Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:26-11-2015 Uruchomiony przez Daniel (administrator) HOMEUSER (26-11-2015 22:29:22) Uruchomiony z C:\Users\Daniel\Downloads Załadowane profile: UpdatusUser & Daniel (Dostępne profile: UpdatusUser & Daniel) Platform: Windows 8.1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe (Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe (Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Atheros Communications) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-14] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [NeroFilterCheck] => C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [132736 2013-09-04] (Atheros Communications) HKU\S-1-5-21-596038192-505555720-550788809-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-596038192-505555720-550788809-1002\...\MountPoints2: E - "E:\setup.exe" HKU\S-1-5-21-596038192-505555720-550788809-1002\...\MountPoints2: {ac48f4ca-4f41-11e4-825a-9cd21ed48aea} - "F:\autoplay.exe" ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation) ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation) Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Powiadomienia monitorowania tuszu - HP Deskjet 2540 series.lnk [2015-10-25] ShortcutTarget: Powiadomienia monitorowania tuszu - HP Deskjet 2540 series.lnk -> C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\w_08_2015.pdf.lnk [2015-02-16] ShortcutTarget: w_08_2015.pdf.lnk -> C:\ProgramData\{9ec38e50-223e-aa1e-9ec3-38e502233940}\w_08_2015.pdf.exe (Brak pliku) CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.88.1 Tcpip\..\Interfaces\{576F2CEF-55CA-43D4-A46A-B576A313E9CF}: [DhcpNameServer] 192.168.88.1 Tcpip\..\Interfaces\{E97472DE-D141-439E-BF7F-86E211876CC9}: [DhcpNameServer] 192.168.88.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com URLSearchHook: [S-1-5-21-596038192-505555720-550788809-1001] UWAGA => Brak domyślnego URLSearchHook SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1447247099&z=9e9dd5a8d3aed4db8b85ecegaz6z6m4oezdm5ebt6c&from=wpm07173&uid=ST500DM002-1BD142_Z6E05701XXXXZ6E05701&q={searchTerms} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1447247099&z=9e9dd5a8d3aed4db8b85ecegaz6z6m4oezdm5ebt6c&from=wpm07173&uid=ST500DM002-1BD142_Z6E05701XXXXZ6E05701&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: SavveeNewaAppz -> {3e144537-75b7-4b79-ae61-ded5028284e5} -> Brak pliku BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-30] (Oracle Corporation) BHO: NetooCOuopon -> {78bc1374-2a84-4d78-95ff-c3863f1e8b44} -> Brak pliku BHO: DigoiSaver -> {7c9a5d24-dbf7-409d-b4db-dd9f07ec66bd} -> Brak pliku BHO: ueNisalees -> {82146cd9-3110-4130-a403-1049bcccd2b8} -> Brak pliku BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-30] (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-17] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-17] (Oracle Corporation) FireFox: ======== FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\f7bawa3a.default FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] () FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-30] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-30] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-17] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-17] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-11-11] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-11-11] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-11] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-11] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.) FF Extension: Brak nazwy - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\f7bawa3a.default\extensions\default_newtabff@gmail.com [nie znaleziono] FF Extension: Adblock Plus - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\f7bawa3a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-28] FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => nie znaleziono FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => nie