Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 23-11-2016 Uruchomiony przez Lech (administrator) LECH-HP (24-11-2016 23:46:40) Uruchomiony z C:\Users\Lech\Downloads Załadowane profile: Lech (Dostępne profile: Lech) Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 9 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (AMD) C:\Windows\System32\atieclxx.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe (Easybits) C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe (HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2016-11-13] (Synaptics Incorporated) HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-02-04] (Intel(R) Corporation) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-09-14] (COMODO) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2016-11-13] (IDT, Inc.) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-13] (Intel Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-15] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2016-11-13] (Renesas Electronics Corporation) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [94264 2011-02-15] (Hewlett-Packard Development Company L.P.) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-03-16] (EasyBits Software AS) HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [318520 2011-01-27] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [249064 2010-10-29] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1444880 2016-11-07] (Easybits) HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.9\bin\EpmNews.exe HKLM-x32\...\Run: [EaseUS Cleanup] => "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.9\bin\CleanUpUI.exe" 10 300 HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [574008 2016-11-13] (Hewlett-Packard Development Company, L.P.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-06-23] (EasyBits Software Corp.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 37.8.214.2 31.11.202.254 Tcpip\..\Interfaces\{A5715FD8-2BDE-4929-B8F5-82BAF26C2F07}: [DhcpNameServer] 37.8.214.2 31.11.202.254 Tcpip\..\Interfaces\{D2838E39-6323-4530-AF71-DACD258E6166}: [DhcpNameServer] 37.8.214.2 31.11.202.254 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDF HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDF HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDF HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDF HKU\S-1-5-21-2583481817-3846896090-3775195764-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDF HKU\S-1-5-21-2583481817-3846896090-3775195764-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDF SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://pl.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM -> {EC25EA9A-63F7-42F6-A76C-29C817088386} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://pl.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM-x32 -> {EC25EA9A-63F7-42F6-A76C-29C817088386} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-2583481817-3846896090-3775195764-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-2583481817-3846896090-3775195764-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-2583481817-3846896090-3775195764-1000 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF SearchScopes: HKU\S-1-5-21-2583481817-3846896090-3775195764-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://pl.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKU\S-1-5-21-2583481817-3846896090-3775195764-1000 -> {EC25EA9A-63F7-42F6-A76C-29C817088386} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-02-17] (HP) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-06-23] (Sun Microsystems, Inc.) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15] (Adobe Systems Incorporated) BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-02-17] (HP) BHO-x32: Pomocnik logowania za pomocą identyfikatora Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-06-23] (Sun Microsystems, Inc.) Toolbar: HKU\S-1-5-21-2583481817-3846896090-3775195764-1000 -> Brak nazwy - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Brak pliku FireFox: ======== FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-06-23] (Sun Microsystems, Inc.) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Brak pliku] FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-06-23] (Sun Microsystems, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-21] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-21] (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2016-09-01] () Chrome: ======= CHR Profile: C:\Users\Lech\AppData\Local\Google\Chrome\User Data\Default [2016-11-24] CHR Extension: (Prezentacje Google) - C:\Users\Lech\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-21] CHR Extension: (Dokumenty Google) - C:\Users\Lech\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-21] CHR Extension: (Dysk Google) - C:\Users\Lech\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-21] CHR Extension: (YouTube) - C:\Users\Lech\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-21] CHR Extension: (Arkusze Google) - C:\Users\Lech\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-21] CHR Extension: (Dokumenty Google offline) - C:\Users\Lech\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-21] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Lech\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-21] CHR Extension: (Gmail) - C:\Users\Lech\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-21] CHR Extension: (Chrome Media Router) - C:\Users\Lech\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-21] CHR HKLM-x32\...\Chrome\Extension: [aepeildmfnnehghlknddebgjghlompfe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-02-11] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [901184 2011-01-24] (Intel Corporation) [Brak podpisu cyfrowego] R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1298496 2011-01-24] (Intel Corporation) [Brak podpisu cyfrowego] R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [991296 2011-01-24] (Intel Corporation) [Brak podpisu cyfrowego] R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5817256 2016-09-15] (COMODO) R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2271928 2016-09-14] (COMODO) R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [Brak podpisu cyfrowego] S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350064 2016-09-01] (WildTangent) R2 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-16] (Hewlett-Packard) R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2016-11-13] (Realsil Microelectronics Inc.) [Brak podpisu cyfrowego] S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-02-04] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [31648 2016-08-31] (COMODO) R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [830624 2016-08-31] (COMODO) R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [56976 2016-08-31] (COMODO) R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [116248 2016-08-31] (COMODO) S3 PortTalk; C:\Windows\SysWOW64\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic hxxp://www.beyondlogic.org) [Brak podpisu cyfrowego] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-11-24 23:46 - 2016-11-24 23:47 - 00020381 _____ C:\Users\Lech\Downloads\FRST.txt 2016-11-24 23:44 - 2016-11-24 23:46 - 00000000 ____D C:\FRST 2016-11-24 23:43 - 2016-11-24 