Nowy pliki po zainstalowaniu podanego programu.
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja:13-12-2015
Uruchomiony przez Maciej (administrator) DEEJAYIJA-KOMPU (14-12-2015 11:13:39)
Uruchomiony z C:\Users\Maciej\Downloads
Załadowane profile: Maciej (Dostępne profile: Maciej)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: FF)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesy (filtrowane) =================
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Atheros Commnucations) C:\Program Files\Bluetooth Suite\AdminService.exe
(Apple Computer, Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Check Point Software Technologies) C:\Program Files\CheckPoint\SSL Network Extender\slimsvc.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LMutilps32.exe
(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(tsvr.com) C:\Users\Maciej\AppData\Roaming\TSv\TSvr.exe
(TFuns LIMITED) C:\ProgramData\vWdMv\WdMan.exe
(TODO: & lt; 公司名 & gt; ) C:\Program Files\SFK\SSFK.exe
(TODO: & lt; 公司名 & gt; ) C:\Program Files\SFK\SSFK.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
==================== Rejestr (filtrowane) ===========================
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
HKLM\...\Run: [LManager] = & gt; C:\Program Files\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM\...\Run: [MSC] = & gt; c:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-29] (Microsoft Corporation)
HKLM\...\Run: [GrooveMonitor] = & gt; C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-975724029-1166048402-1323891604-1000\...\MountPoints2: {12a7db92-ed5f-11e1-8370-047d7b770c24} - F:\RunGame.exe
HKU\S-1-5-21-975724029-1166048402-1323891604-1000\...\MountPoints2: {57fae849-740d-11e5-85fe-54eb6b907715} - G:\SETUP.EXE
HKU\S-1-5-18\...\RunOnce: [SPReview] = & gt; C:\Windows\System32\SPReview\SPReview.exe [280576 2013-05-02] (Microsoft Corporation)
==================== Internet (filtrowane) ====================
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
Winsock: Catalog5 06 C:\Program Files\Bonjour\mdnsNSP.dll [94208 2006-02-28] (Apple Computer, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{B86D03CA-C959-4E65-B45A-8EBEAE8A22C2}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp & ts=1450079111 & z=c9001e4f46e205d0fb16691g8zewee2eam5t3g4ebm & from=wpm07173 & uid=WDCXWD3200BPVT-22JJ5T0_WD-WXQ1EA1HDRTRHDRTR
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds & ts=1450079111 & z=c9001e4f46e205d0fb16691g8zewee2eam5t3g4ebm & from=wpm07173 & uid=WDCXWD3200BPVT-22JJ5T0_WD-WXQ1EA1HDRTRHDRTR & q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp & ts=1450079111 & z=c9001e4f46e205d0fb16691g8zewee2eam5t3g4ebm & from=wpm07173 & uid=WDCXWD3200BPVT-22JJ5T0_WD-WXQ1EA1HDRTRHDRTR
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds & ts=1450079111 & z=c9001e4f46e205d0fb16691g8zewee2eam5t3g4ebm & from=wpm07173 & uid=WDCXWD3200BPVT-22JJ5T0_WD-WXQ1EA1HDRTRHDRTR & q={searchTerms}
HKU\S-1-5-21-975724029-1166048402-1323891604-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds & ts=1450079111 & z=c9001e4f46e205d0fb16691g8zewee2eam5t3g4ebm & from=wpm07173 & uid=WDCXWD3200BPVT-22JJ5T0_WD-WXQ1EA1HDRTRHDRTR & q={searchTerms}
HKU\S-1-5-21-975724029-1166048402-1323891604-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp & ts=1450079111 & z=c9001e4f46e205d0fb16691g8zewee2eam5t3g4ebm & from=wpm07173 & uid=WDCXWD3200BPVT-22JJ5T0_WD-WXQ1EA1HDRTRHDRTR
HKU\S-1-5-21-975724029-1166048402-1323891604-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp & ts=1450079111 & z=c9001e4f46e205d0fb16691g8zewee2eam5t3g4ebm & from=wpm07173 & uid=WDCXWD3200BPVT-22JJ5T0_WD-WXQ1EA1HDRTRHDRTR
HKU\S-1-5-21-975724029-1166048402-1323891604-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds & ts=1450079111 & z=c9001e4f46e205d0fb16691g8zewee2eam5t3g4ebm & from=wpm07173 & uid=WDCXWD3200BPVT-22JJ5T0_WD-WXQ1EA1HDRTRHDRTR & q={searchTerms}
HKU\S-1-5-21-975724029-1166048402-1323891604-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786 & Mkt=pl-PL & Src=MSE & Tid=0003446E & OHP=http%3A%2F%2Fwww.google.com & OSP=http%3A%2F%2Fwww.bing.com%2Fsearch%3Fq%3D%7BsearchTerms%7D%26src%3DIE%2DSearchBox%26FORM%3DIE8SRC
