Poproszę o analizę, komputer najprawdopodobniej mocno zainfekowany.
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 02.01.2018
Uruchomiony przez Bogdan (administrator) DOMINIK (10-01-2018 09:41:16)
Uruchomiony z C:\
Załadowane profile: Bogdan (Dostępne profile: Bogdan)
Platform: Windows 8 (X64) Język: Polski (Polska)
Internet Explorer Wersja 10 (Domyślna przeglądarka: IE)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesy (filtrowane) =================
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
(AMD) C:\windows\System32\atiesrxx.exe
(Mindspark) C:\Program Files (x86)\Allin1Convert_8h\bar\2.bin\8hbarsvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Infonaut) C:\Program Files (x86)\Infonaut_1.10.0.13\Service\insvc.exe
() C:\Users\Bogdan\AppData\Local\94779507-1428342410-E211-87F5-20898414A44D\cnst2245.tmp
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Users\Bogdan\AppData\Roaming\94779507-1428334852-E211-87F5-20898414A44D\jnsqF49B.tmp
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(AMD) C:\windows\System32\atieclxx.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\windows\System32\Taskmgr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Microsoft Corporation) C:\windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.17516_none_6276a5b950d43361\TiWorker.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\windows\System32\rundll32.exe
(Microsoft Corporation) C:\windows\System32\msiexec.exe
==================== Rejestr (filtrowane) ===========================
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
HKLM\...\Run: [RtHDVCpl] = & gt; C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191824 2012-08-10] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] = & gt; C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764544 2012-09-14] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] = & gt; C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-09-14] (Atheros Communications)
HKLM\...\Run: [SpaceSoundPro] = & gt; C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe [4203520 2015-08-03] (Space Sound Pro)
HKLM-x32\...\Run: [Adobe ARM] = & gt; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKU\S-1-5-21-4034686583-3572523072-671191548-1001\...\Run: [Steam] = & gt; C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation)
HKU\S-1-5-21-4034686583-3572523072-671191548-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4034686583-3572523072-671191548-1001\...\MountPoints2: {8a729549-eb6a-11e7-bf4b-50b7c3d7d18b} - " E:\start.exe "
Startup: C:\Users\Bogdan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Powiadomienia monitorowania tuszu - HP Deskjet PCL3 Class Driver (sieć).lnk [2014-02-08]
Startup: C:\Users\Bogdan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Torpedo.lnk [2014-09-28]
GroupPolicy: Ograniczenia - Chrome & lt; ==== UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia & lt; ==== UWAGA
==================== Internet (filtrowane) ====================
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{33563A0A-6759-444E-A46A-C50F131006F6}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{CF3D6C87-1171-4931-A8DC-C70A9B102D76}: [DhcpNameServer] 100.100.0.102
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp & ts=1428336104 & from=cmi & uid=TOSHIBAXMQ01ABD050_93J5PBDYTXX93J5PBDYT
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp & ts=1428336104 & from=cmi & uid=TOSHIBAXMQ01ABD050_93J5PBDYTXX93J5PBDYT
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds & ts=1428336104 & from=cmi & uid=TOSHIBAXMQ01ABD050_93J5PBDYTXX93J5PBDYT & q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds & ts=1428336104 & from=cmi & uid=TOSHIBAXMQ01ABD050_93J5PBDYTXX93J5PBDYT & q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp & ts=1428336104 & from=cmi & uid=TOSHIBAXMQ01ABD050_93J5PBDYTXX93J5PBDYT
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp & ts=1428336104 & from=cmi & uid=TOSHIBAXMQ01ABD050_93J5PBDYTXX93J5PBDYT
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds & ts=1428336104 & from=cmi & uid=TOSHIBAXMQ01ABD050_93J5PBDYTXX93J5PBDYT & q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds & ts=1428336104 & from=cmi & uid=TOSHIBAXMQ01ABD050_93J5PBDYTXX93J5PBDYT & q={searchTerms}
HKU\S-1-5-21-4034686583-3572523072-671191548-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://myhome.vi-view.com/web/?type=ds & ts=1406273461 & from=smt & uid=TOSHIBAXMQ01ABD050_93J5PBDYTXX93J5PBDYT & q={searchTerms}
HKU\S-1-5-21-4034686583-3572523072-671191548-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp & ts=1428336104 & from=cmi & uid=TOSHIBAXMQ01ABD050_93J5PBDYTXX93J5PBDYT
HKU\S-1-5-21-4034686583-3572523072-671191548-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp & ts=1428336104 & from=cmi & uid=TOSHIBAXMQ01ABD050_93J5PBDYTXX93J5PBDYT
HKU\S-1-5-21-4034686583-3572523072-671191548-1001\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://www.searchcompletion.com?si=16618 & home=true
HKU\S-1-5-21-4034686583-3572523072-671191548-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://myhome.vi-view.com/web/?type=ds & ts=1406273461 & from=smt & uid=TOSHIBAXMQ01ABD050_93J5PBDYTXX93J5PBDYT & q={searchTerms}
URLSearchHook: HKU\S-1-5-21-4034686583-3572523072-671191548-1001 - (Brak nazwy) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - C:\Program Files (x86)\Allin1Convert_8h\bar\2.bin\8hSrcAs.dll Brak pliku
SearchScopes: HKLM - & gt; DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - & gt; {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - & gt; DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - & gt; {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - & gt; {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds & ts=1421855192 & from=zbd1 & uid=toshibaxmq01abd050_93j5pbdytxx93j5pbdyt & q={searchTerms}
