Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja: 18-09-2016 Uruchomiony przez user (administrator) USER-KOMPUTER (19-09-2016 14:12:39) Uruchomiony z D:\Downloads Załadowane profile: user (Dostępne profile: user & Gość) Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: IE) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (The Firebird Project) C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe (Inprise Corporation) C:\Program Files\borland\interbase\Bin\ibguard.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (Inprise Corporation) C:\Program Files\borland\interbase\Bin\ibserver.exe (The Firebird Project) C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (The Firebird Project) D:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (The Firebird Project) D:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe (© 2015 Microsoft Corporation) C:\Users\user\AppData\Local\Microsoft\BingSvc\BingSvc.exe (InstallShield Software Corporation) C:\Windows\Downloaded Program Files\dwusplay.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Farbar) D:\Downloads\FRST (1).exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [BrStsMon00] => C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN HKLM\...\Run: [Firebird] => D:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe [65536 2004-12-13] (The Firebird Project) HKLM\...\Run: [Onet.pl AutoUpdate] => "C:\Program Files\Common Files\Onet.pl\NewAutoUpdate.exe" /updateexetsr HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated) HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" HKU\S-1-5-21-692876171-3784820754-1000599183-1000\...\Run: [EPSON Stylus DX4400 Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [180736 2007-03-01] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-692876171-3784820754-1000599183-1000\...\Run: [BingSvc] => C:\Users\user\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-01-22] (© 2015 Microsoft Corporation) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) BootExecute: autocheck autochk /p \??\D:autocheck autochk * ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\..\Interfaces\{B8B08BB1-4D29-4653-A5F1-E80BB4928639}: [NameServer] 194.204.152.34,194.204.159.1 Internet Explorer: ================== SearchScopes: HKU\S-1-5-21-692876171-3784820754-1000599183-1000 -> DefaultScope {C6EAC588-A0F3-43F9-A0FB-BE973CD8F738} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-692876171-3784820754-1000599183-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-692876171-3784820754-1000599183-1000 -> {C6EAC588-A0F3-43F9-A0FB-BE973CD8F738} URL = hxxps://www.google.com/search?q={searchTerms} BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-08-27] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll => Brak pliku BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-08-16] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll => Brak pliku Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation) FireFox: ======== FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [Brak pliku] FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [Brak pliku] FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [Brak pliku] FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [Brak pliku] FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [Brak pliku] FF Plugin: Adobe Reader -> D:\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation) ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2000856 2016-06-10] (ESET) R2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe [65536 2004-12-13] (The Firebird Project) [Brak podpisu cyfrowego] R3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe [1527893 2004-12-13] (The Firebird Project) [Brak podpisu cyfrowego] R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [310272 2012-06-01] (Microsoft Corporation) R2 InterBaseGuardian; C:\Program Files\borland\interbase\Bin\ibguard.exe [22016 2002-01-30] (Inprise Corporation) [Brak podpisu cyfrowego] R3 InterBaseServer; C:\Program Files\borland\interbase\Bin\ibserver.exe [1704448 2002-01-30] (Inprise Corporation) [Brak podpisu cyfrowego] R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-11-13] (Microsoft Corporation) S3 WsAppService; C:\Program Files\Wondershare\WAF\WsAppService.exe [252816 2015-04-30] (Wondershare) S3 BrYNSvc; "C:\Program Files\Browny02\BrYNSvc.exe" [X] S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [X] S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [X] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [206496 2016-06-28] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [156320 2016-06-28] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [141472 2016-06-28] (ESET) R3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [77808 2014-01-31] (FTDI Ltd.) S3 ITE; C:\Windows\System32\DRIVERS\ITE.sys [36768 2003-12-02] (Integrated Technology Express, INC.) R3 SNTNLUSB; C:\Windows\System32\DRIVERS\SNTNLUSB.SYS [35328 2007-04-27] (SafeNet, Inc.) S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [20480 2013-11-13] (Microsoft Corporation) [Brak podpisu cyfrowego] R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] () ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-09-19 14:08 - 2016-09-19 14:12 - 00000000 ____D C:\FRST 2016-09-19 13:35 - 2016-09-19 13:35 - 00000000 ____D C:\Program Files\Common Files\Compartido Microsoft 2016-09-19 13:09 - 2016-09-19 13:09 - 00003528 ____N C:\bootsqm.dat 2016-09-19 09:10 - 2016-09-01 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-09-19 09:10 - 2016-09-01 05:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-09-19 09:10 - 2016-09-01 05:17 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-09-19 09:10 - 2016-09-01 05:08 - 20312064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-09-19 09:10 - 2016-09-01 04:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-09-19 09:10 - 2016-09-01 04:46 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-09-19 