Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:17-04-2016 Uruchomiony przez infor (administrator) LENOVOB560 (17-04-2016 10:08:04) Uruchomiony z C:\Users\infor\Desktop Załadowane profile: infor (Dostępne profile: infor) Platform: Windows 7 Professional (X64) Język: Polski (Polska) Internet Explorer Wersja 8 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtLED\RtLEDService.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtLED\RtLED.exe (UltraVNC) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe (UltraVNC) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10821224 2010-06-02] (Realtek Semiconductor) HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [2598280 2010-03-29] (ELAN Microelectronics Corp.) HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-04-10] (COMODO) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-28] (Oracle Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2016-04-12] (Adobe Systems Incorporated) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1606217939-597527420-3800542603-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-04-15] (Piriform Ltd) HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2016-03-28] (Microsoft Corporation) AppInit_DLLs: C:\ProgramData\Graveair\RanDox.dll => C:\ProgramData\Graveair\RanDox.dll [361984 2016-04-14] () AppInit_DLLs-x32: C:\ProgramData\Graveair\NimFax.dll => C:\ProgramData\Graveair\NimFax.dll [257536 2016-04-14] () ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712 2009-07-14] (Microsoft Corporation) UWAGA: LibraryPath powinno kierować na "%SystemRoot%\system32\NLAapi.dll" Winsock: Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448 2009-07-14] (Microsoft Corporation) UWAGA: LibraryPath powinno kierować na "%SystemRoot%\System32\mswsock.dll" Winsock: Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992 2009-07-14] (Microsoft Corporation) UWAGA: LibraryPath powinno kierować na "%SystemRoot%\System32\winrnr.dll" Winsock: Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224 2009-07-14] (Microsoft Corporation) UWAGA: LibraryPath powinno kierować na "%SystemRoot%\system32\napinsp.dll" Winsock: Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024 2009-07-14] (Microsoft Corporation) UWAGA: LibraryPath powinno kierować na "%SystemRoot%\system32\pnrpnsp.dll" Winsock: Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024 2009-07-14] (Microsoft Corporation) UWAGA: LibraryPath powinno kierować na "%SystemRoot%\system32\pnrpnsp.dll" Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{F37A83B9-DB07-4CF7-B5FE-85C065487115}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== SearchScopes: HKLM-x32 -> DefaultScope - brak wartości BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-28] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-28] (Oracle Corporation) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\infor\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1 FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-28] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-28] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-21] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-21] (Google Inc.) FF Plugin-x32: Adobe Reader -> D:\programy\AdobeReader\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.) Chrome: ======= CHR HomePage: Default -> hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBFnkdYvIvvwfEYzwmkwM3HPmqx485Fy9cxyKz4C7eSZCbvx7Pr1Y-TNUv6YEblXEVu0gu0AiUPyJ9Pb8BQ_1KRazEqtLEluXll9WNXbkgCoIbJBDsQjpeg90878SiN9gl43NBGeF5rb684fygomfuJIqAmjstJJBNA4hMavkUSqxBqRtOedp8, CHR DefaultSearchURL: Default -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBFnkdYvIvvwfEYzwmkwM3HPmqx485Fy9cxyKz4C7eSZCbvx7Pr1Y-TNUv6YEblXEVu0gu0AiUPyJ9Pb8BQ_1KRazEqtL3CRa8I3eSxWmDvlZNkrcF2iCTEZd0pm-Px9v28I3g04RCWoAjgUkIqDknNHBgQVrmf5Ajeu-5acSuLJtkardu7cdw,&q={searchTerms} CHR DefaultSearchKeyword: Default -> feed.sonic-search.com CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms} CHR Profile: C:\Users\infor\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Prezentacje Google) - C:\Users\infor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-17] CHR Extension: (Dokumenty Google) - C:\Users\infor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-17] CHR Extension: (Dysk Google) - C:\Users\infor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-17] CHR Extension: (YouTube) - C:\Users\infor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-17] CHR Extension: (Arkusze Google) - C:\Users\infor\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-17] CHR Extension: (Dokumenty Google offline) - C:\Users\infor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-17] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\infor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-17] CHR Extension: (Gmail) - C:\Users\infor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-17] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5799552 2016-04-10] (COMODO) S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2271928 2016-04-10] (COMODO) R2 RtLedService; C:\Program Files\Realtek\RtLED\RtLEDService.exe [311296 2010-02-05] (Realtek Semiconductor Corp.) [Brak podpisu cyfrowego] S2 SstrprSrv; C:\Program Files (x86)\Sosition\SstrprSrv.exe [310360 2016-04-15] () R2 uvnc_service; C:\Program Files\uvnc bvba\UltraVNC\WinVNC.exe [2141776 2016-03-22] (UltraVNC) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [31648 2016-04-06] (COMODO) R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [823848 2016-04-06] (COMODO) R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [56464 2016-04-06] (COMODO) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [116248 2016-04-06] (COMODO) R3 JmUsbCcgp; C:\Windows\System32\DRIVERS\jmccgp.sys [17520 2009-12-03] (JMicron Technology Corp.) R3 JmUsbVideo; C:\Windows\System32\Drivers\jmcam.sys [54000 2009-12-03] (JMicron Technology Corp.) R3 JmUsbVideo2; C:\Windows\System32\Drivers\jmcam_lo.sys [28656 2009-12-03] (JMicron Technology Corp.) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-04-17 10:08 - 2016-04-17 10:08 - 00011701 _____ C:\Users\infor\Desktop\FRST.txt 2016-04-17 10:07 - 2016-04-17 10:08 - 00000000 ____D C:\FRST 2016-04-17 10:06 - 2016-04-17 10:06 - 02375168 _____ (Farbar) C:\Users\infor\Desktop\FRST64.exe 2016-04-17 09:57 - 2016-04-17 10:01 - 00000000 ____D C:\Users\infor\AppData\Roaming\Geek Uninstaller 2016-04-17 09:47 - 2016-04-17 09:47 - 00003208 ____N C:\bootsqm.dat 2016-04-17 09:01 - 2016-04-17 09:01 - 00000000 ____D C:\ProgramData\IObit 2016-04-17 09:01 - 2016-04-17 09:01 - 00000000 ____D C:\Program Files (x86)\IObit 2016-04-15 18:07 - 2016-04-17 09:05 - 00000000 ____D C:\AdwCleaner 2016-04-15 18:07 - 2016-04-15 18:07 - 03677760 _____ C:\Users\infor\Desktop\adwcleaner_5.111.exe 2016-04-15 17:56 - 2016-04-15 17:56 - 00002794 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2016-04-15 17:56 - 2016-04-15 17:56 - 00000824 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-04-15 17:56 - 2016-04-15 17:56 - 00000000 ____D C:\Program Files\CCleaner 2016-04-15 13:38 - 2016-04-15 13:38 - 00014634 _____ C:\Windows\System32\Tasks\Sosition Reports 2016-04-15 13:38 - 2016-04-15 13:38 - 00000000 ____D C:\Users\infor\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108 2016-04-15 13:38 - 2016-04-15 13:38 - 00000000 ____D