23:43 - 02412032 _____ (Farbar) C:\Users\Lech\Downloads\FRST64.exe 2016-11-24 23:33 - 2016-11-24 23:33 - 03362803 _____ C:\Users\Lech\Downloads\hw64_540.zip 2016-11-24 23:33 - 2016-11-24 23:33 - 00000000 ____D C:\Users\Lech\Downloads\hw64_540 2016-11-24 10:24 - 2016-11-24 10:24 - 00012910 _____ C:\Users\Lech\Downloads\ekspresy.xlsx 2016-11-21 09:22 - 2016-11-21 09:22 - 00000000 ____D C:\Users\Lech\AppData\Roaming\GHISLER 2016-11-21 07:32 - 2016-11-21 07:32 - 00002237 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-11-21 07:32 - 2016-11-21 07:32 - 00002225 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-11-21 07:31 - 2016-11-24 23:36 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-11-21 07:31 - 2016-11-24 19:12 - 00001040 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-11-21 07:31 - 2016-11-21 07:31 - 00004040 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-11-21 07:31 - 2016-11-21 07:31 - 00003788 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-11-21 06:50 - 2016-11-21 06:50 - 00000000 ____D C:\ProgramData\BlueStacks 2016-11-21 06:49 - 2016-11-21 06:52 - 00000000 ____D C:\Users\Lech\AppData\Roaming\WildTangent 2016-11-20 22:38 - 2002-01-12 15:30 - 00003567 _____ (Beyond Logic hxxp://www.beyondlogic.org) C:\Windows\SysWOW64\Drivers\PortTalk.sys 2016-11-20 22:36 - 2013-09-19 22:46 - 00000000 ____D C:\Users\Lech\Downloads\victoria_447 2016-11-20 22:26 - 2016-11-20 22:27 - 00743753 _____ C:\Users\Lech\Downloads\victoria_447.7z 2016-11-16 19:40 - 2016-11-16 19:40 - 01381582 _____ (Igor Pavlov) C:\Users\Lech\Downloads\7z1604-x64.exe 2016-11-16 19:40 - 2016-11-16 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2016-11-16 19:40 - 2016-11-16 19:40 - 00000000 ____D C:\Program Files\7-Zip 2016-11-16 19:36 - 2016-11-16 19:41 - 00000000 ____D C:\Users\Lech\Downloads\Hirens.BootCD.15.2 2016-11-16 19:36 - 2016-11-16 19:36 - 00000000 ____D C:\Users\Lech\Downloads\grub4dos 2016-11-16 19:34 - 2016-11-16 19:19 - 621283886 _____ C:\Users\Lech\Downloads\Hirens.BootCD.15.2.zip 2016-11-16 18:55 - 2016-11-16 18:55 - 00000000 ____D C:\Users\Lech\Downloads\USBFormat 2016-11-16 18:54 - 2016-11-16 18:54 - 00192485 _____ C:\Users\Lech\Downloads\grub4dos.zip 2016-11-16 18:54 - 2016-11-16 18:54 - 00035228 _____ C:\Users\Lech\Downloads\USBFormat.zip 2016-11-13 11:27 - 2016-11-24 15:34 - 00003180 _____ C:\Windows\System32\Tasks\HPCeeScheduleForLech 2016-11-13 11:27 - 2016-11-24 15:34 - 00000328 _____ C:\Windows\Tasks\HPCeeScheduleForLech.job 2016-11-13 11:19 - 2016-11-13 11:19 - 00000000 ____D C:\ProgramData\Synaptics 2016-11-13 10:52 - 2016-11-13 10:52 - 01965056 _____ (IDT, Inc.) C:\Windows\system32\stapo64.dll 2016-11-13 10:52 - 2016-11-13 10:52 - 00654336 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll 2016-11-13 10:52 - 2016-11-13 10:52 - 00528384 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys 2016-11-13 10:52 - 2016-11-13 10:52 - 00431616 _____ (IDT, Inc.) C:\Windows\system32\stcplx64.dll 2016-11-13 10:51 - 2016-11-13 10:53 - 00000000 ____D C:\Program Files\IDT 2016-11-13 10:50 - 2016-11-13 10:50 - 09888360 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsPStorIcon.dll 2016-11-13 10:46 - 2016-11-13 10:47 - 08604672 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETwNs64.sys 2016-11-13 10:45 - 2016-11-13 10:45 - 00208896 _____ (Renesas Electronics Corporation) C:\Windows\system32\Drivers\nusb3xhc.sys 2016-11-13 10:45 - 2016-11-13 10:45 - 00091648 _____ (Renesas Electronics Corporation) C:\Windows\system32\Drivers\nusb3hub.sys 2016-11-13 10:45 - 2016-11-13 10:45 - 00081920 _____ (Renesas Electronics Corporation) C:\Windows\system32\nusb3co2.dll 