Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 20-08-2017 Uruchomiony przez Ubunciak (administrator) KOMP-ADRIANA (26-08-2017 17:28:46) Uruchomiony z C:\Users\Ubunciak\Downloads Załadowane profile: Ubunciak & UpdatusUser (Dostępne profile: Ubunciak & UpdatusUser) Platform: Windows 8.1 Pro (Update) (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Valve Corporation) F:\Programy\Steam\Steam.exe (Mega Limited) C:\Users\Ubunciak\AppData\Local\MEGAsync\MEGAsync.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Valve Corporation) F:\Programy\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Discord Inc.) C:\Users\Ubunciak\AppData\Local\Discord\app-0.0.298\Discord.exe (Discord Inc.) C:\Users\Ubunciak\AppData\Local\Discord\app-0.0.298\Discord.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Discord Inc.) C:\Users\Ubunciak\AppData\Local\Discord\app-0.0.298\Discord.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Mozilla Foundation) C:\Program Files (x86)\Mozilla Firefox\updater.exe (Mozilla Foundation) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) C:\Program Files (x86)\Mozilla Maintenance Service\update\updater.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5885352 2017-06-29] (LogMeIn Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation) HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1 [0 2017-07-16] () HKLM\...\Policies\Explorer: [NoActiveDesktop] 1 [0 2017-07-16] () HKU\S-1-5-21-2103040207-4066334510-1387865864-1001\...\Run: [Steam] => F:\Programy\Steam\steam.exe [3062560 2017-07-18] (Valve Corporation) HKU\S-1-5-21-2103040207-4066334510-1387865864-1001\...\Run: [SteamServerBrowser] => C:\Program Files (x86)\SteamServerBrowser\SteamServerBrowser.exe [228352 2017-02-26] () HKU\S-1-5-21-2103040207-4066334510-1387865864-1001\...\MountPoints2: {10f9926e-5c2d-11e7-825b-00241da073bd} - "I:\Install.exe" HKU\S-1-5-21-2103040207-4066334510-1387865864-1001\...\MountPoints2: {f5e53d22-60cd-11e7-8263-00241da073bd} - "J:\setup.exe" Startup: C:\Users\Ubunciak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-06-27] ShortcutTarget: MEGAsync.lnk -> C:\Users\Ubunciak\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited) GroupPolicy: Ograniczenia <==== UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 31.11.202.254 37.8.214.2 Tcpip\..\Interfaces\{B67A7462-09BF-4E79-8A72-C2F5D25EAB8D}: [DhcpNameServer] 31.11.202.254 37.8.214.2 Internet Explorer: ================== URLSearchHook: [S-1-5-21-2103040207-4066334510-1387865864-1004] UWAGA => Brak domyślnego URLSearchHook BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-24] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-24] (Oracle Corporation) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft) FireFox: ======== FF DefaultProfile: muwp4mbx.default FF ProfilePath: C:\Users\Ubunciak\AppData\Roaming\Mozilla\Firefox\Profiles\muwp4mbx.default [2017-08-26] FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-24] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-24] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation) ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3418024 2017-06-29] (LogMeIn Inc.) R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21312 2017-06-13] (Microsoft Corporation) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.) S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [185344 2017-02-03] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation) S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [129144 