C:\Program Files (x86)\Sosition 2016-04-15 13:37 - 2016-04-15 18:01 - 00000000 ____D C:\Program Files (x86)\hohobnd 2016-04-14 23:23 - 2016-04-15 17:57 - 00000000 ____D C:\Users\infor\AppData\Roaming\PhotoScape 2016-04-14 22:01 - 2016-04-14 22:01 - 00003350 _____ C:\Users\infor\AppData\Local\recently-used.xbel 2016-04-14 21:30 - 2016-04-14 22:01 - 00000000 ____D C:\Users\infor\AppData\Local\gtk-2.0 2016-04-14 21:30 - 2016-04-14 21:30 - 00000000 ____D C:\Users\infor\.thumbnails 2016-04-14 21:08 - 2016-04-14 22:01 - 00000000 ____D C:\Users\infor\.gimp-2.8 2016-04-14 21:08 - 2016-04-14 21:08 - 00000000 ____D C:\Users\infor\AppData\Local\gegl-0.2 2016-04-14 21:08 - 2016-04-14 21:08 - 00000000 ____D C:\Users\infor\AppData\Local\fontconfig 2016-04-14 21:04 - 2016-04-14 21:04 - 00000737 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk 2016-04-14 21:00 - 2016-04-14 21:00 - 00000000 ____D C:\Users\infor\AppData\Roaming\dlg 2016-04-14 20:49 - 2016-04-14 20:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-04-14 20:48 - 2016-04-15 13:40 - 00000000 ____D C:\Users\infor\AppData\Roaming\Opera Software 2016-04-14 20:48 - 2016-04-15 13:40 - 00000000 ____D C:\Users\infor\AppData\Local\Opera Software 2016-04-14 20:48 - 2016-04-14 20:48 - 06494208 _____ C:\Users\infor\AppData\Roaming\agent.dat 2016-04-14 20:48 - 2016-04-14 20:48 - 01626777 _____ C:\Users\infor\AppData\Roaming\Tampflex.tst 2016-04-14 20:48 - 2016-04-14 20:48 - 01160704 _____ C:\Users\infor\AppData\Roaming\ZooLa.exe 2016-04-14 20:48 - 2016-04-14 20:48 - 01160704 _____ C:\Users\infor\AppData\Roaming\Tampflex.exe 2016-04-14 20:48 - 2016-04-14 20:48 - 00219619 _____ C:\Users\infor\AppData\Roaming\inst.lat 2016-04-14 20:48 - 2016-04-14 20:48 - 00127488 _____ C:\Users\infor\AppData\Roaming\Installer.dat 2016-04-14 20:48 - 2016-04-14 20:48 - 00126464 _____ C:\Users\infor\AppData\Roaming\noah.dat 2016-04-14 20:48 - 2016-04-14 20:48 - 00126464 _____ C:\Users\infor\AppData\Roaming\lobby.dat 2016-04-14 20:48 - 2016-04-14 20:48 - 00072717 _____ C:\Users\infor\AppData\Roaming\ZooLa.tst 2016-04-14 20:48 - 2016-04-14 20:48 - 00065568 _____ C:\Users\infor\AppData\Roaming\Config.xml 2016-04-14 20:48 - 2016-04-14 20:48 - 00054272 _____ C:\Users\infor\AppData\Roaming\ApplicationHosting.dat 2016-04-14 20:48 - 2016-04-14 20:48 - 00018432 _____ C:\Users\infor\AppData\Roaming\Main.dat 2016-04-14 20:48 - 2016-04-14 20:48 - 00015888 _____ C:\Users\infor\AppData\Roaming\InstallationConfiguration.xml 2016-04-14 20:48 - 2016-04-14 20:48 - 00005568 _____ C:\Users\infor\AppData\Roaming\md.xml 2016-04-14 20:48 - 2016-04-14 20:48 - 00000000 ____D C:\ProgramData\Graveairs 2016-04-14 20:48 - 2016-04-14 20:48 - 00000000 ____D C:\ProgramData\Graveair 2016-04-14 20:48 - 2016-04-14 20:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-04-14 20:46 - 2016-04-15 13:40 - 00000000 ____D C:\Program Files (x86)\Opera 2016-04-12 16:15 - 2016-04-15 18:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-04-12 13:44 - 2016-04-12 13:44 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2016-04-12 13:44 - 2016-04-12 13:44 - 00001651 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk 2016-04-12 13:44 - 2016-04-12 13:44 - 00000000 ____D C:\Users\infor\AppData\Roaming\Adobe 2016-04-12 13:44 - 2016-04-12 13:44 - 00000000 ____D C:\Users\infor\AppData\LocalLow\Adobe 2016-04-12 13:44 - 2016-04-12 13:44 - 00000000 ____D C:\Users\infor\AppData\Local\Adobe 2016-04-10 18:32 - 2016-04-10 18:32 - 00000000 ____D C:\Users\infor\Documents\Deluxe Ski Jump 4 2016-04-10 17:33 - 2016-04-10 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluxe Ski Jump 4 2016-04-10 13:59 - 2016-04-10 14:00 - 