Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 18-09-2016 Uruchomiony przez L (administrator) EKO-DĘBINA (20-09-2016 18:15:49) Uruchomiony z C:\Users\L\Desktop\FRST Załadowane profile: L (Dostępne profile: L) Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 10 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (1206 Lab) C:\Program Files (x86)\Lenovo\Rapidboot\FBService.exe (HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (HP) C:\Windows\System32\HPSIsvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe () C:\Windows\jmesoft\Service.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.INSERTGT\MSSQL\Binn\sqlservr.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Lenovo) C:\Windows\jmesoft\hotkey.exe (CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe (Lenovo) C:\Program Files (x86)\Lenovo\Rapidboot\FBConsole.exe (Hewlett-Packard Company) C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE () C:\Windows\jmesoft\JME_LOAD.exe (Opera Software) C:\Program Files (x86)\Opera\39.0.2256.71\opera.exe (Opera Software) C:\Program Files (x86)\Opera\39.0.2256.71\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\39.0.2256.71\opera.exe (Opera Software) C:\Program Files (x86)\Opera\39.0.2256.71\opera.exe (Opera Software) C:\Program Files (x86)\Opera\39.0.2256.71\opera.exe (Opera Software) C:\Program Files (x86)\Opera\39.0.2256.71\opera.exe (Opera Software) C:\Program Files (x86)\Opera\39.0.2256.71\opera.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Opera Software) C:\Program Files (x86)\Opera\39.0.2256.71\opera.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Opera Software) C:\Program Files (x86)\Opera\39.0.2256.71\opera.exe (Opera Software) C:\Program Files (x86)\Opera\39.0.2256.71\opera.exe (Opera Software) C:\Program Files (x86)\Opera\39.0.2256.71\opera.exe (Opera Software) C:\Program Files (x86)\Opera\39.0.2256.71\opera.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Opera Software) C:\Program Files (x86)\Opera\39.0.2256.71\opera.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [jmekey] => C:\windows\jmesoft\hotkey.exe [118784 2011-06-08] (Lenovo) HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-03-16] () HKLM-x32\...\Run: [Lenovo Dynamic Brightness System] => C:\Program Files\Lenovo\Lenovo Brightness System\RunLDBS.exe [1746432 2011-03-19] (TODO: <公司名>) HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [222504 2009-05-14] (CyberLink Corp.) HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-05] (CyberLink) HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.) HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\Rapidboot\FBConsole.exe [1260128 2011-12-16] (Lenovo) HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-10-15] (Hewlett-Packard Company) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-829075671-3179460725-43800015-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-04-08] (Autodesk, Inc.) HKU\S-1-5-21-829075671-3179460725-43800015-1001\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [2995712 2013-07-19] (ALLPlayer Group Ltd.) HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-04-08] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 Tcpip\..\Interfaces\{15FF5596-3A2F-4793-B6DB-31B17E97F886}: [DhcpNameServer] 192.168.21.1 Tcpip\..\Interfaces\{95ADB5F7-B303-4CA9-96FC-95E68E8E781D}: [DhcpNameServer] 192.168.100.1 Internet Explorer: ================== BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-22] (Oracle Corporation) BHO-x32: Pomocnik logowania za pomocą konta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-22] (Oracle Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies) FireFox: ======== FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-22] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-22] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2016-02-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-829075671-3179460725-43800015-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\L\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-06-06] (Unity Technologies