Mógłby mi ktoś sprawdzić logi, niby wszystko gra, ale jednak mój system nie staje na wysokości zadania.
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja:06-05-2016 01
Uruchomiony przez adam (administrator) ADAM-PC (05-05-2016 22:56:44)
Uruchomiony z C:\Users\adam\Desktop\FRST
Załadowane profile: adam (Dostępne profile: adam & Gość)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Język: Polski (Polska)
Internet Explorer Wersja 9 (Domyślna przeglądarka: Opera)
Tryb startu: Safe Mode (with Networking)
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesy (filtrowane) =================
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
(Baidu, Inc.) C:\Program Files\Baidu Security\Baidu Antivirus\5.4.3.122701.0\BAVSvc.exe
(Baidu, Inc.) C:\Program Files\Baidu Security\Baidu Antivirus\5.4.3.122701.0\BavTray.exe
(Microsoft Corporation) C:\Windows\winsxs\x86_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.0.6002.18005_none_124e37978886d513\WmiPrvSE.exe
==================== Rejestr (filtrowane) ===========================
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
HKLM\...\Run: [NvCplDaemon] = & gt; RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] = & gt; RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [Baidu Antivirus] = & gt; C:\Program Files\Baidu Security\Baidu Antivirus\5.4.3.122701.0\BavTray.exe [1997296 2015-05-15] (Baidu, Inc.)
HKLM\...\Run: [TkBellExe] = & gt; C:\Program Files\Real\RealPlayer\update\realsched.exe [296096 2012-11-14] (RealNetworks, Inc.)
HKLM\...\Run: [RTHDVCPL] = & gt; C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12336856 2015-06-18] (Realtek Semiconductor)
HKU\S-1-5-21-1388063987-2954757424-4130118362-1000\...\Run: [Google Update] = & gt; C:\Users\adam\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc.)
HKU\S-1-5-21-1388063987-2954757424-4130118362-1000\...\Run: [CCleaner Monitoring] = & gt; C:\Program Files\CCleaner\CCleaner.exe [6667992 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-1388063987-2954757424-4130118362-1000\...\Run: [WMPNSCFG] = & gt; C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1388063987-2954757424-4130118362-1000\Control Panel\Desktop\\SCRNSAVE.EXE - & gt; C:\Windows\system32\Mystify.scr [221184 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [{91120000-002F-0000-0000-0000000FF1CE}] = & gt; C:\Windows\system32\cmd.exe /C del " C:\ProgramData\Microsoft Help\Rgstrtn.lck " /Q /A:H
HKU\S-1-5-18\...\RunOnce: [{90120000-006E-0415-0000-0000000FF1CE}] = & gt; C:\Windows\system32\cmd.exe /C del " C:\ProgramData\Microsoft Help\Rgstrtn.lck " /Q /A:H
ShellIconOverlayIdentifiers: [Uchwyt nakładania ikony podpisu cyfrowego] - & gt; {36A21736-36C2-4C11-8ACB-D4136F2B57BD} = & gt; C:\Windows\system32\AcSignIcon.dll [2009-02-09] (Autodesk, Inc.)
