Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 21-12-2016 Uruchomiony przez Tomasz J (administrator) TOMASZ-LENOVO (30-12-2016 00:41:13) Uruchomiony z C:\Users\Tomasz J\Desktop Załadowane profile: Tomasz J (Dostępne profile: Tomasz J & DefaultAppPool) Platform: Windows 7 Ultimate Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Opera) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe () C:\ProgramData\OnlineUpdate\ouc.exe () C:\Windows\KMS-R@1n.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Intel(R) Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe (Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe (Highresolution Enterprises) C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe (Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe () C:\Windows\KMS-R@1nHook.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Ashampoo) C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2013\burningstudio2013.exe (Ashampoo) C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2013\CancelAutoplay2.exe (Opera Software) C:\Program Files (x86)\Opera\42.0.2393.94\opera.exe (Opera Software) C:\Program Files (x86)\Opera\42.0.2393.94\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\42.0.2393.94\opera.exe (Opera Software) C:\Program Files (x86)\Opera\42.0.2393.94\opera.exe (Opera Software) C:\Program Files (x86)\Opera\42.0.2393.94\opera.exe (Opera Software) C:\Program Files (x86)\Opera\42.0.2393.94\opera.exe (Opera Software) C:\Program Files (x86)\Opera\42.0.2393.94\opera.exe (Opera Software) C:\Program Files (x86)\Opera\42.0.2393.94\opera.exe (Opera Software) C:\Program Files (x86)\Opera\42.0.2393.94\opera.exe (Opera Software) C:\Program Files (x86)\Opera\42.0.2393.94\opera.exe (Opera Software) C:\Program Files (x86)\Opera\42.0.2393.94\opera.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Farbar) C:\Users\Tomasz J\Desktop\FRST64 (1).exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1161240 2016-05-22] (Highresolution Enterprises) HKLM\...\Run: [IntelWirelessWiMAX] => C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1626112 2011-12-01] (Intel® Corporation) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2773232 2013-10-17] (Synaptics Incorporated) Winlogon\Notify\igfxcui: C:\WINDOWS\SYSTEM32\igfxdev.dll (Intel Corporation) HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-513388345-2481954787-3041473172-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd) HKU\S-1-5-21-513388345-2481954787-3041473172-1000\...\MountPoints2: H - H:\AutoRun.exe HKU\S-1-5-21-513388345-2481954787-3041473172-1000\...\MountPoints2: {549f197f-01e8-11e3-9c62-689423ff5cca} - F:\SETUP.EXE HKU\S-1-5-21-513388345-2481954787-3041473172-1000\...\MountPoints2: {6f5b8ad4-94aa-11e6-abe1-806e6f6e6963} - H:\AutoRun.exe HKU\S-1-5-21-513388345-2481954787-3041473172-1000\...\MountPoints2: {6f5b8bbf-94aa-11e6-abe1-20898449a356} - H:\AutoRun.exe HKU\S-1-5-21-513388345-2481954787-3041473172-1000\...\MountPoints2: {6f5b8bd1-94aa-11e6-abe1-20898449a356} - H:\AutoRun.exe HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [181488 2016-08-11] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [159352 2016-08-11] (NVIDIA Corporation) IFEO\OSppSvc.exe: [Debugger] KMS-R@1nHook.exe IFEO\SppSvc.exe: [Debugger] KMS-R@1nHook.exe Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\SYSTEM32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) GroupPolicy: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 217.172.224.160 89.231.1.206 Tcpip\..\Interfaces\{26014E5F-0B79-4971-9D61-8D07DEB94415}: [DhcpNameServer] 217.172.224.160 89.231.1.206 Tcpip\..\Interfaces\{99D6FE59-48F3-4D53-AF53-65403FA39E20}: [NameServer] 212.2.96.51 212.2.96.52 Tcpip\..\Interfaces\{E2D0EA85-99E5-4EB2-9485-192CC5FDDC4D}: [NameServer] 212.2.96.51 212.2.96.52 Tcpip\..