Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:15-09-2015 Uruchomiony przez BartoszM (administrator) KOMPUTER (20-09-2015 17:56:53) Uruchomiony z C:\Users\BartoszM\Desktop\Projekty najnowsze Załadowane profile: BartoszM (Dostępne profile: BartoszM & Gość) Platform: Windows 8.1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe Brak dostępu do procesu -> BlueSoleilCS.exe (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Microsoft Corporation) C:\Windows\System32\StikyNot.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Mozilla Corporation) C:\Programy\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [Zune Launcher] => C:\Programy\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-22] (IDT, Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [363520 2012-08-02] (IVT Corporation) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-09] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [Bonus.SSR.FR11] => C:\Programy\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [925960 2011-08-30] (ABBYY.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated) HKLM-x32\...\Run: [QuickTime Task] => C:\Programy\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-1528794737-2880049558-3049531086-1002\...\Run: [DAEMON Tools Lite] => C:\Programy\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-1528794737-2880049558-3049531086-1002\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-29] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-10-16] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-10-16] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-10-16] () ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 2013\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 2013\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 2013\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.) Startup: C:\Users\BartoszM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Powiadomienia monitorowania tuszu - HP Deskjet 1050 J410 series.lnk [2012-12-30] Startup: C:\Users\BartoszM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wysyłanie do programu OneNote.lnk [2013-03-25] ShortcutTarget: Wysyłanie do programu OneNote.lnk -> C:\Program Files\Microsoft Office 2013\Office15\ONENOTEM.EXE (Microsoft Corporation) GroupPolicy: Ograniczenia - Chrome <======= UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 10.10.9.1 Tcpip\..\Interfaces\{13FA87F9-0F99-4252-9B74-B72D30940A3B}: [DhcpNameServer] 10.10.9.1 Tcpip\..\Interfaces\{22696A74-7B68-4FD2-BAFB-348A69F40AA8}: [DhcpNameServer] 89.231.1.206 217.172.224.160 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPALL13/175 HKU\S-1-5-21-1528794737-2880049558-3049531086-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.turkojan.com/ HKU\S-1-5-21-1528794737-2880049558-3049531086-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?utm_source=b&utm_medium=fft-1&from=fft-1&uid=TOSHIBA_MQ01ABD075_92L4F2IFS__92L4F2IFS&ts=1359290035 SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF SearchScopes: HKLM -> {49F1323A-CF62-4EE2-8082-99AC15605FC9} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://pl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF SearchScopes: HKLM-x32 -> {49F1323A-CF62-4EE2-8082-99AC15605FC9} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://pl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1528794737-2880049558-3049531086-1002 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-1528794737-2880049558-3049531086-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.v9.com/web/?q={searchTerms} SearchScopes: HKU\S-1-5-21-1528794737-2880049558-3049531086-1002 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF SearchScopes: HKU\S-1-5-21-1528794737-2880049558-3049531086-1002 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-1528794737-2880049558-3049531086-1002 -> {49F1323A-CF62-4EE2-8082-99AC15605FC9} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-1528794737-2880049558-3049531086-1002 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://pl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKU\S-1-5-21-1528794737-2880049558-3049531086-1002 -> {D2008C37-896E-4B53-8A9D-3BCFCB745596} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=FF&o=14594&src=kw&q={searchTerms}&locale=&apn_ptnrs=^FV&apn_dtid=^YYYYYY^YY^PL&apn_uid=54dcc373-582e-4c25-8cc0-596154a4b455&apn_sauid=2D2D983E-B57A-45AC-A21A-EFCB9EC73740 BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 2013\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-31] (Oracle Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 2013\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-31] (Oracle Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation) BHO-x32: Brak nazwy -> {60EA330C-3072-1B71-3FEF-FF78714F2E8E} -> Brak pliku BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-31] (Oracle Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-31] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 2013\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Users\BartoszM\AppData\Roaming\Mozilla\Firefox\Profiles\4im8mb9w.default-1426806042468 FF SearchEngineOrder.1: Ask.com FF SelectedSearchEngine: Google FF Homepage: hxxps://www.google.pl/ FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-31] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-31] (Oracle Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2013-11-05] (Adobe Systems) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw.dll [2012-04-26] (Adobe Systems, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\WINDOWS\SysWOW64\npDeployJava1.dll [2013-07-24] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-31] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2013-11-05] (Adobe Systems) FF Plugin HKU\S-1-5-21-1528794737-2880049558-3049531086-1002: @tools.google.com/Google Update;version=3 -> C:\Users\BartoszM\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll Brak pliku FF Plugin HKU\S-1-5-21-1528794737-2880049558-3049531086-1002: @tools.google.com/Google Update;version=9 -> C:\Users\BartoszM\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll Brak pliku FF Plugin HKU\S-1-5-21-1528794737-2880049558-3049531086-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-08-02] () FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation) FF SearchPlugin: C:\Users\BartoszM\AppData\Roaming\Mozilla\Firefox\Profiles\4im8mb9w.default-1426806042468\searchplugins\askcom.xml [2013-01-27] FF Extension: Copy Plain Text 2 - C:\Users\BartoszM\AppData\Roaming\Mozilla\Firefox\Profiles\4im8mb9w.default-1426806042468\Extensions\copyplaintext@teo.pl.xpi [2015-06-13] FF Extension: Video DownloadHelper - C:\Users\BartoszM\AppData\Roaming\Mozilla\Firefox\Profiles\4im8mb9w.default-1426806042468\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-04-09] FF Extension: Adblock Plus - C:\Users\BartoszM\AppData\Roaming\Mozilla\Firefox\Profiles\4im8mb9w.default-1426806042468\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-20] StartMenuInternet: FIREFOX.EXE - C:\Programy\Mozilla Firefox\firefox.exe Chrome: ======= CHR Profile: C:\Users\BartoszM\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Dysk Google) - C:\Users\BartoszM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-24] CHR Extension: (YouTube) - C:\Users\BartoszM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-24] CHR Extension: (Google Search) - C:\Users\BartoszM\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-24] CHR Extension: (Dokumenty Google offline) - C:\Users\BartoszM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-06] CHR Extension: (SSave on) - C:\Users\BartoszM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfbigmpndpdbhkpecbkjadhjmmkleeci [2014-06-04] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\BartoszM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21] CHR Extension: (Gmail) - C:\Users\BartoszM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-24] StartMenuInternet: chrome.exe - C:\Users\BartoszM\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Programy\ABBYY FineReader 11\NetworkLicenseServer.exe [819976 2011-08-18] (ABBYY) R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1544192 2012-08-02] (IVT Corporation) [Brak podpisu cyfrowego] R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2012-07-10] (IVT Corporation) [Brak podpisu cyfrowego] U4 BthAvrcpTg; C:\Windows\System32\drivers\BthAvrcpTg.sys [36992 2013-08-22] (Microsoft Corporation) U4 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [57856 2015-03-09] (Microsoft Corporation) U4 bthhfhid; C:\Windows\System32\drivers\BthHFHid.sys [30720 2013-08-22] (Microsoft Corporation) U4 BthHFSrv; C:\Windows\System32\svchost.exe [38792 2014-10-29] (Microsoft Corporation) U4 BthHFSrv; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation) R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [Brak podpisu cyfrowego] R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [Brak podpisu cyfrowego] S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation) S2 SkypeUpdate; C:\Programy\Skype\Updater\Updater.exe [327296 2015-07-09] (Skype Technologies) R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-07-22] (IDT, Inc.) [Brak podpisu cyfrowego] S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Brak podpisu cyfrowego] S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-11-25] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) S3 WMZuneComm; C:\Programy\WMZuneComm.exe [306400 2011-08-05] (Microsoft Corporation) S3 ZuneNetworkSvc; C:\Programy\ZuneNss.exe [8277728 