Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 15-03-2017 Uruchomiony przez Janusz042 (administrator) JANUSZ (22-03-2017 22:57:44) Uruchomiony z C:\Users\Janusz042\Downloads Załadowane profile: Janusz042 (Dostępne profile: Janusz042) Platform: Windows 8.1 (Update) (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe (McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\McCSPServiceHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Security) C:\Program Files\Common Files\McAfee\ClientAnalytics\McClientAnalytics.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8458968 2015-03-05] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2871464 2015-03-03] (Synaptics Incorporated) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [654088 2015-02-17] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-03-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated) HKLM-x32\...\RunOnce: [] => [X] HKU\S-1-5-21-1938300165-2202748068-3723635383-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-06] (Disc Soft Ltd) HKU\S-1-5-21-1938300165-2202748068-3723635383-1002\...\MountPoints2: {4e15b4fb-0d9f-11e7-8289-48e2442d6aa0} - "G:\setup.exe" HKU\S-1-5-21-1938300165-2202748068-3723635383-1002\...\MountPoints2: {4e15b50a-0d9f-11e7-8289-48e2442d6aa0} - "H:\setup.exe" HKU\S-1-5-21-1938300165-2202748068-3723635383-1002\...\MountPoints2: {98461f83-c500-11e5-8264-48e2442d6aa0} - "F:\AutoRun.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CLS 2014.10.lnk [2017-02-08] ShortcutTarget: CLS 2014.10.lnk -> C:\Program Files (x86)\Common Files\Planit\2014.10\CLS\cls.exe (Planit Software Limited) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{1475AF30-7B1F-4027-A2A5-1B797FC1D517}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{DFFAC06E-038D-4F18-9C5C-C9F2E03F560A}: [DhcpNameServer] 86.63.64.48 86.63.64.49 Tcpip\..\Interfaces\{EB4C3F07-961E-4C73-AD59-7D26EAE5A8C6}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13-comm.msn.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13-comm.msn.com HKU\S-1-5-21-1938300165-2202748068-3723635383-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp13-comm.msn.com/ HKU\S-1-5-21-1938300165-2202748068-3723635383-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13-comm.msn.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-11-21] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-11-21] (McAfee, Inc.) FireFox: ======== FF DefaultProfile: j6arhlru.default FF ProfilePath: C:\Users\Janusz042\AppData\Roaming\Mozilla\Firefox\Profiles\j6arhlru.default [2017-03-10] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-02-11] [Brak podpisu cyfrowego] FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-11-21] () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-11-21] () FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npEModelPlugin.dll [2009-12-09] (Dassault Systèmes SolidWorks Corp.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2008-06-11] (Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default [2017-03-22] CHR Extension: (Prezentacje Google) - C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-20] CHR Extension: (Dokumenty Google) - C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-20] CHR Extension: (Dysk Google) - C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-20] CHR Extension: (YouTube) - C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-20] CHR Extension: (Arkusze Google) - C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-20] CHR Extension: (Dokumenty Google offline) - C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-23] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10] CHR Extension: (Gmail) - C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-20] CHR Extension: (Chrome Media Router) - C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-11] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S2 AdaptiveSleepService; c:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2015-03-04] () [Brak podpisu cyfrowego] S2 AMD FUEL Service; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-03-04] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] S2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [108248 2015-02-05] () S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-06] (Disc Soft Ltd) S2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe [153600 2010-09-17] (Firebird Project) [Brak podpisu cyfrowego] S3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe [5624320 2010-09-17] (Firebird Project) [Brak podpisu cyfrowego] R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.) S2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Development Company, L.P.