Startup: C:\Users\adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HDDlife.lnk [2016-04-17]
ShortcutTarget: HDDlife.lnk - & gt; C:\Program Files\BinarySense\HDDlife 4\HDDlifePro.exe (Brak pliku)
Startup: C:\Users\Gość\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HDDlife.lnk [2015-10-20]
ShortcutTarget: HDDlife.lnk - & gt; C:\Program Files\BinarySense\HDDlife 4\HDDlifePro.exe (Brak pliku)
Startup: C:\Users\Gość\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk [2012-08-21]
ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk - & gt; C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (filtrowane) ====================
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
Tcpip\Parameters: [DhcpNameServer] 37.8.214.2 31.11.202.254
Tcpip\..\Interfaces\{C7ABD205-AE53-44B4-AA9F-77354ED0E52E}: [DhcpNameServer] 37.8.214.2 31.11.202.254
Tcpip\..\Interfaces\{EBDFEDC4-386C-4481-92CC-68C6E9F8A2D0}: [DhcpNameServer] 37.8.214.2 31.11.202.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp120150517
BHO: RealPlayer Download and Record Plugin for Internet Explorer - & gt; {3049C3E9-B461-4BC5-8870-4C09146192CA} - & gt; C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-11-14] (RealPlayer)
BHO: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files\Java\jre7\bin\ssv.dll [2015-01-26] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-01-26] (Oracle Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-08-16] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\adam\AppData\Roaming\Mozilla\Firefox\Profiles\qgsbl79x.default
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser/
FF Plugin: @adobe.com/FlashPlayer - & gt; C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-30] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - & gt; C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - & gt; C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp - & gt; C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Brak pliku]
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf - & gt; C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Brak pliku]
FF Plugin: @Google.com/GoogleEarthPlugin - & gt; C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - & gt; C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - & gt; C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - & gt; c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=15.0.6.14 - & gt; C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2012-11-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.6.14 - & gt; C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2012-11-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - & gt; C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-11-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 - & gt; C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-11-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.6.14 - & gt; C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll [2012-11-14] (RealPlayer)
FF Plugin: @tools.google.com/Google Update;version=3 - & gt; C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - & gt; C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.2 - & gt; C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 - & gt; C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-1388063987-2954757424-4130118362-1000: @talk.google.com/GoogleTalkPlugin - & gt; C:\Users\adam\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1388063987-2954757424-4130118362-1000: @talk.google.com/O1DPlugin - & gt; C:\Users\adam\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1388063987-2954757424-4130118362-1000: @tools.google.com/Google Update;version=3 - & gt; C:\Users\adam\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin HKU\S-1-5-21-1388063987-2954757424-4130118362-1000: @tools.google.com/Google Update;version=9 - & gt; C:\Users\adam\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll [2011-12-09] (Nullsoft, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\adam\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\adam\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\adam\AppData\Roaming\Mozilla\Firefox\Profiles\qgsbl79x.default\Extensions\elemhidehelper@adblockplus.org.xpi [2015-11-27]
FF Extension: Adblock Plus - C:\Users\adam\AppData\Roaming\Mozilla\Firefox\Profiles\qgsbl79x.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-29]
FF Extension: Click to call with Skype - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-12-28] [Brak podpisu cyfrowego]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-02-15] [Brak podpisu cyfrowego]
FF HKLM\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-11-14] [Brak podpisu cyfrowego]
Chrome:
=======
CHR HomePage: Default - & gt; hxxp://google.pl/
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\adam\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.866\_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\49.0.2623.112\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\adam\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-11]
CHR Extension: (Flash® Player for YouTube™) - C:\Users\adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajdkhdcndkniopfefocbgbkofflagpm [2016-03-11]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-11-14]
CHR HKLM\...\Chrome\Extension: [jidkebcigjgheaahopdnlfaohgnocfai] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-03-11]
==================== Usługi (filtrowane) ========================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 bavsvc; C:\Program Files\Baidu Security\Baidu Antivirus\5.4.3.122701.0\bavsvc.exe [2572928 2015-05-15] (Baidu, Inc.)
S3 BdSandboxSrv; C:\Program Files\Baidu Security\Baidu Antivirus\5.4.3.122701.0\BdSandboxSrv.exe [216608 2015-01-08] (Baidu, Inc.)
S2 bhipssvc; C:\Program Files\Baidu Security\Baidu Antivirus\5.4.3.122701.0\bhipssvc.exe [531232 2015-05-15] (Baidu, Inc.)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2013-08-19] (Macrovision Europe Ltd.) [Brak podpisu cyfrowego]
S2 hasplms; C:\Windows\system32\hasplms.exe [3750400 2009-12-16] (SafeNet Inc.)
