Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja: 26-12-2017 Uruchomiony przez T500 (administrator) LENOVO (27-12-2017 22:46:16) Uruchomiony z C:\Users\T500\Downloads Załadowane profile: T500 (Dostępne profile: T500 & DefaultAppPool) Platform: Microsoft Windows 10 Home Wersja 1703 15063.786 (X86) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () C:\WINDOWS\System32\DTS.exe (Lenovo.) C:\WINDOWS\System32\ibmpmsvc.exe (Lenovo.) C:\WINDOWS\System32\LPlatSvc.exe (AuthenTec, Inc.) C:\WINDOWS\System32\AtService.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe (Microsoft) C:\Program Files\Softland\novaPDF 9\Server\novapdfs.exe (Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe (DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe () C:\Program Files\Mobile Broadband Drivers\WMCore\mini_WMCore.exe (Lenovo.) C:\WINDOWS\System32\LPlatSvc.exe (Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Avanquest Software ) C:\Program Files\Digital Line Detect\DLG.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe () C:\Program Files\FastStone Capture\FSCapture.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x86__kzf8qxf38zg5c\SkypeHost.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (HP Inc.) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe (Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe (Microsoft Corporation) C:\WINDOWS\WinSxS\x86_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.724_none_426beb07752ce257\TiWorker.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Farbar) C:\Users\T500\Downloads\FRST (1).exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [485280 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [picon] => C:\Program Files\Common Files\Intel\Privacy Icon\PIconStartup.exe [111640 2010-02-04] () HKLM\...\Run: [FingerPrintSoftware] => C:\Program Files\Lenovo Fingerprint Software\fpapp.exe [1582920 2011-05-31] (AuthenTec) HKLM\...\Run: [FingerPrintSoftwareSplashScreen] => C:\Program Files\Lenovo Fingerprint Software\SplashScreen.exe [102400 2011-05-31] (AuthenTec, Inc.) HKLM\...\Run: [ATUpdatePBA.ltp] => C:\Windows\system32\ATUpdatePBA.exe [227144 2011-05-31] (AuthenTec, Inc.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] () HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2379504 2013-04-24] (Synaptics Incorporated) HKU\S-1-5-21-1500825603-450778821-1061133333-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Technologies S.A.) HKU\S-1-5-21-1500825603-450778821-1061133333-1000\...\Policies\Explorer: [DisallowCpl] 1 Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk [2015-12-11] ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software ) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-02-14] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\Users\T500\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk [2016-02-07] ShortcutTarget: FastStone Capture.lnk -> C:\Program Files\FastStone Capture\FSCapture.exe () ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 62.179.1.63 62.179.1.62 Tcpip\..\Interfaces\{40af0bf4-5639-4d11-a826-fd9039b15501}: [DhcpNameServer] 212.2.96.51 212.2.96.52 Tcpip\..\Interfaces\{68b2a470-d014-46b9-bd7e-1ad538371fce}: [DhcpNameServer] 62.179.1.63 62.179.1.62 Internet Explorer: ================== BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-08-16] (Google Inc.) BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-08-16] (Google Inc.) Toolbar: HKU\S-1-5-21-1500825603-450778821-1061133333-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-08-16] (Google Inc.) FireFox: ======== FF ProfilePath: C:\Users\T500\AppData\Roaming\Mozilla\Firefox\Profiles\jl013tnz.default-1461487752227 [2017-12-24] FF Extension: (Adblock Plus) - C:\Users\T500\AppData\Roaming\Mozilla\Firefox\Profiles\jl013tnz.default-1461487752227\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-24] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_24_0_0_186.dll [2017-01-02] () FF Plugin: @cuminas.jp/DjVuPlugin -> C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-03] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-03] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\T500\AppData\Local\Google\Chrome\User Data\Default [2017-12-27] CHR Extension: (Prezentacje) - C:\Users\T500\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14] CHR Extension: (Dokumenty) - C:\Users\T500\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14] CHR Extension: (Dysk Google) - C:\Users\T500\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-11] CHR Extension: (YouTube) - C:\Users\T500\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-11] CHR Extension: (Google Search) - C:\Users\T500\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-11] CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\T500\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2016-10-09] CHR Extension: (Arkusze) - C:\Users\T500\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14] CHR Extension: (User-Agent Switcher for Google Chrome) - C:\Users\T500\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffhkkpnppgnfaobgihpdblnhmmbodake [2017-11-08] CHR Extension: (Dokumenty Google offline) - C:\Users\T500\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16] CHR Extension: (Referer Control) - C:\Users\T500\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnkcfpcejkafcihlgbojoidoihckciin [2017-05-03] CHR Extension: (DjVu Viewer Extension) - C:\Users\T500\AppData\Local\Google\Chrome\User Data\Default\Extensions\jghccooedabolhnplggblcggcbplekbk [2016-12-26] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\T500\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24] CHR Extension: (Gmail) - C:\Users\T500\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-11] CHR Extension: (Chrome Media Router) - C:\Users\T500\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-17] CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 ADMonitor; C:\Windows\system32\ADMonitor.exe [106496 2011-05-31] () [Brak podpisu cyfrowego] S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [1128944 2017-12-14] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [490968 2017-12-14] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [490968 2017-12-14] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [1526832 2017-12-14] (Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [434248 2017-11-06] (Avira Operations GmbH & Co. KG) R2 dtsvc; C:\Windows\system32\DTS.exe [98304 2011-05-31] () [Brak podpisu cyfrowego] R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.) R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc.) R2 LPlatSvc; C:\WINDOWS\system32\LPlatSvc.exe [694272 2016-06-23] (Lenovo.) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2009-05-14] (Hewlett-Packard) [Brak podpisu cyfrowego] R2 NovaPdf9Server; C:\Program Files\Softland\novaPDF 9\Server\novapdfs.exe [56248 2017-11-21] (Microsoft) R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [51112 2016-06-17] (Microsoft) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2009-05-14] (Hewlett-Packard) [Brak podpisu cyfrowego] R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [265352 2017-03-18] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [82488 2017-07-14] (Microsoft Corporation) R2 WMCoreService; C:\Program Files\Mobile Broadband Drivers\WMCore\mini_WMCore.exe [430080 2009-09-24] () [Brak podpisu cyfrowego] ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [54088 2017-06-16] (Avira Operations GmbH & Co. KG) R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [147576 2017-12-14] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [167272 2017-12-14] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [53256 2017-03-02] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [77560 2017-03-02] (Avira Operations GmbH & Co. KG) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [109184 2017-01-16] (Samsung Electronics Co., Ltd.) S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [137632 2012-10-19] (Windows (R) Win 7 DDK provider) S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [22432 2012-10-19] (Windows (R) Win 7 DDK provider) R3 e36gbus; C:\WINDOWS\System32\drivers\e36gbus.sys [285056 2009-06-30] (MCCI Corporation) R3 e36gmdfl; C:\WINDOWS\system32\DRIVERS\e36gmdfl.sys [14848 2009-06-30] (MCCI Corporation) R3 e36gmdm; C:\WINDOWS\system32\DRIVERS\e36gmdm.sys [374272 2009-06-30] (MCCI Corporation) R3 e36gmgmt; C:\WINDOWS\system32\DRIVERS\e36gmgmt.sys [357376 2009-06-30] (MCCI Corporation) R3 e36wgps; C:\WINDOWS\system32\DRIVERS\e36wgps.sys [82984 2009-07-10] (Ericsson AB) R3 ecnssndis; C:\WINDOWS\System32\Drivers\wwanuss.sys [10240 2009-09-22] (Ericsson AB) R3 ecnssndisfltr; C:\WINDOWS\System32\Drivers\wwanussf.sys [14848 2009-09-22] (Ericsson AB) R3 NETwNs32; C:\WINDOWS\System32\drivers\NETwNs32.sys [7518208 2017-03-18] (Intel Corporation) S3 qcusbnet; C:\WINDOWS\System32\drivers\qcusbnet.sys [366136 2017-03-15] (QUALCOMM Incorporated) S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [216632 2017-03-15] (QUALCOMM Incorporated) R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [38640 2013-04-24] (Synaptics Incorporated) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [147072 2017-01-16] (Samsung Electronics Co., Ltd.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37464 2017-03-18] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [243104 2017-03-18] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [96672 2017-03-18] (Microsoft Corporation) R3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [160256 2017-03-18] (Microsoft Corporation) S3 WwanUsbServ; C:\WINDOWS\System32\drivers\WwanUsbMp.sys [216616 2009-09-22] (Ericsson AB) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-12-27 22:45 - 2017-12-27 22:46 - 000000000 ____D C:\FRST 2017-12-27 22:44 - 2017-12-27 22:44 - 001752064 _____ (Farbar) C:\Users\T500\Downloads\FRST (1).exe 2017-12-27 22:19 - 2017-12-14 21:21 - 000167272 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2017-12-27 22:19 - 2017-12-14 21:21 - 000147576 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2017-12-27 22:19 - 2017-06-16 14:03 - 000054088 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avdevprot.sys 2017-12-27 22:19 - 2017-06-16 14:03 - 000037472 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys 2017-12-27 22:19 - 2017-03-02 21:46 - 000077560 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys 2017-12-27 22:19 - 2017-03-02 21:46 - 000053256 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys 2017-12-27 21:44 - 2017-12-27 22:40 - 000000000 ___HD C:\$WINDOWS.~BT 2017-12-27 21:36 - 2017-12-27 21:36 - 000069559 _____ C:\Users\T500\Downloads\20755418_E_Faktura_20171125.pdf 2017-12-27 21:12 - 2017-12-27 21:12 - 006242320 _____ (Microsoft Corporation) C:\Users\T500\Downloads\Windows10Upgrade9252.exe 2017-12-27 21:12 - 2017-12-27 21:12 - 000000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk 2017-12-27 21:12 - 2017-12-27 21:12 - 000000719 _____ C:\Users\T500\Desktop\Windows 10 Update Assistant.lnk 2017-12-27 18:35 - 2017-12-27 18:35 - 000018454 _____ C:\Users\T500\Downloads\eMax_34179839_120901_171227.csv 2017-12-27 15:51 - 2017-12-27 22:28 - 001020849 _____ C:\Users\T500\Documents\budzet-domowy-2018-PLN-v4-1.xlsx 2017-12-27 15:31 - 2017-12-27 20:45 - 000953450 _____ C:\Users\T500\Documents\54-Szablon-budzet-domowy-2018-PLN-v4-1_starsza.xlsx 2017-12-27 13:51 - 2017-12-27 13:51 - 001039336 _____ C:\Users\T500\Downloads\54-Szablon-budzet-domowy-2018-PLN-v4-1.xlsx 2017-12-27 13:47 - 2017-12-27 20:45 - 000091031 _____ C:\Users\T500\Documents\2017_pensja+.xlsx 2017-12-27 13:44 - 2017-12-27 13:44 - 002701312 _____ C:\Users\T500\Downloads\54-Szablon-budzet-domowy-2018-PLN-v4-1.xls 2017-12-23 14:17 - 2017-12-23 14:17 - 000195346 _____ C:\Users\T500\Downloads\wu170509.diagcab 2017-12-20 09:22 - 2017-12-20 09:22 - 000175430 _____ C:\Users\T500\Documents\Praca na wok.pdf 2017-12-20 09:22 - 2017-12-20 09:22 - 000005772 _____ C:\Users\T500\Documents\Praca na wok.odt 2017-12-17 00:01 - 2017-12-17 00:01 - 000000085 _____ C:\Users\T500\Documents\ciekawe.txt 2017-12-14 20:50 - 2017-12-15 09:59 - 000000000 ____D C:\Users\T500\Documents\PSC 2017-12-13 08:33 - 2017-11-30 04:15 - 000034200 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe 2017-12-13 08:33 - 2017-11-30 04:04 - 005863320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-12-13 08:33 - 2017-11-30 04:04 - 000902896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2017-12-13 08:33 - 2017-11-30 04:04 - 000790816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2017-12-13 08:33 - 2017-11-30 04:00 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-12-13 08:33 - 2017-11-30 03:58 - 006763128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-12-13 08:33 - 2017-11-30 03:58 - 000702032 