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [994848 2016-11-21] (McAfee, Inc.) S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [332528 2014-03-12] (McAfee, Inc.) R2 mcbootdelaystartsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe [1910000 2016-05-31] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.) S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [816128 2016-06-21] (McAfee, Inc.) S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.) R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-04-26] (McAfee, Inc.) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-08-02] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [277744 2016-04-26] (McAfee, Inc.) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1454216 2016-09-13] (McAfee, Inc.) S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.) R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1045336 2016-05-25] (Intel Security, Inc.) S2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] () S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [293080 2015-03-05] (Realtek Semiconductor) S2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-06-09] () S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2017-02-08] (SolidWorks) [Brak podpisu cyfrowego] S2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [220840 2015-03-03] (Synaptics Incorporated) S2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [51712 2015-03-27] (Advanced Micro Devices, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17640 2015-03-27] (Advanced Micro Devices, INC.) S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [92360 2015-03-27] (Advanced Micro Devices, Inc. ) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2015-03-27] (Advanced Micro Devices, Inc.) R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [264392 2015-03-27] (Advanced Micro Devices, Inc. ) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2015-03-27] (Advanced Micro Devices) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [78632 2016-08-02] (McAfee, Inc.) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink) S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider) S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-03-21] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-03-21] (Disc Soft Ltd) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77408 2017-02-24] () S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.) R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [186304 2017-03-22] (Malwarebytes) R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [111544 2017-03-22] (Malwarebytes) R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-03-22] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-22] (Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [92088 2017-03-22] (Malwarebytes) R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419624 2016-08-02] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [349480 2016-08-02] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83608 2016-08-02] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [493352 2016-08-02] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [843048 2016-08-02] (McAfee, Inc.) R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [519456 2016-08-01] (McAfee, Inc.) S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [100136 2016-08-01] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [243496 2016-08-02] (McAfee, Inc.) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [590040 2015-01-19] (Realtek Semiconductor Corporation) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3494616 2015-03-05] (Realtek Semiconductor Corporation ) R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.) R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [33448 2015-03-03] (Synaptics Incorporated) S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33448 2015-03-03] (Synaptics Incorporated) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) R3 WinDriver6; C:\Windows\system32\drivers\windrvr6.sys [268800 2014-01-28] (Jungo Connectivity) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-03-22 22:57 - 2017-03-22 22:58 - 00020880 _____ C:\Users\Janusz042\Downloads\FRST.txt 2017-03-22 20:53 - 2017-03-22 20:53 - 00000000 ____D C:\KVRT_Data 2017-03-22 20:51 - 2017-03-22 20:52 - 110128608 _____ (Kaspersky Lab ZAO) C:\Users\Janusz042\Desktop\KVRT.exe 2017-03-22 20:50 - 2017-03-22 20:50 - 00455873 _____ C:\Users\Janusz042\Desktop\UsbFix_Report.txt 2017-03-22 20:44 - 2017-03-22 20:44 - 03820160 _____ (SOSVirus) C:\Users\Janusz042\Desktop\UsbFix_9.037.exe 2017-03-22 20:36 - 2017-03-22 20:36 - 00001463 _____ C:\Users\Janusz042\Desktop\UsbFix.lnk 2017-03-22 20:35 - 2017-03-22 20:35 - 03820152 _____ (SOSVirus) C:\Users\Janusz042\Desktop\UsbFix_9.036.exe 2017-03-22 20:20 - 2017-03-22 20:22 - 00003483 _____ C:\Users\Janusz042\Downloads\Fixlog.txt 2017-03-22 20:18 - 2017-03-22 20:18 - 00000000 _____ C:\Users\Janusz042\Downloads\Nowy dokument tekstowy.txt 2017-03-22 15:36 - 2017-03-22 15:37 - 00694389 _____ C:\Users\Janusz042\Desktop\Notatnik w Windows Forms.pdf 2017-03-22 15:21 - 2017-03-22 15:21 - 01203115 _____ C:\Users\Janusz042\Desktop\Sprawozdanie 1 - Dawid Warczak.pdf 2017-03-22 14:52 - 2017-03-22 15:10 - 01254177 _____ C:\Users\Janusz042\Desktop\Sprawozdanie 2 - Dawid Warczak.pdf 2017-03-22 14:46 - 2017-03-22 14:46 - 00013604 _____ C:\Users\Janusz042\Desktop\Stożek Comsol - Dawid Warczak.mph 2017-03-22 14:45 - 2017-03-22 14:46 - 00038638 _____ C:\Users\Janusz042\Desktop\Comsol młotek (SolidWorks) - Dawid Warczak.mph 2017-03-22 14:30 - 2017-03-22 14:30 - 00000000 ____D C:\Users\Janusz042\AppData\Roaming\DassaultSystemes 2017-03-22 14:30 - 2017-03-22 14:30 - 00000000 ____D C:\Users\Janusz042\AppData\Local\DassaultSystemes 2017-03-22 14:30 - 2017-03-22 14:30 - 00000000 ____D C:\ProgramData\DassaultSystemes 2017-03-22 13:52 - 2017-03-22 13:52 - 00012592 _____ C:\Users\Janusz042\Desktop\Kratownica - Dawid Warczak.mph 2017-03-22 13:41 - 2017-03-22 13:41 - 00305664 _____ C:\Users\Janusz042\Desktop\młotek.SLDPRT 2017-03-22 12:42 - 2017-03-22 12:42 - 00011606 _____ C:\Users\Janusz042\Desktop\Untitled.mph 2017-03-22 12:05 - 2017-03-22 12:05 - 00014499 _____ C:\Users\Janusz042\Desktop\Marcin Brzozowski żyletka.mph 2017-03-22 12:04 - 2017-03-22 12:04 - 00014429 _____ C:\Users\Janusz042\Desktop\Dawid Warczak Żyletka.mph 2017-03-22 09:04 - 2017-03-22 09:04 - 00000000 _____ C:\Users\Janusz042\Downloads\Marek Wiosna.txt 2017-03-22 08:59 - 2017-03-22 09:10 - 1127428915 _____ C:\Users\Janusz042\Downloads\MATLAB R2016b.part05.rar 2017-03-22 00:20 - 2017-03-22 00:28 - 1127428915 _____ C:\Users\Janusz042\Downloads\Matlab 2016a 64bit crack.part4.rar 2017-03-22 00:13 - 2017-03-22 00:20 - 1127428915 _____ C:\Users\Janusz042\Downloads\Matlab 2016a 64bit crack.part3.rar 2017-03-22 00:06 - 2017-03-22 00:13 - 1127428915 _____ C:\Users\Janusz042\Downloads\Matlab 2016a 64bit crack.part2.rar 2017-03-21 23:56 - 2017-03-22 00:06 - 1127428915 _____ C:\Users\Janusz042\Downloads\Matlab 2016a 64bit crack.part1.rar 2017-03-21 23:39 - 2017-03-21 23:39 - 00000000 ____D C:\ProgramData\Autodesk 2017-03-21 23:39 - 2017-03-21 23:39 - 00000000 ____D C:\Program Files\Autodesk 2017-03-21 23:33 - 2017-03-21 23:33 - 00002492 _____ C:\Users\Public\Desktop\COMSOL 5.2 Help Desk.lnk 2017-03-21 23:33 - 2017-03-21 23:33 - 00002364 _____ C:\Users\Public\Desktop\COMSOL Multiphysics 5.2.lnk 2017-03-21 22:54 - 2017-03-21 22:54 - 00000000 ____D C:\Program Files\COMSOL 2017-03-21 22:51 - 2017-03-22 09:20 - 00000000 ____D C:\Users\Janusz042\.comsol 2017-03-21 22:50 - 2017-03-21 22:50 - 00000000 ____D C:\Users\Janusz042\AppData\Local\Disc_Soft_Ltd 2017-03-21 22:46 - 2017-03-21 22:46 - 00047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys 2017-03-21 22:45 - 2017-03-21 22:49 - 00000000 ____D C:\Users\Janusz042\AppData\Roaming\DAEMON Tools Lite 2017-03-21 22:45 - 2017-03-21 22:46 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys 2017-03-21 22:45 - 2017-03-21 22:46 - 00000000 ____D C:\Program Files\DAEMON Tools Lite 2017-03-21 22:45 - 2017-03-21 22:45 - 00001792 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2017-03-21 22:45 - 2017-03-21 22:45 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images 2017-03-21 22:44 - 2017-03-21 22:44 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite 2017-03-21 22:42 - 2017-03-21 22:43 - 00694744 _____ (Disc Soft Ltd.) C:\Users\Janusz042\Downloads\DTLiteInstaller.exe 2017-03-21 22:40 - 2017-03-21 22:40 - 00001294 _____ C:\Users\Janusz042\Desktop\Kontynuuj instalację DAEMON Tools