S2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-03-17] (Hewlett-Packard Company) [Brak podpisu cyfrowego]
S2 OcupdatehlpSvr; C:\Windows\System32\adtsobject.dll [411800 2009-04-11] ()
S2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2006-12-20] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
===================== Sterowniki (filtrowane) ==========================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
S2 aksfridge; C:\Windows\system32\drivers\aksfridge.sys [358400 2010-04-13] (SafeNet Inc.)
S3 bdark; C:\Windows\system32\drivers\bdark.sys [82376 2015-04-20] ()
S3 BdSandbox; C:\Windows\System32\drivers\BdSandbox.sys [194552 2015-01-08] (Baidu, Inc.)
S1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [51144 2015-05-15] (Baidu, Inc.)
S1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [31176 2015-05-15] (Baidu, Inc.)
S0 Bhbase; C:\Windows\System32\drivers\Bhbase.sys [74888 2015-05-15] (Baidu, Inc.)
S3 BHipsEx; C:\Windows\System32\drivers\BHipsEx.sys [138184 2015-05-15] (Baidu, Inc.)
S1 Bnbase; C:\Windows\System32\drivers\bnbasex.sys [75400 2015-05-15] (Baidu, Inc.)
S1 Bndef; C:\Windows\System32\drivers\bndef.sys [461192 2015-05-15] (Baidu, Inc.)
S3 BNmon; C:\Program Files\Baidu Security\Baidu Antivirus\5.4.3.122701.0\Bnmon.sys [84936 2015-05-15] (Baidu, Inc.)
R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [195528 2015-05-15] (Baidu, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2015-01-25] (Disc Soft Ltd)
S1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [26248 2012-10-03] (EldoS Corporation)
S2 gamzexhttps; C:\Windows\system32\drivers\wmzsmsgmgr.sys [123816 2015-10-10] ()
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] () [Brak podpisu cyfrowego]
S2 hardlock; C:\Windows\system32\drivers\hardlock.sys [588800 2009-12-09] (SafeNet Inc.)
S2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2006-11-14] (SAMSUNG ELECTRONICS CO., LTD.)
S3 PortTalk; C:\Windows\System32\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic hxxp://www.beyondlogic.org) [Brak podpisu cyfrowego]
R0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
S3 VMC302; C:\Windows\System32\Drivers\VMC302.sys [242560 2008-04-05] (Vimicro Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
==================== NetSvcs (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
==================== Jeden miesiąc - utworzone pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2016-05-05 22:55 - 2016-05-05 22:56 - 00000000 ____D C:\Users\adam\Desktop\FRST
2016-05-05 22:47 - 2016-05-05 22:56 - 00000000 ____D C:\FRST
2016-05-05 16:38 - 2016-05-05 16:41 - 00000000 ____D C:\Users\adam\Desktop\mojeskany
2016-05-02 17:04 - 2016-05-02 17:04 - 00000000 ____D C:\$WINDOWS.~BT
2016-05-02 17:03 - 2016-05-02 17:34 - 00001905 _____ C:\Windows\diagwrn.xml
2016-05-02 17:03 - 2016-05-02 17:34 - 00001905 _____ C:\Windows\diagerr.xml
2016-05-02 11:53 - 2016-05-05 22:00 - 00102196 _____ C:\Windows\ntbtlog.txt
2016-05-02 11:31 - 2016-05-02 11:31 - 00003218 _____ C:\Users\adam\Documents\cc_20160502_113120.reg
2016-04-30 23:39 - 2016-04-30 23:39 - 00001800 _____ C:\Users\adam\Documents\cc_20160430_233919.reg