SearchScopes: HKLM-x32 - & gt; {807E4CF2-39FC-4AB1-8A53-779E92F0ADF9} URL = hxxp://search.searchcompletion.com?si=16618 & bs=true & q={searchTerms}
SearchScopes: HKU\.DEFAULT - & gt; DefaultScope {807E4CF2-39FC-4AB1-8A53-779E92F0ADF9} URL =
SearchScopes: HKU\S-1-5-21-4034686583-3572523072-671191548-1001 - & gt; DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds & ts=1421855192 & from=zbd1 & uid=toshibaxmq01abd050_93j5pbdytxx93j5pbdyt & q={searchTerms}
SearchScopes: HKU\S-1-5-21-4034686583-3572523072-671191548-1001 - & gt; {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-4034686583-3572523072-671191548-1001 - & gt; {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds & ts=1421855192 & from=zbd1 & uid=toshibaxmq01abd050_93j5pbdytxx93j5pbdyt & q={searchTerms}
SearchScopes: HKU\S-1-5-21-4034686583-3572523072-671191548-1001 - & gt; {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-4034686583-3572523072-671191548-1001 - & gt; {807E4CF2-39FC-4AB1-8A53-779E92F0ADF9} URL = hxxp://search.searchcompletion.com?si=16618 & bs=true & q={searchTerms}
BHO: Brak nazwy - & gt; {11111111-1111-1111-1111-110411851159} - & gt; Brak pliku
BHO: PHD-V1.4 - & gt; {11111111-1111-1111-1111-110511831162} - & gt; C:\Program Files (x86)\PHD-V1.4\PHD-V1.4-bho64.dll [2014-07-26] (PHD)
BHO: iWebar - & gt; {11111111-1111-1111-1111-110611191113} - & gt; C:\Program Files (x86)\iWebar\iWebar-bho64.dll = & gt; Brak pliku
BHO: Sense - & gt; {11111111-1111-1111-1111-110611191115} - & gt; C:\Program Files (x86)\Sense\Sense-bho64.dll = & gt; Brak pliku
BHO: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files\Java\jre7\bin\ssv.dll [2014-02-05] (Oracle Corporation)
BHO: CIESpeechBHO Class - & gt; {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - & gt; C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-09-14] (Qualcomm Atheros Commnucations)
BHO: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-02-05] (Oracle Corporation)
BHO-x32: Brak nazwy - & gt; {10E1725C-7237-41A9-954A-04DCCB1FD16C} - & gt; Brak pliku
BHO-x32: Brak nazwy - & gt; {11111111-1111-1111-1111-110411851159} - & gt; Brak pliku
BHO-x32: PHD-V1.4 - & gt; {11111111-1111-1111-1111-110511831162} - & gt; C:\Program Files (x86)\PHD-V1.4\PHD-V1.4-bho.dll [2014-07-26] (PHD)
BHO-x32: iWebar - & gt; {11111111-1111-1111-1111-110611191113} - & gt; C:\Program Files (x86)\iWebar\iWebar-bho.dll = & gt; Brak pliku
BHO-x32: Sense - & gt; {11111111-1111-1111-1111-110611191115} - & gt; C:\Program Files (x86)\Sense\Sense-bho.dll = & gt; Brak pliku
BHO-x32: Brak nazwy - & gt; {a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} - & gt; Brak pliku
BHO-x32: Brak nazwy - & gt; {fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} - & gt; Brak pliku
Toolbar: HKLM-x32 - Brak nazwy - {cd1a63ba-a08c-431b-9a34-f240aadc728d} - Brak pliku
Toolbar: HKU\S-1-5-21-4034686583-3572523072-671191548-1001 - & gt; Brak nazwy - {CD1A63BA-A08C-431B-9A34-F240AADC728D} - Brak pliku
FireFox:
========
FF ProfilePath: C:\Users\Bogdan\AppData\Roaming\Mozilla\Firefox\Profiles\f13hgro9.default [2018-01-10]
FF user.js: detected! = & gt; C:\Users\Bogdan\AppData\Roaming\Mozilla\Firefox\Profiles\f13hgro9.default\user.js [2015-06-29]
FF Extension: (sAveeitkeep.a) - C:\Users\Bogdan\AppData\Roaming\Mozilla\Firefox\Profiles\f13hgro9.default\Extensions\0VqU@6R.net [2014-10-26] [Przestarzałe] [Brak podpisu cyfrowego]
FF Extension: (SavePass 1.1) - C:\Users\Bogdan\AppData\Roaming\Mozilla\Firefox\Profiles\f13hgro9.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com [2015-04-06] [Przestarzałe] [Brak podpisu cyfrowego]
FF Extension: (Apps Hat) - C:\Users\Bogdan\AppData\Roaming\Mozilla\Firefox\Profiles\f13hgro9.default\Extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com [2015-01-17] [Przestarzałe] [Brak podpisu cyfrowego]
FF Extension: (PHD-V1.4) - C:\Users\Bogdan\AppData\Roaming\Mozilla\Firefox\Profiles\f13hgro9.default\Extensions\508d4e2f-a469-421d-a294-135dbb84fe1b@f7b17943-cc9e-4d4a-b223-0bd1e7cfc871.com [2014-12-11] [Przestarzałe] [Brak podpisu cyfrowego]
FF Extension: (iWebar1) - C:\Users\Bogdan\AppData\Roaming\Mozilla\Firefox\Profiles\f13hgro9.default\Extensions\927571a5c34c476fbf9f2ed9e@8e7e940e6a314c63a357ced35576d.com [2015-02-28] [Przestarzałe] [Brak podpisu cyfrowego]
FF Extension: (sAvingtoeyou) - C:\Users\Bogdan\AppData\Roaming\Mozilla\Firefox\Profiles\f13hgro9.default\Extensions\9atnkuqs@oioirnrr.co.uk [2014-09-03] [Przestarzałe] [Brak podpisu cyfrowego]
FF Extension: (Plus-HD-V1.4c) - C:\Users\Bogdan\AppData\Roaming\Mozilla\Firefox\Profiles\f13hgro9.default\Extensions\c1b9d306-75ba-4390-8a8b-76b504015572@gmail.com [2015-03-04] [Przestarzałe] [Brak podpisu cyfrowego]
FF Extension: (rEaalDeal) - C:\Users\Bogdan\AppData\Roaming\Mozilla\Firefox\Profiles\f13hgro9.default\Extensions\cQgAJH@G.net [2015-01-11] [Przestarzałe] [Brak podpisu cyfrowego]
FF Extension: (CinemaPlus-3.2cV06.04) - C:\Users\Bogdan\AppData\Roaming\Mozilla\Firefox\Profiles\f13hgro9.default\Extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com [2015-04-06] [Przestarzałe] [Brak podpisu cyfrowego]
FF Extension: (Security Protection) - C:\Users\Bogdan\AppData\Roaming\Mozilla\Firefox\Profiles\f13hgro9.default\Extensions\detgdp@gmail.com [2015-01-02] [Przestarzałe] [Brak podpisu cyfrowego]
FF Extension: (saver box) - C:\Users\Bogdan\AppData\Roaming\Mozilla\Firefox\Profiles\f13hgro9.default\Extensions\DwRHN5V@pA.net [2014-10-28] [Przestarzałe] [Brak podpisu cyfrowego]