\Interfaces\{E2D0EA85-99E5-4EB2-9485-192CC5FDDC4D}: [DhcpNameServer] 212.2.96.51 212.2.96.52 Internet Explorer: ================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-513388345-2481954787-3041473172-1000 -> {E9DB9E7B-A275-41D1-8158-D0423FBEBDEB} URL = hxxp://www.google.com/cse?cx=partner-pub-3540673482024757:xbhdw8hkfz5&cof=&q={searchTerms} BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-08] (Oracle Corporation) BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-04-28] (Atheros Commnucations) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-08] (Oracle Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Tomasz J\AppData\Roaming\Mozilla\Firefox\Profiles\wlqf67qd.default [2016-12-29] FF Homepage: Mozilla\Firefox\Profiles\wlqf67qd.default -> hxxp://www.google.com/cse?cx=partner-pub-3540673482024757:xbhdw8hkfz5&ie=ISO-8859-1&q=&sa=Search FF NetworkProxy: Mozilla\Firefox\Profiles\wlqf67qd.default -> gopher", "" FF NetworkProxy: Mozilla\Firefox\Profiles\wlqf67qd.default -> gopher_port", 0 FF NetworkProxy: Mozilla\Firefox\Profiles\wlqf67qd.default -> share_proxy_settings", true FF NetworkProxy: Mozilla\Firefox\Profiles\wlqf67qd.default -> type", 0 FF Extension: (Firefox Hotfix) - C:\Users\Tomasz J\AppData\Roaming\Mozilla\Firefox\Profiles\wlqf67qd.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-12-08] FF Extension: (Zotero) - C:\Users\Tomasz J\AppData\Roaming\Mozilla\Firefox\Profiles\wlqf67qd.default\Extensions\zotero@chnm.gmu.edu.xpi [2016-12-08] FF Extension: (Zotero Word for Windows Integration) - C:\Users\Tomasz J\AppData\Roaming\Mozilla\Firefox\Profiles\wlqf67qd.default\Extensions\zoteroWinWordIntegration@zotero.org [2016-12-08] FF Extension: (Walnut for Firefox) - C:\Users\Tomasz J\AppData\Roaming\Mozilla\Firefox\Profiles\wlqf67qd.default\Extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}.xpi [2016-12-08] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-08-10] [Brak podpisu cyfrowego] FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon => nie znaleziono FF HKU\S-1-5-21-513388345-2481954787-3041473172-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_375.dll [2016-10-09] () FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.0-git-20130801-0403 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-08-01] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_375.dll [2016-10-09] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-08] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-08] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> D:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [Brak pliku] FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-513388345-2481954787-3041473172-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Tomasz J\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2013-11-06] (Skype Limited) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR StartupUrls: Default -> "" CHR Plugin: (Shockwave Flash) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\PepperFlash\22.0.0.209\pepflashplayer.dll () CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.885\_platform_specific\win_x64\widevinecdmadapter.dll => Brak pliku CHR Profile: C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default [2016-12-29] CHR Extension: (Prezentacje Google) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-15] CHR Extension: (Dokumenty Google) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-15] CHR Extension: (Dysk Google) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-15] CHR Extension: (YouTube) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-15] CHR Extension: (Ósemka) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\cedbddnnmhgnedpamoenmdkhnpnfbpjb [2016-12-28] CHR Extension: (Google Search) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-15] CHR Extension: (Facebook Aktualności) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\edoadhjjfgeniilpmnoaddaihjkkhheb [2016-08-05] CHR Extension: (Arkusze Google) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-15] CHR Extension: (Dokumenty Google offline) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16] CHR Extension: (AdBlock) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-12-28] CHR