znaleziono Chrome: ======= CHR HomePage: Default -> search.ask.com/?gct=hp CHR StartupUrls: Default -> "hxxp://www.gazeta.pl/","hxxps://www.google.pl/","hxxp://www.onet.pl/","hxxps://www.facebook.com/" CHR DefaultSearchURL: Default -> hxxp://www.search.ask.com/web?q={searchTerms} CHR DefaultSearchKeyword: Default -> search.ask.com CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms} CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Prezentacje Google) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-11] CHR Extension: (Dokumenty Google) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-11] CHR Extension: (Dysk Google) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-11] CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-11] CHR Extension: (Adblock Plus) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-24] CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-11] CHR Extension: (Arkusze Google) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-11] CHR Extension: (Dokumenty Google offline) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-11] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-11] CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-11] CHR HKLM\...\Chrome\Extension: [aaaaadgepjkdffhjbkfjgnnffnfcffbg] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [aaaaadgepjkdffhjbkfjgnnffnfcffbg] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [312448 2013-09-04] (Windows (R) Win 7 DDK provider) [Brak podpisu cyfrowego] R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Dell Inc.) R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201560 2015-09-11] (Dell Inc.) R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.) R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2505472 2015-10-09] (ESET) S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor) R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2013-11-21] (SoftThinks SAS) R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [21160 2015-09-30] (Dell Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) S2 fc67e7a0; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\DeltaFix\DeltaFix.dll",serv <==== UWAGA S2 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-16] (Qualcomm Atheros Communications, Inc.) R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-04] (Qualcomm Atheros) R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink) R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation) R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-10-10] (Disc Soft Ltd) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264040 2015-09-23] (ESET) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [14976 2015-09-23] (ESET) R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186784 2015-09-23] (ESET) R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [142976 2015-10-07] (ESET) R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [206312 2015-09-23] (ESET) R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [52872 2015-09-23] (ESET) R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [69840 2015-09-23] (ESET) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-11-26 22:29 - 2015-11-26 22:30 - 00019639 _____ C:\Users\Daniel\Downloads\FRST.txt 2015-11-26 22:18 - 2015-11-26 22:29 - 00000000 ____D C:\FRST 2015-11-26 22:17 - 2015-11-26 22:17 - 02348544 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe 2015-11-26 22:10 - 2015-11-26 22:10 - 01719808 _____ (Farbar) C:\Users\Daniel\Downloads\FRST.exe 2015-11-26 19:16 - 2015-11-26 19:16 - 00000000 ___RD C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2015-11-26 18:31 - 2015-11-26 18:31 - 00000068 _____ C:\Users\Daniel\Desktop\link do forum.txt 2015-11-26 18:29 - 2015-11-26 18:30 - 00000463 _____ C:\Users\Daniel\Desktop\Wiersz poleceń.txt 2015-11-26 17:25 - 2015-11-26 17:25 - 00020116 _____ C:\Users\Daniel\Downloads\U--DOC00-werkn-NIEDZIEL003426-2015-091714 Loon wk 46-2015 (1).pdf 