2016-11-13 10:43 - 2016-11-13 10:44 - 01451056 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys 2016-11-13 10:43 - 2016-11-13 10:44 - 00276264 _____ (Synaptics Incorporated) C:\Windows\system32\SynCtrl.dll 2016-11-13 10:43 - 2016-11-13 10:44 - 00226600 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll 2016-11-13 10:43 - 2016-11-13 10:44 - 00222504 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCtrl.dll 2016-11-13 10:43 - 2016-11-13 10:44 - 00177448 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCOM.dll 2016-11-13 10:43 - 2016-11-13 10:44 - 00148264 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo9.dll 2016-11-13 10:43 - 2016-11-13 10:44 - 00107816 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynTPCOM.dll 2016-11-13 10:43 - 2016-11-13 10:44 - 00066856 _____ C:\Windows\SysWOW64\SynTPEnhPS.dll 2016-11-08 21:50 - 2016-11-16 08:44 - 00000000 _____ C:\Windows\BcdLog.txt 2016-11-08 21:42 - 2016-11-08 21:43 - 49597536 _____ (EaseUS ) C:\Users\Lech\Downloads\epm.exe 2016-11-08 19:02 - 2016-11-08 19:02 - 00000000 ____D C:\Users\Lech\AppData\Local\Hewlett-Packard_Developme 2016-11-08 16:36 - 2016-11-24 23:44 - 00033278 _____ C:\Windows\system32\Drivers\fvstore.dat 2016-11-08 16:36 - 2016-11-08 16:36 - 00000000 ___HD C:\VTRoot 2016-11-08 12:54 - 2016-11-08 12:56 - 00000000 ____D C:\ProgramData\VirtualizedApplications 2016-11-08 10:33 - 2016-11-08 10:33 - 00000000 __RHD C:\MSOCache 2016-11-08 10:31 - 2016-11-24 10:25 - 00000000 ___SD C:\Users\Lech\AppData\LocalLow\Temp 2016-11-08 10:27 - 2016-11-24 19:10 - 00000000 ____D C:\Users\Lech\AppData\Roaming\SoftGrid Client 2016-11-08 10:27 - 2016-11-08 10:27 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2016-11-08 10:27 - 2016-11-08 10:27 - 00000000 ____D C:\Users\Lech\AppData\Local\SoftGrid Client 2016-11-08 10:27 - 2016-11-08 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Polski) 2016-11-08 10:26 - 2016-11-08 10:27 - 00000000 ____D C:\Users\Lech\AppData\Roaming\TP 2016-11-08 10:26 - 2016-11-08 10:26 - 01747254 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2016-11-08 10:26 - 2016-11-08 10:26 - 00000000 ____D C:\Program Files\Microsoft Office 2016-11-08 10:26 - 2016-11-08 10:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client 2016-11-08 10:23 - 2016-11-08 21:44 - 00000000 ____D C:\Users\Lech\AppData\Roaming\Skype 2016-11-08 10:23 - 2016-11-08 10:23 - 00000000 ____D C:\ProgramData\Skype 2016-11-07 17:12 - 2016-11-07 17:12 - 00000000 ____D C:\Users\Lech\AppData\Local\HP 2016-11-07 17:12 - 2016-11-07 17:12 - 00000000 ____D C:\Users\Lech\AppData\Local\AuthenTec 2016-11-07 16:31 - 2016-11-07 16:31 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2016-11-07 16:26 - 2016-11-07 16:26 - 00000000 ____D C:\Users\Lech\AppData\Roaming\IDT 2016-11-07 16:20 - 2016-11-07 16:20 - 00000000 ____D C:\Users\Lech\AppData\LocalLow\Sun 2016-11-07 16:14 - 2016-11-07 16:20 - 00000000 ____D C:\ProgramData\Easybits Magic Desktop for HP 2016-11-07 15:59 - 2016-11-21 07:32 - 00000000 ____D C:\Users\Lech\AppData\Local\Google 2016-11-07 15:59 - 2016-11-21 07:31 - 00000000 ____D C:\Users\Lech\AppData\Local\Deployment 2016-11-07 15:59 - 2016-11-21 07:31 - 00000000 ____D C:\Program Files (x86)\Google 2016-11-07 15:59 - 2016-11-07 15:59 - 00000000 ____D C:\Users\Lech\AppData\Local\Apps\2.0 2016-11-07 15:50 - 2016-11-07 15:50 - 00001888 _____ C:\Users\Public\Desktop\COMODO Internet Security.lnk 2016-11-07 15:50 - 2016-11-07 15:50 - 00000000 ____D C:\Windows\System32\Tasks\COMODO 2016-11-07 13:50 - 2016-11-24 23:44 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat 2016-11-07 13:48 - 2016-11-08 10:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO 2016-11-07 13:48 - 2016-11-08 10:36 - 00000000 ____D C:\Program Files\COMODO 2016-11-07 13:48 - 2016-11-07 13:48 - 00000000 ____D C:\ProgramData\Shared Space 2016-11-07 13:48 - 2016-11-07 13:48 - 00000000 ____D C:\ProgramData\Comodo 2016-11-07 13:35 - 2016-11-07 13:35 - 00000000 ____D C:\Users\Lech\AppData\Roaming\Adobe 2016-11-07 13:33 - 2016-11-07 13:33 - 00000000 ____D C:\Users\Lech\AppData\Roaming\ATI 2016-11-07 13:33 - 2016-11-07 13:33 - 00000000 ____D C:\Users\Lech\AppData\Local\ATI 2016-11-07 13:32 - 2016-11-24 07:41 - 00003958 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{AB5DD648-33C4-41DD-9531-DFEC698B9624} 2016-11-07 13:32 - 2016-11-21 07:28 - 00001421 _____ C:\Users\Lech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2016-11-07 13:32 - 2016-11-21 07:28 - 00001415 _____ C:\Users\Lech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-11-07 13:32 - 2016-11-13 10:55 - 00000000 ____D C:\Users\Lech\AppData\Roaming\hpqLog 2016-11-07 13:32 - 2016-11-07 13:32 - 00000000 ____D C:\Users\Lech\AppData\Roaming\Synaptics 2016-11-07 13:32 - 2016-11-07 13:32 - 00000000 ____D C:\Users\Lech\AppData\Roaming\Intel Corporation 2016-11-07 13:31 - 2016-11-07 13:31 - 00057560 _____ C:\Users\Lech\AppData\Local\GDIPFONTCACHEV1.DAT 2016-11-07 13:31 - 2016-11-07 13:31 - 00003404 _____ C:\Windows\System32\Tasks\ServicePlan 2016-11-07 13:31 - 2016-11-07 13:31 - 00000000 ____D C:\Users\Lech\AppData\Local\RemEngine 2016-11-07 13:27 - 2016-11-13 11:27 - 00000000 ____D C:\Users\Lech\AppData\Local\Hewlett-Packard 2016-11-07 13:27 - 2016-11-13 10:42 - 00000000 ____D C:\Users\Lech\AppData\Roaming\Hewlett-Packard 2016-11-07 13:27 - 2016-11-07 13:32 - 00000000 ____D C:\Users\Lech\AppData\Local\Hewlett-Packard_Company 2016-11-07 13:25 - 2016-11-24 23:04 - 00000000 ____D C:\Users\Lech\AppData\LocalLow\AuthenTec 2016-11-07 13:25 - 2016-11-07 13:31 - 00000000 ____D C:\Users\Lech 2016-11-07 13:25 - 2016-11-07 13:25 - 00000020 ___SH C:\Users\Lech\ntuser.ini 2016-11-07 13:25 - 2016-11-07 13:25 - 00000000 _SHDL C:\Users\Lech\Ustawienia lokalne 2016-11-07 13:25 - 2016-11-07 13:25 - 00000000 _SHDL C:\Users\Lech\Szablony 2016-11-07 13:25 - 2016-11-07 13:25 - 00000000 _SHDL C:\Users\Lech\Moje dokumenty 2016-11-07 13:25 - 2016-11-07 13:25 - 00000000 _SHDL C:\Users\Lech\Menu Start 2016-11-07 13:25 - 2016-11-07 13:25 - 00000000 _SHDL C:\Users\Lech\Documents\Moje wideo 2016-11-07 13:25 - 2016-11-07 13:25 - 00000000 _SHDL C:\Users\Lech\Documents\Moje obrazy 2016-11-07 13:25 - 2016-11-07 13:25 - 00000000 _SHDL C:\Users\Lech\Documents\Moja muzyka 2016-11-07 13:25 - 2016-11-07 13:25 - 00000000 _SHDL C:\Users\Lech\Dane aplikacji 2016-11-07 13:25 - 2016-11-07 13:25 - 00000000 _SHDL C:\Users\Lech\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2016-11-07 13:25 - 2016-11-07 13:25 - 00000000 _SHDL C:\Users\Lech\AppData\Local\Historia 2016-11-07 13:25 - 2016-11-07 13:25 - 00000000 _SHDL C:\Users\Lech\AppData\Local\Dane aplikacji 2016-11-07 13:25 - 2016-11-07 13:25 - 00000000 ____D C:\Users\Lech\AppData\Roaming\Intel 2016-11-07 13:25 - 2016-11-07 13:25 - 00000000 ____D C:\Users\Lech\AppData\Local\VirtualStore 2016-11-07 13:25 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-11-07 13:25 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2016-11-07 13:25 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2016-11-07 13:25 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2016-11-07 13:25 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2016-11-07 13:25 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2016-11-07 13:25 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2016-11-07 