Witam Proszę o pomoc. System Windows 7 dzieją się dziwne rzeczy to znaczy jak wchodzę w przeglądarkę firefox na dowolna stronę to wywala mi komunikat serwer proxy odrzuca połączenia w chrome wywala brak internetu natomiast program pocztowy Mozilla Thunderbird działa pingi do stron internetowych też idą. Przy włączeniu wywala jeszcze taki błąd. https://obrazki.elektroda.pl/7529393000_1534177757_thumb.jpg Skanowałem system esetem i kasperskim oraz adwcleaner akle nic nie znalazły poważnego. Nie wiem w czym problem. Dołączam logi z OTL i FRST
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 02.08.2018
Uruchomiony przez HP (administrator) HP-KOMPUTER (13-08-2018 18:06:38)
Uruchomiony z C:\Users\HP\Desktop\Nowy folder
Załadowane profile: HP (Dostępne profile: HP)
Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesy (filtrowane) =================
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fb_inet_server.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avpui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
==================== Rejestr (filtrowane) ===========================
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
HKLM\...\Run: [RTHDVCPL] = & gt; C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7214696 2011-05-25] (Realtek Semiconductor)
HKLM-x32\...\Run: [IMSS] = & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [113656 2013-10-08] (Intel Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
==================== Internet (filtrowane) ====================
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
ProxyEnable: [.DEFAULT] = & gt; Proxy [funkcja włączona]
ProxyServer: [.DEFAULT] = & gt; 127.0.0.1:1080
ProxyEnable: [S-1-5-21-3157801966-2088565261-2422070968-1000] = & gt; Proxy [funkcja włączona]
ProxyServer: [S-1-5-21-3157801966-2088565261-2422070968-1000] = & gt; 127.0.0.1:1080
Tcpip\..\Interfaces\{9FD6BBA1-883F-403A-909F-F3F1422AC1F4}: [NameServer] 192.168.1.1,194.204.159.1
ManualProxies: 1127.0.0.1:1080
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie & ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie & ar=msnhome
HKU\S-1-5-21-3157801966-2088565261-2422070968-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie & ar=iesearch
BHO: Kaspersky Protection - & gt; {0E2877D3-2641-4970-B794-A553E295428D} - & gt; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-08-13] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-07-21] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-21] (Oracle Corporation)
BHO-x32: Kaspersky Protection - & gt; {0E2877D3-2641-4970-B794-A553E295428D} - & gt; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll [2018-08-13] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-08-13] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll [2018-08-13] (AO Kaspersky Lab)
FireFox:
========
FF DefaultProfile: w8bka8dk.default-1533205040770
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\w8bka8dk.default-1533205040770 [2018-08-13]
FF HKLM\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-08-13]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird = & gt; nie znaleziono
FF Plugin: @adobe.com/FlashPlayer - & gt; C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-10] ()
FF Plugin: @java.com/DTPlugin,version=11.181.2 - & gt; C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-07-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 - & gt; C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-07-21] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - & gt; disabled [Brak pliku]
FF Plugin-x32: @adobe.com/FlashPlayer - & gt; C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-10] ()
FF Plugin-x32: @microsoft.com/GENUINE - & gt; disabled [Brak pliku]
FF Plugin-x32: @tools.google.com/Google Update;version=3 - & gt; C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - & gt; C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader - & gt; C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default [2018-08-13]
CHR Extension: (Adobe Acrobat) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-08]
CHR Extension: (Szafir SDK Web) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjalhnomhafafofonpdihihjnbafkipc [2017-06-08]
CHR Extension: (Kaspersky Protection) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk [2018-08-13]
CHR Extension: (fillUp Formularze - dodatek) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlnpeeaafijaebcdgkdeojkpnkfkjdnh [2017-03-13]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-03]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\System Profile [2017-03-10]
CHR Extension: (Prezentacje Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-10]
CHR Extension: (Dokumenty Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-10]
CHR Extension: (Dysk Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-10]
CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-10]
CHR Extension: (Google Search) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2017-03-10]
CHR Extension: (Arkusze Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-10]
CHR Extension: (Google Wallet) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-10]
CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
CHR HKU\S-1-5-21-3157801966-2088565261-2422070968-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
CHR HKLM-x32\...\Chrome\Extension: [nlnpeeaafijaebcdgkdeojkpnkfkjdnh] - hxxps://clients2.google.com/service/update2/crx
==================== Usługi (filtrowane) ====================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 5D6E46C6; C:\ProgramData\5D6E46C6\5D6E4664.dll [2704400 2018-06-28] () [Brak podpisu cyfrowego]
S2 AktualizujPP; C:\Program Files (x86)\Asseco Poland SA\Płatnik\ASSECO.AKTUALIZUJ.PP.exe [31584 2015-02-12] (Asseco Poland S.A.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-07-05] (Apple Inc.)