ApS) Chrome: ======= CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\PepperFlash\pepflashplayer.dll () CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\ppGoogleNaClPluginChrome.dll => Brak pliku CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\pdf.dll => Brak pliku CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll => Brak pliku CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll => Brak pliku CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => Brak pliku CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll => Brak pliku CHR Profile: C:\Users\L\AppData\Local\Google\Chrome\User Data\Default [2016-09-20] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\L\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-17] CHR Extension: (Chrome Media Router) - C:\Users\L\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-03] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 FastbootService; C:\Program Files (x86)\Lenovo\Rapidboot\FBService.exe [199264 2011-12-16] (1206 Lab) R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP) [Brak podpisu cyfrowego] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Brak podpisu cyfrowego] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation) R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-03-16] () [Brak podpisu cyfrowego] R2 MSSQL$INSERTGT; c:\Program Files\Microsoft SQL Server\MSSQL10_50.INSERTGT\MSSQL\Binn\sqlservr.exe [62111072 2011-06-17] (Microsoft Corporation) R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2015-09-25] (arvato digital services llc) S4 SQLAgent$INSERTGT; c:\Program Files\Microsoft SQL Server\MSSQL10_50.INSERTGT\MSSQL\Binn\SQLAGENT.EXE [431456 2011-06-17] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R0 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [69216 2011-12-16] (Windows (R) Win 7 DDK provider) R3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Marvell Semiconductor, Inc.) S3 pwdrvio; C:\windows\system32\pwdrvio.sys [19152 2013-09-30] () S3 pwdspio; C:\windows\system32\pwdspio.sys [12504 2013-09-30] () R3 VMC412; C:\Windows\System32\Drivers\VMC412.sys [243456 2011-03-28] (Vimicro Corporation) S3 zntport; C:\Windows\SysWOW64\Drivers\zntport.sys [6144 2013-04-11] (Zeal SoftStudio) [Brak podpisu cyfrowego] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-09-20 18:03 - 2016-09-20 18:03 - 03861056 _____ C:\Users\L\Downloads\adwcleaner_6.020.exe 2016-09-20 18:03 - 2016-09-20 18:03 - 01610560 _____ (Malwarebytes) C:\Users\L\Downloads\JRT.exe 2016-09-17 13:32 - 2016-09-17 13:37 - 00000000 ____D C:\Users\L\Desktop\nowe fotki komp 2016-09-17 11:45 - 2016-09-17 11:45 - 00000000 ____D C:\Users\L\AppData\Local\Ubisoft 2016-09-16 08:18 - 2016-09-16 08:13 - 00053327 ____N C:\Users\L\Desktop\20160915215457005.pdf 2016-09-14 18:07 - 2016-09-14 18:07 - 00193388 _____ C:\Users\L\Downloads\tracking_label000631338-000000007.pdf 2016-09-14 18:07 - 2016-09-14 18:07 - 00183945 _____ C:\Users\L\Downloads\waybill2016-09-DPD-631338-40151.pdf 2016-09-14 13:01 - 2016-09-14 13:01 - 00000233 _____ C:\Users\L\Desktop\The Crew (Worldwide).url 2016-09-14 12:58 - 2016-09-17 13:33 - 00000000 ____D C:\Users\L\AppData\Local\Ubisoft Game Launcher 2016-09-14 12:58 - 2016-09-14 12:58 - 00001197 _____ C:\Users\L\Desktop\Uplay.lnk 2016-09-14 12:58 - 2016-09-14 12:58 - 00000000 ____D C:\Users\L\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2016-09-14 12:58 - 2016-09-14 12:58 - 00000000 ____D C:\Program Files (x86)\Ubisoft 2016-09-14 12:57 - 2016-09-14 12:58 - 62574208 _____ (Ubisoft) C:\Users\L\Downloads\UplayInstaller.exe 2016-09-14 08:52 - 2016-09-14 08:52 - 00193446 _____ C:\Users\L\Downloads\tracking_label000631338-000000006.pdf 2016-09-14 08:51 - 2016-09-14 08:52 - 00183897 _____ C:\Users\L\Downloads\waybill2016-09-DPD-631338-37230.pdf 2016-09-13 11:03 - 2016-09-13 11:03 - 00048363 _____ C:\Users\L\Downloads\wezwanie-do-zaplaty---wzor-z-omowieniem.pdf 2016-09-11 15:40 - 2016-09-11 15:40 - 00064934 _____ C:\Users\L\Downloads\cz_2016_08_14807 (1).pdf 2016-09-10 13:12 - 2016-09-10 13:17 - 