FF Extension: (ssaferweb) - C:\Users\Bogdan\AppData\Roaming\Mozilla\Firefox\Profiles\f13hgro9.default\Extensions\e4fqyr@yyeiyvdoke.edu [2014-10-14] [Przestarzałe] [Brak podpisu cyfrowego]
FF Extension: (Fast Start) - C:\Users\Bogdan\AppData\Roaming\Mozilla\Firefox\Profiles\f13hgro9.default\Extensions\faststartff@gmail.com [2014-07-25] [Przestarzałe] [Brak podpisu cyfrowego]
FF Extension: (saver box) - C:\Users\Bogdan\AppData\Roaming\Mozilla\Firefox\Profiles\f13hgro9.default\Extensions\K@9.co.uk [2014-11-28] [Przestarzałe] [Brak podpisu cyfrowego]
FF Extension: (dieal2dEalit) - C:\Users\Bogdan\AppData\Roaming\Mozilla\Firefox\Profiles\f13hgro9.default\Extensions\Mi@b.org [2015-01-02] [Przestarzałe] [Brak podpisu cyfrowego]
FF Extension: (DeialsFindeRPro) - C:\Users\Bogdan\AppData\Roaming\Mozilla\Firefox\Profiles\f13hgro9.default\Extensions\omyta@blrfp.com [2014-09-19] [Przestarzałe] [Brak podpisu cyfrowego]
FF Extension: (COupScanner) - C:\Users\Bogdan\AppData\Roaming\Mozilla\Firefox\Profiles\f13hgro9.default\Extensions\v6meyu@oooajir.org [2014-08-17] [Przestarzałe] [Brak podpisu cyfrowego]
FF Extension: (Sense) - C:\Users\Bogdan\AppData\Roaming\Mozilla\Firefox\Profiles\f13hgro9.default\Extensions\warnerroberts@hotmail.com [2015-06-29] [Przestarzałe] [Brak podpisu cyfrowego]
FF Extension: (Air Globe 1.0.1) - C:\Users\Bogdan\AppData\Roaming\Mozilla\Firefox\Profiles\f13hgro9.default\Extensions\{21d3b30d-5feb-4224-9a1d-01f7d9334705}.xpi [2015-04-06] [Przestarzałe] [Brak podpisu cyfrowego]
FF SearchPlugin: C:\Users\Bogdan\AppData\Roaming\Mozilla\Firefox\Profiles\f13hgro9.default\searchplugins\V9.xml [2015-02-07]
FF SearchPlugin: C:\Users\Bogdan\AppData\Roaming\Mozilla\Firefox\Profiles\f13hgro9.default\searchplugins\Web Search.xml [2014-02-09]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Bogdan\AppData\Roaming\Mozilla\Firefox\Profiles\f13hgro9.default\extensions\faststartff@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\Bogdan\AppData\Roaming\Mozilla\Firefox\Profiles\f13hgro9.default\extensions\detgdp@gmail.com
FF Plugin: @adobe.com/FlashPlayer - & gt; C:\windows\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-09] ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - & gt; C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-02-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - & gt; C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-02-05] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - & gt; c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - & gt; C:\windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-09] ()
FF Plugin-x32: @Allin1Convert_8h.com/Plugin - & gt; C:\Program Files (x86)\Allin1Convert_8h\bar\2.bin\NP8hStub.dll [Brak pliku]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - & gt; C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-13] (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - & gt; c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - & gt; C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-27] (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - & gt; C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-12-13] (Nullsoft, Inc.)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - & gt; C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-03-09] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - & gt; C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - & gt; C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-28] (Google Inc.)
FF Plugin-x32: Adobe Reader - & gt; C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-08-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4034686583-3572523072-671191548-1001: @unity3d.com/UnityPlayer,version=1.0 - & gt; C:\Users\Bogdan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-29] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4034686583-3572523072-671191548-1001: pandonetworks.com/PandoWebPlugin - & gt; C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-03-09] (Pando Networks)
Chrome:
=======
CHR Profile: C:\Users\Bogdan\AppData\Local\Google\Chrome\User Data\Default [2017-12-29]
CHR Extension: (Prezentacje) - C:\Users\Bogdan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-28]
CHR Extension: (Dokumenty) - C:\Users\Bogdan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-28]
CHR Extension: (Dysk Google) - C:\Users\Bogdan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-28]
CHR Extension: (Norton Security Toolbar) - C:\Users\Bogdan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc [2017-12-28]
CHR Extension: (YouTube) - C:\Users\Bogdan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-28]
CHR Extension: (Arkusze) - C:\Users\Bogdan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Bogdan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-29]
CHR Extension: (Norton Identity Safe) - C:\Users\Bogdan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2017-12-28]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Bogdan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-28]
CHR Extension: (Gmail) - C:\Users\Bogdan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-28]
CHR Extension: (Chrome Media Router) - C:\Users\Bogdan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-28]
==================== Usługi (filtrowane) ====================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 Allin1Convert_8hService; C:\Program Files (x86)\Allin1Convert_8h\bar\2.bin\8hbarsvc.exe [90648 2015-07-02] (Mindspark)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-09-14] (Qualcomm Atheros Commnucations) [Brak podpisu cyfrowego]
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-09-05] (Samsung Electronics CO., LTD.)