Lite 10.5.1.lnk 2017-03-21 19:54 - 2017-03-22 20:44 - 00000000 ____D C:\UsbFix 2017-03-21 19:42 - 2017-03-22 22:57 - 00000000 ____D C:\FRST 2017-03-21 19:41 - 2017-03-21 19:41 - 02424832 _____ (Farbar) C:\Users\Janusz042\Downloads\FRST64.exe 2017-03-21 19:40 - 2017-03-21 19:41 - 00008133 _____ C:\Users\Janusz042\Downloads\GMER.txt 2017-03-20 21:32 - 2017-03-20 21:32 - 00000638 _____ C:\DelFix.txt 2017-03-20 21:03 - 2017-03-20 21:03 - 00038526 _____ C:\Users\Janusz042\Desktop\HitmanPro_20170320_2103.txt 2017-03-20 20:53 - 2017-03-20 21:33 - 00000000 ____D C:\ProgramData\HitmanPro 2017-03-20 20:43 - 2017-03-20 20:43 - 11581544 _____ (SurfRight B.V.) C:\Users\Janusz042\Downloads\HitmanPro_x64.exe 2017-03-16 13:13 - 2017-03-21 22:34 - 00000000 ____D C:\Users\Janusz042\Downloads\Comsol 5.2 2017-03-16 10:41 - 2017-03-16 10:41 - 00055845 _____ C:\Users\Janusz042\Downloads\Harm._egzam._Mechatronika_MU_sem._zima_16_17 (1).pdf 2017-03-15 14:13 - 2017-02-23 15:50 - 00093360 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2017-03-15 14:13 - 2017-02-22 15:35 - 01609216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2017-03-15 14:13 - 2017-02-22 15:35 - 01286144 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2017-03-15 14:13 - 2017-02-22 15:35 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2017-03-15 14:13 - 2017-02-22 15:35 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2017-03-15 14:13 - 2017-02-22 15:35 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2017-03-15 14:13 - 2017-02-22 15:35 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2017-03-15 14:13 - 2017-02-22 15:35 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2017-03-15 14:13 - 2017-02-22 15:35 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2017-03-15 14:13 - 2016-06-03 18:11 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2017-03-15 13:18 - 2017-03-04 08:59 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2017-03-15 13:18 - 2017-02-11 06:12 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2017-03-15 13:18 - 2017-02-10 06:09 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2017-03-15 13:17 - 2017-03-04 09:01 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2017-03-15 13:17 - 2017-03-04 08:48 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2017-03-15 13:17 - 2017-03-04 08:45 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2017-03-15 13:17 - 2017-03-04 08:44 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2017-03-15 13:17 - 2017-03-04 08:31 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2017-03-15 13:17 - 2017-03-04 08:05 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2017-03-15 13:17 - 2017-03-04 07:54 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2017-03-15 13:17 - 2017-03-04 07:26 - 15259648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2017-03-15 13:17 - 2017-03-04 07:25 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2017-03-15 13:17 - 2017-03-04 07:12 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2017-03-15 13:17 - 2017-03-04 07:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2017-03-15 13:17 - 2017-03-04 05:18 - 20281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-03-15 13:17 - 2017-03-02 19:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2017-03-15 13:17 - 2017-03-02 18:55 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2017-03-15 13:17 - 2017-03-02 18:49 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2017-03-15 13:17 - 2017-03-02 18:25 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2017-03-15 13:17 - 2017-03-02 18:22 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2017-03-15 13:17 - 2017-03-02 18:19 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2017-03-15 13:17 - 2017-03-02 18:11 - 13654528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-03-15 13:17 - 2017-03-02 17:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-03-15 13:17 - 2017-03-02 17:50 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-03-15 13:17 - 2017-03-02 17:50 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2017-03-15 13:17 - 2017-02-11 20:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2017-03-15 13:17 - 2017-02-11 06:12 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2017-03-15 13:17 - 2017-02-11 06:00 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2017-03-15 13:17 - 2017-02-11 05:58 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2017-03-15 