00000000 ____D C:\Users\L\Desktop\allegro 2016-09-09 18:42 - 2016-09-09 18:42 - 02397696 _____ (Farbar) C:\Users\L\Desktop\FRST64.exe 2016-09-09 18:42 - 2016-09-09 18:42 - 00000000 ____D C:\Users\L\Desktop\FRST-OlderVersion 2016-09-09 10:23 - 2016-09-09 10:23 - 00191937 _____ C:\Users\L\Downloads\tracking_label000631338-000000005.pdf 2016-09-09 10:23 - 2016-09-09 10:23 - 00183829 _____ C:\Users\L\Downloads\waybill2016-09-DPD-631338-25036.pdf 2016-09-07 11:37 - 2016-09-07 11:37 - 00144612 _____ C:\Users\L\Downloads\18365618_E_Faktura_20160725.pdf 2016-09-07 09:36 - 2016-09-07 09:36 - 00026040 _____ C:\Users\L\Downloads\Wydruk_20.pdf 2016-09-07 09:34 - 2016-09-07 09:34 - 08498553 _____ C:\Users\L\Downloads\Scan0670.pdf 2016-09-07 09:34 - 2016-09-07 09:34 - 08340719 _____ C:\Users\L\Downloads\Scan0671.pdf 2016-09-07 09:33 - 2016-09-07 09:33 - 07208019 _____ C:\Users\L\Downloads\Scan0672.pdf 2016-09-07 09:33 - 2016-09-07 09:33 - 05563190 _____ C:\Users\L\Downloads\Scan0673.pdf 2016-09-05 18:43 - 2016-09-05 18:43 - 00000000 ____D C:\Users\L\Documents\WB Games 2016-09-05 18:00 - 2016-09-05 18:00 - 00000000 ____D C:\ProgramData\Synetic 2016-09-05 14:01 - 2016-09-05 14:01 - 00000222 _____ C:\Users\L\Desktop\Off-Road Drive.url 2016-09-05 11:34 - 2016-09-05 11:34 - 00000221 _____ C:\Users\L\Desktop\Crash Time II.url 2016-09-04 18:45 - 2016-09-04 18:45 - 00890176 _____ (GOG.com ) C:\Users\L\Downloads\setup_the_witcher2_ee_3.4.0.25.exe 2016-09-04 17:23 - 2016-09-04 17:23 - 00000222 _____ C:\Users\L\Desktop\Mad Max.url 2016-09-04 17:22 - 2016-09-10 12:28 - 00000000 ____D C:\Users\L\AppData\LocalLow\Temp 2016-09-04 17:22 - 2016-09-04 17:22 - 00062284 _____ C:\Users\L\Desktop\mad.xps 2016-09-04 17:09 - 2016-09-04 17:09 - 00000959 _____ C:\Users\Public\Desktop\Steam.lnk 2016-09-04 17:09 - 2016-09-04 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2016-09-01 15:49 - 2016-09-01 15:49 - 00010923 _____ C:\Users\L\Downloads\Umowa o pracę.1 (1).pdf 2016-09-01 14:13 - 2016-09-01 14:14 - 00360280 _____ C:\Users\L\Downloads\download (3).zip 2016-08-31 15:48 - 2016-08-31 15:48 - 00191790 _____ C:\Users\L\Downloads\tracking_label000631338-000000004.pdf 2016-08-31 15:48 - 2016-08-31 15:48 - 00183760 _____ C:\Users\L\Downloads\waybill2016-08-DPD-631338-90102.pdf 2016-08-31 09:49 - 2016-08-31 09:49 - 00010923 _____ C:\Users\L\Downloads\Umowa o pracę.1.pdf 2016-08-30 19:42 - 2016-08-30 19:42 - 00183738 _____ C:\Users\L\Downloads\waybill2016-08-DPD-631338-86472.pdf 2016-08-30 19:41 - 2016-08-30 19:41 - 00192773 _____ C:\Users\L\Downloads\tracking_label000631338-000000003.pdf 2016-08-29 16:48 - 2016-08-29 16:48 - 00192873 _____ C:\Users\L\Downloads\tracking_label000631338-000000002.pdf 2016-08-29 16:48 - 2016-08-29 16:48 - 00183834 _____ C:\Users\L\Downloads\waybill2016-08-DPD-631338-81778.pdf 2016-08-29 16:39 - 2016-08-29 16:39 - 00061486 _____ C:\Users\L\Downloads\np_payout_97678479.pdf 2016-08-28 17:32 - 2016-08-28 17:32 - 01655636 _____ C:\Users\L\Downloads\ford-mustang-cennik.pdf 2016-08-27 13:46 - 2016-08-27 13:46 - 00033141 _____ C:\Users\L\Downloads\1220246502894.pdf.pdf 2016-08-26 19:01 - 2016-09-08 17:29 - 00000000 ____D C:\Users\L\Desktop\benczmark 2016-08-24 15:27 - 2016-08-24 15:27 - 00193498 _____ C:\Users\L\Downloads\tracking_label000631338-000000001.pdf 2016-08-24 15:03 - 2016-08-24 15:03 - 00183733 _____ C:\Users\L\Downloads\waybill2016-08-DPD-631338-69435.pdf 2016-08-21 16:02 - 2016-08-21 16:02 - 00064934 _____ C:\Users\L\Downloads\cz_2016_08_14807.pdf 2016-08-21 14:36 - 2016-08-21 14:37 - 08276000 _____ C:\Users\L\Downloads\sony_a500_instrukcja.pdf 2016-08-21 14:19 - 2016-08-23 17:47 - 00000000 ____D C:\Users\L\Desktop\części LC ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-09-20 18:15 - 2016-08-06 09:51 - 00000000 ____D C:\Users\L\Desktop\FRST 2016-09-20 18:15 - 2016-04-15 20:50 - 00000000 ____D C:\FRST 2016-09-20 18:11 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\NDF 2016-09-20 18:10 - 2009-07-14 06:45 - 00020688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-09-20 18:10 - 