2015-11-24 00:54 - 2015-11-24 00:54 - 05664276 _____ C:\Users\Daniel\Downloads\Potop.pdf 2015-11-24 00:54 - 2015-11-24 00:54 - 05664276 _____ C:\Users\Daniel\Downloads\Potop (1).pdf 2015-11-21 17:23 - 2015-11-21 17:23 - 00020669 _____ C:\Users\Daniel\Downloads\--ogdc01-UBplus-DOC00-werkn-NIEDZIEL003426-2015-090994 Loon wk 44-2015 (1).pdf 2015-11-20 21:51 - 2015-11-20 21:51 - 01732096 _____ C:\Users\Daniel\Downloads\adwcleaner_5.021 (3).exe 2015-11-20 16:44 - 2015-11-20 16:44 - 01341853 _____ C:\Users\Daniel\Downloads\UGSzerzyny15111809270 (1).pdf 2015-11-20 16:37 - 2015-11-20 16:37 - 01341853 _____ C:\Users\Daniel\Downloads\UGSzerzyny15111809270.pdf 2015-11-20 16:32 - 2015-11-20 16:32 - 02377650 _____ C:\Users\Daniel\Downloads\UGSzerzyny15111712360.pdf 2015-11-20 16:26 - 2015-11-20 16:26 - 02336152 _____ C:\Users\Daniel\Downloads\20150805065415900.pdf 2015-11-20 16:22 - 2015-11-20 16:22 - 00884544 _____ C:\Users\Daniel\Downloads\20150810065430132.pdf 2015-11-20 16:21 - 2015-11-20 16:21 - 00681329 _____ C:\Users\Daniel\Downloads\20150810065809105.pdf 2015-11-20 15:25 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll 2015-11-20 15:25 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll 2015-11-19 22:25 - 2015-11-19 22:25 - 02113255 _____ C:\Users\Daniel\Downloads\UGSzerzyny15111809480.pdf 2015-11-19 22:10 - 2015-11-19 22:10 - 00774048 _____ C:\Users\Daniel\Downloads\UGSzerzyny15111809530.pdf 2015-11-19 18:17 - 2015-11-19 18:17 - 00020116 _____ C:\Users\Daniel\Downloads\U--DOC00-werkn-NIEDZIEL003426-2015-091714 Loon wk 46-2015.pdf 2015-11-19 16:44 - 2015-11-19 16:44 - 00020669 _____ C:\Users\Daniel\Downloads\--ogdc01-UBplus-DOC00-werkn-NIEDZIEL003426-2015-090994 Loon wk 44-2015.pdf 2015-11-19 16:44 - 2015-11-19 16:44 - 00020469 _____ C:\Users\Daniel\Downloads\--ogdc01-UBplus-DOC00-werkn-NIEDZIEL003426-2015-091318 Loon wk 45-2015 (1).pdf 2015-11-19 10:54 - 2015-11-19 10:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2015-11-19 10:54 - 2015-11-19 10:54 - 00000000 ____D C:\Program Files (x86)\Ahead 2015-11-19 10:54 - 2004-07-26 17:16 - 01568768 ____N (Pegasus Imaging Corp.) C:\Windows\SysWOW64\ImagX7.dll 2015-11-19 10:54 - 2004-07-26 17:16 - 00476320 ____N (Pegasus Imaging Corp.) C:\Windows\SysWOW64\ImagXpr7.dll 2015-11-19 10:54 - 2004-07-26 17:16 - 00471040 ____N (Pegasus Imaging Corp.) C:\Windows\SysWOW64\ImagXRA7.dll 2015-11-19 10:54 - 2004-07-26 17:16 - 00262144 ____N (Pegasus Imaging Corp.) C:\Windows\SysWOW64\ImagXR7.dll 2015-11-19 10:54 - 2001-07-09 11:50 - 00155648 _____ (Ahead Software Gmbh) C:\Windows\SysWOW64\NeroCheck.exe 2015-11-19 10:54 - 2000-06-26 11:45 - 00106496 _____ (Pegasus Software) C:\Windows\SysWOW64\TwnLib20.dll 2015-11-19 10:53 - 2015-11-19 10:53 - 29545677 _____ C:\Users\Daniel\Downloads\Nero 6 PL Full.7z 2015-11-19 10:51 - 2015-11-19 10:51 - 04309286 _____ C:\Users\Daniel\Downloads\download (1).zip 2015-11-18 13:52 - 2015-11-18 13:52 - 01732096 _____ C:\Users\Daniel\Downloads\adwcleaner_5.021 (2).exe 2015-11-18 13:50 - 2015-11-18 13:50 - 01732096 _____ C:\Users\Daniel\Downloads\adwcleaner_5.021 (1).exe 2015-11-18 12:27 - 2015-11-18 12:27 - 00000136 _____ C:\Windows\ODBC.INI 2015-11-18 11:16 - 2015-11-18 11:16 - 01732096 _____ C:\Users\Daniel\Downloads\adwcleaner_5.021.exe 2015-11-17 16:04 - 2015-11-17 16:04 - 00003864 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1447772647 2015-11-17 16:04 - 2015-11-17 16:04 - 00001145 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2015-11-16 18:11 - 2015-11-16 18:12 - 00000003 _____ C:\Users\Daniel\Desktop\Nowy dokument tekstowy (3).txt 2015-11-16 16:54 - 2015-11-16 16:54 - 00717272 _____ (Opera Software) C:\Users\Daniel\Downloads\Opera_NI_stable.exe 2015-11-16 12:59 - 2015-11-16 12:59 - 05664276 _____ C:\Users\Daniel\Desktop\Potop.pdf 2015-11-13 20:25 - 2015-11-13 20:25 - 00020469 _____ C:\Users\Daniel\Downloads\--ogdc01-UBplus-DOC00-werkn-NIEDZIEL003426-2015-091318 Loon wk 45-2015.pdf 2015-11-13 12:33 - 