2017-08-17] (Microsoft Corporation) S3 wampapache64; F:\Programy\wamp64\bin\apache\apache2.4.23\bin\httpd.exe [29696 2016-07-01] (Apache Software Foundation) [Brak podpisu cyfrowego] S3 wampmysqld64; F:\Programy\wamp64\bin\mysql\mysql5.7.14\bin\mysqld.exe [39885824 2016-07-12] () [Brak podpisu cyfrowego] R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-06-28] (Disc Soft Ltd) S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-06-28] (Disc Soft Ltd) R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2017-06-29] (LogMeIn Inc.) R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-21] (Microsoft Corporation) S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-04-28] (Oracle Corporation) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-08-26 17:28 - 2017-08-26 17:32 - 000009935 _____ C:\Users\Ubunciak\Downloads\FRST.txt 2017-08-26 17:27 - 2017-08-26 17:28 - 000000000 ____D C:\FRST 2017-08-26 17:26 - 2017-08-26 17:26 - 002395648 _____ (Farbar) C:\Users\Ubunciak\Downloads\FRST64.exe 2017-08-26 17:24 - 2017-08-26 17:24 - 000496160 _____ (Duplex Secure Ltd) C:\Users\Ubunciak\Downloads\SPTDinst-v189-x86.exe 2017-08-26 17:22 - 2017-08-26 17:22 - 000593952 _____ (Duplex Secure Ltd) C:\Users\Ubunciak\Downloads\SPTDinst-v189-x64.exe 2017-08-25 19:02 - 2017-08-25 19:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0 2017-08-25 19:02 - 2017-08-25 19:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012 2017-08-25 18:57 - 2017-08-25 18:57 - 000000000 ____D C:\Program Files (x86)\Windows Phone Silverlight Kits 2017-08-25 18:56 - 2017-08-25 18:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1 2017-08-25 18:40 - 2017-08-25 18:55 - 000000000 ____D C:\Users\Ubunciak\Documents\Visual Studio 2013 2017-08-25 18:40 - 2017-08-25 18:40 - 000000000 ____D C:\Program Files (x86)\Microsoft XDE 2017-08-25 18:25 - 2017-08-25 18:25 - 000000000 ____D C:\Program Files (x86)\AppInsights 2017-08-25 17:50 - 2017-08-25 17:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2017-08-25 17:48 - 2017-08-25 17:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK 2017-08-25 17:27 - 2017-08-25 17:27 - 000000000 ____D C:\ProgramData\PreEmptive Solutions 2017-08-25 17:23 - 2017-08-25 17:25 - 000000000 ____D C:\Program Files (x86)\Microsoft ASP.NET 2017-08-25 17:16 - 2017-08-25 18:26 - 000000000 ____D C:\Program Files\IIS Express 2017-08-25 17:16 - 2017-08-25 18:26 - 000000000 ____D C:\Program Files (x86)\IIS Express 2017-08-25 17:14 - 2017-08-25 17:14 - 000000000 ____D C:\ProgramData\NuGet 2017-08-25 17:14 - 2017-08-25 17:14 - 000000000 ____D C:\Program Files\IIS 2017-08-25 17:14 - 2017-08-25 17:14 - 000000000 ____D C:\Program Files (x86)\NuGet 2017-08-25 17:14 - 2017-08-25 17:14 - 000000000 ____D C:\Program Files (x86)\Microsoft WCF Data Services 2017-08-25 17:14 - 2017-08-25 17:14 - 000000000 ____D C:\Program Files (x86)\IIS 2017-08-25 17:11 - 2017-08-25 17:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression 2017-08-25 17:05 - 2017-08-25 17:05 - 000000000 ____D C:\Program Files (x86)\Windows Phone Kits 2017-08-25 17:05 - 2017-08-25 17:05 - 000000000 ____D C:\Program Files (x86)\Microsoft Help Viewer 2017-08-25 17:05 - 2017-08-25 17:05 - 000000000 ____D C:\Program Files (x86)\HTML Help Workshop 2017-08-25 17:02 - 2017-08-25 17:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013 2017-08-25 16:42 - 2017-08-25 17:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0 2017-08-25 16:40 - 2017-08-25 16:40 