SearchScopes: HKU\.DEFAULT - & gt; DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 - & gt; DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 - & gt; DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-975724029-1166048402-1323891604-1000 - & gt; {0169E444-EFD5-422C-832B-9A807CB2A49D} URL = hxxp://www.google.com/search?hl=pl & q={searchTerms}
BHO: Groove GFS Browser Helper - & gt; {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - & gt; C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-21] (Oracle Corporation)
BHO: CIESpeechBHO Class - & gt; {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - & gt; C:\Program Files\Bluetooth Suite\IEPlugIn.dll [2011-09-16] (Atheros Commnucations)
BHO: Office Document Cache Handler - & gt; {B4F3A835-0E21-4959-BA22-42B3008E02FF} - & gt; C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-21] (Oracle Corporation)
BHO: IplexToALLPlayer - & gt; {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - & gt; C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll [2011-02-09] (ALLCinema Ltd.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc & ts=1445852953 & z=80a089c156fe67fa7b75a7egfz6z7wcb9w0o4q5t9b & from=cor & uid=WDCXWD3200BPVT-22JJ5T0_WD-WXQ1EA1HDRTRHDRTR
FireFox:
========
FF ProfilePath: C:\Users\Maciej\AppData\Roaming\Mozilla\Firefox\Profiles\cqkci3pa.default
FF NewTab: chrome://quick_start/content/index.html
FF SelectedSearchEngine: yoursites123
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - & gt; C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-11] ()
FF Plugin: @adobe.com/ShockwavePlayer - & gt; C:\Windows\system32\Adobe\Director\np32dsw_1205146.dll [2013-10-25] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - & gt; C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - & gt; C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-10-21] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - & gt; disabled [Brak pliku]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - & gt; c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - & gt; C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - & gt; C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.450 - & gt; C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - & gt; C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin: Adobe Reader - & gt; C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF SearchPlugin: C:\Users\Maciej\AppData\Roaming\Mozilla\Firefox\Profiles\cqkci3pa.default\searchplugins\yoursites123.xml [2015-12-14]
FF Extension: Epuap Sign Plugin - C:\Users\Maciej\AppData\Roaming\Mozilla\Firefox\Profiles\cqkci3pa.default\extensions\SignPlugin@epuap.com [2014-05-18] [Brak podpisu cyfrowego]
FF Extension: NewTabURL - C:\Users\Maciej\AppData\Roaming\Mozilla\Firefox\Profiles\cqkci3pa.default\extensions\newtaburl@sogame.cat.xpi [2015-05-29]
FF Extension: Updated Ad Blocker for Firefox 11+ - C:\Users\Maciej\AppData\Roaming\Mozilla\Firefox\Profiles\cqkci3pa.default\extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi [2015-05-29]
FF Extension: sidebar - C:\Users\Maciej\AppData\Roaming\Mozilla\Firefox\Profiles\cqkci3pa.default\extensions\sidebarff@gmail.com [2015-11-07] [Brak podpisu cyfrowego]
FF Extension: Default NewTab - C:\Users\Maciej\AppData\Roaming\Mozilla\Firefox\Profiles\cqkci3pa.default\extensions\default_newtabff@gmail.com [2015-12-14] [Brak podpisu cyfrowego]
FF Extension: YahooToolsProtected - C:\Users\Maciej\AppData\Roaming\Mozilla\Firefox\Profiles\cqkci3pa.default\extensions\yahooprotected@gmail.com [2015-12-14] [Brak podpisu cyfrowego]
FF HKLM\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Users\Maciej\AppData\Roaming\Mozilla\Firefox\Profiles\cqkci3pa.default\extensions\fftoolbar2014@etech.com = & gt; nie znaleziono
FF HKLM\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\Maciej\AppData\Roaming\Mozilla\Firefox\Profiles\cqkci3pa.default\extensions\defsearchp@gmail.com = & gt; nie znaleziono