Extension: (Curling) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhalnajmigjnpjpdbpkpgfhekbjmolhp [2016-01-13] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR Extension: (Mój motyw Chrome) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2015-10-23] CHR Extension: (Gmail) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-15] CHR Extension: (Chrome Media Router) - C:\Users\Tomasz J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-28] Opera: ======= OPR Extension: (Zotero Connector) - C:\Users\Tomasz J\AppData\Roaming\Opera Software\Opera Stable\Extensions\aglkdfckbibjdkdoconjbdggodkdchbn [2016-12-08] OPR Extension: (Tłumacz) - C:\Users\Tomasz J\AppData\Roaming\Opera Software\Opera Stable\Extensions\ibnombjmjocaccigcefonnipcnlaeaed [2016-08-22] OPR Extension: (Tłumacz Google) - C:\Users\Tomasz J\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2016-12-29] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S4 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.) S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [119424 2012-04-28] (Atheros Commnucations) [Brak podpisu cyfrowego] S4 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.) S4 BBDemon; C:\Program Files\Dassault Systemes\B21\win_b64\code\bin\CATSysDemon.exe [46592 2011-01-08] (Dassault Systemes) [Brak podpisu cyfrowego] S4 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [1005944 2012-07-02] (Broadcom Corporation.) S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-18] (Dropbox, Inc.) S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-18] (Dropbox, Inc.) R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [514048 2011-11-30] (Red Bend Ltd.) [Brak podpisu cyfrowego] R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2771848 2016-11-13] (ESET) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2016-10-17] () S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-29] (Intel Corporation) R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2016-10-31] () [Brak podpisu cyfrowego] S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [Brak podpisu cyfrowego] S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit) S4 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [21552 2014-02-21] (Lenovo) S4 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo) S4 mitsijm2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [952608 2013-01-25] (Autodesk, Inc.) S4 mitsijm2016; D:\Program Files (x86)\AutodeskInventor16\Inventor 2016\Moldflow\bin\mitsijm.exe [968480 2014-09-30] (Autodesk, Inc.) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] () R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [Brak podpisu cyfrowego] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation) S4 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation) S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [Brak podpisu cyfrowego] S4 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [61232 2014-10-01] (Lenovo Group Limited) S4 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [317224 2014-10-01] (Lenovo Group Limited) S4 TeamViewer; D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-18] (TeamViewer GmbH) R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [979456 2011-11-30] (Intel(R) Corporation) [Brak podpisu cyfrowego] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S4 XMouseButton Launcher; D:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe [87040 2012-06-23] (Highresolution Enterprises) [Brak podpisu cyfrowego] S4 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [163456 2012-04-28] (Atheros) [Brak podpisu cyfrowego] S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus64.sys [29184 2015-05-12] (LG Electronics Inc.) S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2015-05-12] (LG Electronics Inc.) S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2015-05-12] (LG Electronics Inc.) R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-04-02] (Broadcom Corporation.) R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2016-10-17] (Bytemobile, Inc.) [Brak podpisu cyfrowego] S3 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [24032 2013-10-08] (IVT Corporation.) S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [129152 2016-04-24] (Samsung Electronics Co., Ltd.