016-04-03 10:03 - 00000882 _____ C:\Users\G580\Desktop\UJ.lnk ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-04-09 12:22 - 2012-07-26 11:50 - 00898834 _____ C:\Windows\system32\perfh015.dat 2016-04-09 12:22 - 2012-07-26 11:50 - 00202630 _____ C:\Windows\system32\perfc015.dat 2016-04-09 12:22 - 2012-07-26 09:28 - 02084924 _____ C:\Windows\system32\PerfStringBackup.INI 2016-04-09 12:22 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\Inf 2016-04-09 12:21 - 2015-07-25 15:16 - 00000000 ____D C:\Program Files (x86)\Steam 2016-04-09 12:16 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-04-09 12:15 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI 2016-04-09 12:14 - 2014-02-27 22:41 - 00000000 ____D C:\Users\G580 2016-04-09 12:10 - 2014-04-04 13:25 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-04-09 11:51 - 2015-02-28 20:37 - 00000000 ____D C:\Windows\Minidump 2016-04-09 11:46 - 2014-04-06 23:32 - 00000000 ____D C:\Users\G580\AppData\Roaming\uTorrent 2016-04-09 03:06 - 2014-04-06 23:52 - 00000000 ____D C:\Users\G580\AppData\Roaming\vlc 2016-04-08 16:38 - 2014-04-22 17:21 - 00000000 ____D C:\Users\G580\AppData\Roaming\AIMP3 2016-04-08 16:10 - 2014-04-04 13:25 - 00003818 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-04-03 21:43 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF 2016-04-03 12:10 - 2015-01-06 19:27 - 00000000 ____D C:\ProgramData\Oracle 2016-04-03 12:09 - 2016-01-16 17:15 - 00000000 ____D C:\Program Files\Java 2016-04-03 12:09 - 2016-01-06 02:22 - 00000000 ____D C:\Users\G580\.oracle_jre_usage 2016-04-03 12:09 - 2015-01-06 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-04-03 12:08 - 2016-01-16 17:16 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2016-04-03 10:05 - 2015-01-06 19:13 - 00001147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-04-03 10:05 - 2014-04-04 22:48 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2016-04-03 10:04 - 2015-11-28 14:38 - 00001845 _____ C:\Users\Public\Desktop\GeoGebra.lnk 2016-04-03 10:04 - 2015-08-02 14:34 - 00001005 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2016-04-03 10:04 - 2015-02-09 17:55 - 00000899 _____ C:\Users\Public\Desktop\AIMP3.lnk 2016-04-03 10:04 - 2014-02-27 22:42 - 00001438 _____ C:\Users\G580\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-04-03 10:03 - 2014-02-27 22:42 - 00000851 _____ C:\Users\G580\Desktop\Downloads.lnk 2016-04-02 17:49 - 2015-08-02 14:36 - 00000000 ____D C:\Users\G580\AppData\Roaming\TS3Client 2016-03-31 09:34 - 2014-10-14 20:55 - 00000000 ____D C:\Users\G580\AppData\Roaming\CodeBlocks 2016-03-27 16:03 - 2014-10-18 17:53 - 00000000 ____D C:\Users\G580\Downloads\Filmy 2016-03-27 16:01 - 2014-08-24 21:47 - 00000000 ____D C:\Users\G580\AppData\Roaming\Skype 2016-03-26 21:57 - 2014-04-02 09:05 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-752980834-4026949763-570849984-1001 2016-03-26 16:28 - 2012-07-26 09:19 - 00000000 ____D C:\Windows\ServiceProfiles 2016-03-26 14:14 - 2014-04-23 23:50 - 00000000 ____D C:\Users\G580\Downloads\Muzyka 2016-03-26 14:04 - 2014-07-14 13:00 - 00000000 ____D C:\Users\G580\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line 2016-03-26 14:04 - 2014-07-14 13:00 - 00000000 ____D C:\Program Files (x86)\DSPRobotics 2016-03-26 13:10 - 2016-01-10 01:27 - 00000000 ____D C:\Users\G580\Downloads\ChomikBox 2016-03-26 12:25 - 2015-01-02 14:48 - 00000000 ____D C:\Users\G580\AppData\Roaming\DAEMON Tools Lite 2016-03-26 12:25 - 2014-02-27 22:35 - 00000000 ____D C:\Windows\Panther 2016-03-26 11:31 - 2015-05-27 08:35 - 00000000 ____D C:\Program Files (x86)\Windows Kits 2016-03-26 11:30 - 2015-05-27 08:19 - 00000000 ____D C:\ProgramData\Package Cache 2016-03-22 10:00 - 2015-06-03 19:08 - 00000000 ____D C:\Users\G580\AppData\Roaming\RStudio 2016-03-22 10:00 - 2015-06-03 19:08 - 00000000 ____D C:\Users\G580\AppData\Local\RStudio-Desktop 2016-03-22 10:00 - 2014-04-04 22:06 - 00003856 _____ C:\Users\G580\Documents\.Rhistory 2016-03-22 00:26 - 2014-04-04 22:45 - 00000000 ____D C:\Users\G580\Desktop\Wszystko i nic 2016-03-20 11:29 - 2016-02-12 14:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-03-20 11:29 - 2015-01-06 19:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-03-16 14:15 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp 2016-03-13 22:33 - 2015-08-02 14:34 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2016-03-13 12:09 - 2014-09-03 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2016-03-12 18:09 - 2015-12-17 23:44 - 00336896 _____ C:\Windows\system32\FNTCACHE.DAT 2016-03-12 18:08 - 2014-12-13 19:06 - 00000000 ____D C:\Windows\system32\appraiser ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-04-01 16:47 ==================== Koniec FRST.txt ============================