2015-11-13 12:33 - 00004032 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask 2015-11-13 12:33 - 2015-11-13 12:33 - 00003484 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask 2015-11-13 12:33 - 2015-11-13 12:33 - 00003220 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest 2015-11-13 12:33 - 2015-11-13 12:33 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows 2015-11-13 12:33 - 2015-11-13 12:33 - 00000000 ____D C:\Program Files\Dell Support Center 2015-11-13 12:29 - 2015-11-13 12:29 - 01156435 _____ C:\Users\Daniel\Downloads\Wrzesien (1).pdf 2015-11-13 12:28 - 2015-11-13 12:28 - 01156435 _____ C:\Users\Daniel\Downloads\Wrzesien.pdf 2015-11-13 01:07 - 2015-11-13 01:07 - 00228766 _____ C:\Users\Daniel\Downloads\UGSzerzyny15111214020.pdf 2015-11-11 19:51 - 2015-11-11 19:51 - 00501248 _____ C:\Users\Daniel\Downloads\23_potop_nowa_ludzkosc.ppt 2015-11-11 17:52 - 2015-11-19 11:40 - 00000000 ____D C:\Users\Daniel\Desktop\CV 2015-11-11 14:56 - 2015-11-18 11:16 - 00000000 ____D C:\AdwCleaner 2015-11-11 14:55 - 2015-11-11 14:56 - 01712128 _____ C:\Users\Daniel\Downloads\AdwCleaner.pl 5.019.exe 2015-11-11 14:10 - 2015-11-11 14:10 - 00002279 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-11-11 14:10 - 2015-11-11 14:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-11-11 14:09 - 2015-11-11 14:09 - 00929872 _____ (Google Inc.) C:\Users\Daniel\Downloads\ChromeSetup(1).exe 2015-11-11 14:07 - 2015-11-11 14:07 - 00000001 _____ C:\Windows\SysWOW64\pl.html 2015-11-11 13:29 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-11-11 13:29 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-11-11 13:29 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-11-11 13:29 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-11-11 13:29 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-11-11 13:29 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-11-11 13:29 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-11-11 13:29 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-11-11 13:29 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-11-11 13:29 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-11-11 13:29 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-11-11 13:29 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-11-11 13:29 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-11-11 13:29 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-11-11 13:29 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-11-11 13:29 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-11-11 13:29 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-11-11 13:29 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-11-11 13:29 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-11-11 13:29 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-11-11 13:29 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-11-11 13:29 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-11-11 13:29 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-11-11 13:29 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-11-11 13:29 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-11-11 13:29 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-11-11 13:29 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-11-11 13:29 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-11-11 13:29 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-11-11 13:29 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-11-11 13:29 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-11-11 13:29 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-11-11 13:29 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-11-11 13:29 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-11-11 13:29 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-11-11 13:29 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-11-11 13:29 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-11-11 13:29 