2016-04-29 20:30 - 2016-04-29 20:30 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-04-28 20:50 - 2016-05-01 20:52 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2016-04-26 18:37 - 2016-04-26 18:37 - 00001884 _____ C:\Users\adam\Documents\cc_20160426_183718.reg
2016-04-25 22:00 - 2016-04-25 22:01 - 07150537 _____ C:\Users\adam\Documents\Maszewo.rar
2016-04-25 20:10 - 2016-04-25 20:10 - 00197111 _____ C:\Users\adam\Documents\informacja_mir.pdf
2016-04-25 16:58 - 2016-04-25 16:58 - 00001964 _____ C:\Users\adam\Documents\cc_20160425_165841.reg
2016-04-23 14:42 - 2016-04-23 14:42 - 00243329 _____ C:\Users\adam\Downloads\barbj.pdf
2016-04-23 12:39 - 2016-04-23 12:39 - 00000292 _____ C:\Users\adam\Desktop\Dysk lokalny (D) — skrót.lnk
2016-04-23 11:32 - 2016-04-23 11:32 - 00019668 _____ C:\Users\adam\Documents\cc_20160423_113243.reg
2016-04-23 11:03 - 2016-04-23 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-04-23 11:03 - 2016-04-23 11:03 - 00000000 ____D C:\Program Files\CCleaner
2016-04-22 21:23 - 2016-04-22 21:23 - 00006754 _____ C:\Users\adam\Documents\cc_20160422_212331.reg
2016-04-17 12:25 - 2016-04-17 12:25 - 00011652 _____ C:\Users\adam\Documents\cc_20160417_122539.reg
2016-04-16 20:49 - 2016-04-16 20:49 - 00000000 ____D C:\Users\adam\AppData\Local\Sparta
2016-04-13 22:16 - 2016-04-13 22:16 - 00544168 _____ C:\Users\adam\Documents\D19940414Lj.pdf
2016-04-11 17:44 - 2016-04-11 17:44 - 00706386 _____ C:\Users\Gość\Downloads\Rozp.ministra infrast.w sper.warunków technicznych, jakim powinny odpowiadać budynki i ich usytuowanie (1).pdf
2016-04-11 17:43 - 2016-04-11 17:42 - 00706386 _____ C:\Users\Gość\Downloads\Rozp.ministra infrast.w sper.warunków technicznych, jakim powinny odpowiadać budynki i ich usytuowanie.pdf
2016-04-11 17:40 - 2016-04-11 17:40 - 00706386 _____ C:\Users\Gość\Downloads\D20020690 (1).pdf
2016-04-11 17:37 - 2016-04-11 17:37 - 00706386 _____ C:\Users\Gość\Downloads\D20020690.pdf
==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2060-08-18 19:02 - 2000-01-24 05:01 - 02023424 ____N (Inprise Corporation) C:\Windows\system32\VCL50.BPL
2060-08-18 19:02 - 2000-01-24 05:01 - 00248832 ____N (Inprise Corporation) C:\Windows\system32\VCLX50.BPL
2016-05-05 22:56 - 2013-05-25 19:33 - 00000000 ____D C:\Program Files\Convar
2016-05-05 22:20 - 2012-02-13 18:44 - 00001356 _____ C:\Users\adam\AppData\Local\d3d9caps.dat
2016-05-05 22:00 - 2014-06-26 21:44 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-05 21:53 - 2012-10-26 16:39 - 00032546 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-05-05 21:53 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-05 21:53 - 2006-11-02 14:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-05 21:53 - 2006-11-02 14:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-05 21:33 - 2012-03-17 15:17 - 00000000 ____D C:\Users\adam\AppData\Roaming\Skype
2016-05-05 21:16 - 2012-12-19 13:08 - 00001036 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-05 21:12 - 2015-07-18 19:28 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-05 21:05 - 2012-10-26 20:31 - 00092040 _____ C:\ProgramData\nvModes.001
2016-05-05 21:03 - 2012-12-19 13:08 - 00001032 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-05 21:03 - 2012-10-26 20:31 - 00092040 _____ C:\ProgramData\nvModes.dat
2016-05-04 23:49 - 2014-07-28 19:05 - 00000000 ____D C:\Users\Gość\AppData\Roaming\Skype