41784152 _____ C:\Users\infor\Desktop\iplasetup.exe 2016-04-10 11:16 - 2016-04-10 11:16 - 00000000 ___HD C:\VTRoot 2016-04-10 11:15 - 2016-04-10 11:30 - 00006622 _____ C:\Windows\system32\Drivers\fvstore.dat 2016-03-30 22:34 - 2016-03-30 22:34 - 00000000 ____D C:\Users\infor\AppData\Roaming\Dev-Cpp 2016-03-30 21:00 - 2016-04-12 13:44 - 00000000 ____D C:\ProgramData\Adobe 2016-03-30 20:59 - 2016-03-30 20:59 - 02037435 _____ C:\Users\infor\Desktop\Elliot-Aronson-Czlowiek-istota-spoleczna.pdf 2016-03-30 20:55 - 2016-03-30 20:55 - 00000998 _____ C:\Users\infor\Desktop\Dev-C++.lnk 2016-03-30 20:55 - 2016-03-30 20:55 - 00000000 ____D C:\Program Files (x86)\Dev-Cpp 2016-03-29 14:39 - 2016-03-29 14:39 - 00000000 ____D C:\Users\infor\ePrawko 2016-03-29 14:36 - 2016-03-29 14:36 - 00000880 _____ C:\Users\Public\Desktop\Testy Liwona kategoria B.lnk 2016-03-29 14:36 - 2016-03-29 14:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Testy Liwona kategoria B 2016-03-28 20:26 - 2016-03-28 20:26 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2016-03-28 20:26 - 2016-03-28 20:26 - 00000000 ____D C:\Users\infor\AppData\Roaming\Sun 2016-03-28 20:26 - 2016-03-28 20:26 - 00000000 ____D C:\Users\infor\AppData\LocalLow\Sun 2016-03-28 20:26 - 2016-03-28 20:26 - 00000000 ____D C:\Users\infor\.oracle_jre_usage 2016-03-28 20:26 - 2016-03-28 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-03-28 20:25 - 2016-03-28 20:26 - 00000000 ____D C:\ProgramData\Oracle 2016-03-28 20:25 - 2016-03-28 20:25 - 00000000 ____D C:\Program Files (x86)\Java 2016-03-28 20:24 - 2016-03-28 20:24 - 00000000 ____D C:\Users\infor\AppData\LocalLow\Oracle 2016-03-28 20:21 - 2016-04-15 18:13 - 00000737 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-03-28 20:21 - 2016-04-15 18:13 - 00000725 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-03-28 20:21 - 2016-04-15 18:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-03-28 20:21 - 2016-03-28 20:27 - 00000000 ____D C:\Users\infor\AppData\Local\Mozilla 2016-03-28 20:21 - 2016-03-28 20:21 - 00000000 ____D C:\Users\infor\AppData\Roaming\Mozilla 2016-03-28 13:55 - 2016-03-28 13:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2016-03-28 13:55 - 2016-03-28 13:55 - 00000000 ____D C:\Windows\system32\SPReview 2016-03-28 13:55 - 2016-03-28 13:55 - 00000000 ____D C:\Windows\system32\EventProviders 2016-03-22 20:43 - 2016-03-22 20:43 - 00001476 _____ C:\Users\Public\Desktop\LibreOffice 5.1.lnk 2016-03-22 20:43 - 2016-03-22 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1 2016-03-22 20:42 - 2016-03-22 20:43 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5 2016-03-22 20:31 - 2016-03-22 20:40 - 221724672 _____ C:\Users\infor\Downloads\LibreOffice_5.1.1_Win_x86.msi 2016-03-22 20:26 - 2016-03-22 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraVNC 2016-03-21 23:04 - 2016-03-21 23:06 - 00000000 ____D C:\Windows\system32\MRT 2016-03-21 23:04 - 2016-03-21 23:04 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-03-21 23:03 - 2016-03-21 23:03 - 05509504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-03-21 23:03 - 2016-03-21 23:03 - 03957632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2016-03-21 23:03 - 2016-03-21 23:03 - 03901824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2016-03-21 23:03 - 2016-03-21 23:03 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2016-03-21 23:03 - 2016-03-21 23:03 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2016-03-21 23:00 - 2016-03-21 23:00 - 00000000 ____D C:\Users\infor\AppData\Roaming\UltraVNC 2016-03-21 22:59 - 2016-03-21 22:59 - 00000000 ____D C:\Program Files\uvnc bvba 2016-03-21 22:58 - 2016-03-21 23:01 - 38966928 _____ (Adobe Systems Incorporated) C:\Users\infor\Downloads\AdbeRdr11000_pl_PL.exe 2016-03-21 22:58 - 2016-03-21 22:58 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2016-03-21 22:58 - 2016-03-21 22:58 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-03-21 22:58 - 2016-03-21 22:58 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2016-03-21 22:58 - 2016-03-21 22:58 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2016-03-21 22:58 - 2016-03-21 22:58 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2016-03-21 22:58 - 2016-03-21 22:58 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2016-03-21 22:58 - 2016-03-21 22:58 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2016-03-21 22:58 - 2016-03-21 22:58 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2016-03-21 22:58 - 2016-03-21 22:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2016-03-21 22:56 - 2016-03-21 22:57 - 03442064 _____ (uvnc bvba ) C:\Users\infor\Downloads\UltraVNC_1_2_10_X64_Setup.exe 2016-03-21 22:52 - 2016-04-15 18:13 - 00000905 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-03-21 22:52 - 2016-04-15 18:13 - 00000893 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-03-21 22:50 - 2016-04-17 09:55 - 00001046 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-03-21 22:50 - 2016-04-17 09:47 - 00001042 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-03-21 22:50 - 2016-03-28 20:10 - 00000000 ____D C:\Users\infor\AppData\Local\Google 2016-03-21 22:50 - 2016-03-21 22:52 - 00000000 ____D C:\Program Files (x86)\Google 2016-03-21 22:50 - 2016-03-21 22:50 - 00004042 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-03-21 22:50 - 2016-03-21 22:50 - 00003790 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-03-21 22:47 - 2016-03-21 22:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2016-03-21 22:47 - 2016-03-21 22:48 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll 2016-03-21 22:47 - 2016-03-21 22:48 - 00002048 _____ C:\Windows\SysWOW64\winver.exe 2016-03-21 22:47 - 2016-03-21 22:48 - 00001536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll 2016-03-21 22:47 - 2016-03-21 22:47 - 00113543 _____ C:\Windows\SysWOW64\slmgr.vbs 2016-03-21 22:40 - 2016-04-15 13:38 - 00000000 ____D C:\Users\Public\Documents\dmp 2016-03-21 22:38 - 2016-04-15 13:32 - 00000000 ____D C:\Program Files (x86)\Removewat 2.2.7 ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-04-17 10:07 - 2009-08-29 12:05 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat 2016-04-17 09:52 - 2009-07-14 19:55 - 00843756 _____ C:\Windows\system32\perfh015.dat 2016-04-17 09:52 - 2009-07-14 19:55 - 00181842 _____ C:\Windows\system32\perfc015.dat 2016-04-17 09:52 - 2009-07-14 07:13 - 01732398 _____ C:\Windows\system32\PerfStringBackup.INI 2016-04-17 09:52 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2016-04-17 09:47 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-04-17 09:05 - 2009-07-14 06:45 - 00009792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-04-17 09:05 - 2009-07-14 06:45 - 00009792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-04-15 18:01 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD 2016-04-15 17:57 - 2009-08-29 12:12 - 00000000 ____D C:\Windows\Panther 2016-04-15 13:40 - 2009-08-29 11:17 - 00001453 _____ C:\Users\infor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-04-15 13:40 - 2009-08-29 11:17 - 00001419 _____ C:\Users\infor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2016-04-14 21:30 - 2009-08-29 11:17 - 00000000 ____D C:\Users\infor 2016-04-10 11:15 - 2009-08-29 12:05 - 00001953 _____ C:\Users\Public\Desktop\COMODO Antivirus.lnk 