2009-07-14 06:45 - 00020688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-09-20 18:09 - 2015-05-19 16:32 - 00001048 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-09-20 18:09 - 2015-03-26 18:15 - 00000000 ____D C:\Program Files (x86)\Opera 2016-09-20 18:00 - 2015-05-19 16:32 - 00001044 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-09-20 18:00 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT 2016-09-20 16:48 - 2013-05-17 10:19 - 00000000 ____D C:\Archiwum-Subiekt 2016-09-20 06:26 - 2015-05-08 05:55 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2016-09-20 06:12 - 2009-07-14 07:08 - 00032608 _____ C:\windows\Tasks\SCHEDLGU.TXT 2016-09-18 01:16 - 2015-05-22 12:14 - 00000892 _____ C:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job 2016-09-17 13:40 - 2012-09-03 10:48 - 00002201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-09-17 13:40 - 2012-09-03 09:51 - 00925696 _____ C:\windows\system32\perfh015.dat 2016-09-17 13:40 - 2012-09-03 09:51 - 00235408 _____ C:\windows\system32\perfc015.dat 2016-09-17 13:40 - 2009-07-14 07:13 - 02035898 _____ C:\windows\system32\PerfStringBackup.INI 2016-09-17 13:40 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf 2016-09-17 11:45 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-09-14 19:22 - 2016-08-14 20:05 - 00000000 ____D C:\Program Files (x86)\Steam 2016-09-13 19:25 - 2015-07-08 12:33 - 00004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task 2016-09-13 19:11 - 2013-05-22 09:40 - 00000000 ___RD C:\Users\L\Documents\Scanned Documents 2016-09-13 16:36 - 2013-05-28 14:24 - 00000000 ____D C:\Users\L\AppData\Roaming\SoftGrid Client 2016-09-10 12:28 - 2015-05-15 10:29 - 00000000 ____D C:\Users\L\Desktop\Nowy folder (3) 2016-09-09 10:46 - 2016-08-03 14:53 - 00017695 _____ C:\Users\L\Desktop\częsci2.xlsx 2016-09-08 18:44 - 2016-08-03 14:13 - 00000000 ____D C:\Users\L\Desktop\Części 2016-09-08 17:14 - 2015-05-20 10:47 - 00003892 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1427386733 2016-09-05 18:42 - 2015-09-25 18:09 - 00000000 ____D C:\ProgramData\Package Cache 2016-09-05 18:38 - 2013-08-02 13:06 - 00000000 ____D C:\Users\L\Documents\My Games 2016-09-05 14:01 - 2016-08-14 20:12 - 00000000 ____D C:\Users\L\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2016-08-31 16:21 - 2013-12-05 16:18 - 00000000 ____D C:\Users\L\Desktop\Pliki tekstowe 2016-08-31 14:51 - 2013-05-17 09:48 - 00000000 ____D C:\Users\L\AppData\Roaming\InsERT GT 2016-08-29 10:40 - 2013-05-20 12:48 - 00000000 ____D C:\Users\L\AppData\Local\ElevatedDiagnostics 2016-08-25 17:34 - 2015-07-05 11:52 - 00000000 ____D C:\Users\L\Desktop\Graty 2016-08-21 20:09 - 2016-08-15 19:29 - 00000000 ____D C:\Program Files\Unlocker ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-01-06 15:51 - 2015-01-07 08:51 - 0000066 _____ () C:\Users\L\AppData\Roaming\WB.CFG 2015-03-26 18:50 - 2015-03-26 18:50 - 0004956 _____ () C:\Users\L\AppData\Roaming\wifi_speakers.dat 2013-06-29 12:40 - 2016-08-15 17:26 - 0007630 _____ () C:\Users\L\AppData\Local\Resmon.ResmonCfg 2014-07-15 10:23 - 2012-08-31 09:49 - 0024772 _____ () C:\ProgramData\P1210DEF.css 2014-07-15 10:23 - 2014-07-15 10:23 - 0014178 _____ () C:\ProgramData\P1210OS.HTM 2014-07-15 10:23 - 2012-08-31 09:49 - 0002944 _____ () C:\ProgramData\P1210SIG.GIF ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\windows\system32\wininit.exe => Plik podpisany cyfrowo C:\windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\windows\explorer.exe => Plik podpisany cyfrowo C:\windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\windows\system32\svchost.exe => Plik podpisany cyfrowo C:\windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\windows\system32\services.exe => Plik podpisany cyfrowo C:\windows\system32\User32.dll => Plik podpisany cyfrowo C:\windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\windows\system32\userinit.exe => Plik podpisany cyfrowo C:\windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-09-17 20:48 ==================== Koniec FRST.txt ============================