R2 insvc_1.10.0.13; C:\Program Files (x86)\Infonaut_1.10.0.13\Service\insvc.exe [278600 2015-04-02] (Infonaut)
R2 konureno; C:\Users\Bogdan\AppData\Local\94779507-1428342410-E211-87F5-20898414A44D\cnst2245.tmp [163328 2015-04-06] () [Brak podpisu cyfrowego]
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
R2 pylywusy; C:\Users\Bogdan\AppData\Roaming\94779507-1428334852-E211-87F5-20898414A44D\jnsqF49B.tmp [131584 2015-04-06] () [Brak podpisu cyfrowego]
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-14] (Atheros) [Brak podpisu cyfrowego]
S2 ByteFenceService; " C:\Program Files\ByteFence\ByteFenceService.exe " [X]
S2 Update trolatunt; " C:\Program Files (x86)\trolatunt\updatetrolatunt.exe " [X]
===================== Sterowniki (filtrowane) ======================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R3 AtiHDAudioService; C:\windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-14] (Qualcomm Atheros)
R1 ccSet_NARA; C:\windows\system32\drivers\NARAx64\0401000.00B\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R1 CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 innfd_1_10_0_13; C:\windows\System32\drivers\innfd_1_10_0_13.sys [58224 2015-04-02] (Infonaut)
R3 RadioHIDMini; C:\windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation)
S2 SPDRIVER_1.39.0.1602; .\JSDriver\1.39.0.1602\jsdrv.sys [X]
==================== NetSvcs (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
==================== Jeden miesiąc - utworzone pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2018-01-10 09:41 - 2018-01-10 09:41 - 000023280 _____ C:\FRST.txt
2018-01-10 09:41 - 2018-01-10 09:41 - 000000000 ____D C:\FRST
2018-01-10 09:39 - 2018-01-10 09:39 - 002393088 _____ (Farbar) C:\FRST64.exe
2018-01-09 14:18 - 2018-01-09 14:18 - 000000000 ___RD C:\Users\Bogdan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2018-01-02 18:01 - 2018-01-02 18:02 - 000000000 ____D C:\cd8131676c0d2c061348d52d05d3
2018-01-02 15:52 - 2015-09-02 14:49 - 002341376 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2018-01-02 15:52 - 2015-09-02 14:49 - 001850880 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2018-01-02 15:52 - 2015-09-02 14:38 - 001744384 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2018-01-02 15:52 - 2015-09-02 14:38 - 001422336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2018-01-02 15:52 - 2015-07-06 17:16 - 000044560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2018-01-02 15:52 - 2015-07-06 15:32 - 000281944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys
2018-01-02 15:52 - 2015-03-27 09:07 - 000112640 _____ (Microsoft Corporation) C:\windows\system32\cryptcatsvc.dll
2018-01-02 15:52 - 2015-02-26 05:35 - 004063232 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2018-01-02 15:51 - 2015-03-04 07:41 - 000025088 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe
2018-01-02 15:51 - 2015-03-04 07:39 - 000632832 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
2018-01-02 15:51 - 2015-03-04 07:39 - 000204288 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll
2018-01-02 15:51 - 2015-03-04 05:53 - 000021504 _____ (Microsoft Corporation) C:\windows\SysWOW64\sdbinst.exe
2018-01-02 15:51 - 2015-03-04 05:52 - 000676864 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll
2018-01-01 20:33 - 2015-07-13 22:05 - 000054272 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2018-01-01 20:33 - 2015-07-13 22:05 - 000048128 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2018-01-01 20:33 - 2015-07-09 22:46 - 005982208 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2018-01-01 20:33 - 2015-07-09 22:44 - 000322560 _____ (Microsoft Corporation) C:\windows\system32\aaclient.dll
2018-01-01 20:33 - 2015-07-09 21:17 - 005095424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2018-01-01 20:33 - 2015-07-09 21:16 - 000269824 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2018-01-01 20:33 - 2015-03-04 08:29 - 000361280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\clfs.sys
2018-01-01 20:33 - 2015-03-04 07:39 - 000074752 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2018-01-01 20:33 - 2015-03-04 05:52 - 000057856 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll
2018-01-01 20:33 - 2015-02-24 08:58 - 000861696 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2018-01-01 20:32 - 2015-01-29 09:05 - 001627648 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2018-01-01 20:32 - 2015-01-29 07:19 - 001339392 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2018-01-01 20:32 - 2015-01-24 07:42 - 000325632 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2018-01-01 20:32 - 2015-01-24 06:00 - 000243712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2018-01-01 20:31 - 2015-08-05 14:52 - 001287680 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2018-01-01 20:31 - 2015-08-04 15:42 - 008858112 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2018-01-01 20:31 - 2015-08-04 15:42 - 002038784 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2018-01-01 20:31 - 2015-08-04 15:42 - 001229824 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Immersive.dll
2018-01-01 20:31 - 2015-08-04 15:42 - 000356352 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSync.dll
2018-01-01 20:31 - 2015-08-04 15:42 - 000100864 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSyncInfo.dll
2018-01-01 20:31 - 2015-08-04 14:54 - 010116608 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2018-01-01 20:31 - 2015-08-04 14:54 - 001399808 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Immersive.dll
2018-01-01 20:31 - 2015-08-04 14:53 - 002307584 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2018-01-01 20:31 - 2015-08-04 14:53 - 000449024 _____ (Microsoft Corporation) C:\windows\system32\SettingSync.dll
2018-01-01 20:31 - 2015-08-04 14:53 - 000128512 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncInfo.dll
2018-01-01 20:31 - 2015-04-13 06:32 - 000417280 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2018-01-01 20:30 - 2015-08-01 17:21 - 000073352 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2018-01-01 20:30 - 2015-08-01 16:22 - 000063992 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2018-01-01 20:30 - 2015-08-01 14:56 - 000139776 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2018-01-01 20:30 - 2015-08-01 14:56 - 000039424 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2018-01-01 20:30 - 2015-08-01 14:56 - 000018432 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2018-01-01 20:29 - 2015-07-30 14:11 - 000124624 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2018-01-01 20:29 - 2015-07-30 14:10 - 000103120 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-01-01 20:25 - 2015-10-11 07:45 - 001160192 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2018-01-01 20:25 - 2015-10-11 07:45 - 000723968 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2018-01-01 20:25 - 2015-09-29 04:33 - 006971224 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2018-01-01 20:25 - 2015-09-22 18:53 - 001405408 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2018-01-01 20:25 - 2015-09-22 18:53 - 001273184 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2018-01-01 20:25 - 2014-12-18 09:51 - 000096576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwfs.sys