2016-04-06 14:19 - 2015-08-05 00:31 - 00116248 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys 2016-04-06 14:19 - 2015-08-05 00:31 - 00056464 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys 2016-04-06 14:18 - 2015-11-18 17:14 - 00823848 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys 2016-04-06 14:18 - 2015-11-18 17:14 - 00031648 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys 2016-04-06 14:17 - 2015-08-05 00:29 - 00051800 _____ (COMODO) C:\Windows\system32\cmdcsr.dll 2016-04-06 14:16 - 2015-09-03 11:52 - 00596232 _____ (COMODO) C:\Windows\system32\guard64.dll 2016-04-06 14:16 - 2015-09-03 11:52 - 00461648 _____ (COMODO) C:\Windows\SysWOW64\guard32.dll 2016-04-06 14:14 - 2015-08-05 00:28 - 00365752 _____ (COMODO) C:\Windows\system32\cmdvrt64.dll 2016-04-06 14:14 - 2015-08-05 00:28 - 00051896 _____ (COMODO) C:\Windows\system32\cmdkbd64.dll 2016-04-06 14:12 - 2015-08-05 00:27 - 00296120 _____ (COMODO) C:\Windows\SysWOW64\cmdvrt32.dll 2016-04-06 14:11 - 2015-08-05 00:26 - 00046776 _____ (COMODO) C:\Windows\SysWOW64\cmdkbd32.dll 2016-04-01 16:27 - 2009-07-14 06:45 - 00334208 _____ C:\Windows\system32\FNTCACHE.DAT 2016-03-28 15:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2016-03-28 14:08 - 2009-08-29 11:58 - 00073184 _____ C:\Users\infor\AppData\Local\GDIPFONTCACHEV1.DAT 2016-03-28 13:55 - 2009-07-14 02:21 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtp.dll 2016-03-28 13:55 - 2009-07-14 02:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtpUS.dll 2016-03-28 13:55 - 2009-07-14 02:06 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys 2016-03-28 13:54 - 2009-08-29 11:51 - 09112096 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsUStoricon.dll 2016-03-28 13:54 - 2009-08-29 11:51 - 00422432 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtsUStor.dll 2016-03-21 23:07 - 2009-08-29 11:33 - 00000000 ____D C:\Program Files (x86)\Intel 2016-03-21 23:06 - 2012-01-10 23:43 - 04379416 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe 2016-03-21 23:06 - 2012-01-10 23:43 - 00510232 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe 2016-03-21 23:06 - 2012-01-10 23:43 - 00417560 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe 2016-03-21 23:06 - 2012-01-10 23:43 - 00392984 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe 2016-03-21 23:06 - 2012-01-10 23:43 - 00239896 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe 2016-03-21 23:06 - 2012-01-10 23:43 - 00184600 _____ (Intel Corporation) C:\Windows\system32\difx64.exe 2016-03-21 23:06 - 2012-01-10 23:43 - 00167704 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe 2016-03-21 23:06 - 2012-01-10 23:37 - 00090112 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2622.dll 2016-03-21 23:06 - 2012-01-10 23:28 - 12311904 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys 2016-03-21 23:06 - 2012-01-10 23:28 - 08313856 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll 2016-03-21 23:06 - 2012-01-10 23:06 - 09528832 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll 2016-03-21 23:06 - 2012-01-10 22:55 - 07988224 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll 2016-03-21 23:06 - 2012-01-10 22:42 - 18653696 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll 2016-03-21 23:06 - 2012-01-10 22:29 - 13904384 _____ C:\Windows\SysWOW64\ig4icd32.dll 2016-03-21 23:06 - 2012-01-10 22:20 - 00375808 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll 2016-03-21 23:06 - 2012-01-10 22:20 - 00287232 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc 2016-03-21 23:06 - 2012-01-10 22:20 - 00287232 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc 2016-03-21 