Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:31-08-2015 Uruchomiony przez hp (administrator) HPP (03-09-2015 21:16:56) Uruchomiony z C:\Users\hp\Downloads Załadowane profile: hp (Dostępne profile: hp) Platform: Windows 8.1 Connected (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Cinema PlusV03.09) C:\Program Files (x86)\CinemaP-1.9cV03.09\2566a48a-b564-48d2-a1fc-1f0d9dd5ac8b-1-6.exe (Cinema PlusV03.09) C:\Program Files (x86)\CinemaPlus-3.2cV03.09\1c5b1b42-bf41-45a8-86f7-d25c2df3b322-1-6.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe (Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe () C:\Program Files (x86)\BBDDA822-1441284769-E411-B3D7-ECB1D7DDA7B4\knsn4BF6.tmp (TODO: <公司名>) C:\Program Files (x86)\SFK\SSFK.exe (DTools LIMITED) C:\ProgramData\vWdsManProv\WdsManPro.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe () C:\Users\hp\AppData\Local\mbot_pl_014010079\upmbot_pl_014010079.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Cinema PlusV03.09) C:\Program Files (x86)\CinemaPlus-3.2cV03.09\1c5b1b42-bf41-45a8-86f7-d25c2df3b322-10.exe (Cinema PlusV03.09) C:\Program Files (x86)\CinemaP-1.9cV03.09\2566a48a-b564-48d2-a1fc-1f0d9dd5ac8b-10.exe () C:\Program Files (x86)\SFK\SFKEX64.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (YTDownloader) C:\Program Files (x86)\YTDownloader\YTDownloader.exe (SoftBrain Technologies Ltd.) C:\Users\hp\AppData\Local\SmartWeb\SmartWebHelper.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe () C:\Program Files (x86)\mbot_pl_014010079\mbot_pl_014010079.exe () C:\Program Files (x86)\gmsd_pl_005010079\gmsd_pl_005010079.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (OldTimer Tools) C:\Users\hp\Downloads\OTL.exe (Goobzo) C:\Program Files (x86)\YTDownloader\BrowserHelper.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (YTDownloader) C:\Program Files (x86)\YTDownloader\DownloadHelper.exe (SoftBrain Technologies Ltd.) C:\Users\hp\AppData\Local\SmartWeb\SmartWebApp.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510896 2014-01-14] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2803440 2013-12-13] (Synaptics Incorporated) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [164080 2015-06-27] (IvoSoft) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-10-08] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [mbot_pl_014010079] => C:\Program Files (x86)\mbot_pl_014010079\mbot_pl_014010079.exe [3981968 2015-09-03] () HKLM-x32\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1988528 2015-08-26] (YTDownloader) HKLM-x32\...\Run: [gmsd_pl_005010079] => C:\Program Files (x86)\gmsd_pl_005010079\gmsd_pl_005010079.exe [3982480 2015-09-03] () HKLM-x32\...\Run: [SmartWeb] => C:\Users\hp\AppData\Local\SmartWeb\SmartWebHelper.exe [270368 2015-02-17] (SoftBrain Technologies Ltd.) HKLM-x32\...\RunOnce: [upgmsd_pl_005010079.exe] => C:\Users\hp\AppData\Local\gmsd_pl_005010079\upgmsd_pl_005010079.exe [3314832 2015-09-03] () HKLM-x32\...\RunOnce: [upmbot_pl_014010079.exe] => C:\Users\hp\AppData\Local\mbot_pl_014010079\upmbot_pl_014010079.exe [3313296 2015-09-03] () Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer: [NoFolderOptions] 0 HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-278758963-410111004-4223012049-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53661824 2015-07-28] (Skype Technologies S.A.) HKU\S-1-5-21-278758963-410111004-4223012049-1001\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1988528 2015-08-26] (YTDownloader) HKU\S-1-5-21-278758963-410111004-4223012049-1001\...\Run: [GoogleChromeAutoLaunch_A661DB0586CA3BF53D62F47E004A49E1] => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe [770048 2015-05-11] (Crossbrowse) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-06-27] (IvoSoft) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-06-27] (IvoSoft) Startup: C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk [2015-09-03] ShortcutTarget: crossbrowse.lnk -> C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (Crossbrowse) Startup: C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk [2015-09-03] ShortcutTarget: SmartWeb.lnk -> C:\Users\hp\AppData\Local\SmartWeb\SmartWebHelper.exe (SoftBrain Technologies Ltd.