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2017-12-13 08:33 - 2017-11-30 03:57 - 001123968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2017-12-13 08:33 - 2017-11-30 03:43 - 020511232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-12-13 08:33 - 2017-11-30 03:43 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2017-12-13 08:33 - 2017-11-30 03:42 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll 2017-12-13 08:33 - 2017-11-30 03:42 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2017-12-13 08:33 - 2017-11-30 03:40 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll 2017-12-13 08:33 - 2017-11-30 03:39 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-12-13 08:33 - 2017-11-30 03:37 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-12-13 08:33 - 2017-11-30 03:36 - 001089536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2017-12-13 08:33 - 2017-11-30 03:34 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2017-12-13 08:33 - 2017-11-17 09:53 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2017-12-13 08:32 - 2017-11-30 03:44 - 019334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-12-13 08:32 - 2017-11-30 03:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2017-12-13 08:32 - 2017-11-30 03:42 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscript.ocx 2017-12-13 08:32 - 2017-11-30 03:42 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys 2017-12-13 08:32 - 2017-11-30 03:41 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe 2017-12-13 08:32 - 2017-11-30 03:40 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2017-12-13 08:32 - 2017-11-30 03:40 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll 2017-12-13 08:32 - 2017-11-30 03:40 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll 2017-12-13 08:32 - 2017-11-30 03:40 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe 2017-12-13 08:32 - 2017-11-30 03:39 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-12-13 08:32 - 2017-11-30 03:38 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-12-13 08:32 - 2017-11-30 03:38 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2017-12-13 08:32 - 2017-11-30 03:38 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2017-12-13 08:32 - 2017-11-30 03:37 - 006252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-12-13 08:32 - 2017-11-30 03:37 - 002373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-12-13 08:32 - 2017-11-30 03:37 - 002041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll 2017-12-13 08:32 - 2017-11-30 03:36 - 003652096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-12-13 08:32 - 2017-11-30 03:36 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-12-13 08:32 - 2017-11-30 03:36 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2017-12-13 08:32 - 2017-11-30 03:36 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-12-13 08:32 - 2017-11-30 03:35 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-12-13 08:32 - 2017-11-17 10:32 - 000116120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2017-12-13 08:32 - 2017-11-17 10:31 - 001927064 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2017-12-13 08:32 - 2017-11-17 10:31 - 001330072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2017-12-13 08:32 - 2017-11-17 10:31 - 000518040 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2017-12-13 08:32 - 2017-11-17 10:31 - 000497048 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2017-12-13 08:32 - 2017-11-17 10:31 - 000364440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll 2017-12-13 08:32 - 2017-11-17 10:31 - 000312216 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2017-12-13 08:32 - 2017-11-17 10:31 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2017-12-13 08:32 - 2017-11-17 10:31 - 000158616 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2017-12-13 08:32 - 2017-11-17 10:31 - 000060312 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll 2017-12-13 08:32 - 2017-11-17 10:31 - 000030616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2017-12-13 08:32 - 2017-11-17 10:24 - 000550296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2017-12-13 08:32 - 2017-11-17 10:17 - 000410520 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2017-12-13 