23:06 - 2012-01-10 22:20 - 00287232 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc 2016-03-21 23:06 - 2012-01-10 22:20 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc 2016-03-21 23:06 - 2012-01-10 22:20 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc 2016-03-21 23:06 - 2012-01-10 22:20 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc 2016-03-21 23:06 - 2012-01-10 22:20 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc 2016-03-21 23:06 - 2012-01-10 22:20 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc 2016-03-21 23:06 - 2012-01-10 22:20 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc 2016-03-21 23:06 - 2012-01-10 22:20 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc 2016-03-21 23:06 - 2012-01-10 22:20 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc 2016-03-21 23:06 - 2012-01-10 22:20 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc 2016-03-21 23:06 - 2012-01-10 22:20 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc 2016-03-21 23:06 - 2012-01-10 22:20 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc 2016-03-21 23:06 - 2012-01-10 22:20 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc 2016-03-21 23:06 - 2012-01-10 22:20 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc 2016-03-21 23:06 - 2012-01-10 22:20 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc 2016-03-21 23:06 - 2012-01-10 22:20 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc 2016-03-21 23:06 - 2012-01-10 22:20 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc 2016-03-21 23:06 - 2012-01-10 22:20 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc 2016-03-21 23:06 - 2012-01-10 22:20 - 00285696 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc 2016-03-21 23:06 - 2012-01-10 22:20 - 00285696 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc 2016-03-21 23:06 - 2012-01-10 22:20 - 00285184 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc 2016-03-21 23:06 - 2012-01-10 22:20 - 00285184 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc 2016-03-21 23:06 - 2012-01-10 22:20 - 00283648 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc 2016-03-21 23:06 - 2012-01-10 22:20 - 00283136 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc 2016-03-21 23:06 - 2012-01-10 22:20 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc 2016-03-21 23:06 - 2012-01-10 22:20 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc 2016-03-21 23:06 - 2012-01-10 22:20 - 00126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl 2016-03-21 23:06 - 2012-01-10 22:19 - 00390656 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll 2016-03-21 23:06 - 2012-01-10 22:19 - 00378368 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll 2016-03-21 23:06 - 2012-01-10 22:19 - 00146432 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll 2016-03-21 23:06 - 2012-01-10 22:19 - 00028672 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll 2016-03-21 23:06 - 2012-01-10 22:19 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll 2016-03-21 23:06 - 2012-01-10 22:18 - 00285696 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc 2016-03-21 23:06 - 2012-01-10 22:18 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll 2016-03-21 23:06 - 2012-01-10 22:15 - 00024576 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll 2016-03-21 23:06 - 2012-01-10 22:14 - 00294400 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll 2016-03-21 23:06 - 2012-01-10 22:12 - 02177536 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll 2016-03-21 23:06 - 2012-01-10 22:12 - 01663488 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll 2016-03-21 23:06 - 2012-01-10 