2018-01-01 20:25 - 2014-12-18 07:52 - 000889344 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2018-01-01 20:25 - 2014-12-18 07:20 - 000702464 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2018-01-01 20:22 - 2016-06-25 19:09 - 000282624 _____ (Microsoft Corporation) C:\windows\system32\EOSNotify.exe
2018-01-01 20:11 - 2015-03-04 08:26 - 000596480 _____ (Microsoft Corporation) C:\windows\system32\AutoUpdate.exe
2018-01-01 20:11 - 2015-03-04 08:26 - 000467952 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2018-01-01 20:11 - 2015-03-04 08:26 - 000011105 _____ C:\windows\system32\AutoconfigV2.cab
2018-01-01 20:11 - 2015-03-04 07:41 - 000695808 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2018-01-01 20:11 - 2015-03-04 07:41 - 000163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2018-01-01 20:11 - 2015-03-04 05:53 - 000568832 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2018-01-01 20:11 - 2015-03-04 05:53 - 000124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-29 22:32 - 2017-12-29 22:32 - 000000000 ____D C:\Users\Bogdan\AppData\Local\Microsoft_Corporation
2017-12-29 22:26 - 2017-12-29 22:26 - 000000017 _____ C:\Users\Bogdan\AppData\Local\resmon.resmoncfg
2017-12-29 17:47 - 2017-12-29 17:46 - 001446792 _____ C:\Users\Bogdan\Downloads\Fallout New Vegas.exe
2017-12-29 17:46 - 2017-12-29 17:46 - 000002432 _____ C:\Users\Bogdan\zdjęcia bogdan\WarThunder.lnk
2017-12-29 17:44 - 2017-12-29 17:45 - 001641504 _____ (Dab ) C:\Users\Bogdan\Downloads\Fallout New Vegas_3887802416.exe
2017-12-29 17:05 - 2017-12-29 17:05 - 000000221 _____ C:\Users\Bogdan\zdjęcia bogdan\Gothic.url
2017-12-29 17:05 - 2017-12-29 17:05 - 000000000 ____D C:\Users\Bogdan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-12-28 14:23 - 2017-12-28 14:23 - 000000000 ____D C:\Users\Bogdan\Documents\League of Legends
2017-12-28 13:52 - 2017-12-28 13:52 - 000000000 ____D C:\ProgramData\Riot Games
2017-12-28 13:44 - 2017-12-28 13:46 - 072485344 _____ (Riot Games, Inc) C:\Users\Bogdan\Downloads\League of Legends installer EUNE.exe
2017-12-28 13:22 - 2016-01-05 21:16 - 000826328 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2017-12-28 13:22 - 2016-01-05 21:16 - 000176088 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-28 13:09 - 2017-12-28 13:09 - 000000000 ___SD C:\windows\system32\CompatTel
2017-12-28 13:08 - 2017-12-28 13:09 - 000000000 ____D C:\windows\system32\appraiser
2017-12-28 08:40 - 2015-10-01 14:10 - 000869568 _____ (Microsoft Corporation) C:\windows\system32\msvcr120_clr0400.dll
2017-12-28 08:40 - 2015-10-01 14:09 - 000875720 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr120_clr0400.dll
2017-12-28 06:19 - 2017-12-28 06:19 - 133326408 ____C (Microsoft Corporation) C:\windows\system32\MRT-KB890830.exe
2017-12-28 06:10 - 2014-04-16 19:20 - 000029888 _____ (Microsoft Corporation) C:\windows\system32\aspnet_counters.dll
2017-12-28 06:10 - 2014-04-16 19:20 - 000028352 _____ (Microsoft Corporation) C:\windows\SysWOW64\aspnet_counters.dll
2017-12-28 05:45 - 2015-10-27 14:55 - 000416256 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2017-12-28 05:45 - 2015-10-27 14:54 - 000830464 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2017-12-28 05:44 - 2015-10-27 15:46 - 000668160 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2017-12-28 05:44 - 2015-10-27 15:46 - 000320000 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2017-12-28 05:44 - 2015-10-27 15:46 - 000089088 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2017-12-28 05:44 - 2015-10-27 15:46 - 000073728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncryptsslp.dll
2017-12-28 05:44 - 2015-10-27 15:29 - 000171864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2017-12-28 05:44 - 2015-10-27 14:54 - 000130560 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2017-12-28 05:44 - 2015-10-27 14:54 - 000089088 _____ (Microsoft Corporation) C:\windows\system32\ncryptsslp.dll
2017-12-28 05:44 - 2015-10-02 00:55 - 001043968 _____ (Microsoft Corporation) C:\windows\system32\usercpl.dll
2017-12-28 05:44 - 2015-10-02 00:55 - 000588800 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll
2017-12-28 05:44 - 2015-09-29 03:02 - 000961536 _____ (Microsoft Corporation) C:\windows\SysWOW64\usercpl.dll
2017-12-28 05:44 - 2015-09-29 03:02 - 000452608 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll
2017-12-28 05:44 - 2015-09-23 14:10 - 000570256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2017-12-28 05:44 - 2015-09-23 14:10 - 000377552 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2017-12-28 05:44 - 2015-09-23 14:10 - 000332576 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2017-12-28 05:43 - 2015-09-12 14:09 - 000414559 _____ C:\windows\system32\ApnDatabase.xml
2017-12-28 05:42 - 2015-12-04 17:29 - 001636784 _____ (Microsoft Corporation) C:\windows\system32\WMALFXGFXDSP.dll
2017-12-28 05:42 - 2015-12-04 17:12 - 000793312 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2017-12-28 05:42 - 2015-12-04 17:12 - 000522752 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2017-12-28 05:42 - 2015-12-04 17:12 - 000446872 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2017-12-28 05:42 - 2015-12-04 17:12 - 000253624 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2017-12-28 05:42 - 2015-12-04 15:55 - 000463880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2017-12-28 05:42 - 2015-12-04 15:52 - 002842112 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2017-12-28 05:42 - 2015-12-04 15:52 - 001376256 _____ (Microsoft Corporation) C:\windows\system32\WMADMOD.DLL
2017-12-28 05:42 - 2015-12-04 15:52 - 001150464 _____ (Microsoft Corporation) C:\windows\system32\winmde.dll
2017-12-28 05:42 - 2015-12-04 15:52 - 001100800 _____ (Microsoft Corporation) C:\windows\system32\wmpmde.dll
2017-12-28 05:42 - 2015-12-04 15:52 - 001073664 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOD.DLL
2017-12-28 05:42 - 2015-12-04 15:52 - 000577536 _____ (Microsoft Corporation) C:\windows\system32\WMVSDECD.DLL