R2 AVP18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe [354672 2017-01-24] (AO Kaspersky Lab)
R2 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fb_inet_server.exe [3727360 2010-09-17] (Firebird Project) [Brak podpisu cyfrowego]
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-04-20] () [Brak podpisu cyfrowego]
S3 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\vssbridge64.exe [426416 2018-08-13] (AO Kaspersky Lab)
R2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644144 2018-07-23] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 FirebirdGuardianDefaultInstance; " C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe " -s DefaultInstance [X]
===================== Sterowniki (filtrowane) ======================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (AO Kaspersky Lab)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2018-04-20] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-04-20] (Huawei Technologies Co., Ltd.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554408 2016-10-01] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [70880 2017-12-25] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [119496 2018-08-13] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [85704 2018-08-13] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [206024 2018-08-13] (AO Kaspersky Lab)
R1 KLHK; C:\Windows\System32\DRIVERS\klhk.sys [1193160 2018-08-13] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1073352 2018-08-13] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [56520 2018-08-13] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [57568 2016-12-23] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [58592 2016-12-07] (AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [50672 2017-12-25] (AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [81904 2017-12-25] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [142024 2018-08-13] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [199392 2017-12-25] (AO Kaspersky Lab)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R3 RD9700; C:\Windows\System32\DRIVERS\RD9700.sys [21504 2012-01-04] (Corechip Semiconductor, Inc. Co Ltd.)
==================== NetSvcs (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
==================== Jeden miesiąc - utworzone pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2018-08-13 18:06 - 2018-08-13 18:06 - 000000000 ____D C:\Users\HP\Desktop\Nowy folder
2018-08-13 18:06 - 2018-08-13 18:06 - 000000000 ____D C:\FRST
2018-08-13 17:02 - 2018-08-13 17:02 - 000027047 _____ C:\ComboFix.txt
2018-08-13 16:47 - 2011-06-26 08:45 - 000256000 _____ C:\Windows\PEV.exe
2018-08-13 16:47 - 2010-11-07 19:20 - 000208896 _____ C:\Windows\MBR.exe
2018-08-13 16:47 - 2009-04-20 06:56 - 000060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2018-08-13 16:47 - 2000-08-31 02:00 - 000518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2018-08-13 16:47 - 2000-08-31 02:00 - 000406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2018-08-13 16:47 - 2000-08-31 02:00 - 000098816 _____ C:\Windows\sed.exe
2018-08-13 16:47 - 2000-08-31 02:00 - 000080412 _____ C:\Windows\grep.exe
2018-08-13 16:47 - 2000-08-31 02:00 - 000068096 _____ C:\Windows\zip.exe
2018-08-13 16:45 - 2018-08-13 17:02 - 000000000 ____D C:\Qoobox
2018-08-13 16:45 - 2018-08-13 17:00 - 000000000 ____D C:\Windows\erdnt
2018-08-13 14:59 - 2018-08-13 15:52 - 000001562 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2018-08-13 14:59 - 2018-08-13 14:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2018-08-13 14:58 - 2018-08-13 15:49 - 000002464 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2018-08-13 14:58 - 2018-08-13 14:58 - 000002190 _____ C:\Users\Public\Desktop\Bezpieczne pieniądze.lnk