13:17 - 2017-02-11 05:56 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2017-03-15 13:17 - 2017-02-10 20:09 - 04169728 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2017-03-15 13:17 - 2017-02-10 06:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2017-03-15 13:17 - 2017-02-10 06:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2017-03-15 13:17 - 2017-02-10 06:08 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2017-03-15 13:17 - 2017-02-10 06:01 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2017-03-15 13:17 - 2017-02-10 06:00 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2017-03-15 13:17 - 2017-02-10 05:59 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2017-03-15 13:17 - 2017-02-10 02:31 - 01549144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2017-03-15 13:17 - 2017-02-10 01:12 - 01375960 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2017-03-15 13:17 - 2017-02-09 16:28 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2017-03-15 13:17 - 2017-02-09 16:19 - 01377792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2017-03-15 13:17 - 2017-02-09 16:16 - 01560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2017-03-15 13:17 - 2017-02-09 16:16 - 01094656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2017-03-15 13:17 - 2017-02-09 15:59 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2017-03-15 13:17 - 2017-02-09 15:58 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll 2017-03-15 13:17 - 2017-02-09 15:58 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll 2017-03-15 13:17 - 2017-02-04 21:32 - 07444832 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2017-03-15 13:17 - 2017-02-04 21:30 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2017-03-15 13:17 - 2017-02-04 21:30 - 01523216 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2017-03-15 13:17 - 2017-02-04 21:30 - 01490128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2017-03-15 13:17 - 2017-02-04 21:30 - 01358960 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2017-03-15 13:17 - 2017-02-04 20:32 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll 2017-03-15 13:17 - 2017-02-04 20:30 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2017-03-15 13:17 - 2017-02-04 19:14 - 01001472 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe 2017-03-15 13:17 - 2017-02-04 18:50 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll 2017-03-15 13:17 - 2017-02-04 18:40 - 01754112 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2017-03-15 13:17 - 2017-02-04 18:32 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll 2017-03-15 13:17 - 2017-02-04 18:17 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll 2017-03-15 13:17 - 2017-02-04 18:10 - 01491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2017-03-15 13:17 - 2017-02-04 18:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll 2017-03-15 13:17 - 2017-01-21 22:37 - 00567152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2017-03-15 13:17 - 2017-01-21 20:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2017-03-15 13:17 - 2017-01-21 20:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2017-03-15 13:17 - 2017-01-21 20:22 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2017-03-15 13:17 - 2017-01-21 20:20 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2017-03-15 13:17 - 2017-01-21 19:40 - 00756736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2017-03-15 13:17 - 2017-01-21 19:40 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2017-03-15 13:17 - 2017-01-21 19:37 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2017-03-15 13:17 - 2017-01-21 18:58 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2017-03-15 13:17 - 2017-01-21 18:48 - 01437696 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2017-03-15 13:17 - 2017-01-14 18:49 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe 2017-03-15 13:17 - 2017-01-11 20:37 - 02345984 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2017-03-15 13:17 - 2017-01-10 20:08 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2017-03-15 13:17 - 2017-01-05 19:20 - 01697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2017-03-15 13:17 - 2017-01-05 19:09 - 07076864 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll 2017-03-15 13:17 - 2017-01-05 18:36 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2017-03-15 13:17 - 2017-01-05 18:29 - 05273600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll 2017-03-15 13:17 - 2017-01-05 18:13 - 07796224 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2017-03-15 13:17 - 2017-01-05 17:57 - 05268480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2017-03-15 13:17 - 2016-11-09 20:22 - 00681472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2017-03-14 15:06 - 2017-03-14 15:07 - 00694389 _____ C:\Users\Janusz042\Downloads\Notatnik w Windows Forms (1).pdf 2017-03-10 22:43 - 2017-03-22 20:38 - 00092088 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2017-03-10 22:43 - 2017-03-22 20:25 - 00251840 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-03-10 22:43 - 2017-03-22 20:25 - 00186304 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys 2017-03-10 22:43 - 2017-03-22 20:25 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2017-03-10 22:43 - 2017-03-22 20:25 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2017-03-10 22:43 - 2017-03-10 22:43 - 00001890 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-03-10 22:43 - 2017-03-10 22:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-03-10 22:43 - 2017-02-24 06:23 - 00077408 _____ C:\Windows\system32\Drivers\mbae64.sys 2017-03-10 22:42 - 2017-03-10 22:42 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-03-10 22:42 - 2017-03-10 22:42 - 00000000 ____D C:\Program Files\Malwarebytes 2017-03-10 22:41 - 2017-03-10 22:42 - 57131432 _____ (Malwarebytes ) C:\Users\Janusz042\Downloads\mb3-setup-consumer-3.0.6.1469-1075.exe 2017-03-10 22:40 - 2017-03-10 22:40 - 00000000 ____D C:\Users\Janusz042\AppData\Local\ElevatedDiagnostics 2017-03-08 21:50 - 2017-03-08 21:50 - 00191638 _____ C:\Users\Janusz042\Downloads\Matlab zadania 2 2016.pdf 2017-03-08 21:49 - 2017-03-08 21:49 - 00200451 _____ C:\Users\Janusz042\Downloads\22(2006)_art21_Oprogramowan.pdf 2017-03-08 21:23 - 2017-03-08 21:23 - 00462252 _____ C:\Users\Janusz042\Downloads\Cyfrowe przetwarzanie sygnałów zadania i odpowiedzi.pdf 2017-03-08 20:42 - 2017-03-08 20:42 - 00694389 _____ C:\Users\Janusz042\Downloads\Notatnik w Windows Forms.pdf 2017-03-01 19:15 - 2017-03-01 19:15 - 00371282 _____ C:\Users\Janusz042\Downloads\gmer.zip 2017-02-25 17:38 - 2017-02-25 17:38 - 00736831 _____ C:\Users\Janusz042\Downloads\Certyfikat.pdf 2017-02-25 17:35 - 2017-02-25 17:35 - 00035656 _____ C:\Users\Janusz042\Downloads\faktura-04-08-2016.pdf 2017-02-25 14:27 - 2017-02-25 14:27 - 00111222 _____ C:\Users\Janusz042\Downloads\Harm._egzam._Mechatronika_.pdf 2017-02-25 14:26 - 2017-02-25 14:26 - 00055845 _____ C:\Users\Janusz042\Downloads\Harm._egzam._Mechatronika_MU_sem._zima_16_17.pdf 2017-02-25 13:45 - 2017-02-25 13:45 - 00020373 _____ C:\Users\Janusz042\Downloads\2017_tematy_prac_dyplomowych_I14_mechatronika.zip 2017-02-24 21:04 - 2017-02-24 21:04 - 00156453 _____ C:\Users\Janusz042\Downloads\deklaracja_o_podjeciu_studiow_ukw.pdf 2017-02-24 20:54 - 2017-02-24 20:54 - 00091000 _____ C:\Users\Janusz042\Downloads\podanie.pdf 2017-02-24 19:15 - 2017-02-24 19:15 - 00671679 _____ C:\Users\Janusz042\Downloads\Harmonogramy Mecharonika stacj201415.zip 2017-02-24 10:39 - 2017-02-24 10:39 - 00059474 _____ C:\Users\Janusz042\Downloads\Potwierdzenie przelewu.pdf 2017-02-24 10:29 - 2017-02-24 10:29 - 00000000 ____D C:\Users\Janusz042\Downloads\Zdjęcia do legitymacji - magisterka 2017-02-24 09:23 - 2017-02-24 09:23 - 00283390 _____ C:\Users\Janusz042\Downloads\Wymagania zdjęcia.pdf 2017-02-23 22:20 - 2017-03-22 20:29 - 00000000 ____D C:\Users\Janusz042\Documents\Youcam 2017-02-23 22:01 - 2017-02-25 14:19 - 00000000 ____D C:\Users\Janusz042\Downloads\Skany - Państwowy Powiatowy Inspektor Sanitarny 2017-02-23 21:37 - 2017-02-23 21:38 - 00000000 ____D C:\Users\Janusz042\Downloads\Uczelnia 2017-02-23 21:36 - 2017-02-23 22:07 - 00000000 ____D C:\Users\Janusz042\Downloads\Projekty Arduino 2017-02-23 21:30 - 2017-03-08 20:22 - 00000000 ____D C:\Users\Janusz042\Downloads\Praca Unilever 2017-02-23 21:25 - 2017-02-25 14:19 - 00000000 ____D C:\Users\Janusz042\Downloads\Praca inżynierska - wersje próbne 2017-02-23 21:22 - 2017-02-25 14:19 - 00000000 ____D C:\Users\Janusz042\Downloads\Przyczepy Dania 2017-02-23 20:52 - 2017-02-23 22:10 - 00000000 ____D C:\Users\Janusz042\Downloads\Umowa budowy przyczepy 2017-02-23 19:06 - 2017-02-23 19:07 - 00000023 _____ C:\Users\Janusz042\Downloads\Pytanie do odzyskiwania hasła do logowania na