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf 2017-08-25 16:39 - 2017-08-25 16:39 - 000000000 ____D C:\Program Files\Microsoft Visual Studio 12.0 2017-08-25 16:32 - 2017-08-25 16:32 - 001244520 _____ (Microsoft Corporation) C:\Users\Ubunciak\Downloads\vs_community.exe 2017-08-25 16:31 - 2017-08-25 16:31 - 067453208 _____ (Microsoft Corporation) C:\Users\Ubunciak\Downloads\vc_mbcsmfc.exe 2017-08-25 16:26 - 2017-08-25 16:28 - 263225352 _____ C:\Users\Ubunciak\Downloads\source-sdk-2013-master.zip 2017-08-25 15:36 - 2017-08-25 15:36 - 000000000 ____D C:\Users\Ubunciak\AppData\Local\FeedDemon 2017-08-25 15:08 - 2017-08-25 15:08 - 000000000 ____D C:\Users\Ubunciak\source 2017-08-25 15:08 - 2017-08-25 15:08 - 000000000 ____D C:\Users\Ubunciak\AppData\Local\.IdentityService 2017-08-25 15:05 - 2017-08-25 15:05 - 000000756 _____ C:\Users\Ubunciak\Desktop\FeedDemon.lnk 2017-08-25 15:04 - 2017-08-25 15:04 - 004086074 _____ (NewsGator Technologies, Inc. ) C:\Users\Ubunciak\Downloads\FeedDemonInstall45.exe 2017-08-25 15:00 - 2017-08-25 15:12 - 000000000 ____D C:\Users\Ubunciak\Documents\Visual Studio 2017 2017-08-25 14:56 - 2017-08-25 17:02 - 000000000 ____D C:\Windows\SysWOW64\1033 2017-08-25 14:56 - 2017-08-25 17:02 - 000000000 ____D C:\Windows\system32\1033 2017-08-25 14:56 - 2017-08-25 14:56 - 000000000 ____D C:\Windows\SysWOW64\3082 2017-08-25 14:56 - 2017-08-25 14:56 - 000000000 ____D C:\Windows\SysWOW64\2052 2017-08-25 14:56 - 2017-08-25 14:56 - 000000000 ____D C:\Windows\SysWOW64\1055 2017-08-25 14:56 - 2017-08-25 14:56 - 000000000 ____D C:\Windows\SysWOW64\1049 2017-08-25 14:56 - 2017-08-25 14:56 - 000000000 ____D C:\Windows\SysWOW64\1046 2017-08-25 14:56 - 2017-08-25 14:56 - 000000000 ____D C:\Windows\SysWOW64\1045 2017-08-25 14:56 - 2017-08-25 14:56 - 000000000 ____D C:\Windows\SysWOW64\1042 2017-08-25 14:56 - 2017-08-25 14:56 - 000000000 ____D C:\Windows\SysWOW64\1041 2017-08-25 14:56 - 2017-08-25 14:56 - 000000000 ____D C:\Windows\SysWOW64\1040 2017-08-25 14:56 - 2017-08-25 14:56 - 000000000 ____D C:\Windows\SysWOW64\1036 2017-08-25 14:56 - 2017-08-25 14:56 - 000000000 ____D C:\Windows\SysWOW64\1031 2017-08-25 14:56 - 2017-08-25 14:56 - 000000000 ____D C:\Windows\SysWOW64\1029 2017-08-25 14:56 - 2017-08-25 14:56 - 000000000 ____D C:\Windows\SysWOW64\1028 2017-08-25 14:56 - 2017-08-25 14:56 - 000000000 ____D C:\Windows\system32\3082 2017-08-25 14:56 - 2017-08-25 14:56 - 000000000 ____D C:\Windows\system32\2052 2017-08-25 14:56 - 2017-08-25 14:56 - 000000000 ____D C:\Windows\system32\1055 2017-08-25 14:56 - 2017-08-25 14:56 - 000000000 ____D C:\Windows\system32\1049 2017-08-25 14:56 - 2017-08-25 14:56 - 000000000 ____D C:\Windows\system32\1046 2017-08-25 14:56 - 2017-08-25 14:56 - 000000000 ____D C:\Windows\system32\1045 2017-08-25 14:56 - 2017-08-25 14:56 - 000000000 ____D C:\Windows\system32\1042 2017-08-25 14:56 - 2017-08-25 14:56 - 000000000 ____D C:\Windows\system32\1041 2017-08-25 14:56 - 2017-08-25 14:56 - 000000000 ____D C:\Windows\system32\1040 2017-08-25 14:56 - 2017-08-25 14:56 - 000000000 ____D C:\Windows\system32\1036 2017-08-25 14:56 - 2017-08-25 14:56 - 000000000 ____D C:\Windows\system32\1031 2017-08-25 14:56 - 2017-08-25 14:56 - 000000000 ____D C:\Windows\system32\1029 2017-08-25 14:56 - 2017-08-25 14:56 - 000000000 ____D C:\Windows\system32\1028 2017-08-25 14:56 - 2017-08-25 14:56 - 000000000 ____D C:\Program Files\Windows Kits 2017-08-25 14:42 - 2017-08-25 14:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits 2017-08-25 14:42 - 2017-08-25 14:42 - 000000000 ____D C:\ProgramData\Windows App Certification Kit 2017-08-25 14:42 - 2017-08-25 14:42 - 000000000 ____D C:\Program Files\Application Verifier 2017-08-25 14:42 - 2017-08-25 14:42 - 000000000 ____D C:\Program Files (x86)\Application Verifier 2017-08-25 14:40 - 2017-08-25 14:40 - 000000033 _____ C:\Users\Ubunciak\.bash_history 2017-08-25 14:39 - 2017-08-25 14:39 - 000000000 ____D C:\Users\Ubunciak\Desktop\devosprealfa 2017-08-25 14:35 - 2017-08-25 19:16 - 000000000 ____D C:\Program Files\Microsoft SQL Server 2017-08-25 14:35 - 2017-08-25 19:14 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2017-08-25 14:35 - 2017-08-25 17:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Web Tools 2017-08-25 14:25 - 2017-08-25 17:10 - 000000000 ____D C:\Program Files (x86)\Windows Kits 2017-08-25 14:24 - 2017-08-25 14:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017 2017-08-24 20:49 - 2017-08-25 14:22 - 000001742 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017.lnk 2017-08-24 20:33 - 2017-08-24 20:33 - 000029376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll 2017-08-24 20:32 - 2017-08-24 20:32 - 000993632 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll 2017-08-24 20:32 - 2017-08-24 20:32 - 000987840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll 2017-08-24 20:32 - 2017-08-24 20:32 - 000690008 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll 2017-08-24 20:32 - 2017-08-24 20:32 - 000485576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll 2017-08-24 20:32 - 2017-08-24 20:32 - 000030912 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll 2017-08-24 20:32 - 2017-08-24 20:32 - 000018600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll 2017-08-24 20:32 - 2017-08-24 20:32 - 000018592 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll 2017-08-24 20:14 - 2017-08-25 14:19 - 000000000 ____D C:\Users\Ubunciak\AppData\Roaming\Visual Studio Setup 2017-08-24 20:14 - 2017-08-24 20:14 - 000001302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk 2017-08-24 20:14 - 2017-08-24 20:14 - 000000000 ____D C:\Users\Ubunciak\AppData\Roaming\vstelemetry 2017-08-24 20:14 - 2017-08-24 20:14 - 000000000 ____D C:\Users\Ubunciak\AppData\Local\ServiceHub 2017-08-24 20:12 - 2017-08-25 14:49 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 2017-08-24 20:11 - 2017-08-24 20:11 - 001069960 _____ (Microsoft Corporation) C:\Users\Ubunciak\Downloads\vs_community__1440337934.1498579147.exe 2017-08-24 20:06 - 2017-08-24 20:07 - 000567850 _____ C:\Users\Ubunciak\Downloads\cgicc-3.2.1.tar.gz 2017-08-24 19:42 - 2017-08-24 19:42 - 007186992 _____ (Microsoft Corporation) C:\Users\Ubunciak\Downloads\vcredist_x64(1).exe 2017-08-24 19:35 - 2017-08-24 19:35 - 005718872 _____ (Microsoft Corporation) C:\Users\Ubunciak\Downloads\vcredist_x64.exe 2017-08-24 19:30 - 2017-08-24 19:30 - 000261195 _____ C:\Users\Ubunciak\Downloads\cgicc-3.0.1.tar.gz 2017-08-24 19:28 - 2017-08-24 19:32 - 000000741 _____ C:\Users\Public\Desktop\Wampserver64.lnk 2017-08-24 19:28 - 2017-08-24 19:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wampserver64 2017-08-24 19:20 - 2017-08-24 19:21 - 219506793 _____ (Dominique Ottello aka Otomatic ) C:\Users\Ubunciak\Downloads\wampserver3.0.6_x64_apache2.4.23_mysql5.7.14_php5.6.25-7.0.10.exe 2017-08-24 19:08 - 2017-08-24 19:08 - 129963496 _____ (Bitnami) C:\Users\Ubunciak\Downloads\xampp-win32-7.1.7-0-VC14-installer.exe 2017-08-24 18:56 - 2017-08-24 18:56 - 017339400 _____ C:\Users\Ubunciak\Downloads\mantisbt-2.5.1.zip 2017-08-24 18:54 - 2017-08-25 21:08 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2017-08-24 18:53 - 2017-08-25 17:43 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2017-08-24 18:53 - 2017-08-25 17:42 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition 2017-08-24 18:53 - 2017-08-24 20:09 - 000000000 ____D C:\Users\Ubunciak\Documents\Visual Studio 2010 2017-08-24 18:53 - 2017-08-24 18:53 - 000000000 ____D C:\Program Files\Microsoft Synchronization Services 2017-08-24 18:53 - 2017-08-24 18:53 - 000000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services 2017-08-24 18:52 - 2017-08-24 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express 2017-08-24 18:50 - 2017-08-25 18:27 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs 2017-08-24 18:50 - 2017-08-24 18:50 - 000000000 ____D C:\Windows\symbols 2017-08-24 18:50 - 2017-08-24 18:50 - 000000000 ____D C:\Program Files\Microsoft Visual Studio 10.0 2017-08-24 18:50 - 2017-08-24 18:50 - 000000000 ____D C:\Program Files\Microsoft Help Viewer 2017-08-24 18:49 - 2017-08-24 18:49 - 000000000 ____D C:\Windows\PCHEALTH 2017-08-24 18:47 - 2017-08-24 18:47 - 000000805 _____ C:\Users\Public\Desktop\Git Bash.lnk 2017-08-24 18:46 - 2017-08-24 18:47 - 000000000 ____D C:\ProgramData\Git 2017-08-24 18:41 - 2017-08-24 18:43 - 003324232 _____ (Microsoft Corporation) C:\Users\Ubunciak\Downloads\vc_web.exe 2017-08-24 18:31 - 2017-08-24 18:38 - 037255040 _____ (The Git Development Community ) C:\Users\Ubunciak\Downloads\Git-2.14.1-64-bit.exe 2017-08-24 18:16 - 2017-08-24 18:16 - 000000724 _____ C:\Users\Public\Desktop\IsoCreator.exe.lnk 2017-08-24 18:16 - 2017-08-24 18:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ISO Creator 1.0 2017-08-24 18:14 - 2017-08-24 18:14 - 000469504 _____ C:\Users\Ubunciak\Downloads\IsoCreator.msi 2017-08-23 23:31 - 2017-08-23 23:31 - 008925808 _____ (hxxp://ohsoft.net/ ) C:\Users\Ubunciak\Downloads\oCam_v414.0.exe 2017-08-23 22:38 - 2014-06-10 05:21 - 622090240 _____ C:\Users\Ubunciak\Downloads\pl_windows_xp_professional_with_service_pack_3_x86_cd_x14-80476.iso 2017-08-23 22:33 - 2017-08-23 22:35 - 566042038 _____ C:\Users\Ubunciak\Downloads\pl_windows_xp_professional_with_service_pack_3_x86_cd_x14-80476.iso.rar 2017-08-23 22:19 - 2017-08-23 22:19 - 000000000 ____D C:\Users\Ubunciak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QEMU 2017-08-23 22:16 - 2017-08-23 22:16 - 046505728 _____ C:\Users\Ubunciak\Downloads\qemu-w64-setup-20170816.exe 2017-08-23 21:58 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll 2017-08-23 19:46 - 2017-08-23 19:46 - 000000000 ____D C:\Program Files (x86)\FT38E1 2017-08-23 19:46 - 2008-09-01 02:52 - 000065072 _____ C:\Windows\system32\Hidhlp.dll 2017-08-23 19:46 - 2008-09-01 02:51 - 000064048 _____ C:\Windows\SysWOW64\Hidhlp.dll 2017-08-23 19:46 - 2008-09-01 02:51 - 000022576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GWHid.sys 2017-08-23 19:46 - 2008-09-01 02:51 - 000018992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\GWHid.sys 2017-08-23 19:46 - 2008-09-01 02:51 - 000012592 _____ C:\Windows\system32\Drivers\FT38E1.sys 2017-08-23 19:46 - 2008-09-01 02:51 - 000010416 _____ C:\Windows\SysWOW64\Drivers\FT38E1.sys 2017-08-23 18:15 - 2017-08-23 18:15 - 000000000 ____D C:\Users\Ubunciak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2017-08-22 16:29 - 2017-08-23 23:18 - 000000000 ____D C:\Users\Ubunciak\Desktop\Cheat Engine 6.7 2017-08-20 