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci..) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{27B2F08C-210B-4F8D-A028-0CF7A260760D}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPALL14/178 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPALL14/178 HKU\S-1-5-21-278758963-410111004-4223012049-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-278758963-410111004-4223012049-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPALL14/178 SearchScopes: HKLM -> {1DBE5094-F41C-4D8D-B0FD-35A85E46FB7E} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> {1DBE5094-F41C-4D8D-B0FD-35A85E46FB7E} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-278758963-410111004-4223012049-1001 -> {1DBE5094-F41C-4D8D-B0FD-35A85E46FB7E} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-06-27] (IvoSoft) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-06-27] (IvoSoft) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-06-27] (IvoSoft) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-06-27] (IvoSoft) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-06-27] (IvoSoft) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-06-27] (IvoSoft) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.oursurfing.com/?type=sc&ts=1441284587&z=add4c199e794fb79979927fgez0zegco0b5z4w9b5g&from=amt&uid=WDCXWD5000LPVX-60V0TT0_WD-WX81A943UT9D3UT9D FireFox: ======== FF ProfilePath: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\gpp65c2k.default FF NewTab: chrome://quick_start/content/index.html FF DefaultSearchEngine: mystartsearch FF SelectedSearchEngine: mystartsearch FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-11] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation) FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-09-03] (globalUpdate) FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-09-03] (globalUpdate) FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\gpp65c2k.default\searchplugins\mystartsearch.xml [2015-09-03] FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\gpp65c2k.default\searchplugins\oursurfing.xml [2015-09-03] FF Extension: CinemaP-1.9cV03.09 - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\gpp65c2k.default\Extensions\AVJYFVOD75109374@HCDE39471360.com [2015-09-03] FF Extension: CinemaPlus-3.2cV03.09 - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\gpp65c2k.default\Extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com [2015-09-03] FF Extension: Default SearchProtected - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\gpp65c2k.default\Extensions\defsearchp@gmail.com [2015-09-03] FF Extension: deskCut - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\gpp65c2k.default\Extensions\deskCutv2@gmail.com [2015-09-03] FF Extension: Przelewy24Ext - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\gpp65c2k.default\Extensions\jid1-AoXeeOB4j7kFdw@jetpack.xpi [2015-06-30] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-08-28] FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\gpp65c2k.default\extensions\defsearchp@gmail.com FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\gpp65c2k.default\extensions\deskCutv2@gmail.com StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.mystartsearch.com/?type=sc&ts=1441296177&z=ace9c3276c7350d3c7b634ag6z6zeg5o2tdqaebc4b&from=cmi&uid=WDCXWD5000LPVX-60V0TT0_WD-WX81A943UT9D3UT9D Opera: ======= OPR Extension: (CinemaP-1.9cV03.09) - C:\Users\hp\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi [2015-09-03] OPR Extension: (CinemaPlus-3.2cV03.09) - C:\Users\hp\AppData\Roaming\Opera Software\Opera Stable\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-09-03] StartMenuInternet: (HKLM) OperaStable - C:\Program Files (x86)\Opera\Launcher.exe http://www.mystartsearch.com/?type=sc&ts=1441296177&z=ace9c3276c7350d3c7b634ag6z6zeg5o2tdqaebc4b&from=cmi&uid=WDCXWD5000LPVX-60V0TT0_WD-WX81A943UT9D3UT9D ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 BrsHelper; C:\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe [112560 2015-08-26] () R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation) S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-09-03] (globalUpdate) [Brak podpisu cyfrowego] <==== UWAGA S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-09-03] (globalUpdate) [Brak podpisu cyfrowego] <==== UWAGA R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [Brak podpisu cyfrowego] R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Development Company, L.P.) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation) R2 poromiwi; C:\Program Files (x86)\BBDDA822-1441284769-E411-B3D7-ECB1D7DDA7B4\knsn4BF6.tmp [783360 2015-09-03] () [Brak podpisu cyfrowego] R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor) R2 SSFK; C:\Program Files (x86)\SFK\SSFK.exe [411648 2015-09-03] (TODO: <公司名>) [Brak podpisu cyfrowego] S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-02] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) R2 WdsManPro; C:\ProgramData\vWdsManProv\WdsManPro.exe [709288 2015-09-03] (DTools LIMITED) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation) R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2014-01-23] (Intel Corporation) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80160 2015-02-13] (McAfee, Inc.) R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-04] (Realtek Semiconductor Corp.) R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-25] (Ralink Technology, Corp.) R2 sbmntr; C:\Program Files (x86)\YTDownloader\sbmntr.sys [58528 2015-08-26] (YTDownloader) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29936 2013-12-13] (Synaptics Incorporated) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2013-12-13] (Synaptics Incorporated) R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-09-03 21:17 - 2015-09-03 21:17 - 00151536 _____ C:\Users\hp\Desktop\OTL.Txt 2015-09-03 21:16 - 2015-09-03 21:17 - 00018789 _____ C:\Users\hp\Downloads\FRST.txt 2015-09-03 21:16 - 2015-09-03 21:17 - 00000000 ____D C:\FRST 2015-09-03 21:16 - 2015-09-03 21:16 - 00060662 _____ C:\Users\hp\Downloads\Extras.Txt 2015-09-03 21:14 - 2015-09-03 21:15 - 02188800 _____ (Farbar) C:\Users\hp\Downloads\FRST64.exe 2015-09-03 21:14 - 2015-09-03 21:14 - 00151536 _____ C:\Users\hp\Downloads\OTL.Txt 2015-09-03 20:54 - 2015-09-03 20:54 - 00602112 _____ (OldTimer Tools) C:\Users\hp\Downloads\OTL.exe 2015-09-03 19:58 - 2015-09-03 19:58 - 00000000 ____D C:\Users\hp\Downloads\backups 2015-09-03 19:56 - 2015-09-03 19:59 - 00011035 _____ C:\Users\hp\Downloads\hijackthis.log 2015-09-03 19:55 - 2015-09-03 19:55 - 00388608 _____ (Trend Micro Inc.) C:\Users\hp\Downloads\HijackThis.exe 2015-09-03 19:52 - 2015-09-03 19:53 - 05635231 _____ (Swearware) C:\Users\hp\Downloads\ComboFix.exe 2015-09-03 18:06 - 2015-09-03 21:13 - 00003090 _____ C:\Windows\System32\Tasks\RegClean Pro 2015-09-03 18:06 - 2015-09-03 18:12 - 00000268 _____ C:\Windows\Tasks\RegClean Pro_UPDATES.job 2015-09-03 18:06 - 2015-09-03 18:12 - 00000260 _____ C:\Windows\Tasks\RegClean Pro_DEFAULT.job 2015-09-03 18:06 - 2015-09-03 18:06 - 00002974 _____ C:\Windows\System32\Tasks\RegClean Pro_UPDATES 2015-09-03 18:06 - 2015-09-03 18:06 - 00002818 _____ C:\Windows\System32\Tasks\RegClean Pro_DEFAULT 2015-09-03 18:06 - 2015-09-03 18:06 - 00001000 _____ C:\Users\Public\Desktop\RegClean Pro.lnk 2015-09-03 18:06 - 2015-09-03 18:06 - 00000000 ____D C:\Users\hp\AppData\Roaming\systweak 2015-09-03 18:06 - 2015-09-03 18:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro 2015-09-03 18:06 - 2015-09-03 18:06 - 00000000 ____D C:\Program Files (x86)\RCP 2015-09-03 18:06 - 2015-07-02 14:14 - 00020248 _____ () C:\Windows\system32\roboot64.exe 2015-09-03 18:05 - 2015-09-03 20:50 - 00000994 _____ C:\Windows\Tasks\XwcXe2KoqHB1u.job 2015-09-03 18:05 - 2015-09-03 18:05 - 00003984 _____ C:\Windows\System32\Tasks\XwcXe2KoqHB1u 2015-09-03 18:04 - 2015-09-03 21:04 - 00003140 _____ C:\Windows\Tasks\1c5b1b42-bf41-45a8-86f7-d25c2df3b322-1-6.job 2015-09-03 18:04 - 2015-09-03 20:50 - 00004496 _____ C:\Windows\Tasks\1c5b1b42-bf41-45a8-86f7-d25c2df3b322-4.job 2015-09-03 18:04 - 2015-09-03 20:50 - 00003476 _____ C:\Windows\Tasks\1c5b1b42-bf41-45a8-86f7-d25c2df3b322-1-7.job 2015-09-03 18:04 - 