09:10 - 2016-09-01 04:46 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-09-19 09:10 - 2016-09-01 04:46 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-09-19 09:10 - 2016-09-01 04:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-09-19 09:10 - 2016-09-01 04:34 - 02286592 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-09-19 09:10 - 2016-09-01 04:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-09-19 09:10 - 2016-09-01 04:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-09-19 09:10 - 2016-09-01 04:26 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-09-19 09:10 - 2016-09-01 04:24 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-09-19 09:10 - 2016-09-01 04:24 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-09-19 09:10 - 2016-09-01 04:24 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-09-19 09:10 - 2016-09-01 04:23 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-09-19 09:10 - 2016-09-01 04:14 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-09-19 09:10 - 2016-09-01 04:08 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-09-19 09:10 - 2016-09-01 03:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-09-19 09:10 - 2016-09-01 03:57 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-09-19 09:10 - 2016-09-01 03:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-09-19 09:10 - 2016-09-01 03:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-09-19 09:10 - 2016-09-01 03:48 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-09-19 09:10 - 2016-09-01 03:45 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-09-19 09:10 - 2016-09-01 03:34 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-09-19 09:10 - 2016-09-01 03:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-09-19 09:10 - 2016-09-01 03:30 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-09-19 09:10 - 2016-09-01 03:29 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-09-19 09:10 - 2016-09-01 03:29 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-09-19 09:10 - 2016-09-01 03:27 - 13808128 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-09-19 09:10 - 2016-09-01 03:24 - 04607488 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-09-19 09:10 - 2016-09-01 02:43 - 02445824 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-09-19 09:10 - 2016-09-01 02:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-09-19 09:10 - 2016-09-01 02:38 - 01316352 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-09-19 08:26 - 2016-08-16 04:48 - 00811520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2016-09-19 08:26 - 2016-08-16 04:28 - 02399232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-09-19 08:26 - 2016-07-07 17:20 - 01309928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2016-09-19 08:26 - 2016-07-07 17:20 - 00240872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2016-09-19 08:26 - 2016-07-07 17:20 - 00187624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2016-09-19 08:26 - 2016-07-07 16:57 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys 2016-09-19 08:26 - 2016-07-01 17:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2016-09-19 08:26 - 2016-07-01 17:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll 2016-09-19 08:22 - 2016-09-02 17:21 - 04000488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2016-09-19 08:22 - 2016-09-02 17:21 - 03944680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-09-19 08:22 - 2016-09-02 17:21 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-09-19 08:22 - 2016-09-02 17:21 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-09-19 08:22 - 2016-09-02 17:18 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-09-19 08:22 - 2016-09-02 17:16 - 01062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-09-19 08:22 - 2016-09-02 17:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-09-19 08:22 - 2016-09-02 17:16 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-09-19 08:22 - 2016-09-02 17:16 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-09-19 08:22 - 2016-09-02 17:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-09-19 08:22 - 2016-09-02 17:16 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-09-19 08:22 - 2016-09-02 17:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-09-19 08:22 - 2016-09-02 17:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-09-19 08:22 - 2016-09-02 17:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-09-19 08:22 - 2016-09-02 17:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-09-19 08:22 - 2016-09-02 17:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-09-19 08:22 - 2016-09-02 17:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2016-09-19 08:22 - 2016-09-02 17:16 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-09-19 08:22 - 2016-09-02 17:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-09-19 08:22 - 2016-09-02 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-09-19 08:22 - 2016-09-02 17:16 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2016-09-19 08:22 - 2016-09-02 17:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2016-09-19 08:22 - 2016-09-02 17:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-09-19 08:22 - 2016-09-02 17:16 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-09-19 08:22 - 2016-09-02 17:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-09-19 08:22 - 2016-09-02 17:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-09-19 08:22 - 2016-09-02 17:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-09-19 08:22 - 2016-09-02 16:53 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2016-09-19 08:22 - 2016-09-02 16:53 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2016-09-19 08:22 - 2016-09-02 16:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-09-19 08:22 - 2016-09-02 16:53 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2016-09-19 08:22 - 2016-09-02 16:53 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2016-09-19 