2017-12-28 05:42 - 2015-12-04 15:51 - 002893824 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2017-12-28 05:42 - 2015-12-04 15:51 - 001527808 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2017-12-28 05:42 - 2015-12-04 15:51 - 001208832 _____ (Microsoft Corporation) C:\windows\system32\MSMPEG2ENC.DLL
2017-12-28 05:42 - 2015-12-04 15:51 - 001174016 _____ (Microsoft Corporation) C:\windows\system32\mfnetsrc.dll
2017-12-28 05:42 - 2015-12-04 15:51 - 001138688 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2adec.dll
2017-12-28 05:42 - 2015-12-04 15:51 - 000783872 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2017-12-28 05:42 - 2015-12-04 15:51 - 000685568 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2017-12-28 05:42 - 2015-12-04 15:51 - 000677888 _____ (Microsoft Corporation) C:\windows\system32\mfnetcore.dll
2017-12-28 05:42 - 2015-12-04 15:51 - 000621056 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2017-12-28 05:42 - 2015-12-04 15:46 - 002620928 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2017-12-28 05:42 - 2015-12-04 15:46 - 001374208 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2017-12-28 05:42 - 2015-12-04 15:46 - 000904192 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOD.DLL
2017-12-28 05:42 - 2015-12-04 15:46 - 000677888 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOD.DLL
2017-12-28 05:42 - 2015-12-04 15:46 - 000487936 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSDECD.DLL
2017-12-28 05:42 - 2015-12-04 15:45 - 002400256 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2017-12-28 05:42 - 2015-12-04 15:45 - 001453568 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2017-12-28 05:42 - 2015-12-04 15:45 - 000946688 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSMPEG2ENC.DLL
2017-12-28 05:42 - 2015-12-04 15:45 - 000929792 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfnetsrc.dll
2017-12-28 05:42 - 2015-12-04 15:45 - 000869888 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2adec.dll
2017-12-28 05:42 - 2015-12-04 15:45 - 000571392 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2017-12-28 05:42 - 2015-12-04 15:45 - 000568832 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfnetcore.dll
2017-12-28 05:42 - 2015-12-04 15:45 - 000546304 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2017-12-28 05:41 - 2015-12-04 15:55 - 000612528 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2017-12-28 05:41 - 2015-12-04 15:55 - 000324456 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2017-12-28 05:41 - 2015-12-04 15:52 - 002615808 _____ (Microsoft Corporation) C:\windows\system32\WMVENCOD.DLL
2017-12-28 05:41 - 2015-12-04 15:52 - 001770496 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOE.DLL
2017-12-28 05:41 - 2015-12-04 15:52 - 001350656 _____ (Microsoft Corporation) C:\windows\system32\WMADMOE.DLL
2017-12-28 05:41 - 2015-12-04 15:52 - 000625152 _____ (Microsoft Corporation) C:\windows\system32\WMVXENCD.DLL
2017-12-28 05:41 - 2015-12-04 15:52 - 000431616 _____ (Microsoft Corporation) C:\windows\system32\WMVSENCD.DLL
2017-12-28 05:41 - 2015-12-04 15:51 - 001593344 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2017-12-28 05:41 - 2015-12-04 15:51 - 000666112 _____ (Microsoft Corporation) C:\windows\system32\MP4SDECD.DLL
2017-12-28 05:41 - 2015-12-04 15:51 - 000476160 _____ (Microsoft Corporation) C:\windows\system32\MFWMAAEC.DLL
2017-12-28 05:41 - 2015-12-04 15:51 - 000406016 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.dll
2017-12-28 05:41 - 2015-12-04 15:51 - 000355328 _____ (Microsoft Corporation) C:\windows\system32\mfsvr.dll
2017-12-28 05:41 - 2015-12-04 15:51 - 000323072 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2017-12-28 05:41 - 2015-12-04 15:51 - 000289792 _____ (Microsoft Corporation) C:\windows\system32\VIDRESZR.DLL
2017-12-28 05:41 - 2015-12-04 15:51 - 000245248 _____ (Microsoft Corporation) C:\windows\system32\qasf.dll
2017-12-28 05:41 - 2015-12-04 15:51 - 000239104 _____ (Microsoft Corporation) C:\windows\system32\ksproxy.ax
2017-12-28 05:41 - 2015-12-04 15:51 - 000231424 _____ (Microsoft Corporation) C:\windows\system32\MPG4DECD.DLL
2017-12-28 05:41 - 2015-12-04 15:51 - 000230912 _____ (Microsoft Corporation) C:\windows\system32\MP43DECD.DLL
2017-12-28 05:41 - 2015-12-04 15:51 - 000223744 _____ (Microsoft Corporation) C:\windows\system32\RESAMPLEDMO.DLL
2017-12-28 05:41 - 2015-12-04 15:51 - 000209408 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2017-12-28 05:41 - 2015-12-04 15:51 - 000186368 _____ (Microsoft Corporation) C:\windows\system32\COLORCNV.DLL
2017-12-28 05:41 - 2015-12-04 15:51 - 000169472 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll
2017-12-28 05:41 - 2015-12-04 15:51 - 000100352 _____ (Microsoft Corporation) C:\windows\system32\MP3DMOD.DLL
2017-12-28 05:41 - 2015-12-04 15:51 - 000077312 _____ (Microsoft Corporation) C:\windows\system32\devenum.dll
2017-12-28 05:41 - 2015-12-04 15:51 - 000069632 _____ (Microsoft Corporation) C:\windows\system32\mfvdsp.dll
2017-12-28 05:41 - 2015-12-04 15:46 - 002312704 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVENCOD.DLL
2017-12-28 05:41 - 2015-12-04 15:46 - 001468928 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOE.DLL
2017-12-28 05:41 - 2015-12-04 15:46 - 000893952 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmde.dll
2017-12-28 05:41 - 2015-12-04 15:46 - 000846336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOE.DLL
2017-12-28 05:41 - 2015-12-04 15:46 - 000722944 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVXENCD.DLL
2017-12-28 05:41 - 2015-12-04 15:46 - 000468992 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2017-12-28 05:41 - 2015-12-04 15:46 - 000382464 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSENCD.DLL
2017-12-28 05:41 - 2015-12-04 15:46 - 000260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.dll
2017-12-28 05:41 - 2015-12-04 15:46 - 000208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\RESAMPLEDMO.DLL
2017-12-28 05:41 - 2015-12-04 15:46 - 000189440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qasf.dll
2017-12-28 05:41 - 2015-12-04 15:46 - 000156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\VIDRESZR.DLL
2017-12-28 05:41 - 2015-12-04 15:45 - 000755712 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFWMAAEC.DLL
2017-12-28 05:41 - 2015-12-04 15:45 - 000436736 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP4SDECD.DLL
2017-12-28 05:41 - 2015-12-04 15:45 - 000270336 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfsvr.dll
2017-12-28 05:41 - 2015-12-04 15:45 - 000251904 _____ (Microsoft Corporation) C:\windows\SysWOW64\MPG4DECD.DLL
2017-12-28 05:41 - 2015-12-04 15:45 - 000251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP43DECD.DLL