08:32 - 2017-11-17 10:00 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-12-11 23:06 - 2017-12-22 23:03 - 000000229 _____ C:\Users\T500\Documents\piekne.txt 2017-12-05 20:10 - 2017-12-05 20:10 - 000000020 ___SH C:\Users\DefaultAppPool\ntuser.ini 2017-12-05 20:10 - 2017-12-05 20:10 - 000000000 ____D C:\Users\DefaultAppPool\AppData\Local\TileDataLayer 2017-12-05 19:58 - 2017-12-27 22:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\novaPDF 9 2017-12-05 19:53 - 2017-12-05 19:53 - 051127984 _____ (Softland) C:\Users\T500\Downloads\novapdf-full.exe ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-12-27 22:46 - 2016-11-06 15:56 - 000016147 _____ C:\Users\T500\Downloads\FRST.txt 2017-12-27 22:45 - 2017-07-14 16:13 - 004646882 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-12-27 22:45 - 2017-03-19 10:33 - 002230624 _____ C:\WINDOWS\system32\perfh015.dat 2017-12-27 22:45 - 2017-03-19 10:33 - 000588638 _____ C:\WINDOWS\system32\perfc015.dat 2017-12-27 22:44 - 2016-01-16 18:41 - 000000000 ____D C:\Users\T500\AppData\Roaming\Skype 2017-12-27 22:40 - 2017-07-14 16:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-12-27 22:40 - 2009-07-14 03:04 - 000000438 _____ C:\WINDOWS\win.ini 2017-12-27 22:39 - 2017-07-14 16:12 - 000000000 ____D C:\Program Files\CONEXANT 2017-12-27 22:39 - 2017-07-07 20:52 - 000000000 ____D C:\Program Files\UNP 2017-12-27 22:39 - 2017-03-18 19:23 - 000000000 __SHD C:\Program Files\Windows Sidebar 2017-12-27 22:39 - 2017-03-18 19:23 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2017-12-27 22:39 - 2017-03-18 19:23 - 000000000 ____D C:\WINDOWS\system32\spool 2017-12-27 22:39 - 2017-03-18 19:23 - 000000000 ____D C:\WINDOWS\system32\NDF 2017-12-27 22:39 - 2017-03-18 19:23 - 000000000 ____D C:\WINDOWS\system32\Macromed 2017-12-27 22:39 - 2017-03-18 19:23 - 000000000 ____D C:\WINDOWS\system32\IME 2017-12-27 22:39 - 2017-03-18 19:23 - 000000000 ____D C:\WINDOWS\schemas 2017-12-27 22:39 - 2017-03-18 19:23 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2017-12-27 22:39 - 2017-03-18 19:23 - 000000000 ____D C:\WINDOWS\ModemLogs 2017-12-27 22:39 - 2017-03-18 19:23 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2017-12-27 22:39 - 2017-03-18 19:23 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2017-12-27 22:39 - 2017-03-18 19:21 - 000000000 ____D C:\WINDOWS\INF 2017-12-27 22:39 - 2017-03-16 13:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2017-12-27 22:39 - 2017-02-27 00:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 2017-12-27 22:39 - 2017-02-09 07:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Odkurzacz 2017-12-27 22:39 - 2016-07-04 20:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\doPDF 8 2017-12-27 22:39 - 2016-04-27 05:19 - 000000000 ____D C:\WINDOWS\ShellNew 2017-12-27 22:39 - 2016-04-20 09:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-pity 2017-12-27 22:39 - 2016-03-23 00:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQuirreL SQL Client 2017-12-27 22:39 - 2016-02-14 16:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support 2017-12-27 22:39 - 2016-02-14 16:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2017-12-27 22:39 - 2016-02-13 18:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Testy Liwona kategoria B 2017-12-27 22:39 - 2016-02-13 13:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Money Plus 2017-12-27 22:39 - 2016-02-13 13:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2017-12-27 22:39 - 2016-02-07 14:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture 2017-12-27 22:39 - 2015-12-13 10:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartEncryptor 2017-12-27 22:39 - 2015-12-11 20:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management 2017-12-27 22:39 - 2015-12-11 19:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TN33 PCSC Driver 2017-12-27 22:39 - 2015-12-11 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetWaiting 2017-12-27 22:39 - 2015-12-11 18:57 - 000000000 ____D C:\WINDOWS\system32\Lang 2017-12-27 22:39 - 2015-12-11 18:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) Management and Security 2017-12-27 22:39 - 2015-12-11 18:57 - 000000000 ____D C:\Program Files\Intel 2017-12-27 22:39 - 2015-12-11 10:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2017-12-27 22:39 - 2015-12-11 10:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2017-12-27 22:39 - 2015-12-11 10:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-12-27 22:39 - 2015-12-11 10:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2017-12-27 22:39 - 2015-12-11 10:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-12-27 22:39 - 2015-12-11 10:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2017-12-27 22:37 - 2016-06-27 01:02 - 000000264 _____ C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job 2017-12-27 22:33 - 2017-03-18 07:02 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2017-12-27 22:28 - 2017-01-04 14:28 - 000000000 ____D C:\Users\T500\AppData\LocalLow\Mozilla 2017-12-27 22:26 - 2017-07-14 16:29 - 000001908 _____ C:\WINDOWS\diagwrn.xml 2017-12-27 22:26 - 2017-07-14 16:29 - 000001908 _____ C:\WINDOWS\diagerr.xml 2017-12-27 22:26 - 2017-07-13 04:56 - 000000000 ___DC C:\WINDOWS\Panther 2017-12-27 22:07 - 2017-03-18 19:23 - 000000000 ____D C:\WINDOWS\Registration 2017-12-27 21:44 - 2016-06-27 00:01 - 000000036 _____ C:\WINDOWS\progress.ini 2017-12-27 21:44 - 2016-06-26 23:51 - 000000000 ____D C:\Windows10Upgrade 2017-12-27 21:39 - 2016-06-26 23:52 - 000000000 ___HD C:\$GetCurrent 2017-12-27 21:02 - 2017-04-25 20:37 - 000000330 _____ C:\WINDOWS\Tasks\HPCeeScheduleForT500.job 2017-12-27 20:51 - 2017-07-14 16:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-12-26 11:13 - 2015-12-13 12:48 - 000000000 ____D C:\Users\T500\AppData\Local\ElevatedDiagnostics 2017-12-23 11:49 - 2017-03-18 19:23 - 000000000 ___HD C:\Program Files\WindowsApps 2017-12-23 11:49 - 2017-03-18 19:23 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-12-23 00:37 - 2015-12-13 12:15 - 000000000 ____D C:\ProgramData\Skype 2017-12-23 00:33 - 2017-07-14 16:46 - 000000000 ____D C:\WINDOWS\Minidump 2017-12-16 17:24 - 2017-03-18 19:23 - 000000000 ____D C:\WINDOWS\rescache 2017-12-15 09:13 - 2017-07-14 16:13 - 000000000 ____D C:\Users\T500 2017-12-15 09:13 - 2017-07-14 16:12 - 000260776 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-12-15 09:12 - 2017-06-16 12:59 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2 2017-12-15 09:12 - 2017-03-18 19:23 - 000000000 ____D C:\WINDOWS\system32\oobe 2017-12-14 10:57 - 2016-06-27 09:19 - 000000000 ____D C:\Users\T500\AppData\Local\Packages 2017-12-13 08:47 - 2017-03-18 19:14 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-12-13 08:44 - 2015-12-13 00:01 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-12-13 08:36 - 2017-10-12 06:51 - 130448288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe 2017-12-13 08:36 - 2015-12-13 00:01 - 130448288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-12-11 20:55 - 2015-12-11 10:26 - 000000000 ____D C:\Program Files\Mozilla Firefox 2017-12-06 11:45 - 2016-10-11 10:31 - 000000000 ___RD C:\Users\T500\Documents\Scanned Documents 2017-12-06 11:29 - 2017-08-26 10:11 - 000000300 _____ C:\Users\T500\Documents\mama.txt 2017-12-05 21:03 - 2016-02-17 20:34 - 000000000 ____D C:\Program Files\Mozilla Thunderbird 2017-12-05 20:10 - 2017-07-14 16:13 - 000000000 ____D C:\Users\DefaultAppPool 2017-12-05 19:58 - 2016-05-12 22:51 - 000000000 ____D C:\Users\T500\AppData\Roaming\Softland 2017-12-05 19:58 - 2015-12-13 10:50 - 000000000 ____D C:\ProgramData\Softland 2017-12-05 19:57 - 2015-12-13 10:49 - 000000000 ____D C:\Program Files\Softland 2017-12-05 19:57 - 2015-12-11 19:28 - 000000000 ____D C:\ProgramData\Package Cache 2017-12-02 03:25 - 2017-03-18 19:25 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2017-12-02 03:25 - 2017-03-18 19:25 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2017-12-01 06:56 - 2016-02-07 15:15 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk ==================== Pliki w katalogu głównym wybranych folderów ======= 2016-02-17 19:43 - 2016-02-17 19:43 - 000003255 _____ () C:\Users\T500\AppData\Local\unins000.dat 2016-02-17 19:43 - 2016-02-17 19:40 - 000707672 _____ () C:\Users\T500\AppData\Local\unins000.exe 2016-02-17 19:43 - 2016-02-17 19:43 - 000011761 _____ () C:\Users\T500\AppData\Local\unins000.msg ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-12-22 18:33 ==================== Koniec FRST.txt ============================