2018-08-13 14:58 - 2018-08-13 14:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2018-08-13 14:58 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2018-08-13 14:57 - 2018-08-13 18:06 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-08-13 14:57 - 2018-08-13 15:02 - 001073352 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2018-08-13 14:57 - 2018-08-13 15:02 - 000206024 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2018-08-13 14:57 - 2018-08-13 15:02 - 000152360 _____ (AO Kaspersky Lab) C:\Windows\system32\klhkum.dll
2018-08-13 14:57 - 2018-08-13 14:58 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2018-08-13 14:47 - 2018-08-13 14:47 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-08-13 14:20 - 2018-08-13 14:20 - 000000000 ____D C:\Users\HP\AppData\Local\TeamViewer
2018-08-10 16:33 - 2018-08-10 16:33 - 000000000 ____D C:\$AV_ASW
2018-08-10 16:32 - 2018-08-10 16:32 - 000000977 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
2018-08-10 16:32 - 2018-08-10 16:32 - 000000965 _____ C:\Users\Public\Desktop\TeamViewer 13.lnk
2018-08-10 16:23 - 2018-08-10 16:23 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2018-08-10 16:22 - 2018-08-10 16:22 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-08-10 16:19 - 2018-08-13 15:48 - 000000000 ____D C:\ProgramData\AVAST Software
2018-08-07 16:24 - 2018-08-07 16:24 - 000059724 _____ C:\Users\HP\Downloads\pko_trans_details_20180807_162450.pdf
2018-08-07 16:24 - 2018-08-07 16:24 - 000059724 _____ C:\Users\HP\Desktop\US.pdf
2018-08-06 16:18 - 2018-08-06 16:18 - 000241247 _____ C:\Users\HP\Desktop\osw.pdf
2018-08-06 13:45 - 2018-08-06 13:45 - 000511741 _____ C:\Users\HP\Downloads\paszport.pdf
2018-08-06 13:43 - 2018-08-06 13:43 - 000101770 _____ C:\Users\HP\Downloads\ZC-WWZ.pdf
2018-08-06 13:42 - 2018-08-06 13:42 - 000005686 _____ C:\Users\HP\Downloads\EUP-ID-3328942_06-08-2018_13-42-42.zip
2018-08-06 13:35 - 2018-08-06 13:35 - 000061790 _____ C:\Users\HP\Downloads\pko_trans_details_20180806_133506.pdf
2018-08-06 12:56 - 2018-08-06 13:35 - 000000000 ____D C:\Users\HP\Desktop\Yakubivska
2018-08-06 12:52 - 2018-08-06 12:52 - 000273609 _____ C:\Users\HP\Downloads\DO_str_1.jpeg
2018-08-06 12:36 - 2018-08-06 12:36 - 000020281 _____ C:\Users\HP\Downloads\Dane_Kreatora_ZC-WWZ_2018-08-06_12_36.dkr
2018-08-06 12:34 - 2018-08-06 12:34 - 000020217 _____ C:\Users\HP\Downloads\Dane_Kreatora_ZC-WWZ_2018-08-06_12_35.dkr
2018-08-06 09:27 - 2018-08-06 09:27 - 000183140 _____ C:\Users\HP\Downloads\Regulamin Obozu (1).pdf
2018-08-02 13:06 - 2018-08-02 13:06 - 000000688 _____ C:\Users\HP\Downloads\Koszyk_18-08-02_13_06_29.csv
2018-08-02 13:06 - 2018-08-02 13:06 - 000000688 _____ C:\Users\HP\Downloads\Koszyk_18-08-02_13_06_21.csv
2018-08-02 12:34 - 2018-08-02 12:34 - 000000000 ____D C:\Users\HP\AppData\Roaming\Opera Software
2018-08-02 12:34 - 2018-08-02 12:34 - 000000000 ____D C:\Users\HP\AppData\Local\Opera Software
2018-08-02 12:25 - 2018-08-02 12:25 - 000214088 _____ C:\Users\HP\Downloads\history_20180802_122543.pdf
2018-08-02 12:17 - 2018-08-10 16:24 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-08-02 12:17 - 2018-08-02 12:17 - 000000942 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-08-02 11:24 - 2018-08-09 08:32 - 000681397 _____ C:\Users\HP\Desktop\grafik.odt
2018-08-01 15:29 - 2018-08-01 15:29 - 000315285 _____ C:\Users\HP\Downloads\history_20180801_152916.pdf
2018-08-01 08:52 - 2018-08-01 08:52 - 000001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2018-08-01 08:52 - 2018-08-01 08:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-08-01 08:52 - 2018-08-01 08:52 - 000000000 ____D C:\Program Files\iPod
2018-08-01 08:51 - 2018-08-01 08:52 - 000000000 ____D C:\Program Files\iTunes
2018-07-31 15:17 - 2018-07-31 15:17 - 000060263 _____ C:\Users\HP\Downloads\pko_trans_details_20180731_151739.pdf