2017-12-28 05:41 - 2015-12-04 15:45 - 000190464 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksproxy.ax
2017-12-28 05:41 - 2015-12-04 15:45 - 000160256 _____ (Microsoft Corporation) C:\windows\SysWOW64\COLORCNV.DLL
2017-12-28 05:41 - 2015-12-04 15:45 - 000086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP3DMOD.DLL
2017-12-28 05:41 - 2015-12-04 15:45 - 000084480 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2017-12-28 05:41 - 2015-12-04 15:45 - 000064512 _____ (Microsoft Corporation) C:\windows\SysWOW64\devenum.dll
2017-12-28 05:41 - 2015-12-04 15:45 - 000054272 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfvdsp.dll
2017-12-28 05:41 - 2015-12-03 20:57 - 000111616 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2017-12-28 05:40 - 2015-12-04 01:55 - 000595968 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2017-12-28 05:40 - 2015-12-03 22:47 - 000497152 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2017-12-28 05:40 - 2015-04-25 04:41 - 000541696 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2017-12-28 05:40 - 2015-04-25 00:13 - 000652288 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2017-12-28 05:37 - 2015-04-06 06:36 - 000452096 _____ (Microsoft Corporation) C:\windows\system32\PhotoMetadataHandler.dll
2017-12-28 05:37 - 2015-04-06 05:08 - 000367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\PhotoMetadataHandler.dll
2017-12-28 05:36 - 2015-11-05 10:55 - 000147968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rmcast.sys
2017-12-28 05:36 - 2015-10-13 14:16 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2017-12-28 05:36 - 2015-10-13 14:16 - 000129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2017-12-28 05:36 - 2015-03-12 06:31 - 002048000 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll
2017-12-28 05:36 - 2015-03-12 06:31 - 000096256 _____ (Microsoft Corporation) C:\windows\system32\WPDShServiceObj.dll
2017-12-28 05:36 - 2015-03-12 04:52 - 001933312 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdshext.dll
2017-12-28 05:33 - 2015-09-12 14:29 - 000144896 _____ (Microsoft Corporation) C:\windows\system32\tssdisai.dll
2017-12-28 05:33 - 2015-09-12 14:29 - 000126976 _____ (Microsoft Corporation) C:\windows\system32\RDWebAI.dll
2017-12-28 05:32 - 2016-06-25 19:28 - 000050368 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2017-12-28 05:32 - 2016-06-25 16:55 - 001490432 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2017-12-28 05:32 - 2016-06-25 16:55 - 000571904 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2017-12-28 05:32 - 2016-06-25 16:55 - 000544256 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2017-12-28 05:32 - 2016-06-25 16:55 - 000294912 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2017-12-28 05:32 - 2016-06-25 16:55 - 000268800 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2017-12-28 05:32 - 2016-06-25 16:55 - 000219136 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2017-12-28 05:32 - 2016-06-25 16:55 - 000076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2017-12-28 05:32 - 2016-06-17 14:09 - 001208320 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2017-12-28 05:32 - 2016-06-04 10:42 - 000405504 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2017-12-28 05:32 - 2015-09-12 14:29 - 000148480 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2017-12-28 05:32 - 2015-09-12 14:29 - 000135680 _____ (Microsoft Corporation) C:\windows\system32\appserverai.dll
2017-12-28 05:32 - 2015-09-12 14:29 - 000122880 _____ (Microsoft Corporation) C:\windows\system32\VmHostAI.dll
2017-12-28 05:32 - 2012-10-25 04:27 - 000013312 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2017-12-28 05:32 - 2012-10-25 04:26 - 000031232 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2017-12-28 05:32 - 2012-10-25 04:04 - 000011776 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2017-12-28 05:30 - 2015-08-01 15:50 - 017562112 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2017-12-28 05:30 - 2015-08-01 14:56 - 019778048 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2017-12-28 05:28 - 2015-07-15 17:09 - 000095064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2017-12-28 05:28 - 2015-07-15 17:06 - 001824296 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2017-12-28 05:28 - 2015-07-15 14:49 - 001410000 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2017-12-28 05:28 - 2015-07-15 14:29 - 001333248 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2017-12-28 05:28 - 2015-06-27 14:55 - 000273920 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2017-12-28 05:28 - 2015-06-27 14:46 - 000318464 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2017-12-28 05:28 - 2015-06-25 19:29 - 000210432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2017-12-28 05:28 - 2015-06-25 19:27 - 000281600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2017-12-28 05:28 - 2015-05-02 07:28 - 000100184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2017-12-28 05:28 - 2015-01-07 05:25 - 000403456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2017-12-28 05:27 - 2015-07-09 22:47 - 000243712 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2017-12-28 05:27 - 2015-07-09 22:47 - 000243712 _____ (Microsoft Corporation) C:\windows\notepad.exe
2017-12-28 05:27 - 2015-07-09 21:18 - 000233984 _____ (Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
2017-12-28 03:44 - 2016-11-20 19:28 - 000000222 _____ C:\Users\Bogdan\zdjęcia bogdan\Trimmer Tycoon.url
2017-12-28 03:44 - 2016-09-12 18:03 - 000000222 _____ C:\Users\Bogdan\zdjęcia bogdan\Unturned.url
2017-12-28 03:44 - 2016-09-11 13:22 - 000001039 _____ C:\Users\Bogdan\zdjęcia bogdan\Steam.lnk
2017-12-28 03:44 - 2016-08-20 17:51 - 001099297 _____ C:\Users\Bogdan\zdjęcia bogdan\SkyLand(1).exe
2017-12-28 03:34 - 2018-01-09 13:49 - 000002211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-28 03:31 - 2017-12-28 03:31 - 000003480 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-12-28 03:31 - 2017-12-28 03:31 - 000003352 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-12-28 03:29 - 2017-12-28 03:30 - 001129816 _____ (Google Inc.) C:\Users\Bogdan\Downloads\ChromeSetup.exe
2017-12-28 02:13 - 2017-12-28 02:13 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2017-12-27 23:02 - 2015-01-24 07:43 - 000420864 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2017-12-27 23:02 - 2015-01-24 06:00 - 000368640 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2017-12-27 22:23 - 2017-12-27 22:23 - 000000000 ____D C:\Users\Bogdan\AppData\Roaming\idesktop
2017-12-27 22:07 - 2017-12-27 22:07 - 000000002 _____ C:\windows\SysWOW64\stub.json