2015-09-03 20:50 - 00002448 _____ C:\Windows\Tasks\1c5b1b42-bf41-45a8-86f7-d25c2df3b322-5_user.job 2015-09-03 18:04 - 2015-09-03 20:50 - 00002448 _____ C:\Windows\Tasks\1c5b1b42-bf41-45a8-86f7-d25c2df3b322-5.job 2015-09-03 18:04 - 2015-09-03 18:04 - 00007500 _____ C:\Windows\System32\Tasks\1c5b1b42-bf41-45a8-86f7-d25c2df3b322-4 2015-09-03 18:04 - 2015-09-03 18:04 - 00006480 _____ C:\Windows\System32\Tasks\1c5b1b42-bf41-45a8-86f7-d25c2df3b322-1-7 2015-09-03 18:04 - 2015-09-03 18:04 - 00006144 _____ C:\Windows\System32\Tasks\1c5b1b42-bf41-45a8-86f7-d25c2df3b322-1-6 2015-09-03 18:04 - 2015-09-03 18:04 - 00005452 _____ C:\Windows\System32\Tasks\1c5b1b42-bf41-45a8-86f7-d25c2df3b322-5 2015-09-03 18:03 - 2015-09-03 21:03 - 00002114 _____ C:\Windows\Tasks\1c5b1b42-bf41-45a8-86f7-d25c2df3b322-10_user.job 2015-09-03 18:03 - 2015-09-03 20:50 - 00005186 _____ C:\Windows\Tasks\1c5b1b42-bf41-45a8-86f7-d25c2df3b322-11.job 2015-09-03 18:03 - 2015-09-03 20:50 - 00000972 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job 2015-09-03 18:03 - 2015-09-03 20:02 - 00000000 ____D C:\Program Files (x86)\SFK 2015-09-03 18:03 - 2015-09-03 18:08 - 00000976 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job 2015-09-03 18:03 - 2015-09-03 18:04 - 00000000 ____D C:\Program Files (x86)\CinemaPlus-3.2cV03.09 2015-09-03 18:03 - 2015-09-03 18:03 - 00008190 _____ C:\Windows\System32\Tasks\1c5b1b42-bf41-45a8-86f7-d25c2df3b322-11 2015-09-03 18:03 - 2015-09-03 18:03 - 00003948 _____ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA 2015-09-03 18:03 - 2015-09-03 18:03 - 00003712 _____ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore 2015-09-03 18:03 - 2015-09-03 18:03 - 00000000 ____D C:\Users\hp\AppData\Local\globalUpdate 2015-09-03 18:03 - 2015-09-03 18:03 - 00000000 ____D C:\ProgramData\vWdsManProv 2015-09-03 18:03 - 2015-09-03 18:03 - 00000000 ____D C:\Program Files (x86)\globalUpdate 2015-09-03 18:02 - 2015-09-03 20:50 - 00001050 _____ C:\Windows\Tasks\MyBrowser.job 2015-09-03 18:02 - 2015-09-03 18:02 - 00004034 _____ C:\Windows\System32\Tasks\MyBrowser 2015-09-03 18:02 - 2015-09-03 18:02 - 00000000 ____D C:\Users\hp\AppData\Local\MyBrowser 2015-09-03 18:01 - 2015-09-03 18:02 - 00000000 ____D C:\Users\hp\AppData\Local\SmartWeb 2015-09-03 18:01 - 2015-09-03 18:01 - 00000000 ____D C:\Program Files (x86)\MyBrowser 2015-09-03 17:44 - 2015-09-03 17:45 - 00202240 _____ C:\Windows\SysWOW64\95a994.exe 2015-09-03 17:42 - 2015-09-03 17:43 - 00003532 _____ C:\Windows\System32\Tasks\Inst_Rep 2015-09-03 17:35 - 2015-07-05 12:08 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-09-03 15:27 - 2015-09-03 15:27 - 00000290 _____ C:\Windows\wininit.ini 2015-09-03 15:22 - 2015-09-03 15:22 - 00000214 _____ C:\Windows\SysWOW64\config.json 2015-09-03 15:06 - 2015-09-03 15:06 - 00000000 ____D C:\Users\hp\AppData\Local\Crossbrowse 2015-09-03 15:03 - 2015-09-03 18:03 - 00000000 ____D C:\Users\hp\AppData\Roaming\mystartsearch 2015-09-03 15:03 - 2015-09-03 15:03 - 00000000 ____D C:\ProgramData\cWdsManProc 2015-09-03 15:02 - 2015-09-03 20:50 - 00000000 ____D C:\Users\hp\AppData\Local\gmsd_pl_005010079 2015-09-03 15:02 - 2015-09-03 18:03 - 00000000 ____D C:\Program Files (x86)\gmsd_pl_005010079 2015-09-03 14:59 - 2015-09-03 20:59 - 00002442 _____ C:\Windows\Tasks\2566a48a-b564-48d2-a1fc-1f0d9dd5ac8b-5_user.job 2015-09-03 14:59 - 2015-09-03 20:59 - 00001058 _____ C:\Windows\Tasks\Crossbrowse.job 2015-09-03 14:59 - 2015-09-03 20:50 - 00001012 _____ C:\Windows\Tasks\OcqViD8fzmLNiy6gGpD8eM.job 2015-09-03 14:59 - 2015-09-03 14:59 - 00004042 _____ C:\Windows\System32\Tasks\Crossbrowse 2015-09-03 14:59 - 2015-09-03 14:59 - 00004002 _____ C:\Windows\System32\Tasks\OcqViD8fzmLNiy6gGpD8eM 2015-09-03 14:59 - 2015-09-03 14:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse 2015-09-03 14:59 - 2015-09-03 14:59 - 00000000 ____D C:\Program Files (x86)\Crossbrowse 2015-09-03 14:58 - 2015-09-03 20:59 - 00002442 _____ C:\Windows\Tasks\2566a48a-b564-48d2-a1fc-1f0d9dd5ac8b-5.job 2015-09-03 14:58 - 2015-09-03 20:58 - 00005180 _____ C:\Windows\Tasks\2566a48a-b564-48d2-a1fc-1f0d9dd5ac8b-11.job 2015-09-03 14:58 - 2015-09-03 20:58 - 00004154 _____ C:\Windows\Tasks\2566a48a-b564-48d2-a1fc-1f0d9dd5ac8b-4.job 2015-09-03 14:58 - 2015-09-03 20:58 - 00003134 _____ C:\Windows\Tasks\2566a48a-b564-48d2-a1fc-1f0d9dd5ac8b-1-7.job 2015-09-03 14:58 - 2015-09-03 20:58 - 00003134 _____ C:\Windows\Tasks\2566a48a-b564-48d2-a1fc-1f0d9dd5ac8b-1-6.job 2015-09-03 14:58 - 2015-09-03 20:58 - 00002108 _____ C:\Windows\Tasks\2566a48a-b564-48d2-a1fc-1f0d9dd5ac8b-10_user.job 2015-09-03 14:58 - 2015-09-03 20:50 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 2015-09-03 14:58 - 2015-09-03 14:59 - 00005446 _____ C:\Windows\System32\Tasks\2566a48a-b564-48d2-a1fc-1f0d9dd5ac8b-5 2015-09-03 14:58 - 2015-09-03 14:59 - 00000000 ____D C:\Program Files (x86)\CinemaP-1.9cV03.09 2015-09-03 14:58 - 2015-09-03 14:58 - 00008184 _____ C:\Windows\System32\Tasks\2566a48a-b564-48d2-a1fc-1f0d9dd5ac8b-11 2015-09-03 14:58 - 2015-09-03 14:58 - 00007158 _____ C:\Windows\System32\Tasks\2566a48a-b564-48d2-a1fc-1f0d9dd5ac8b-4 2015-09-03 14:58 - 2015-09-03 14:58 - 00006138 _____ C:\Windows\System32\Tasks\2566a48a-b564-48d2-a1fc-1f0d9dd5ac8b-1-7 2015-09-03 14:58 - 2015-09-03 14:58 - 00006138 _____ C:\Windows\System32\Tasks\2566a48a-b564-48d2-a1fc-1f0d9dd5ac8b-1-6 2015-09-03 14:53 - 2015-09-03 14:53 - 00000000 ____D C:\Users\Public\Documents\ShopperPro 2015-09-03 14:53 - 2015-09-03 14:53 - 00000000 ____D C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader 2015-09-03 14:53 - 2015-09-03 14:53 - 00000000 ____D C:\Users\hp\AppData\Local\BrowserHelper 2015-09-03 14:53 - 2015-09-03 14:53 - 00000000 ____D C:\Program Files (x86)\YTDownloader 2015-09-03 14:52 - 2015-09-03 17:32 - 00000000 ____D C:\Program Files (x86)\BBDDA822-1441284769-E411-B3D7-ECB1D7DDA7B4 2015-09-03 14:52 - 2015-09-03 14:52 - 00000000 ____D C:\Users\hp\AppData\Local\CrashRpt 2015-09-03 14:52 - 2015-09-03 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY 2015-09-03 14:51 - 2015-09-03 20:53 - 00000000 ____D C:\Users\hp\AppData\Local\mbot_pl_014010079 2015-09-03 14:51 - 2015-09-03 18:03 - 00000102 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat 2015-09-03 14:51 - 2015-09-03 14:52 - 00000000 ____D C:\ProgramData\rWdsManPror 2015-09-03 14:51 - 2015-09-03 14:52 - 00000000 ____D C:\Program Files (x86)\mbot_pl_014010079 2015-09-03 14:50 - 2015-09-03 15:14 - 00000000 ____D C:\Users\hp\AppData\Roaming\oursurfing 2015-09-03 14:49 - 2015-09-03 14:49 - 00820912 _____ C:\Users\hp\Downloads\MyLittlePonyEquestriaGirlsPLDUBBDRipXvidMXavi__15047_i1621698843_il2017175.exe 2015-08-28 16:05 - 2015-09-03 15:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-08-24 21:59 - 2015-08-24 21:59 - 00000000 ____D C:\Users\hp\AppData\Roaming\AVG 2015-08-24 21:59 - 2015-08-24 21:59 - 00000000 ____D C:\Users\hp\AppData\Local\Avg 2015-08-24 21:59 - 2015-08-24 21:59 - 00000000 ____D C:\Program Files (x86)\AVG 2015-08-24 21:58 - 2015-08-24 22:02 - 00000000 ____D C:\ProgramData\AVG 2015-08-24 21:57 - 2015-09-03 18:02 - 00001450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2015-08-24 21:57 - 2015-08-24 21:57 - 00003846 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1440446231 2015-08-24 21:57 - 2015-08-24 21:57 - 00000000 ____D C:\Users\hp\AppData\Roaming\Opera Software 2015-08-24 21:57 - 2015-08-24 21:57 - 00000000 ____D C:\Users\hp\AppData\Local\Opera Software 2015-08-24 21:56 - 2015-08-24 21:57 - 00000000 ____D C:\Program Files (x86)\Opera 2015-08-24 21:56 - 2015-08-24 21:57 - 00000000 ____D C:\DVDVideoSoft 2015-08-24 21:16 - 2015-08-22 17:01 - 284143316 _____ C:\Users\hp\Desktop\MOV_0323.mp4 2015-08-24 21:12 - 2015-08-24 21:57 - 00001114 _____ C:\Users\Public\Desktop\Free Video Flip and Rotate.lnk 2015-08-24 21:12 - 2015-08-24 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2015-08-24 21:11 - 2015-08-24 21:56 - 00000000 ____D C:\Users\hp\AppData\Roaming\RPEng 2015-08-24 21:11 - 2015-08-24 21:12 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft 2015-08-24 21:10 - 2015-08-24 21:13 - 00000000 ____D C:\Users\hp\AppData\Roaming\DVDVideoSoft 2015-08-24 21:04 - 2015-08-24 21:04 - 30396840 _____ (DVDVideoSoft Ltd. ) C:\Users\hp\Downloads\FreeVideoFlipAndRotate.exe 2015-08-24 21:04 - 2015-08-24 21:04 - 30396840 _____ (DVDVideoSoft Ltd. ) C:\Users\hp\Downloads\FreeVideoFlipAndRotate(1).exe 2015-08-23 21:12 - 2015-08-23 21:11 - 51077120 _____ C:\Users\hp\Downloads\ffmpeg-2.7.2.tar 2015-08-23 21:11 - 2015-08-23 21:11 - 08157217 _____ C:\Users\hp\Downloads\ffmpeg-2.7.2.tar.bz2 2015-08-23 20:49 - 2015-08-24 22:09 - 00000000 ____D C:\Users\hp\Desktop\Andzia 2015 2015-08-23 20:48 - 2015-08-23 21:08 - 00000000 ____D C:\Users\hp\Desktop\wieś 2015 2015-08-19 08:58 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-08-19 08:58 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-08-13 13:34 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-08-13 13:34 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-08-12 14:04 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2015-08-12 14:04 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-08-12 14:04 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-08-12 14:04 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-08-12 14:04 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-08-12 14:04 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-08-12 14:04 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-08-12 14:04 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2015-08-12 14:04 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll 2015-08-12 14:04 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll 2015-08-12 14:04 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys 2015-08-12 14:04 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys 2015-08-12 14:04 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys 2015-08-12 14:04 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2015-08-12 14:04 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2015-08-12 14:04 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2015-08-12 14:04 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2015-08-12 14:04 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml 2015-08-12 12:16 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-08-12 12:16 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-08-12 12:16 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-08-12 12:16 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-08-12 12:16 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-08-12 12:16 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-08-12 12:16 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-08-12 12:16 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-08-12 12:16 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-08-12 12:16 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-08-12 12:16 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-08-12 12:16 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-08-12 12:16 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-08-12 12:16 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-08-12 12:16 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2015-08-12 12:16 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-08-12 12:16 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2015-08-12 12:16 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2015-08-12 12:16 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2015-08-12 12:16 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2015-08-12 12:16 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2015-08-12 12:15 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-08-12 12:15 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-08-12 12:15 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-08-12 12:15 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-08-12 12:15 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-08-12 12:15 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-08-12 12:15 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2015-08-12 12:15 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-08-12 12:15 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-08-12 12:15 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-08-12 12:15 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-08-12 12:15 