2011-08-05] (Microsoft Corporation) S3 ZuneWlanCfgSvc; C:\Programy\ZuneWlanCfgSvc.exe [467680 2011-08-05] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.) R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation) R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation) R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48736 2012-08-08] (Ralink Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-11-25] (Disc Soft Ltd) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.) S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-04] (Realtek Semiconductor Corp.) R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated) S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [106256 2013-04-12] (Oracle Corporation) S2 vcs; C:\Program Files (x86)\Common Files\Avnex\vcs64.sys [4096 2013-04-21] () [Brak podpisu cyfrowego] R3 VCSVADHWSer; C:\Windows\system32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-09-20 17:56 - 2015-09-20 17:57 - 00000000 ____D C:\FRST 2015-09-20 17:48 - 2015-09-20 17:48 - 00000000 _____ C:\Users\BartoszM\Desktop\Lower Third 06.mov 2015-09-20 17:08 - 2015-09-20 17:09 - 00000000 ____D C:\Users\BartoszM\Desktop\capture-22 2015-09-20 14:08 - 2015-09-20 14:08 - 00000828 _____ C:\WINDOWS\PFRO.log 2015-09-19 13:53 - 2015-09-19 14:07 - 00000479 _____ C:\Users\BartoszM\Desktop\do kupienia.txt 2015-09-19 13:52 - 2015-09-19 13:52 - 00000420 _____ C:\Users\BartoszM\do kupienia.txt 2015-09-18 23:27 - 2015-09-20 17:42 - 00000000 ____D C:\Users\BartoszM\Desktop\FF_Audio_Visualizers_Vol1 2015-09-18 03:41 - 2015-09-20 17:41 - 00000539 _____ C:\WINDOWS\setupact.log 2015-09-18 03:41 - 2015-09-18 03:41 - 00000000 _____ C:\WINDOWS\setuperr.log 2015-09-18 01:54 - 2015-09-18 01:55 - 00150088 _____ C:\WINDOWS\SysWOW64\iiSetup.log 2015-09-18 01:51 - 2015-09-20 17:46 - 01299850 _____ C:\WINDOWS\WindowsUpdate.log 2015-09-18 01:48 - 2015-09-18 01:48 - 00280918 _____ C:\Users\BartoszM\Documents\cc_20150918_014834.reg 2015-09-16 18:51 - 2015-09-16 18:51 - 06521184 _____ (Tim Kosse) C:\Users\BartoszM\Downloads\FileZilla_3.14.0_win64-setup.exe 2015-09-16 17:48 - 2015-09-20 17:19 - 00000000 ____D C:\Users\BartoszM\Desktop\zlecenie filmik cs 2015-09-15 23:50 - 2015-09-15 23:50 - 00000000 ____D C:\Users\BartoszM\AppData\Roaming\̗Adobe 2015-09-14 17:53 - 2015-09-14 17:53 - 00001242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2015.lnk 2015-09-14 17:38 - 2015-09-14 17:38 - 00001348 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator (Preview).lnk 2015-09-09 13:35 - 2015-08-27 04:48 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2015-09-09 13:35 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2015-09-09 13:35 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2015-09-09 13:35 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2015-09-09 13:35 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2015-09-09 13:35 - 2015-08-26 16:46 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-09-09 13:35 - 2015-08-26 16:29 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2015-09-09 13:35 - 2015-08-26 16:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2015-09-09 13:35 - 2015-08-26 16:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2015-09-09 13:35 - 2015-08-26 16:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2015-09-09 13:35 - 2015-08-26 16:26 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2015-09-09 13:35 - 2015-08-26 16:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2015-09-09 13:33 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2015-09-09 13:33 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2015-09-09 13:33 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2015-09-09 13:33 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2015-09-09 13:33 - 2015-08-22 20:19 - 25188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-09-09 13:33 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-09-09 13:33 - 2015-08-22 18:41 - 14451712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-09-09 13:33 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-09-09 13:33 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll 2015-09-09 13:33 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll 2015-09-09 13:33 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll 2015-09-09 13:33 - 2015-07-22 15:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2015-09-09 13:33 - 2015-07-17 16:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll 2015-09-09 13:33 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll 2015-09-09 13:33 - 2015-06-27 13:47 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe 2015-09-09 13:32 - 2015-08-22 19:35 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-09-09 13:32 - 2015-08-22 19:34 