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-08-10] (Disc Soft Ltd) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [262792 2016-11-13] (ESET) U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241880 2015-02-23] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [197248 2016-11-13] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [181384 2016-11-13] (ESET) S4 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [34793 2007-05-23] (Compuware Corporation) [Brak podpisu cyfrowego] S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [212992 2016-10-17] (Huawei Technologies Co., Ltd.) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-08-10] (REALiX(tm)) S3 IvtAudioBusSrv; C:\Windows\System32\Drivers\IvtBtBus.sys [27256 2012-12-24] (IVT Corporation.) S3 IvtPanBusSrv; C:\Windows\System32\Drivers\btnetBus.sys [31480 2012-12-24] (IVT Corporation.) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2015-08-10] (Qualcomm Atheros Co., Ltd.) S4 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [Brak podpisu cyfrowego] R1 LUMDriver; C:\Windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2015-08-10] (Intel Corporation) S2 NSHE; C:\Windows\SysWOW64\Drivers\NSHE.SYS [97792 2010-07-28] (Tecar Forum) [Brak podpisu cyfrowego] S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation) S3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8225680 2012-06-29] (Realtek Semiconductor Corp.) R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit) R3 SmbDrvIntel; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [27408 2012-03-26] (Synaptics Incorporated) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-09-05] (Duplex Secure Ltd.) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [221824 2016-04-24] (Samsung Electronics Co., Ltd.) S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2009-09-19] (MCCI Corporation) R3 SuperIO; C:\Windows\System32\DRIVERS\spio.sys [11848 2009-06-05] () R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2016-10-17] (Bytemobile, Inc.) [Brak podpisu cyfrowego] S4 WINIO; C:\Windows\SysWOW64\winio.sys [41324 2001-11-13] () [Brak podpisu cyfrowego] S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [34016 2014-05-27] (Microsoft Corporation) S4 XHASP; c:\windows\SysWOW64\drivers\XHASP.sys [259584 2014-08-07] () [Brak podpisu cyfrowego] U3 aj0sgwsp; C:\Windows\System32\Drivers\aj0sgwsp.sys [0 ] (Microsoft Corporation) <==== UWAGA (zerobajtowy plik/folder) S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X] S3 btwrchid; system32\DRIVERS\btwrchid.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-12-30 00:36 - 2016-12-30 00:41 - 00029909 _____ C:\Users\Tomasz J\Desktop\FRST.txt 2016-12-30 00:34 - 2016-12-30 00:35 - 02420736 _____ (Farbar) C:\Users\Tomasz J\Desktop\FRST64 (1).exe 2016-12-30 00:34 - 2016-12-30 00:34 - 00380928 _____ C:\Users\Tomasz J\Desktop\igf3dvbo.exe 2016-12-29 22:59 - 2016-12-29 23:03 - 00000000 ____D C:\Users\Tomasz J\Desktop\VW Golf 2016-12-12 19:19 - 2016-12-12 19:19 - 00000000 ____D C:\Users\Tomasz J\WLSCompanion ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-12-30 00:36 - 2015-07-06 12:14 - 00000000 ____D C:\FRST 2016-12-30 00:35 - 2009-07-14 05:45 - 00017296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-12-30 00:35 - 2009-07-14 05:45 - 00017296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-12-30 00:32 - 2009-07-14 18:55 - 00786982 _____ C:\Windows\system32\perfh015.dat 2016-12-30 00:32 - 2009-07-14 18:55 - 00174354 _____ C:\Windows\system32\perfc015.dat 2016-12-30 00:32 - 2009-07-14 06:13 - 01791178 _____ C:\Windows\system32\PerfStringBackup.INI 2016-12-30 00:32 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-12-30 00:25 - 2016-10-19 15:51 - 00000000 ____D C:\ProgramData\OnlineUpdate 