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-08-12 12:15 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-08-12 12:15 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-08-12 12:15 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-08-12 12:15 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-08-12 12:15 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-08-12 12:15 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2015-08-12 12:15 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-08-12 12:15 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-08-12 12:15 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-08-12 12:15 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-08-12 12:15 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-08-12 12:15 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-08-12 12:15 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2015-08-12 12:15 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-08-12 12:15 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-08-12 12:15 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-08-12 12:15 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-08-12 12:14 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-08-12 12:14 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-08-12 12:14 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-08-12 12:14 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-08-12 12:14 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-08-12 12:14 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-08-12 12:14 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-08-12 12:14 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-08-12 12:14 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2015-08-12 12:14 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2015-08-12 12:14 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-08-12 12:14 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll 2015-08-12 12:14 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2015-08-12 12:14 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-08-12 12:14 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2015-08-12 12:14 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2015-08-12 12:14 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2015-08-12 12:14 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2015-08-12 12:14 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe 2015-08-12 12:14 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe 2015-08-12 12:14 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe 2015-08-12 12:14 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll 2015-08-11 16:26 - 2015-08-11 16:26 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2015-08-05 15:45 - 2015-08-05 15:45 - 00019456 _____ C:\Users\hp\Downloads\wynik na 15tą na minusie do r-1.xls ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-09-03 21:17 - 2015-06-30 01:42 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-09-03 21:06 - 2015-06-25 14:50 - 01834768 _____ C:\Windows\WindowsUpdate.log 2015-09-03 21:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru 2015-09-03 20:55 - 2015-06-25 14:57 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-278758963-410111004-4223012049-1001 2015-09-03 20:51 - 2015-06-25 14:55 - 00000000 ____D C:\Users\hp\Documents\Youcam 2015-09-03 20:05 - 2015-06-29 20:32 - 00000000 ____D C:\Users\hp\AppData\Local\ClassicShell 2015-09-03 20:02 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-09-03 20:01 - 2013-08-22 16:46 - 00032257 _____ C:\Windows\setupact.log 2015-09-03 19:55 - 2015-06-25 14:51 - 00000000 ____D C:\Users\hp\AppData\Local\VirtualStore 2015-09-03 19:49 - 2015-07-10 13:15 - 00000000 ____D C:\Users\hp\AppData\Roaming\Skype 2015-09-03 18:19 - 2015-06-25 14:51 - 00000000 ____D C:\Users\hp 2015-09-03 18:13 - 2014-11-27 00:25 - 00000000 ____D C:\ProgramData\McAfee 2015-09-03 18:13 - 2014-11-27 00:25 - 00000000 ____D C:\Program Files\Common Files\mcafee 2015-09-03 18:13 - 2014-11-27 00:25 - 00000000 ____D C:\Program Files (x86)\McAfee 2015-09-03 18:12 - 2015-06-27 04:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-09-03 18:12 - 2014-03-18 11:44 - 00020060 _____ C:\Windows\PFRO.log 2015-09-03 17:36 - 2015-06-25 17:28 - 00003952 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{655875BF-5312-4EC4-90C4-4145F8493CF4} 2015-09-03 17:36 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM 2015-09-03 15:27 - 2014-05-03 21:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection 2015-09-03 15:27 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\ELAMBKUP 2015-09-03 15:22 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2015-09-03 15:22 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy 2015-09-03 15:15 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2015-09-03 15:14 - 2015-06-25 14:51 - 00001457 _____ C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-09-03 14:53 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\System 2015-09-02 15:57 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness 2015-08-19 09:01 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp 2015-08-13 20:19 - 2014-05-04 07:09 - 00839840 _____ C:\Windows\system32\perfh015.dat 2015-08-13 20:19 - 2014-05-04 07:09 - 00179982 _____ C:\Windows\system32\perfc015.dat 2015-08-13 20:19 - 2014-03-18 11:53 - 01967966 _____ C:\Windows\system32\PerfStringBackup.INI 2015-08-13 20:12 - 2013-08-22 16:44 - 00339192 _____ C:\Windows\system32\FNTCACHE.DAT 2015-08-13 18:23 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-08-13 18:23 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-08-13 18:23 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender 2015-08-13 18:23 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2015-08-13 13:33 - 2015-06-28 02:03 - 00000000 ____D C:\Windows\system32\MRT 2015-08-13 13:27 - 2015-06-28 02:03 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-08-13 13:26 - 2015-07-03 22:20 - 00000000 ____D C:\Windows\system32\appraiser 2015-08-13 13:26 - 2015-07-03 13:32 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-08-13 13:25 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-08-13 13:25 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-08-11 21:17 - 2015-06-30 01:42 - 00003818 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-08-09 12:31 - 2015-07-10 13:15 - 00000000 ____D C:\ProgramData\Skype 2015-08-08 15:55 - 2013-08-22 17:38 - 00794088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-08-08 15:55 - 2013-08-22 17:38 - 00179688 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-08-06 15:02 - 2015-06-25 14:51 - 00000000 ____D C:\Users\hp\AppData\Local\Packages ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\hp\AppData\Roaming\OcqViD8fzmLNiy6gGpD8eM 2015-04-20 16:05 - 2015-04-20 16:05 - 1246720 _____ () C:\Users\hp\AppData\Roaming\OcqViD8fzmLNiy6gGpD8eM.exe 2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\hp\AppData\Roaming\XwcXe2KoqHB1u 2015-04-20 16:05 - 2015-04-20 16:05 - 1246720 _____ () C:\Users\hp\AppData\Roaming\XwcXe2KoqHB1u.exe 2015-09-03 14:51 - 2015-09-03 18:03 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Pliki do przeniesienia lub usunięcia: ==================== C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Niektóre pliki w TEMP: ==================== C:\Users\hp\AppData\Local\Temp\1766.exe C:\Users\hp\AppData\Local\Temp\1964.exe C:\Users\hp\AppData\Local\Temp\2046.exe C:\Users\hp\AppData\Local\Temp\20930.exe C:\Users\hp\AppData\Local\Temp\27234.exe C:\Users\hp\AppData\Local\Temp\DseShExt-x64.dll C:\Users\hp\AppData\Local\Temp\DseShExt-x86.dll C:\Users\hp\AppData\Local\Temp\fsdA58E.exe C:\Users\hp\AppData\Local\Temp\McCSPInstall.dll C:\Users\hp\AppData\Local\Temp\mccspuninstall.exe C:\Users\hp\AppData\Local\Temp\MyLittlePonyEquestriaGirlsPLDUBBDRipXvidMXavi__15047_i1621698843_il2017175.exe C:\Users\hp\AppData\Local\Temp\SDShelEx-win32.dll C:\Users\hp\AppData\Local\Temp\SDShelEx-x64.dll C:\Users\hp\AppData\Local\Temp\tu17p84.exe C:\Users\hp\AppData\Local\Temp\Uninstall.exe C:\Users\hp\AppData\Local\Temp\ytdieamodc_amodc_setup.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2015-08-22 14:11 ==================== Koniec FRST.txt ============================