2018-07-30 18:20 - 2018-07-30 18:21 - 000000000 ____D C:\Users\HP\AppData\Local\Czas Pracy Ewidencja
2018-07-27 18:43 - 2012-01-04 08:07 - 000021504 _____ (Corechip Semiconductor, Inc. Co Ltd.) C:\Windows\system32\Drivers\RD9700.sys
2018-07-24 18:21 - 2018-07-24 18:21 - 000119092 _____ C:\Users\HP\Downloads\F005152436400718.zip
2018-07-24 18:21 - 2018-07-24 18:21 - 000113459 _____ C:\Users\HP\Downloads\F005152436400518.zip
2018-07-24 18:21 - 2018-07-24 18:21 - 000097101 _____ C:\Users\HP\Downloads\F005152436400618.zip
2018-07-24 18:20 - 2018-07-24 18:20 - 000113509 _____ C:\Users\HP\Downloads\F005152436400418.zip
2018-07-24 18:19 - 2018-07-24 18:19 - 000112886 _____ C:\Users\HP\Downloads\F005152436400318.zip
2018-07-24 18:18 - 2018-07-24 18:18 - 000168148 _____ C:\Users\HP\Downloads\1532449093-1001-11182.pdf
2018-07-24 18:17 - 2018-07-24 18:17 - 000167727 _____ C:\Users\HP\Downloads\1532449036-1001-10349.pdf
2018-07-23 17:27 - 2018-07-23 17:27 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2018-07-23 17:27 - 2018-07-23 17:27 - 000000000 ____D C:\Users\HP\.android
2018-07-23 17:25 - 2018-07-23 17:42 - 000000000 ____D C:\Users\HP\Documents\HiSuite
2018-07-23 17:25 - 2018-07-23 17:25 - 000001001 _____ C:\Users\Public\Desktop\HiSuite.lnk
2018-07-23 17:25 - 2018-07-23 17:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite
2018-07-23 17:24 - 2018-07-23 17:26 - 000000000 ____D C:\Users\HP\AppData\Local\HiSuite
2018-07-23 17:24 - 2018-07-23 17:25 - 000000000 ____D C:\Program Files (x86)\HiSuite
2018-07-23 17:24 - 2018-04-20 08:28 - 002152176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFUpdate_01009.dll
2018-07-23 17:24 - 2018-04-20 08:28 - 001721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2018-07-23 17:24 - 2018-04-20 08:28 - 001721576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01009.dll
2018-07-23 17:24 - 2018-04-20 08:28 - 001002728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusbcoinstaller2.dll
2018-07-23 17:24 - 2018-04-20 08:28 - 000287232 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbnet.sys
2018-07-23 17:24 - 2018-04-20 08:28 - 000226560 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbmdm.sys
2018-07-23 17:24 - 2018-04-20 08:28 - 000127360 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_cdcacm.sys
2018-07-23 17:24 - 2018-04-20 08:28 - 000116864 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_usbdev.sys
2018-07-23 17:24 - 2018-04-20 08:28 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2018-07-23 17:24 - 2018-04-20 08:28 - 000018944 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbccgpfilter.sys
2018-07-23 07:17 - 2018-08-03 08:26 - 000000000 ____D C:\Users\HP\Desktop\działka 116
2018-07-22 07:25 - 2018-07-22 07:29 - 000000000 ____D C:\Users\HP\Desktop\22.07.2018
2018-07-20 11:25 - 2018-07-20 11:25 - 000060948 _____ C:\Users\HP\Downloads\pko_trans_details_20180720_112520.pdf
2018-07-20 08:31 - 2018-07-20 08:31 - 000124111 _____ C:\Users\HP\Downloads\bilety.pdf
2018-07-16 09:51 - 2018-07-16 09:51 - 000162484 _____ C:\Users\HP\Downloads\KARTA KWALIFIKACYJNA UCZESTNIKA WYPOCZYNKU1.pdf
2018-07-16 09:50 - 2018-07-16 09:50 - 000183140 _____ C:\Users\HP\Downloads\Regulamin Obozu.pdf
==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2018-08-13 18:05 - 2017-03-10 19:22 - 000000000 ____D C:\Users\HP\AppData\LocalLow\Mozilla
2018-08-13 18:04 - 2017-03-10 19:25 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-08-13 18:03 - 2018-06-28 16:37 - 000000000 ____D C:\ProgramData\5D6E46C6
2018-08-13 18:03 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-13 17:53 - 2009-07-14 06:45 - 000022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-08-13 17:53 - 2009-07-14 06:45 - 000022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-08-13 16:56 - 2009-07-14 04:34 - 091226112 _____ C:\Windows\system32\config\SOFTWARE.bak