2016-12-30 00:25 - 2014-06-12 15:57 - 00065536 _____ C:\Windows\system32\Ikeext.etl 2016-12-30 00:25 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-12-30 00:08 - 2014-08-08 19:31 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-12-30 00:04 - 2016-11-02 11:49 - 00353280 ___SH C:\Users\Tomasz J\Desktop\Thumbs.db 2016-12-29 23:57 - 2016-02-19 23:12 - 00000000 ____D C:\Users\Tomasz J\AppData\Roaming\uTorrent 2016-12-29 23:57 - 2014-08-22 17:43 - 00000000 ____D C:\Users\Tomasz J\AppData\Local\CrashDumps 2016-12-29 18:54 - 2014-08-30 10:25 - 00000000 ____D C:\Users\Tomasz J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo 2016-12-29 18:54 - 2013-08-10 18:26 - 00000000 ____D C:\Users\Tomasz J\AppData\Local\Deployment 2016-12-28 20:19 - 2013-08-24 15:42 - 00000000 ____D C:\Users\Tomasz J\AppData\Roaming\vlc 2016-12-28 19:05 - 2015-06-07 17:50 - 00000000 ____D C:\Users\Tomasz J\AppData\Roaming\dvdcss 2016-12-28 14:22 - 2016-01-30 16:34 - 00000000 ____D C:\Users\Tomasz J\Desktop\CV 2016-12-27 23:20 - 2015-12-18 12:27 - 00000000 ___RD C:\Users\Tomasz J\Dropbox 2016-12-24 17:22 - 2016-07-18 17:42 - 00000992 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job 2016-12-24 17:19 - 2014-07-21 13:56 - 00000000 ____D C:\Users\Tomasz J\Documents\FIFA 14 2016-12-22 16:09 - 2016-07-18 16:44 - 00003898 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1468856648 2016-12-22 16:09 - 2016-07-18 16:43 - 00000000 ____D C:\Program Files (x86)\Opera 2016-12-17 17:23 - 2013-08-15 13:31 - 00000000 ____D C:\Users\Tomasz J\AppData\Local\Adobe 2016-12-17 17:18 - 2016-07-18 17:42 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-12-17 17:18 - 2016-07-18 17:42 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-12-17 17:18 - 2016-07-18 17:42 - 00004002 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2016-12-17 17:18 - 2013-08-10 23:01 - 00000000 ____D C:\Windows\system32\Macromed 2016-12-17 17:18 - 2013-08-10 18:51 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2016-12-12 19:19 - 2013-08-10 17:36 - 00000000 ____D C:\Users\Tomasz J 2016-12-12 16:18 - 2009-07-14 06:08 - 00032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-12-10 12:18 - 2013-12-15 15:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-12-09 22:20 - 2015-06-26 10:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-12-09 17:31 - 2013-08-10 20:24 - 00000000 ____D C:\Users\Tomasz J\AppData\Roaming\Skype 2016-12-02 22:15 - 2016-06-17 17:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-10-22 22:29 - 2008-07-07 12:22 - 0000014 _____ () C:\Users\Tomasz J\AppData\Roaming\options.ini 2015-10-22 22:29 - 2012-07-07 12:04 - 0000003 _____ () C:\Users\Tomasz J\AppData\Roaming\options_pdfcombine.ini 2015-10-22 22:29 - 2013-02-23 11:15 - 0000003 _____ () C:\Users\Tomasz J\AppData\Roaming\options_pdfrotator.ini 2015-10-22 22:29 - 2015-10-22 22:43 - 0000017 _____ () C:\Users\Tomasz J\AppData\Roaming\pdfsound.dll 2015-10-22 22:29 - 2015-10-22 22:32 - 0000054 _____ () C:\Users\Tomasz J\AppData\Roaming\setting.ini 2015-10-22 22:29 - 2013-06-08 12:43 - 0000030 _____ () C:\Users\Tomasz J\AppData\Roaming\setup.ini 2015-10-22 22:29 - 2013-06-09 08:30 - 0000043 _____ () C:\Users\Tomasz J\AppData\Roaming\setup_pdfcombine.ini 2015-10-22 22:29 - 2013-06-09 09:34 - 0000043 _____ () C:\Users\Tomasz J\AppData\Roaming\setup_pdfrotator.ini 2014-08-25 12:26 - 2014-08-25 12:26 - 0000022 _____ () C:\Users\Tomasz J\AppData\Roaming\UserFlag.ini 2014-11-23 17:56 - 2016-03-11 21:27 - 0009728 _____ () C:\Users\Tomasz J\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-12-17 22:30 - 2016-08-19 18:01 - 0007592 _____ () C:\Users\Tomasz J\AppData\Local\Resmon.ResmonCfg 2015-10-02 17:01 - 2015-10-02 17:01 - 0000057 _____ () C:\ProgramData\Ament.ini 2013-08-10 18:47 - 2014-05-05 14:36 - 0002063 _____ () C:\ProgramData\hpzinstall.log 2013-11-22 22:41 - 2013-11-22 22:41 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-12-27 13:32 ==================== Koniec FRST.txt ============================