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-11-11 13:29 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-11-11 13:29 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-11-11 13:29 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-11-11 13:29 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-11-11 13:29 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2015-11-11 13:29 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2015-11-11 13:29 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2015-11-11 13:29 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2015-11-11 13:29 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll 2015-11-11 13:29 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-11-11 13:29 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-11-11 13:29 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll 2015-11-11 13:29 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll 2015-11-11 13:29 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-11-11 13:29 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-11-11 13:29 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-11-11 13:29 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-11-11 13:29 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-11-11 13:29 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-11-11 13:29 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-11-11 13:29 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2015-11-11 13:29 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-11-11 13:29 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2015-11-11 13:29 - 2015-09-29 13:24 - 00155480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys 2015-11-11 13:29 - 2015-09-12 14:47 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml 2015-11-11 13:29 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll 2015-11-11 13:29 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll 2015-11-11 13:29 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2015-11-11 13:29 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys 2015-11-11 13:29 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe 2015-11-11 13:29 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-11-11 13:29 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2015-11-11 13:29 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2015-11-11 13:29 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2015-11-11 13:29 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2015-11-11 13:29 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2015-11-11 13:29 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2015-11-11 13:29 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys 2015-11-11 13:29 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll 2015-11-11 13:29 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll 2015-11-08 17:34 - 2015-11-08 17:34 - 00003548 _____ C:\Windows\System32\Tasks\HP AR Program Upload - 0d97602de1e8441eb794b2d446b6b43871f1b5b836294782b6a861e4dfab7881 2015-11-08 00:22 - 2015-11-08 00:22 - 00002045 _____ C:\Users\Public\Desktop\ESET Ochrona bankowości internetowej.lnk 2015-11-08 00:22 - 2015-11-08 00:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2015-11-08 00:22 - 2015-11-08 00:22 - 00000000 ____D C:\ProgramData\ESET 2015-11-08 00:22 - 2015-11-08 00:22 - 00000000 ____D C:\Program Files\ESET 2015-11-08 00:20 - 2015-11-08 00:20 - 02837704 _____ (ESET) C:\Users\Daniel\Downloads\eset_smart_security_live_installer_(2).exe 2015-11-07 23:54 - 2015-11-07 23:54 - 02837704 _____ (ESET) C:\Users\Daniel\Downloads\eset_smart_security_live_installer_(1).exe 2015-11-03 23:33 - 2015-11-03 23:33 - 00249693 _____ C:\Users\Daniel\Downloads\maj2013.pdf 2015-11-02 15:51 - 2015-11-02 15:51 - 00415211 _____ C:\Users\Daniel\Downloads\20150915072622858.pdf 2015-11-02 13:40 - 2015-11-02 13:57 - 105609851 _____ C:\Users\Daniel\Downloads\D_RZ_45_2015.pdf 2015-10-31 21:48 - 2015-11-01 00:01 - 1927927604 _____ C:\Users\Daniel\Downloads\Beasts of No Nation (2015) Napisy PL.480p.HDRip.XViD.AC3-SLiSU.avi 2015-10-30 10:51 - 2015-10-30 10:51 - 00020665 _____ C:\Users\Daniel\Downloads\__ogdc01_UBplus_DOC00_werkn_NIEDZIEL003426_2015_090842 Loon wk 43-2015.pdf 2015-10-29 16:06 - 2015-10-29 16:06 - 00020997 _____ C:\Users\Daniel\Downloads\--ogdc01-UBplus-DOC00-werkn-NIEDZIEL003426-2015-090514 Loon wk 42-2015 (2).pdf 2015-10-29 16:06 - 2015-10-29 16:06 - 00020997 _____ C:\Users\Daniel\Downloads\--ogdc01-UBplus-DOC00-werkn-NIEDZIEL003426-2015-090514 Loon wk 42-2015 (1).pdf 2015-10-28 20:34 - 2015-10-28 20:34 - 00000000 ____D C:\Users\Daniel\AppData\Local\Macromedia 2015-10-28 19:28 - 2015-10-28 19:28 - 00114693 _____ C:\Users\Daniel\Downloads\decyzja Prezesa UOKiK nr DNR-1-107-2012 z dnia 13.09.2012 r.pdf 2015-10-28 13:26 - 2015-10-28 13:26 - 36220296 _____ (HP) C:\Users\Daniel\Downloads\hpphotocreations.exe 2015-10-28 12:57 - 2015-10-28 12:57 - 00015750 _____ C:\Users\Daniel\Downloads\Zawiadomienie sesja (1).odt ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-11-26 22:18 - 2013-08-22 14:36 - 00000000 ____D C:\Windows 2015-11-26 22:14 - 2014-09-29 23:40 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-11-26 21:53 - 2014-11-29 00:27 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-11-26 19:56 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf 2015-11-26 19:19 - 2014-09-21 17:44 - 00003988 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{86E67050-5A70-4012-B91B-1D70462F721A} 2015-11-26 19:16 - 2014-09-21 17:42 - 00000000 ____D C:\Users\Daniel\Documents\Bluetooth Folder 2015-11-26 18:13 - 2014-11-07 15:37 - 00000000 ____D C:\Users\Daniel\Desktop\uuuuuuuuuuuu 2015-11-26 18:11 - 2015-03-03 16:37 - 00000003 _____ C:\Users\Daniel\Desktop\Nowy dokument tekstowy.txt 2015-11-26 14:14 - 2014-09-29 23:40 - 00001062 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-11-26 12:53 - 2014-09-21 17:42 - 00000000 ___DO C:\Users\Daniel\SkyDrive 2015-11-25 00:52 - 2014-09-21 17:46 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-596038192-505555720-550788809-1002 2015-11-23 13:30 - 2014-03-24 13:49 - 00338484 _____ C:\Windows\system32\PerfStringBackup.INI 2015-11-23 13:30 - 2013-08-23 00:12 - 00012410 _____ C:\Windows\system32\perfh015.dat 2015-11-23 13:30 - 2013-08-23 00:12 - 00004188 _____ C:\Windows\system32\perfc015.dat 2015-11-22 23:10 - 2014-03-24 14:11 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery 2015-11-22 22:59 - 2014-03-24 13:40 - 00000000 ____D C:\Users\UpdatusUser 2015-11-22 22:58 - 2014-03-24 13:36 - 00000000 ____D C:\ProgramData\NVIDIA 2015-11-22 22:58 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-11-22 22:36 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2015-11-22 22:23 - 2014-12-28 20:20 - 00000000 ____D C:\Users\Daniel\AppData\Local\ElevatedDiagnostics 2015-11-22 13:07 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness 2015-11-20 15:28 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp 2015-11-19 10:55 - 2014-09-21 21:37 - 00000000 ____D C:\Users\Daniel\AppData\Local\CrashDumps 2015-11-19 01:53 - 2014-11-29 00:27 - 00003818 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-11-17 17:33 - 2014-09-21 18:26 - 05965584 _____ (Wargaming.net ) C:\Users\Daniel\Downloads\WoT_internet_install_eu.exe 2015-11-17 17:33 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF 2015-11-17 16:04 - 2014-09-22 11:25 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Opera Software 2015-11-17 16:04 - 2014-09-22 11:25 - 00000000 ____D C:\Users\Daniel\AppData\Local\Opera Software 2015-11-17 16:04 - 2014-09-22 11:25 - 00000000 ____D C:\Program Files (x86)\Opera 2015-11-16 13:34 - 2015-06-14 13:05 - 00000362 _____ C:\Users\Daniel\Desktop\List motywacyjny —.txt 2015-11-13 12:33 - 2014-03-24 14:07 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell 2015-11-12 22:04 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache 2015-11-12 10:17 - 