2016-05-03 16:33 - 2016-01-17 16:10 - 00000000 ___RD C:\Users\adam\Documents\case open
2016-05-03 08:52 - 2014-04-17 13:57 - 00000000 ____D C:\Users\Gość\Desktop\FORMY
2016-05-02 11:59 - 2015-02-14 13:34 - 00000000 ____D C:\ProgramData\BAVSvc_exe
2016-05-01 20:53 - 2013-01-14 19:57 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-05-01 08:15 - 2015-10-25 08:50 - 00000000 ____D C:\Users\Gość\Desktop\londyn
2016-05-01 00:15 - 2013-07-11 19:33 - 00000000 ____D C:\Users\adam\AppData\Roaming\vlc
2016-04-30 22:50 - 2014-06-27 00:23 - 00000000 ____D C:\Users\adam\AppData\Local\Adobe
2016-04-30 22:38 - 2015-07-18 19:28 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-04-30 22:38 - 2015-07-18 19:28 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-04-29 20:30 - 2012-03-17 15:16 - 00000000 ___RD C:\Program Files\Skype
2016-04-29 20:30 - 2012-03-17 15:15 - 00000000 ____D C:\ProgramData\Skype
2016-04-27 21:48 - 2015-04-11 18:22 - 00000000 ____D C:\Users\adam\Desktop\Pulpit
2016-04-25 20:18 - 2008-01-21 08:24 - 01616086 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-25 20:18 - 2008-01-21 08:24 - 00714916 _____ C:\Windows\system32\perfh015.dat
2016-04-25 20:18 - 2008-01-21 08:24 - 00151756 _____ C:\Windows\system32\perfc015.dat
2016-04-25 20:18 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2016-04-23 11:30 - 2012-09-13 20:07 - 00000000 ____D C:\Users\adam\AppData\Roaming\XnView
2016-04-23 11:03 - 2013-06-29 00:34 - 00003442 _____ C:\Windows\wininit.ini
2016-04-17 16:16 - 2014-02-01 13:32 - 00000000 ____D C:\Program Files\Opera
2016-04-17 16:09 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\ShellNew
2016-04-17 14:30 - 2016-01-14 13:23 - 00000876 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-04-17 14:30 - 2016-01-01 01:45 - 00002489 _____ C:\Users\Public\Desktop\Skype.lnk
2016-04-17 14:30 - 2015-12-29 21:15 - 00002006 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-17 14:30 - 2015-12-29 21:15 - 00001994 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-17 14:30 - 2015-12-19 00:19 - 00000080 _____ C:\Users\adam\AppData\Roaming\Microsoft\Windows\Start Menu\uTorrent.lnk
2016-04-17 14:30 - 2015-12-19 00:18 - 00000080 _____ C:\Users\adam\Desktop\uTorrent.lnk
2016-04-17 14:30 - 2015-09-10 15:39 - 00001858 _____ C:\Users\adam\Desktop\ControlCenter3.lnk
2016-04-17 14:30 - 2015-08-23 18:58 - 00000765 _____ C:\Users\adam\Desktop\oCam.lnk
2016-04-17 14:30 - 2015-08-23 18:57 - 00000954 _____ C:\Users\adam\Desktop\Continue oCam installation.lnk
2016-04-17 14:30 - 2015-07-18 15:54 - 00000808 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-04-17 14:30 - 2015-07-18 15:54 - 00000796 _____ C:\Users\Public\Desktop\Opera.lnk
2016-04-17 14:30 - 2015-06-04 21:51 - 00002034 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2016-04-17 14:30 - 2015-04-11 19:30 - 00000821 _____ C:\Users\adam\Desktop\SpeedFan.lnk
2016-04-17 14:30 - 2015-01-26 00:28 - 00001752 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-04-17 14:30 - 2014-07-04 12:04 - 00000969 _____ C:\Users\Public\Desktop\PDF-XChange Viewer.lnk
2016-04-17 14:30 - 2014-07-03 12:49 - 00000803 _____ C:\Users\Public\Desktop\Baidu Antivirus.lnk
2016-04-17 14:30 - 2014-04-03 12:43 - 00000990 _____ C:\Users\adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk
2016-04-17 14:30 - 2014-04-03 12:43 - 00000982 _____ C:\Users\adam\Desktop\GG.lnk
2016-04-17 14:30 - 2014-03-16 13:28 - 00001029 _____ C:\Users\adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenFM.lnk
2016-04-17 14:30 - 2014-03-16 13:28 - 00001021 _____ C:\Users\adam\Desktop\OpenFM.lnk
2016-04-17 14:30 - 2013-09-15 13:14 - 00001734 _____ C:\Users\adam\Desktop\English Line FCE.lnk
2016-04-17 14:30 - 2013-09-11 14:07 - 00001446 _____ C:\Users\adam\Desktop\DivX Movies.lnk
2016-04-17 14:30 - 2013-09-11 14:07 - 00000949 _____ C:\Users\Public\Desktop\DivX Converter.lnk
2016-04-17 14:30 - 2013-09-06 13:45 - 00001133 _____ C:\Users\Public\Desktop\WinCAPS 7.90.31 PL.lnk
2016-04-17 14:30 - 2013-09-06 10:20 - 00001886 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDP HV v07.03.13.lnk
2016-04-17 14:30 - 2013-09-06 10:20 - 00001874 _____ C:\Users\Public\Desktop\PDP HV v07.03.13.lnk
2016-04-17 14:30 - 2013-09-06 09:54 - 00001886 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDP HV v07.03.09.lnk
2016-04-17 14:30 - 2013-09-06 09:54 - 00001874 _____ C:\Users\Public\Desktop\PDP HV v07.03.09.lnk
2016-04-17 14:30 - 2013-07-27 15:05 - 00002414 _____ C:\Users\Public\Desktop\HDDlife Pro.lnk
2016-04-17 14:30 - 2013-06-09 22:31 - 00000977 _____ C:\Users\adam\Desktop\Quick Recovery for Windows.lnk
2016-04-17 14:30 - 2013-04-01 13:33 - 00002105 _____ C:\Users\adam\Desktop\Rzeczpospolita Tester słówek.lnk
2016-04-17 14:30 - 2013-04-01 13:33 - 00002085 _____ C:\Users\adam\Desktop\Rzeczpospolita Multimedialny słownik polsko-angielski.lnk
2016-04-17 14:30 - 2013-01-26 18:55 - 00000787 _____ C:\Users\adam\Desktop\HyperCam 2.lnk
2016-04-17 14:30 - 2012-12-10 18:49 - 00000559 _____ C:\Users\adam\Desktop\FreeOCR.lnk
2016-04-17 14:30 - 2012-11-14 02:24 - 00001054 _____ C:\Users\Public\Desktop\RealPlayer.lnk
2016-04-17 14:30 - 2012-10-30 01:00 - 00001782 _____ C:\Users\adam\Desktop\CrystalDiskInfo.lnk
2016-04-17 14:30 - 2012-07-23 21:04 - 00000928 _____ C:\Users\adam\Desktop\Yuri's Revenge.lnk
2016-04-17 14:30 - 2012-07-23 21:04 - 00000916 _____ C:\Users\adam\Desktop\Red Alert 2.lnk
2016-04-17 14:30 - 2012-06-26 22:25 - 00001703 _____ C:\Users\Public\Desktop\Trickshot.lnk
2016-04-17 14:30 - 2012-06-26 12:42 - 00001133 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio 2012.lnk
2016-04-17 14:30 - 2012-06-05 21:15 - 00001046 _____ C:\Users\adam\Desktop\Any Video Converter.lnk
2016-04-17 14:30 - 2012-03-27 11:17 - 00000755 _____ C:\Users\adam\Desktop\Komputerowy Słownik Niemiecko-Polski.lnk
2016-04-17 14:30 - 2012-03-02 15:59 - 00001921 _____ C:\Users\Public\Desktop\Brother Creative Center.lnk
2016-04-17 14:30 - 2012-02-14 22:12 - 00001802 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-04-17 14:30 - 2012-02-14 22:12 - 00001790 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-04-17 14:30 - 2012-02-13 20:08 - 00001861 _____ C:\Users\Public\Desktop\CyberLink DVD Suite.lnk
2016-04-17 14:30 - 2012-02-13 20:08 - 00001613 _____ C:\Users\Public\Desktop\Play Camera.lnk
2016-04-17 14:30 - 2012-02-13 18:44 - 00001004 _____ C:\Users\adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-17 14:30 - 2012-02-13 18:44 - 00000937 _____ C:\Users\adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-17 14:30 - 2012-02-13 18:44 - 00000915 _____ C:\Users\adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2016-04-17 14:30 - 2012-02-13 18:38 - 00000604 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live.lnk
