Anonim / 1 rok, 3 miesiące temu | Download | Plaintext | Odpowiedz |

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:17-04-2016
Uruchomiony przez Kuba (administrator)  LENOVO (14-08-2016 12:58:31)
Uruchomiony z D:\Programy\FRST64\Sierpnień 14
Załadowane profile: Kuba (Dostępne profile: Kuba)
Platform: Windows 7 Home Premium Service Pack 3 (X64) Język: Polski (Polska)
Internet Explorer Wersja 8 (Domyślna przeglądarka: Chrome)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Qihu 360 Software Co., Ltd.) C:\Program Files (x86)\360\Total Security\safemon\chrome\360webshield.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Rejestr (filtrowane) ===========================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-04] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [6340312 2014-02-27] (Realtek semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2781936 2013-12-24] (Synaptics Incorporated)
HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [670960 2013-12-24] (Synaptics)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2016-08-14] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6200368 2016-08-14] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-06-27] (Intel Corporation)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [1840552 2016-08-08] (QIHU 360 SOFTWARE CO. LIMITED)
HKLM-x32\...\Run: [USB Gamepad] => C:\Windows\USB Vibration\7906\USB Gamepad.exe -boot
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-10-29] (Atheros Communications)
HKU\S-1-5-21-2498424900-3105346940-3067817328-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-2498424900-3105346940-3067817328-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-10] (Piriform Ltd)
HKU\S-1-5-21-2498424900-3105346940-3067817328-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2498424900-3105346940-3067817328-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2498424900-3105346940-3067817328-1000\...\MountPoints2: {ad94edd8-ef62-11e5-9aae-d05349cf08a2} - F:\SETUP.EXE

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{22D45B5F-CA96-4259-BE27-3F9D975A1B30}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms}
SearchScopes: HKLM -> {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms}
SearchScopes: HKLM-x32 -> {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2498424900-3105346940-3067817328-1000 -> DefaultScope {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2498424900-3105346940-3067817328-1000 -> {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2016-08-08] (Qihu 360 Software Co., Ltd.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2016-08-08] (Qihu 360 Software Co., Ltd.)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.pl/
CHR Profile: C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentacje Google) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-18]
CHR Extension: (HD for YouTube) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjbfncbadcmnkopckegnmjgihagponf [2015-12-29]
CHR Extension: (Dokumenty Google) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-18]
CHR Extension: (Dysk Google) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Adblock Plus) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-29]
CHR Extension: (Google Search) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Arkusze Google) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (360 Internet Protection) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh [2016-07-12]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Gmail) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-18]
CHR Extension: (Chrome Media Router) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-09]

==================== Usługi (filtrowane) ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [317568 2013-10-29] (Windows (R) Win 7 DDK provider) [Brak podpisu cyfrowego]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [529704 2008-02-28] (Nero AG)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4307704 2016-02-25] (INCA Internet Co., Ltd.)
S3 Origin Client Service; D:\Programy\Origin\OriginClientService.exe [2122248 2016-06-20] (Electronic Arts)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [914344 2016-08-08] (QIHU 360 SOFTWARE CO. LIMITED)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2013-04-25] (WiseCleaner.com) [Brak podpisu cyfrowego]
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-10-29] (Atheros) [Brak podpisu cyfrowego]

===================== Sterowniki (filtrowane) ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [151784 2016-06-03] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [86248 2016-08-08] (360.cn)
R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [86248 2016-08-08] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [330472 2016-08-08] (360.cn)
R1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-09-18] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [391392 2016-08-02] (360.cn)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [190696 2016-08-02] (360.cn)
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-10-29] (Qualcomm Atheros)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-03-21] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-03-21] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [34793 2007-05-23] (Compuware Corporation) [Brak podpisu cyfrowego]
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [9109720 2014-02-27] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2013-12-24] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\DRIVERS\TXEIx64.sys [137504 2015-06-16] (Intel Corporation)