22:12 - 00376832 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll 2016-03-21 23:06 - 2012-01-10 22:12 - 00376832 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll 2016-03-21 23:06 - 2012-01-10 22:12 - 00171520 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll 2016-03-21 23:06 - 2012-01-10 22:12 - 00148480 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll 2016-03-21 23:06 - 2012-01-10 22:12 - 00098304 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll 2016-03-21 23:06 - 2012-01-10 22:12 - 00098304 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll 2016-03-21 23:06 - 2012-01-10 22:12 - 00094208 _____ C:\Windows\system32\IccLibDll_x64.dll 2016-03-21 23:06 - 2010-03-31 00:39 - 06323712 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll 2016-03-21 23:06 - 2010-03-31 00:35 - 00581120 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdx32.dll 2016-03-21 23:06 - 2010-03-31 00:04 - 00062464 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll 2016-03-21 23:06 - 2010-03-31 00:03 - 00110080 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll 2016-03-21 23:06 - 2010-03-31 00:02 - 09014784 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll 2016-03-21 23:06 - 2009-09-17 20:54 - 00056344 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys 2016-03-21 22:50 - 2009-08-29 11:58 - 00000000 ____D C:\Users\infor\AppData\Local\Deployment ==================== Pliki w katalogu głównym wybranych folderów ======= 2016-04-14 20:48 - 2016-04-14 20:48 - 6494208 _____ () C:\Users\infor\AppData\Roaming\agent.dat 2016-04-14 20:48 - 2016-04-14 20:48 - 0054272 _____ () C:\Users\infor\AppData\Roaming\ApplicationHosting.dat 2016-04-14 20:48 - 2016-04-14 20:48 - 0065568 _____ () C:\Users\infor\AppData\Roaming\Config.xml 2016-04-14 20:48 - 2016-04-14 20:48 - 0219619 _____ () C:\Users\infor\AppData\Roaming\inst.lat 2016-04-14 20:48 - 2016-04-14 20:48 - 0015888 _____ () C:\Users\infor\AppData\Roaming\InstallationConfiguration.xml 2016-04-14 20:48 - 2016-04-14 20:48 - 0127488 _____ () C:\Users\infor\AppData\Roaming\Installer.dat 2016-04-14 20:48 - 2016-04-14 20:48 - 0126464 _____ () C:\Users\infor\AppData\Roaming\lobby.dat 2016-04-14 20:48 - 2016-04-14 20:48 - 0018432 _____ () C:\Users\infor\AppData\Roaming\Main.dat 2016-04-14 20:48 - 2016-04-14 20:48 - 0005568 _____ () C:\Users\infor\AppData\Roaming\md.xml 2016-04-14 20:48 - 2016-04-14 20:48 - 0126464 _____ () C:\Users\infor\AppData\Roaming\noah.dat 2016-04-14 20:48 - 2016-04-14 20:48 - 1160704 _____ () C:\Users\infor\AppData\Roaming\Tampflex.exe 2016-04-14 20:48 - 2016-04-14 20:48 - 1626777 _____ () C:\Users\infor\AppData\Roaming\Tampflex.tst 2016-04-14 20:48 - 2016-04-14 20:48 - 0032038 _____ () C:\Users\infor\AppData\Roaming\uninstall_temp.ico 2016-04-14 20:48 - 2016-04-14 20:48 - 1160704 _____ () C:\Users\infor\AppData\Roaming\ZooLa.exe 2016-04-14 20:48 - 2016-04-14 20:48 - 0072717 _____ () C:\Users\infor\AppData\Roaming\ZooLa.tst 2016-04-14 22:01 - 2016-04-14 22:01 - 0003350 _____ () C:\Users\infor\AppData\Local\recently-used.xbel Niektóre pliki w TEMP: ==================== C:\Users\infor\AppData\Local\Temp\libeay32.dll C:\Users\infor\AppData\Local\Temp\msvcr120.dll C:\Users\infor\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll [2009-07-14 01:38] - [2009-07-14 03:41] - 1008640 ____A (Microsoft Corporation) E573BD9AB55C8E333C202B9E255F972E C:\Windows\SysWOW64\User32.dll [2016-03-21 22:47] - [2016-03-21 22:48] - 0833024 ____A (Microsoft Corporation) 2C9CC9F492CA596B1B9FC1AE5E916356 C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-04-11 17:05 ==================== Koniec FRST.txt ============================