2016-04-17 14:30 - 2006-11-02 14:56 - 00001950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Photo Gallery.lnk
2016-04-17 14:30 - 2006-11-02 14:56 - 00001803 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-04-17 14:30 - 2006-11-02 14:56 - 00001770 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Calendar.lnk
2016-04-17 14:30 - 2006-11-02 14:56 - 00001757 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Defender.lnk
2016-04-17 14:30 - 2006-11-02 14:56 - 00001613 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-04-17 14:30 - 2006-11-02 14:55 - 00001852 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Collaboration.lnk
2016-04-17 14:30 - 2006-11-02 14:55 - 00001768 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker.lnk
2016-04-17 14:30 - 2006-11-02 14:55 - 00001743 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2016-04-17 14:30 - 2006-11-02 14:55 - 00001630 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-04-17 14:30 - 2006-11-02 14:53 - 00001703 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Contacts.lnk
2016-04-17 14:30 - 2006-11-02 14:50 - 00001641 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-04-17 13:58 - 2012-02-13 18:59 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2016-04-17 12:21 - 2012-04-26 18:56 - 00000000 ____D C:\Program Files\PDF Password Remover v3.1
2016-04-17 12:20 - 2014-02-18 16:59 - 00000000 ____D C:\Program Files\Common Files\Audytor
2016-04-17 12:20 - 2014-02-18 16:59 - 00000000 ____D C:\Danfoss 4
2016-04-09 15:21 - 2015-07-18 19:28 - 00000992 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
==================== Pliki w katalogu głównym wybranych folderów =======
2014-08-30 11:18 - 2014-08-30 11:18 - 0000000 _____ () C:\Users\adam\AppData\Roaming\FileShred.log
2016-02-22 22:43 - 2016-02-24 21:43 - 0000070 _____ () C:\Users\adam\AppData\Roaming\WB.CFG
2012-02-13 18:44 - 2016-05-05 22:20 - 0001356 _____ () C:\Users\adam\AppData\Local\d3d9caps.dat
2012-02-13 19:07 - 2015-12-12 04:39 - 0116224 _____ () C:\Users\adam\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-02-15 14:00 - 2012-02-15 14:00 - 0017408 _____ () C:\Users\adam\AppData\Local\WebpageIcons.db
2015-12-08 14:36 - 2015-12-08 14:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-23 17:58 - 2015-08-23 17:58 - 0000016 _____ () C:\ProgramData\mntemp
2012-10-26 20:31 - 2016-05-05 21:05 - 0092040 _____ () C:\ProgramData\nvModes.001
2012-10-26 20:31 - 2016-05-05 21:03 - 0092040 _____ () C:\ProgramData\nvModes.dat
2015-08-23 17:58 - 2015-08-23 17:58 - 0005076 _____ () C:\ProgramData\vczcspay.tpu
2015-10-10 07:58 - 2015-10-10 07:58 - 0123816 _____ () C:\ProgramData\wmzsmsgmgr.sys
==================== Bamital & volsnap =================
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
C:\Windows\explorer.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\winlogon.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\services.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\User32.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys = & gt; Plik podpisany cyfrowo
LastRegBack: 2016-05-05 22:13
==================== Koniec FRST.txt ============================