08:22 - 2016-09-02 16:51 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-09-19 08:22 - 2016-09-02 16:49 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-09-19 08:22 - 2016-09-02 16:49 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-09-19 08:22 - 2016-09-02 16:49 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-09-19 08:22 - 2016-09-02 16:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-09-19 08:22 - 2016-09-02 16:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-09-19 08:22 - 2016-09-02 16:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-09-19 08:22 - 2016-09-02 16:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-09-19 08:22 - 2016-08-12 18:21 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2016-09-19 08:22 - 2016-08-12 18:21 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2016-09-19 08:22 - 2016-08-12 18:21 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2016-09-19 08:22 - 2016-06-06 17:23 - 01176064 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2016-09-19 08:22 - 2016-06-06 17:23 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2016-09-19 08:22 - 2016-06-06 17:23 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2016-09-19 08:22 - 2016-06-06 17:23 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2016-09-19 08:22 - 2016-05-13 23:50 - 02945536 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2016-09-19 08:22 - 2016-05-13 23:50 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2016-09-19 08:22 - 2016-05-13 23:47 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2016-09-19 08:22 - 2016-05-13 23:39 - 02060288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-09-19 08:22 - 2016-05-13 23:38 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2016-09-19 08:22 - 2016-05-13 23:38 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2016-09-19 08:22 - 2016-05-13 23:38 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2016-09-19 08:22 - 2016-05-13 23:38 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2016-09-19 08:22 - 2016-05-13 23:38 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2016-09-19 08:22 - 2016-05-13 23:38 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2016-09-19 08:22 - 2016-05-13 23:38 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2016-09-19 08:22 - 2016-05-12 17:18 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll 2016-09-19 08:22 - 2016-05-12 17:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll 2016-09-19 08:22 - 2016-05-04 19:21 - 00105192 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2016-09-19 08:22 - 2016-05-04 19:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2016-09-19 08:22 - 2016-05-04 19:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2016-09-19 08:22 - 2016-05-04 19:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2016-09-19 08:22 - 2016-05-04 19:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2016-09-19 08:22 - 2016-05-04 19:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll 2016-09-19 08:22 - 2016-05-04 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2016-09-19 08:20 - 2016-08-06 17:15 - 00581632 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2016-09-02 13:36 - 2016-09-02 13:36 - 00000363 _____ C:\Users\user\Komputer — skrót.lnk ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-09-19 13:53 - 2009-07-14 06:34 - 00022544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-09-19 13:53 - 2009-07-14 06:34 - 00022544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-09-19 13:40 - 2015-07-16 00:35 - 00001036 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bf4e92d53c7b.job 2016-09-19 13:40 - 2015-05-18 23:30 - 00001036 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d091b1ee05fe6c.job 2016-09-19 13:38 - 2015-12-01 16:34 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-09-19 13:35 - 2015-04-27 15:25 - 00001036 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-09-19 13:35 - 2007-02-01 18:06 - 00000030 _____ C:\Windows\su_.ini 2016-09-19 13:19 - 2011-04-12 07:08 - 00775704 _____ C:\Windows\system32\perfh015.dat 2016-09-19 13:19 - 2011-04-12 07:08 - 00167346 _____ C:\Windows\system32\perfc015.dat 2016-09-19 13:19 - 2010-11-20 23:01 - 01757258 _____ C:\Windows\system32\PerfStringBackup.INI 2016-09-19 13:19 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf 2016-09-19 13:16 - 2015-07-16 00:35 - 00001032 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bf4e921da769.job 2016-09-19 13:16 - 2015-05-18 23:30 - 00001032 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d091b1eda43e02.job 2016-09-19 13:16 - 2015-04-27 15:25 - 00001032 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-09-19 13:12 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-09-19 13:12 - 2009-07-14 06:33 - 00435352 _____ C:\Windows\system32\FNTCACHE.DAT 2016-09-19 12:30 - 2009-07-14 04:04 - 00000478 _____ C:\Windows\win.ini 2016-09-16 15:32 - 2015-04-10 09:16 - 00000000 ____D C:\Program Files\TeamViewer 2016-09-16 13:17 - 2015-01-22 21:52 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-09-16 12:28 - 2015-01-22 13:50 - 00000000 ____D C:\Windows\system32\MRT 2016-09-16 12:23 - 2015-01-22 13:50 - 141747376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-09-16 12:23 - 2011-04-12 07:17 - 00000000 ____D C:\Windows\ShellNew 2016-09-15 16:00 - 2016-08-09 09:08 - 00000000 ____D C:\Users\user\AppData\Roaming\TeamViewer 2016-09-12 14:11 - 2015-03-03 12:40 - 00000000 ____D C:\Program Files\Microsoft Games 2016-09-12 13:51 - 2016-05-02 10:43 - 00007619 _____ C:\Users\user\AppData\Local\Resmon.ResmonCfg 2016-09-06 22:19 - 2016-04-22 15:49 - 00000000 ____D C:\Users\user\AppData\Local\ElevatedDiagnostics ==================== Pliki w katalogu głównym wybranych folderów ======= 2016-05-02 10:43 - 2016-09-12 13:51 - 0007619 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-09-19 11:51 ==================== Koniec FRST.txt ============================