studia.txt 2017-02-20 23:54 - 2017-02-20 23:55 - 00000000 ____D C:\Users\Janusz042\AppData\Roaming\Nero 2017-02-20 23:51 - 2017-02-20 23:51 - 00000000 ____D C:\Windows\System32\Tasks\Nero 2017-02-20 23:47 - 2017-02-20 23:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2017 2017-02-20 23:46 - 2017-02-20 23:53 - 00000000 ____D C:\ProgramData\Nero 2017-02-20 23:46 - 2017-02-20 23:52 - 00000000 ____D C:\Program Files (x86)\Nero 2017-02-20 23:46 - 2017-02-20 23:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2017-02-20 23:13 - 2017-02-23 22:15 - 00000000 ____D C:\Users\Janusz042\Downloads\Praca inżynierska 2017-02-20 19:45 - 2017-02-20 19:45 - 00000000 ____D C:\Program Files (x86)\MSECache ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-03-22 22:56 - 2016-05-09 12:06 - 01529856 ___SH C:\Users\Janusz042\Downloads\Thumbs.db 2017-03-22 22:52 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache 2017-03-22 21:23 - 2016-01-27 15:29 - 00003992 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{8ACAD9A0-9839-4A58-9B67-6DB1F9632B05} 2017-03-22 20:50 - 2016-01-27 15:28 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1938300165-2202748068-3723635383-1002 2017-03-22 20:45 - 2015-11-11 23:35 - 01380822 _____ C:\Windows\SysWOW64\rootpa.e2e 2017-03-22 20:29 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf 2017-03-22 20:26 - 2016-05-18 08:30 - 00717312 ___SH C:\Users\Janusz042\Desktop\Thumbs.db 2017-03-22 20:24 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-03-22 20:23 - 2015-11-11 23:26 - 00065536 _____ C:\Windows\system32\spu_storage.bin 2017-03-22 20:15 - 2015-04-15 02:43 - 00839840 _____ C:\Windows\system32\perfh015.dat 2017-03-22 20:15 - 2015-04-15 02:43 - 00179982 _____ C:\Windows\system32\perfc015.dat 2017-03-22 20:15 - 2014-11-21 05:42 - 01967966 _____ C:\Windows\system32\PerfStringBackup.INI 2017-03-21 23:42 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2017-03-21 22:57 - 2015-04-14 17:59 - 00000000 ____D C:\ProgramData\Package Cache 2017-03-21 22:51 - 2016-01-27 15:22 - 00000000 ____D C:\Users\Janusz042 2017-03-20 20:04 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM 2017-03-20 20:02 - 2013-08-22 15:44 - 00498240 _____ C:\Windows\system32\FNTCACHE.DAT 2017-03-20 19:52 - 2016-02-05 01:00 - 00000000 ____D C:\Windows\system32\appraiser 2017-03-18 03:25 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp 2017-03-18 03:24 - 2016-02-03 23:51 - 00000000 ____D C:\Windows\system32\MRT 2017-03-18 03:15 - 2016-02-03 23:51 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-03-15 10:38 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps 2017-03-15 10:38 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness 2017-03-15 09:02 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF 2017-03-10 22:32 - 2016-11-01 04:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-03-10 22:32 - 2016-06-18 12:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-03-10 05:34 - 2016-11-12 13:54 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-03-10 05:34 - 2016-11-12 13:54 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-03-08 20:33 - 2017-02-03 15:11 - 00128344 _____ C:\Users\Janusz042\AppData\Local\GDIPFONTCACHEV1.DAT 2017-02-28 18:57 - 2016-11-20 15:23 - 00000000 ____D C:\Users\Janusz042\AppData\LocalLow\Mozilla 2017-02-25 14:19 - 2016-06-29 13:02 - 00000000 ____D C:\Users\Janusz042\Downloads\Siłownia 2017-02-23 22:37 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\System 2017-02-23 22:36 - 2017-02-08 00:18 - 00000000 ____D C:\Users\Public\SURFCAM (x86) 2017-02-23 22:04 - 2016-03-20 12:55 - 00000000 ____D C:\Users\Janusz042\Downloads\Fotki przyczep 2017-02-23 21:45 - 2016-06-29 12:55 - 00000000 ____D C:\Users\Janusz042\Downloads\Fotki 2017-02-23 21:14 - 2016-12-30 10:06 - 00000000 ____D C:\Users\Janusz042\Downloads\Faktury centrum wypoczynkowe 2017-02-23 20:45 - 2016-01-27 15:22 - 00000000 ____D C:\Users\Janusz042\AppData\Local\Packages 2017-02-20 19:18 - 2016-04-04 12:53 - 00000000 ____D C:\Users\Janusz042\AppData\Local\Microsoft Help ==================== Pliki w katalogu głównym wybranych folderów ======= 2017-02-12 15:06 - 2017-02-12 15:06 - 0000057 _____ () C:\ProgramData\Ament.ini 2017-02-12 14:53 - 2017-02-12 14:54 - 0000317 _____ () C:\ProgramData\hpzinstall.log ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-03-18 03:15 ==================== Koniec FRST.txt ============================