2018-08-13 16:56 - 2009-07-14 04:34 - 018612224 _____ C:\Windows\system32\config\SYSTEM.bak
2018-08-13 16:56 - 2009-07-14 04:34 - 001835008 _____ C:\Windows\system32\config\DEFAULT.bak
2018-08-13 16:56 - 2009-07-14 04:34 - 000262144 _____ C:\Windows\system32\config\SECURITY.bak
2018-08-13 16:56 - 2009-07-14 04:34 - 000262144 _____ C:\Windows\system32\config\SAM.bak
2018-08-13 16:56 - 2009-07-14 04:34 - 000000215 _____ C:\Windows\system.ini
2018-08-13 16:01 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-08-13 16:00 - 2017-03-14 19:07 - 000000000 ____D C:\ProgramData\McAfee
2018-08-13 16:00 - 2017-03-14 19:07 - 000000000 ____D C:\Program Files\Common Files\McAfee
2018-08-13 15:02 - 2017-12-25 02:53 - 001193160 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2018-08-13 15:02 - 2017-12-25 02:53 - 000142024 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwtp.sys
2018-08-13 15:02 - 2017-12-25 02:53 - 000119496 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klbackupflt.sys
2018-08-13 15:02 - 2016-10-11 14:14 - 000056520 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys
2018-08-13 15:02 - 2016-05-31 23:24 - 000085704 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kldisk.sys
2018-08-12 08:50 - 2017-03-10 19:21 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-08-10 16:37 - 2017-03-07 11:20 - 000104064 _____ C:\Users\HP\AppData\Local\GDIPFONTCACHEV1.DAT
2018-08-10 16:35 - 2009-07-14 06:45 - 000426040 _____ C:\Windows\system32\FNTCACHE.DAT
2018-08-10 16:34 - 2017-03-10 19:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-08-10 16:14 - 2017-03-10 19:21 - 000000000 ____D C:\Users\HP\AppData\Local\Mozilla
2018-08-10 16:05 - 2011-04-12 15:21 - 000740098 _____ C:\Windows\system32\perfh015.dat
2018-08-10 16:05 - 2011-04-12 15:21 - 000155672 _____ C:\Windows\system32\perfc015.dat
2018-08-10 16:05 - 2009-07-14 07:13 - 001669190 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-09 15:28 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2018-08-09 08:07 - 2017-03-10 19:50 - 000002236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-03 08:25 - 2017-04-04 09:14 - 000000000 ___RD C:\Users\HP\Desktop\INTERPELE
2018-08-02 12:17 - 2017-03-10 19:21 - 000000000 ____D C:\Users\HP\AppData\Roaming\Mozilla
2018-08-02 10:37 - 2017-03-13 14:09 - 000000000 ____D C:\KWHotelPro
2018-08-01 10:40 - 2017-03-14 12:57 - 000000000 ___RD C:\Users\HP\Desktop\Rezerwacje
2018-07-23 17:27 - 2017-03-07 11:15 - 000000000 ____D C:\Users\HP
2018-07-21 10:37 - 2017-03-14 19:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-07-21 10:37 - 2017-03-14 19:14 - 000000000 ____D C:\Program Files\Java
2018-07-21 10:35 - 2017-03-14 19:14 - 000110968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2018-07-17 00:02 - 2010-11-21 05:27 - 000563832 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2018-07-15 20:07 - 2017-06-14 08:44 - 000000000 ____D C:\Users\HP\AppData\Local\ElevatedDiagnostics
==================== Pliki w katalogu głównym wybranych folderów =======
2008-02-05 15:28 - 2008-02-05 15:28 - 000000051 _____ () C:\Users\HP\AppData\Local\setup.txt
==================== Bamital & volsnap ======================
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
C:\Windows\system32\winlogon.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\wininit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\explorer.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\services.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\User32.dll = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\User32.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys = & gt; Plik podpisany cyfrowo
LastRegBack: 2018-08-06 09:21
==================== Koniec FRST.txt ============================