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-09-09 13:32 - 2015-08-22 19:21 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-09-09 13:32 - 2015-08-22 19:20 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-09-09 13:32 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-09-09 13:32 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-09-09 13:32 - 2015-08-22 18:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2015-09-09 13:32 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-09-09 13:32 - 2015-08-22 18:44 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2015-09-09 13:32 - 2015-08-22 18:41 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-09-09 13:32 - 2015-08-22 18:41 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2015-09-09 13:32 - 2015-08-22 18:41 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-09-09 13:32 - 2015-08-22 18:39 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-09-09 13:32 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-09-09 13:32 - 2015-08-22 18:26 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-09-09 13:32 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2015-09-09 13:32 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2015-09-09 13:32 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-09-09 13:32 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-09-09 13:32 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-09-09 13:32 - 2015-08-22 18:14 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-09-09 13:32 - 2015-08-22 18:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2015-09-09 13:32 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-09-09 13:32 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-09-09 13:32 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-09-09 13:32 - 2015-07-03 23:51 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2015-09-09 13:32 - 2015-07-03 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2015-09-09 13:32 - 2015-06-19 19:07 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2015-09-09 13:31 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-09-09 13:31 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-09-09 13:31 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-09-09 13:31 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-09-09 13:31 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2015-09-09 13:31 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll 2015-09-09 13:31 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll 2015-09-09 13:31 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll 2015-09-09 13:31 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe 2015-09-09 13:31 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe 2015-09-09 13:31 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2015-09-09 13:31 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe 2015-09-09 13:31 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe 2015-09-09 13:31 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-09-09 13:31 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2015-09-09 13:31 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-09-09 13:31 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2015-09-09 13:31 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll 2015-09-09 13:31 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2015-09-09 13:31 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll 2015-09-09 13:31 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2015-09-09 13:31 - 2015-07-13 21:10 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml 2015-09-09 13:31 - 2015-07-09 18:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2015-09-09 13:30 - 2015-07-14 05:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe 2015-09-09 13:27 - 2015-07-10 21:06 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys 2015-09-08 22:44 - 2015-09-08 22:50 - 00000000 ____D C:\Users\BartoszM\Desktop\Barcelona 2015-09-01 19:27 - 2015-09-01 19:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-09-01 19:27 - 2015-09-01 19:27 - 00000000 ____D C:\Program Files (x86)\Skype 2015-09-01 18:58 - 2015-09-01 18:58 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf 2015-08-28 02:53 - 2015-09-17 19:29 - 00000998 _____ C:\Users\BartoszM\Desktop\linki.txt 2015-08-26 20:49 - 2015-08-26 20:49 - 00000000 ____D C:\Users\BartoszM\Documents\Aspyr 2015-08-26 20:48 - 2015-08-26 20:48 - 00000000 ____D C:\Users\BartoszM\AppData\Local\Aspyr 2015-08-26 19:52 - 2015-09-17 17:22 - 00000000 ____D C:\Program Files (x86)\Gry 2015-08-26 19:52 - 2015-08-26 19:52 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll 2015-08-26 19:52 - 2015-08-26 19:52 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll 2015-08-26 19:52 - 2015-08-26 19:52 