13:25 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2016-11-07 13:25 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2016-11-07 13:25 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2016-11-07 13:25 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2016-11-07 13:25 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2016-11-07 13:25 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2016-11-07 13:25 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2016-11-07 13:25 - 2011-09-27 19:05 - 00000000 ____D C:\Users\Lech\AppData\Roaming\Media Center Programs 2016-11-07 13:24 - 2016-11-07 13:24 - 00000000 _SHDL C:\Users\Public\Documents\Moje wideo 2016-11-07 13:24 - 2016-11-07 13:24 - 00000000 _SHDL C:\Users\Public\Documents\Moje obrazy 2016-11-07 13:24 - 2016-11-07 13:24 - 00000000 _SHDL C:\Users\Public\Documents\Moja muzyka 2016-11-07 13:24 - 2016-11-07 13:24 - 00000000 _SHDL C:\Users\Default\Ustawienia lokalne 2016-11-07 13:24 - 2016-11-07 13:24 - 00000000 _SHDL C:\Users\Default\Szablony 2016-11-07 13:24 - 2016-11-07 13:24 - 00000000 _SHDL C:\Users\Default\Moje dokumenty 2016-11-07 13:24 - 2016-11-07 13:24 - 00000000 _SHDL C:\Users\Default\Menu Start 2016-11-07 13:24 - 2016-11-07 13:24 - 00000000 _SHDL C:\Users\Default\Documents\Moje wideo 2016-11-07 13:24 - 2016-11-07 13:24 - 00000000 _SHDL C:\Users\Default\Documents\Moje obrazy 2016-11-07 13:24 - 2016-11-07 13:24 - 00000000 _SHDL C:\Users\Default\Documents\Moja muzyka 2016-11-07 13:24 - 2016-11-07 13:24 - 00000000 _SHDL C:\Users\Default\Dane aplikacji 2016-11-07 13:24 - 2016-11-07 13:24 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2016-11-07 13:24 - 2016-11-07 13:24 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historia 2016-11-07 13:24 - 2016-11-07 13:24 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dane aplikacji 2016-11-07 13:24 - 2016-11-07 13:24 - 00000000 _SHDL C:\ProgramData\Ulubione 2016-11-07 13:24 - 2016-11-07 13:24 - 00000000 _SHDL C:\ProgramData\Szablony 2016-11-07 13:24 - 2016-11-07 13:24 - 00000000 _SHDL C:\ProgramData\Pulpit 2016-11-07 13:24 - 2016-11-07 13:24 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy 2016-11-07 13:24 - 2016-11-07 13:24 - 00000000 _SHDL C:\ProgramData\Menu Start 2016-11-07 13:24 - 2016-11-07 13:24 - 00000000 _SHDL C:\ProgramData\Dokumenty 2016-11-07 13:24 - 2016-11-07 13:24 - 00000000 _SHDL C:\ProgramData\Dane aplikacji ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-11-24 19:18 - 2009-07-14 05:45 - 00031856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-11-24 19:18 - 2009-07-14 05:45 - 00031856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-11-24 19:11 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-11-21 08:11 - 2011-06-24 01:41 - 00837024 _____ C:\Windows\system32\perfh015.dat 2016-11-21 08:11 - 2011-06-24 01:41 - 00178306 _____ C:\Windows\system32\perfc015.dat 2016-11-21 08:11 - 2009-07-14 06:13 - 01722784 _____ C:\Windows\system32\PerfStringBackup.INI 2016-11-21 08:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-11-21 06:55 - 2011-06-23 15:58 - 00000000 ____D C:\Program Files (x86)\HP Games 2016-11-21 06:54 - 2011-06-23 15:58 - 00000000 ____D C:\ProgramData\WildTangent 2016-11-21 06:54 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-11-21 06:49 - 2011-06-23 15:58 - 00000000 ____D C:\Program Files (x86)\WildTangent Games 2016-11-16 18:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\LiveKernelReports 2016-11-13 10:55 - 2011-06-23 15:57 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard 2016-11-13 10:54 - 2011-02-10 20:23 - 00000000 ____D C:\SWSetup 2016-11-13 10:52 - 2011-09-27 09:15 - 06382080 _____ (IDT, Inc.) C:\Windows\system32\IDTNGUI.exe 2016-11-13 10:52 - 2011-09-27 09:15 - 04933120 _____ (IDT, Inc.) C:\Windows\system32\IDTNHP.dll 2016-11-13 10:52 - 2011-09-27 09:15 - 04779520 _____ (IDT, Inc.) C:\Windows\system32\stlang64.dll 2016-11-13 10:52 - 2011-09-27 09:15 - 01523712 _____ (IDT, Inc.) C:\Windows\system32\IDTNC64.cpl 2016-11-13 10:52 - 2011-09-27 09:15 - 01128448 _____ (IDT, Inc.) C:\Windows\sttray64.exe 2016-11-13 10:52 - 2011-09-27 09:15 - 01029120 _____ (IDT, Inc.) C:\Windows\system32\IDTNX.dll 2016-11-13 10:52 - 2011-09-27 09:15 - 00442368 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTEC64.dll 2016-11-13 10:52 - 2011-09-27 09:15 - 00221184 _____ (IDT, Inc.) C:\Windows\system32\HPToneCtrls64.dll 2016-11-13 10:52 - 2011-09-27 09:15 - 00212480 _____ (IDT, Inc.) C:\Windows\system32\IDTNJ.exe 2016-11-13 10:52 - 2011-09-27 09:15 - 00162304 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAC64.dll 2016-11-13 10:52 - 2011-09-27 09:15 - 00090624 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTCo64.dll 2016-11-13 10:52 - 2011-09-27 09:15 - 00068608 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAR64.dll 2016-11-13 10:52 - 2011-09-27 09:14 - 00224256 _____ (IDT, Inc.) C:\Windows\system32\staco64.dll 2016-11-13 10:51 - 2011-09-27 09:15 - 00000000 ____D C:\Windows\SysWOW64\sda 2016-11-13 10:50 - 2011-09-27 09:15 - 00338536 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsPStor.sys 2016-11-13 10:50 - 2011-09-27 09:15 - 00000000 ____D C:\Program Files (x86)\Realtek 2016-11-13 10:44 - 2010-12-17 03:26 - 00411944 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll 2016-11-13 10:43 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\WinBioPlugIns 2016-11-13 10:36 - 2011-06-23 16:13 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard 2016-11-13 10:36 - 2011-06-23 16:05 - 00000000 ____D C:\ProgramData\Hewlett-Packard 2016-11-13 10:34 - 2011-06-23 16:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2016-11-08 10:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2016-11-08 10:27 - 2009-12-02 22:23 - 00721768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Sftfslh.sys 2016-11-08 10:26 - 2011-06-23 16:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-11-08 10:26 - 2009-12-02 22:23 - 00269672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Sftplaylh.sys 2016-11-08 10:26 - 2009-12-02 22:23 - 00025960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Sftredirlh.sys 2016-11-08 10:26 - 2009-12-02 22:23 - 00022376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Sftvollh.sys 2016-11-08 10:26 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2016-11-07 23:18 - 2009-07-14 06:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template 2016-11-07 16:12 - 2011-09-27 09:27 - 00000000 ____D C:\ProgramData\Norton 2016-11-07 13:27 - 2011-06-23 16:05 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services 2016-11-07 13:27 - 2011-06-23 15:58 - 00000000 ___RD C:\Program Files (x86)\Online Services 2016-11-07 13:27 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Sidebar 2016-11-07 13:27 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar 2016-11-07 13:26 - 2011-02-10 20:23 - 00000000 ___HD C:\SYSTEM.SAV 2016-11-07 13:24 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Windows NT 2016-11-07 13:23 - 2011-09-27 09:09 - 00000056 ____H C:\Windows\SysWOW64\ezsidmv.dat 2016-11-07 13:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2016-11-07 13:20 - 2007-01-02 02:25 - 00000000 ____D C:\Windows\Panther ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-11-08 15:26 ==================== Koniec FRST.txt ============================