2013-08-22 15:44 - 00372728 _____ C:\Windows\system32\FNTCACHE.DAT 2015-11-12 02:56 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData 2015-11-11 17:10 - 2014-09-24 09:28 - 00000000 ____D C:\Windows\system32\MRT 2015-11-11 17:07 - 2014-09-24 09:28 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-11-11 14:58 - 2015-10-23 11:01 - 00000144 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk 2015-11-11 14:58 - 2014-09-22 11:25 - 00000776 _____ C:\Users\Daniel\Desktop\Opera.lnk 2015-11-11 14:58 - 2014-09-21 17:41 - 00001013 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-11-11 14:11 - 2014-09-29 23:40 - 00000000 ____D C:\Users\Daniel\AppData\Local\Google 2015-11-11 14:10 - 2014-09-29 23:40 - 00000000 ____D C:\Program Files (x86)\Google 2015-11-11 14:09 - 2014-09-29 23:40 - 00004038 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-11-11 14:09 - 2014-09-29 23:40 - 00003802 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-11-11 14:07 - 2015-10-23 11:01 - 00000098 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat 2015-11-08 00:22 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP 2015-11-06 15:18 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps 2015-11-04 01:01 - 2015-04-18 12:49 - 00000000 ____D C:\Users\Daniel\Documents\Universe Sandbox 2015-11-03 15:27 - 2015-06-14 12:58 - 00001143 _____ C:\Users\Daniel\Desktop\CV Daniel Niedziela —.txt 2015-11-03 01:23 - 2013-08-22 16:38 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-11-03 01:23 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-10-31 12:10 - 2014-12-25 01:18 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-10-30 02:35 - 2014-09-21 17:40 - 00000000 ____D C:\Users\Daniel 2015-10-29 11:22 - 2015-10-21 14:18 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\HpUpdate 2015-10-28 20:37 - 2015-10-26 21:03 - 00000000 ____D C:\Users\Daniel\AppData\Local\Mozilla 2015-10-28 13:24 - 2015-10-21 13:45 - 00000000 ____D C:\Users\Daniel\AppData\Local\HP ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-03-14 07:11 - 2015-03-14 07:11 - 0000192 _____ () C:\Users\Daniel\AppData\Roaming\2de95ffa.dat 2015-01-28 21:21 - 2015-04-16 16:54 - 0000020 _____ () C:\Users\Daniel\AppData\Roaming\appdataFr3.bin 2015-04-21 23:15 - 2015-04-21 23:18 - 0000080 _____ () C:\Users\Daniel\AppData\Local\X-Plane Installer.prf 2015-10-21 14:17 - 2015-10-21 14:17 - 0000057 _____ () C:\ProgramData\Ament.ini 2014-03-24 14:07 - 2014-03-24 14:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2014-03-24 14:00 - 2014-03-24 14:00 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log 2015-10-23 11:01 - 2015-11-11 14:07 - 0000098 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat 2014-03-24 13:57 - 2014-03-24 13:58 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log 2014-03-24 13:58 - 2014-03-24 13:59 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log 2014-03-24 13:59 - 2014-03-24 14:00 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log 2014-03-24 13:56 - 2014-03-24 13:56 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log Pliki do przeniesienia lub usunięcia: ==================== C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Niektóre pliki w TEMP: ==================== C:\Users\Daniel\AppData\Local\Temp\APNSetup.exe C:\Users\Daniel\AppData\Local\Temp\AutoRun.exe C:\Users\Daniel\AppData\Local\Temp\AutoRunGUI.dll C:\Users\Daniel\AppData\Local\Temp\InstHelper.exe C:\Users\Daniel\AppData\Local\Temp\lowproc.exe C:\Users\Daniel\AppData\Local\Temp\msvcr80.dll C:\Users\Daniel\AppData\Local\Temp\SimPack.exe C:\Users\Daniel\AppData\Local\Temp\sqlite3.dll C:\Users\Daniel\AppData\Local\Temp\SRLDetectionLibrary4615820627578043539.dll C:\Users\Daniel\AppData\Local\Temp\stubhelper.dll C:\Users\Daniel\AppData\Local\Temp\zlib1.dll C:\Users\Daniel\AppData\Local\Temp\_isA1F0.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2015-11-22 17:27 ==================== Koniec FRST.txt ============================