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll 2015-08-26 19:52 - 2015-08-26 19:52 - 00000000 ____D C:\Program Files (x86)\OpenAL 2015-08-26 19:52 - 2011-04-16 01:40 - 00809496 ____R (Creative Labs Inc.) C:\WINDOWS\SysWOW64\tmpB0E3.tmp 2015-08-26 19:52 - 2011-04-16 01:40 - 00809496 ____R (Creative Labs Inc.) C:\WINDOWS\SysWOW64\tmpB0E2.tmp 2015-08-26 00:44 - 2015-08-26 00:44 - 06284160 _____ (Tim Kosse) C:\Users\BartoszM\Downloads\FileZilla_3.13.1_win32-setup.exe 2015-08-22 21:37 - 2015-08-22 21:37 - 00001955 _____ C:\Users\BartoszM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities.lnk 2015-08-22 21:37 - 2015-08-22 21:37 - 00000000 ____D C:\Users\BartoszM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2015-08-22 21:35 - 2015-08-22 21:35 - 00000000 ____D C:\Users\BartoszM\AppData\Roaming\TuneUp Software 2015-08-22 21:30 - 2015-08-22 21:34 - 00000000 ____D C:\ProgramData\TuneUp Software 2015-08-22 21:30 - 2015-08-22 21:30 - 00000000 __SHD C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} 2015-08-21 00:19 - 2015-08-21 00:44 - 00000000 ____D C:\Users\BartoszM\Desktop\Paczka Transcendentelne.pl ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-09-20 17:59 - 2013-09-27 23:04 - 00001088 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1528794737-2880049558-3049531086-1002UA.job 2015-09-20 17:56 - 2014-07-04 16:28 - 00000000 ____D C:\Users\BartoszM\Desktop\Projekty najnowsze 2015-09-20 17:47 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru 2015-09-20 17:46 - 2012-12-29 17:51 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1528794737-2880049558-3049531086-1002 2015-09-20 17:43 - 2013-01-24 21:40 - 00001070 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-09-20 17:41 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-09-20 17:41 - 2012-10-31 21:23 - 00004524 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI 2015-09-20 17:41 - 2012-08-10 18:45 - 00000821 _____ C:\WINDOWS\SysWOW64\bscs.ini 2015-09-20 17:39 - 2015-06-16 18:09 - 00000000 ____D C:\Users\BartoszM\AppData\Roaming\vlc 2015-09-20 17:36 - 2013-01-24 21:40 - 00001074 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-09-20 17:24 - 2014-06-23 13:17 - 00000000 ____D C:\Users\BartoszM\AppData\Local\CrashDumps 2015-09-20 17:07 - 2014-06-22 18:15 - 00000000 ____D C:\Users\BartoszM\Documents\Camtasia Studio 2015-09-20 14:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2015-09-20 14:09 - 2012-10-31 21:23 - 00000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI 2015-09-20 13:58 - 2015-02-26 03:28 - 00003996 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F53EFA44-6187-4E9C-9CF8-3B8836BC1021} 2015-09-20 02:01 - 2012-12-30 19:17 - 00000000 ____D C:\Users\BartoszM\AppData\Local\Adobe 2015-09-19 20:30 - 2012-12-29 23:25 - 00000000 ____D C:\Users\BartoszM\Desktop\Multimedia 2015-09-19 18:47 - 2012-12-29 17:45 - 00000000 ____D C:\Users\BartoszM\AppData\Local\Packages 2015-09-19 17:39 - 2013-03-25 18:14 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-09-19 13:52 - 2014-11-25 13:19 - 00000000 ____D C:\Users\BartoszM 2015-09-19 01:07 - 2013-11-03 11:11 - 00003182 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForBartoszM 2015-09-19 01:07 - 2013-11-03 11:11 - 00000362 _____ C:\WINDOWS\Tasks\HPCeeScheduleForBartoszM.job 2015-09-18 21:36 - 2012-12-29 19:30 - 00000000 ____D C:\Users\BartoszM\AppData\Roaming\GG 2015-09-18 08:59 - 2013-09-27 23:04 - 00001036 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1528794737-2880049558-3049531086-1002Core.job 2015-09-18 03:39 - 2013-07-11 23:43 - 00000000 ____D C:\FFOutput 2015-09-18 02:15 - 2012-12-30 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2015-09-18 02:15 - 2012-12-29 19:18 - 00000000 ___RD C:\Users\BartoszM\Desktop\Programy 2015-09-18 02:15 - 2012-10-31 21:26 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools 2015-09-18 02:15 - 2012-09-02 10:35 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard 2015-09-18 02:14 - 2012-12-29 18:40 - 00000000 ____D C:\Programy 2015-09-18 02:13 - 2012-09-02 10:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-09-18 02:09 - 2012-09-02 10:47 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2015-09-18 02:07 - 2012-12-29 19:10 - 00000000 ____D C:\Gry 2015-09-18 02:06 - 2012-12-30 17:24 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-09-18 02:05 - 2012-12-30 17:24 - 00000000 ____D C:\Program Files\Microsoft Office 2015-09-18 02:04 - 2014-11-25 12:51 - 00000000 ____D C:\Program Files (x86)\MSBuild 2015-09-18 02:04 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-09-18 02:04 - 2012-12-30 17:26 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2015-09-18 02:04 - 2012-12-30 17:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2015-09-18 02:02 - 2014-09-24 16:51 - 00000000 ____D C:\WINDOWS\ShellNew 2015-09-18 01:59 - 2013-04-15 17:29 - 00000000 ____D C:\Program Files\Java 2015-09-18 01:58 - 2012-09-02 10:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support 2015-09-18 01:52 - 2015-06-04 01:44 - 00000000 ____D C:\ProgramData\FAZ 2015-09-18 01:49 - 2013-12-22 23:26 - 00000000 ____D C:\Users\BartoszM\AppData\Roaming\GameRanger 2015-09-18 01:46 - 2014-05-23 17:44 - 00000000 ____D C:\Users\BartoszM\AppData\Roaming\DAEMON Tools Lite 2015-09-18 01:45 - 2014-11-25 13:04 - 00000000 ___DC C:\WINDOWS\Panther 2015-09-18 01:45 - 2012-12-30 16:37 - 00000000 ____D C:\Users\BartoszM\AppData\Roaming\FileZilla 2015-09-18 00:58 - 2013-08-22 16:44 - 05803256 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-09-18 00:57 - 2013-08-22 15:25 - 01048576 ___SH C:\WINDOWS\system32\config\BBI 2015-09-17 17:18 - 2014-09-24 17:08 - 02026228 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-09-17 17:18 - 2014-09-24 16:35 - 00878416 _____ C:\WINDOWS\system32\perfh015.dat 2015-09-17 17:18 - 2014-09-24 16:35 - 00198680 _____ C:\WINDOWS\system32\perfc015.dat 2015-09-17 16:02 - 2015-08-19 16:25 - 00000000 ____D C:\Users\BartoszM\Desktop\hacki 2015-09-16 22:31 - 2013-01-24 21:40 - 00004046 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-09-16 22:31 - 2013-01-24 21:40 - 00003810 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-09-16 18:21 - 2015-07-10 21:28 - 00000000 ____D C:\Users\BartoszM\Desktop\zlecenia 2015-09-16 13:20 - 2013-01-24 21:21 - 00000000 ____D C:\Users\BartoszM\AppData\Local\Google 2015-09-15 23:36 - 2014-07-01 22:29 - 00000000 ____D C:\Users\BartoszM\Desktop\KasaNaFOna 2015-09-15 21:02 - 2014-04-16 14:21 - 00000000 ____D C:\ProgramData\ipla 2015-09-15 21:00 - 2014-04-16 14:21 - 00000000 ____D C:\Users\BartoszM\AppData\Roaming\ipla 2015-09-15 17:32 - 2015-07-16 22:31 - 00000000 ____D C:\Users\BartoszM\Desktop\transcendentalne 2015-09-14 18:06 - 2013-04-26 18:56 - 00000000 ____D C:\Users\BartoszM\Desktop\yt 2015-09-14 18:04 - 2015-02-19 19:29 - 00000000 ____D C:\Users\BartoszM\Desktop\faktury 2015-09-14 17:38 - 2013-01-19 00:11 - 00000000 ____D C:\Program Files\Adobe 2015-09-14 17:38 - 2012-12-29 17:46 - 00000000 ____D C:\Users\BartoszM\AppData\Roaming\Adobe 2015-09-14 17:36 - 2013-01-01 22:41 - 00000000 ____D C:\Program Files\Common Files\Adobe 2015-09-14 17:09 - 2014-03-22 16:30 - 00000000 ____D C:\Users\BartoszM\Desktop\media-transitions-fx-pack 2015-09-14 16:39 - 2013-08-30 22:52 - 00000000 ____D C:\Users\BartoszM\Desktop\GraphicRiver Watermark Pattern Creator RETAIL 2015-09-12 17:31 - 2015-04-26 21:55 - 00000000 ____D C:\Users\BartoszM\Desktop\stronki 2015-09-11 20:18 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-09-10 20:05 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache 2015-09-09 23:40 - 2014-09-24 16:51 - 00000000 ____D C:\Program Files\Windows Journal 2015-09-09 23:40 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2015-09-09 23:39 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2015-09-09 23:39 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\inetsrv 2015-09-09 15:34 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-09-09 15:34 - 2012-07-26 07:26 - 00000167 _____ C:\WINDOWS\win.ini 2015-09-09 15:02 - 2013-07-16 14:27 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-09-01 20:26 - 2013-09-07 19:57 - 00000000 ____D C:\Users\BartoszM\AppData\Roaming\Skype 2015-09-01 19:27 - 2013-09-07 19:57 - 00000000 ____D C:\ProgramData\Skype 2015-08-30 00:30 - 2015-05-31 00:21 - 00000000 ____D C:\Users\BartoszM\Desktop\port 2015-08-28 14:28 - 2013-12-07 21:16 - 00000614 _____ C:\Users\BartoszM\Desktop\Readme .txt 2015-08-28 00:20 - 2015-08-05 16:01 - 00000000 ____D C:\Users\BartoszM\Desktop\exp 2015-08-28 00:19 - 2012-12-29 19:18 - 00000000 ____D C:\Users\BartoszM\Desktop\Gry 2015-08-26 18:37 - 2012-12-30 19:06 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-08-26 01:46 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF 2015-08-26 01:32 - 2015-07-07 15:17 - 00000699 _____ C:\Users\BartoszM\Desktop\dane nju.txt 2015-08-26 00:58 - 2012-12-30 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2015-08-22 20:51 - 2014-05-13 22:38 - 00000000 ____D C:\Users\BartoszM\Desktop\sztuka 2015-08-22 20:44 - 2013-04-19 15:29 - 00000000 ____D C:\Users\BartoszM\Desktop\wszystko ==================== Pliki w katalogu głównym wybranych folderów ======= 2013-07-18 20:22 - 2015-07-10 23:01 - 0015360 _____ () C:\Users\BartoszM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-12-30 18:42 - 2012-12-30 18:42 - 0000057 _____ () C:\ProgramData\Ament.ini 2013-03-16 21:20 - 2013-03-16 21:20 - 0000165 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2015-09-18 05:50 ==================== Koniec FRST.txt ============================