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2016-08-14 12:01 - 2016-08-14 12:01 - 00000000 ____D C:\Program Files\Lenovo
2016-08-14 12:01 - 2016-08-14 12:01 - 00000000 ____D C:\Program Files (x86)\Lenovo
2016-08-14 12:01 - 2016-08-14 12:00 - 00039008 _____ (Lenovo.) C:\Windows\system32\Drivers\LhdX64.sys
2016-08-14 11:29 - 2016-08-14 11:29 - 00415656 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-12 17:29 - 2016-08-13 22:08 - 00108840 _____ C:\Users\Kuba\AppData\Local\GDIPFONTCACHEV1.DAT
2016-08-09 14:49 - 2016-08-09 14:49 - 00000692 _____ C:\Users\Kuba\Desktop\elsword  skrót.lnk
2016-08-04 18:01 - 2016-08-04 18:20 - 00247110 _____ C:\Windows\ntbtlog.txt
2016-08-01 13:14 - 2016-08-01 13:14 - 00001169 _____ C:\Users\Kuba\Desktop\Nostale  skrót.lnk
2016-07-31 21:32 - 2016-07-31 21:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nostale(PL)
2016-07-24 00:14 - 2016-07-24 00:14 - 00001095 _____ C:\Users\Kuba\Desktop\Averion.lnk
2016-07-23 12:06 - 2016-07-23 12:06 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Averion
2016-07-17 17:30 - 2016-07-17 17:30 - 00000731 _____ C:\Users\Public\Desktop\Diablo III.lnk
2016-07-17 17:30 - 2016-07-17 17:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2016-07-17 13:53 - 2016-08-11 22:24 - 00000000 ____D C:\Users\Kuba\AppData\Local\Battle.net
2016-07-17 13:44 - 2016-08-07 00:20 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Battle.net