==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2018-01-10 09:36 - 2012-09-19 21:47 - 001625928 _____ C:\windows\system32\perfh015.dat
2018-01-10 09:36 - 2012-09-19 21:47 - 000425774 _____ C:\windows\system32\perfc015.dat
2018-01-10 09:36 - 2012-07-26 08:28 - 000005430 _____ C:\windows\system32\PerfStringBackup.INI
2018-01-10 09:35 - 2014-01-22 16:31 - 000003596 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4034686583-3572523072-671191548-1001
2018-01-10 09:34 - 2014-01-17 16:08 - 000000000 ____D C:\Users\Bogdan\AppData\Local\CrashDumps
2018-01-09 22:17 - 2014-07-09 14:27 - 000000342 _____ C:\windows\Tasks\HP Photo Creations Communicator.job
2018-01-09 21:58 - 2015-07-02 14:04 - 000000350 _____ C:\windows\Tasks\PPTAssistantNotifyTask_Bogdan.job
2018-01-09 21:50 - 2012-07-26 08:59 - 000000000 ____D C:\windows\CbsTemp
2018-01-09 14:28 - 2015-07-02 14:04 - 000000620 _____ C:\windows\Tasks\PPTAssistantUpdateTask_Bogdan.job
2018-01-09 14:20 - 2012-09-19 06:50 - 000000000 ____D C:\ProgramData\WinClon
2018-01-09 14:18 - 2014-02-01 16:58 - 000000000 ____D C:\Program Files (x86)\Steam
2018-01-09 14:15 - 2012-07-26 08:22 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-01-09 14:11 - 2012-07-26 09:12 - 000000000 ____D C:\Program Files\Windows Defender
2018-01-09 14:11 - 2012-07-26 09:12 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-01-09 13:54 - 2012-09-19 06:46 - 000000000 ____D C:\Program Files (x86)\NortonInstaller
2018-01-09 13:50 - 2015-06-29 15:32 - 000000000 ____D C:\windows\System32\Tasks\Remediation
2018-01-09 13:50 - 2012-07-26 06:26 - 000262144 ___SH C:\windows\system32\config\ELAM
2018-01-09 13:22 - 2014-03-26 20:51 - 000000000 ___RD C:\Users\Bogdan\zdjęcia bogdan
2018-01-09 13:14 - 2014-03-08 17:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2018-01-09 13:14 - 2014-01-22 16:42 - 000004388 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2018-01-09 13:14 - 2012-07-26 09:12 - 000000000 ____D C:\windows\SysWOW64\Macromed
2018-01-09 13:14 - 2012-07-26 09:12 - 000000000 ____D C:\windows\system32\Macromed
2018-01-02 18:34 - 2012-07-26 09:12 - 000000000 ____D C:\windows\system32\NDF
2018-01-02 18:20 - 2014-12-22 13:40 - 000300240 _____ C:\windows\system32\FNTCACHE.DAT
2018-01-02 18:11 - 2012-07-26 09:12 - 000000000 ___RD C:\windows\ToastData
2018-01-02 18:11 - 2012-07-26 06:37 - 000000000 ____D C:\windows\Inf
2018-01-02 18:04 - 2014-03-08 17:23 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2018-01-02 18:04 - 2014-03-08 17:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2018-01-02 17:21 - 2012-07-26 09:12 - 000000000 ____D C:\windows\WinStore
2018-01-02 16:19 - 2012-07-26 09:12 - 000000000 ___HD C:\windows\ELAMBKUP
2018-01-01 20:59 - 2014-06-13 22:30 - 000090624 ___SH C:\Users\Bogdan\zdjęcia bogdan\Thumbs.db
2017-12-29 22:45 - 2014-07-27 19:37 - 000000000 ____D C:\Users\Bogdan\AppData\Local\ElevatedDiagnostics
2017-12-29 22:17 - 2014-01-22 15:29 - 000000000 ____D C:\Users\Bogdan\AppData\Roaming\HpUpdate
2017-12-29 17:50 - 2014-08-26 14:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-12-28 14:08 - 2014-06-28 21:14 - 000002487 _____ C:\Users\Bogdan\Documents\Mój film.wlmp
2017-12-28 13:50 - 2014-03-09 15:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2017-12-28 13:39 - 2014-06-09 20:14 - 000000000 ____D C:\Users\Bogdan\zdjęcia bogdan\DOOM 3
2017-12-28 13:07 - 2012-07-26 08:52 - 000000000 ____D C:\Program Files\Windows Journal
2017-12-28 08:10 - 2014-01-17 16:08 - 000001054 _____ C:\Users\Bogdan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-12-28 08:05 - 2015-03-20 21:11 - 000000000 ____D C:\Program Files (x86)\realdeeAl
2017-12-28 08:05 - 2015-03-20 21:11 - 000000000 ____D C:\Program Files (x86)\coupponppeak
2017-12-28 08:05 - 2015-03-20 21:09 - 000000000 ____D C:\Program Files (x86)\greaTssaving
2017-12-28 08:05 - 2015-03-02 16:21 - 000000000 ____D C:\Program Files (x86)\Dislike Button
2017-12-28 08:05 - 2015-01-11 11:58 - 000000000 ____D C:\ProgramData\deaol4me
2017-12-28 08:05 - 2015-01-02 13:19 - 000000000 ____D C:\Program Files (x86)\WinZipper
2017-12-28 07:57 - 2015-01-02 13:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
2017-12-28 07:57 - 2014-07-25 08:31 - 000000000 ____D C:\Program Files (x86)\SupTab
2017-12-28 07:52 - 2014-07-25 08:31 - 000000000 ____D C:\Users\Bogdan\AppData\Roaming\vi-view
2017-12-28 06:20 - 2014-01-18 19:34 - 000000000 ____D C:\windows\system32\MRT
2017-12-28 06:19 - 2014-01-18 19:34 - 133326408 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-12-28 06:14 - 2012-07-26 09:12 - 000000000 ____D C:\windows\rescache
2017-12-28 04:12 - 2012-09-19 06:54 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2017-12-28 03:52 - 2014-07-09 14:50 - 000000000 ____D C:\Users\Bogdan\AppData\Local\Google
2017-12-28 03:32 - 2014-07-09 14:49 - 000000000 ____D C:\Program Files (x86)\Google
2017-12-28 03:01 - 2014-04-13 18:11 - 000115712 ___SH C:\Users\Bogdan\Downloads\Thumbs.db
2017-12-27 22:23 - 2015-02-07 03:26 - 000000000 ____D C:\Users\Bogdan\AppData\Roaming\eCyber
2017-12-27 22:15 - 2015-04-06 16:51 - 000000000 ____D C:\Program Files (x86)\MiniGet
2017-12-27 21:40 - 2017-01-13 19:15 - 000000000 ___HD C:\$Windows.~BT
==================== Pliki w katalogu głównym wybranych folderów =======
2014-09-23 19:07 - 2016-04-19 06:14 - 000322560 _____ () C:\Users\Bogdan\AppData\Local\bvymi.gdb
2014-09-23 19:07 - 2017-01-11 23:54 - 001118462 _____ () C:\Users\Bogdan\AppData\Local\bvymi.gss
2017-12-29 22:26 - 2017-12-29 22:26 - 000000017 _____ () C:\Users\Bogdan\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap ======================
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
C:\windows\system32\winlogon.exe = & gt; Plik podpisany cyfrowo
C:\windows\system32\wininit.exe = & gt; Plik podpisany cyfrowo
C:\windows\explorer.exe = & gt; Plik podpisany cyfrowo
C:\windows\SysWOW64\explorer.exe = & gt; Plik podpisany cyfrowo
C:\windows\system32\svchost.exe = & gt; Plik podpisany cyfrowo
C:\windows\SysWOW64\svchost.exe = & gt; Plik podpisany cyfrowo
C:\windows\system32\services.exe = & gt; Plik podpisany cyfrowo
C:\windows\system32\User32.dll = & gt; Plik podpisany cyfrowo
C:\windows\SysWOW64\User32.dll = & gt; Plik podpisany cyfrowo
C:\windows\system32\userinit.exe = & gt; Plik podpisany cyfrowo
C:\windows\SysWOW64\userinit.exe = & gt; Plik podpisany cyfrowo
C:\windows\system32\rpcss.dll = & gt; Plik podpisany cyfrowo
C:\windows\system32\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\windows\SysWOW64\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\windows\system32\Drivers\volsnap.sys = & gt; Plik podpisany cyfrowo
LastRegBack: 2017-12-28 06:09
==================== Koniec FRST.txt ============================