FF HKLM\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Maciej\AppData\Roaming\Mozilla\Firefox\Profiles\cqkci3pa.default\extensions\deskCutv2@gmail.com = & gt; nie znaleziono
FF HKLM\...\Firefox\Extensions: [sidebarff@gmail.com] - C:\Users\Maciej\AppData\Roaming\Mozilla\Firefox\Profiles\cqkci3pa.default\extensions\sidebarff@gmail.com
FF HKLM\...\Firefox\Extensions: [default_newtabff@gmail.com] - C:\Users\Maciej\AppData\Roaming\Mozilla\Firefox\Profiles\cqkci3pa.default\extensions\default_newtabff@gmail.com
FF HKLM\...\Firefox\Extensions: [yahooprotected@gmail.com] - C:\Users\Maciej\AppData\Roaming\Mozilla\Firefox\Profiles\cqkci3pa.default\extensions\yahooprotected@gmail.com
StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe hxxp://www.yoursites123.com/?type=sc & ts=1450079111 & z=c9001e4f46e205d0fb16691g8zewee2eam5t3g4ebm & from=wpm07173 & uid=WDCXWD3200BPVT-22JJ5T0_WD-WXQ1EA1HDRTRHDRTR
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\Users\Maciej\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx & lt; nie znaleziono & gt;
CHR HKLM\...\Chrome\Extension: [pmlghpafmmnmmkjdhacccolfgnkiboco] - C:\Program Files\1ClickDownload\oneclickdownloader11.crx & lt; nie znaleziono & gt;
==================== Usługi (filtrowane) ========================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 AtherosSvc; C:\Program Files\Bluetooth Suite\adminservice.exe [84640 2011-09-16] (Atheros Commnucations) [Brak podpisu cyfrowego]
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [Brak podpisu cyfrowego]
R2 cpextender; C:\Program Files\CheckPoint\SSL Network Extender\slimsvc.exe [355496 2011-10-18] (Check Point Software Technologies)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2012-05-25] (Flexera Software, Inc.)
R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1755136 2011-03-07] (Realsil Microelectronics Inc.) [Brak podpisu cyfrowego]
R2 IhPul; C:\Users\Maciej\AppData\Roaming\TSv\TSvr.exe [580752 2015-12-08] (tsvr.com)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
R2 SSFK; C:\Program Files\SFK\SSFK.exe [170144 2015-11-27] (TODO: & lt; 公司名 & gt; )
S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1343400 2012-05-26] () [Brak podpisu cyfrowego]
R2 WdMan; C:\ProgramData\vWdMv\WdMan.exe [333312 2015-12-04] (TFuns LIMITED) [Brak podpisu cyfrowego]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S4 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5186048 2012-05-25] (Broadcom Corporation) [Brak podpisu cyfrowego]
===================== Sterowniki (filtrowane) ==========================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
S3 AthBTPort; C:\Windows\System32\DRIVERS\btath_flt.sys [35488 2011-09-16] (Atheros)
S3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18496 2012-05-25] (Broadcom Corporation)
S3 BTATH_A2DP; C:\Windows\System32\drivers\btath_a2dp.sys [290976 2011-09-16] (Atheros)
S3 btath_avdt; C:\Windows\System32\drivers\btath_avdt.sys [97440 2011-09-16] (Atheros)
R3 BTATH_BUS; C:\Windows\System32\DRIVERS\btath_bus.sys [25248 2011-09-16] (Atheros)
S3 BTATH_HCRP; C:\Windows\System32\DRIVERS\btath_hcrp.sys [147616 2011-09-16] (Atheros)
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [60064 2011-09-16] (Atheros)
S3 BTATH_RCP; C:\Windows\System32\DRIVERS\btath_rcp.sys [263968 2011-09-16] (Atheros)
S3 BtFilter; C:\Windows\System32\DRIVERS\btfilter.sys [440992 2011-09-16] (Atheros)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [25016 2015-10-16] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-08-23] (DT Soft Ltd)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [116008 2010-11-12] (ELAN Microelectronics Corp.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R1 MpKslcd98b2fe; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{59220192-DDAD-42AD-97F6-672B981F7B44}\MpKslcd98b2fe.sys [39168 2015-12-14] (Microsoft Corporation)
R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [254056 2011-05-30] (Realtek Semiconductor Corp.)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [717296 2015-10-16] (Duplex Secure Ltd.)