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2016-08-14 12:59 - 2015-09-19 21:30 - 00000000 ____D C:\Users\Kuba\AppData\LocalLow\360WD
2016-08-14 12:58 - 2016-04-19 20:21 - 00000000 ____D C:\FRST
2016-08-14 12:52 - 2015-09-15 23:56 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-14 12:20 - 2015-09-18 15:25 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-14 12:06 - 2015-09-16 00:21 - 00000000 __SHD C:\Users\Kuba\IntelGraphicsProfiles
2016-08-14 12:06 - 2015-09-15 23:56 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-14 12:05 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-14 12:05 - 2009-07-14 06:45 - 00009776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-14 12:05 - 2009-07-14 06:45 - 00009776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-14 12:02 - 2015-09-15 23:20 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-08-14 12:01 - 2015-12-25 22:53 - 00019872 _____ (Lenovo (Beijing) Limited) C:\Windows\system32\LenovoSDKEmSubSystem.dll
2016-08-14 12:01 - 2015-09-15 23:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-08-14 12:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-08-14 12:00 - 2015-09-15 23:18 - 00000000 ____D C:\ProgramData\Downloaded Installations
2016-08-14 11:55 - 2015-09-15 23:38 - 00000000 ____D C:\Users\Kuba\AppData\Local\Deployment
2016-08-13 22:38 - 2016-06-14 18:05 - 00000000 ____D C:\Users\Kuba\AppData\Local\The Witcher
2016-08-13 22:08 - 2015-09-25 12:29 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\uTorrent
2016-08-13 21:40 - 2015-09-15 23:56 - 00004054 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-13 21:40 - 2015-09-15 23:56 - 00003802 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-13 18:18 - 2015-10-07 16:04 - 00000000 ____D C:\Users\Kuba\Documents\FIFA 14
2016-08-12 19:39 - 2016-04-27 21:18 - 00000000 ____D C:\Users\Kuba\Documents\Telltale Games
2016-08-12 19:38 - 2016-05-08 17:36 - 00001085 _____ C:\Users\Kuba\Desktop\Play The Walking Dead 2.lnk
2016-08-12 19:37 - 2016-02-21 00:30 - 00000000 ___SD C:\Users\Kuba\AppData\LocalLow\Temp
2016-08-12 19:32 - 2016-04-27 18:48 - 00001086 _____ C:\Users\Kuba\Desktop\Play The Walking Dead nosTEAM.lnk
2016-08-12 09:14 - 2009-07-14 19:55 - 00739932 _____ C:\Windows\system32\perfh015.dat
2016-08-12 09:14 - 2009-07-14 19:55 - 00155474 _____ C:\Windows\system32\perfc015.dat
2016-08-12 09:14 - 2009-07-14 07:13 - 01668226 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-09 19:49 - 2015-09-26 00:02 - 00000000 ____D C:\Users\Kuba\Desktop\Programy
2016-08-09 19:46 - 2015-09-19 21:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2016-08-09 19:41 - 2015-09-18 09:28 - 00000000 ____D C:\Users\Kuba\AppData\Local\CrashDumps
2016-08-08 22:56 - 2015-09-15 23:57 - 00002201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-08 22:56 - 2015-09-15 23:57 - 00002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-08 08:04 - 2015-11-10 15:17 - 00086248 _____ (360.cn) C:\Windows\SysWOW64\Drivers\360AvFlt.sys
2016-08-08 08:04 - 2015-09-19 21:29 - 00330472 _____ (360.cn) C:\Windows\system32\Drivers\360Box64.sys
2016-08-08 08:04 - 2015-09-19 21:29 - 00086248 _____ (360.cn) C:\Windows\system32\Drivers\360AvFlt.sys
2016-08-07 22:00 - 2015-09-19 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2016-08-07 17:30 - 2015-09-21 23:20 - 00000000 ____D C:\Users\Kuba\Documents\gothic3
2016-08-07 14:57 - 2015-09-19 21:32 - 00000000 __SHD C:\$360Section
2016-08-07 14:57 - 2015-09-19 21:31 - 00000000 ____D C:\ProgramData\360Quarant
2016-08-07 10:48 - 2015-11-24 22:23 - 00000000 ____D C:\Users\Kuba\Documents\Rejestr Cleaner
2016-08-07 00:21 - 2015-09-15 22:38 - 00000000 ____D C:\Users\Kuba
2016-08-07 00:20 - 2015-10-07 16:17 - 00000000 ____D C:\ProgramData\Origin
2016-08-07 00:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2016-08-02 04:26 - 2015-09-19 21:29 - 00391392 _____ (360.cn) C:\Windows\system32\Drivers\360fsflt.sys
2016-08-02 04:26 - 2015-09-19 21:29 - 00190696 _____ (360.cn) C:\Windows\system32\Drivers\BAPIDRV64.SYS
2016-08-01 12:12 - 2016-04-17 17:12 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-08-01 12:06 - 2015-09-19 21:30 - 00000000 ____D C:\ProgramData\360safe
2016-07-29 16:05 - 2015-09-18 09:29 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\DAEMON Tools Lite
2016-07-25 16:40 - 2015-09-16 00:07 - 00000000 ____D C:\Users\Kuba\Documents\Bluetooth Folder
2016-07-22 12:00 - 2015-09-18 12:57 - 00000400 _____ C:\Windows\Tasks\Wise Turbo Checker.job
2016-07-18 18:09 - 2015-09-20 17:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JoWood

==================== Pliki w katalogu głównym wybranych folderów =======

2015-09-20 19:06 - 2016-06-15 22:39 - 0000154 _____ () C:\Users\Kuba\AppData\Roaming\default.rss
2015-12-25 19:22 - 2015-12-25 19:22 - 0000017 _____ () C:\Users\Kuba\AppData\Local\resmon.resmoncfg
2015-09-16 00:04 - 2015-09-16 00:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo
C:\Windows\explorer.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\Windows\system32\services.exe => Plik podpisany cyfrowo
C:\Windows\system32\User32.dll
[2009-07-14 01:38] - [2009-07-14 03:41] - 1008640 ____A (Microsoft Corporation) E573BD9AB55C8E333C202B9E255F972E

C:\Windows\SysWOW64\User32.dll
[2015-09-15 22:43] - [2015-09-15 22:43] - 0833024 ____A (Microsoft Corporation) 2C9CC9F492CA596B1B9FC1AE5E916356

C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo


LastRegBack: 2016-08-13 14:06

==================== Koniec  FRST.txt ============================