R3 VNA; C:\Windows\System32\DRIVERS\vna.sys [129304 2011-10-18] (Check Point Software Technologies)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S1 wfdrvr_vt_1_10_0_25; system32\drivers\wfdrvr_vt_1_10_0_25.sys [X]
==================== NetSvcs (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
==================== Jeden miesiąc - utworzone pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2015-12-14 11:13 - 2015-12-14 11:14 - 00017172 _____ C:\Users\Maciej\Downloads\FRST.txt
2015-12-14 11:13 - 2015-12-14 11:13 - 01720832 _____ (Farbar) C:\Users\Maciej\Downloads\FRST.exe
2015-12-14 08:47 - 2015-12-14 09:25 - 00000000 ____D C:\Program Files\WinZipper
2015-12-14 08:47 - 2015-12-14 08:47 - 00000000 ____D C:\Users\Maciej\AppData\Roaming\WinZipper
2015-12-14 08:46 - 2015-12-14 10:51 - 00000000 ____D C:\Program Files\SFK
2015-12-14 08:46 - 2015-12-14 08:46 - 00000001 _____ C:\Windows\system32\pl.html
2015-12-14 08:46 - 2015-12-14 08:46 - 00000000 ____D C:\Users\Maciej\AppData\Roaming\TSv
2015-12-14 08:44 - 2015-12-14 08:46 - 00000000 ____D C:\ProgramData\vWdMv
2015-12-12 17:45 - 2015-12-12 17:45 - 00022784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0.bak
2015-12-12 17:45 - 2015-12-12 17:45 - 00022784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0.bak
2015-12-12 09:22 - 2015-12-12 09:22 - 00000921 _____ C:\Users\Maciej\Desktop\or.txt
2015-12-08 17:46 - 2015-12-08 17:46 - 00000165 ____H C:\Users\Maciej\Desktop\~$wnisok.-statys-08.12.2015 aga.xlsx
==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2015-12-14 11:13 - 2015-01-10 19:18 - 00000000 ____D C:\FRST
2015-12-14 11:11 - 2012-05-25 23:43 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-14 10:44 - 2009-07-14 05:34 - 00001184 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-14 10:44 - 2009-07-14 05:34 - 00001184 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-14 08:46 - 2015-10-26 10:50 - 00000074 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-12-14 08:45 - 2012-05-25 22:05 - 00001416 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-14 08:45 - 2012-05-25 22:05 - 00001404 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-12-14 08:45 - 2012-05-24 21:20 - 00001737 _____ C:\Users\Maciej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-13 09:51 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2015-12-12 17:45 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-12 17:44 - 2009-07-14 03:37 - 00000000 ____D C:\Windows
2015-12-12 16:51 - 2015-10-12 07:36 - 00000000 ____D C:\Users\Maciej\Desktop\UP II
2015-12-12 16:50 - 2012-08-24 09:04 - 00000000 ____D C:\Users\Maciej\AppData\Local\CrashDumps
2015-12-12 16:50 - 2012-05-25 23:58 - 00000000 ____D C:\Users\Maciej\AppData\Roaming\Winamp
2015-12-11 17:12 - 2012-05-25 00:51 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-12-11 17:12 - 2012-05-25 00:51 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-12-10 15:19 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2015-12-09 04:39 - 2012-06-06 12:07 - 00247976 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-12-06 23:57 - 2012-05-25 21:46 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-05 08:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2015-12-04 11:57 - 2012-05-24 21:25 - 00943032 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-04 11:57 - 2009-07-14 09:07 - 00157260 _____ C:\Windows\system32\perfc015.dat
2015-12-04 11:57 - 2009-07-14 09:07 - 00012650 _____ C:\Windows\system32\perfh015.dat
2015-11-22 17:25 - 2012-05-25 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-11-21 16:42 - 2013-08-19 12:21 - 00000000 ____D C:\Windows\system32\MRT
2015-11-21 16:42 - 2012-05-25 09:24 - 143250520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-17 06:59 - 2009-07-14 05:33 - 01757672 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-17 06:55 - 2009-07-14 09:28 - 00000000 ____D C:\Program Files\Windows Journal
==================== Pliki w katalogu głównym wybranych folderów =======
2012-05-29 10:13 - 2014-01-15 08:35 - 0019968 _____ () C:\Users\Maciej\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-04-08 11:10 - 2013-04-08 11:10 - 0001832 _____ () C:\Users\Maciej\AppData\Local\SLC_Maciej.prx
2015-10-26 10:50 - 2015-12-14 08:46 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Pliki do przeniesienia lub usunięcia:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
==================== Bamital & volsnap =================
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
C:\Windows\explorer.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\winlogon.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\services.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\User32.dll = & gt; MD5 jest poprawne
C:\Windows\system32\userinit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys = & gt; Plik podpisany cyfrowo
LastRegBack: 2015-11-19 12:32
==================== Koniec FRST.txt ============================