15:21 - 2017-08-20 15:21 - 000000907 _____ C:\Users\Public\Desktop\Counter-Strike 1.6 Windows 8.lnk 2017-08-20 15:21 - 2017-08-20 15:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6 Windows 8 2017-08-20 15:19 - 2017-08-20 15:21 - 387567065 _____ C:\Users\Ubunciak\Downloads\CS16_Mappack.exe 2017-08-20 15:16 - 2017-08-20 15:21 - 000000000 ____D C:\Program Files (x86)\SteamServerBrowser 2017-08-20 15:13 - 2017-08-20 15:14 - 277839466 _____ (CSSetti.pl ) C:\Users\Ubunciak\Downloads\cs16_win8.exe 2017-08-11 18:31 - 2017-08-11 18:31 - 000290424 _____ C:\Windows\Minidump\081117-24187-01.dmp 2017-08-11 18:20 - 2017-08-11 18:20 - 000116902 _____ C:\Users\Ubunciak\Downloads\borgbin.zip 2017-08-11 18:12 - 2017-08-11 18:13 - 000000000 ____D C:\Users\Ubunciak\Desktop\x96Debbuger 2017-08-11 18:10 - 2017-08-11 18:10 - 032964840 _____ C:\Users\Ubunciak\Downloads\adisasembler_snapshot_2017-08-03_17-47.zip 2017-08-07 09:33 - 2017-08-07 09:39 - 000000000 ____D C:\Users\Ubunciak\Desktop\płyta DVD 2017-08-07 09:20 - 2017-08-07 09:22 - 3183302656 _____ C:\Users\Ubunciak\Downloads\Win8.1_Polish_x32.iso 2017-08-04 09:14 - 2017-08-04 09:15 - 880803840 _____ C:\Users\Ubunciak\Downloads\lubuntu-16.04-desktop-amd64.iso 2017-07-31 18:17 - 2017-07-31 18:17 - 000007605 _____ C:\Users\Ubunciak\AppData\Local\Resmon.ResmonCfg 2017-07-31 18:10 - 2017-07-31 18:41 - 000000000 ____D C:\Users\Ubunciak\Documents\18 WoS Convoy 2017-07-31 18:10 - 2017-07-31 18:10 - 000000734 _____ C:\Users\Public\Desktop\18 Wheels of Steel Convoy.lnk 2017-07-31 17:15 - 2017-07-31 17:15 - 009747512 _____ (Piriform Ltd) C:\Users\Ubunciak\Downloads\ccsetup532.exe 2017-07-31 15:56 - 2017-07-31 16:13 - 000000000 ____D C:\Users\Ubunciak\Documents\gb 2017-07-31 15:43 - 2017-07-31 15:43 - 000000000 __SHD C:\found.000 2017-07-31 15:28 - 2017-07-31 15:37 - 000000022 _____ C:\Users\Ubunciak\Desktop\chkdsk.bat 2017-07-31 15:20 - 2017-07-31 15:55 - 000000000 ____D C:\Users\Ubunciak\Desktop\Dev-Cpp 2017-07-30 17:05 - 2017-07-30 17:05 - 000000000 ___HD C:\$GetCurrent 2017-07-30 16:57 - 2017-07-30 16:58 - 000295768 _____ C:\Windows\Minidump\073017-20937-01.dmp 2017-07-29 15:25 - 2017-07-29 15:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.5 2017-07-29 15:11 - 2017-07-29 15:11 - 000000000 ____D C:\bsod 2017-07-29 15:02 - 2017-07-29 15:11 - 000000000 ____D C:\Users\TEMP\AppData\LocalLow\Mozilla 2017-07-29 15:02 - 2017-07-29 15:02 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Mozilla 2017-07-29 15:02 - 2017-07-29 15:02 - 000000000 ____D C:\Users\TEMP\AppData\Local\Mozilla 2017-07-29 15:01 - 2017-07-29 15:11 - 000000000 ____D C:\Users\TEMP\AppData\Local\ClassicShell 2017-07-29 15:01 - 2017-07-29 15:01 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\ClassicShell 2017-07-29 14:58 - 2017-07-29 14:58 - 000000000 ____D C:\Users\TEMP\AppData\Local\LogMeIn 2017-07-29 14:55 - 2017-07-29 15:06 - 000000000 ____D C:\Users\TEMP\AppData\Local\LogMeIn Hamachi 2017-07-29 14:55 - 2017-07-29 14:57 - 000000000 ____D C:\Users\TEMP\AppData\Local\Packages 2017-07-29 14:55 - 2017-07-29 14:56 - 000000000 ____D C:\Users\TEMP 2017-07-29 14:55 - 2017-07-29 14:55 - 000001454 _____ C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2017-07-29 14:55 - 2017-07-29 14:55 - 000000020 ___SH C:\Users\TEMP\ntuser.ini 2017-07-29 14:55 - 2017-07-29 14:55 - 000000000 _SHDL C:\Users\TEMP\Ustawienia lokalne 2017-07-29 14:55 - 2017-07-29 14:55 - 000000000 _SHDL C:\Users\TEMP\Szablony 2017-07-29 14:55 - 2017-07-29 14:55 - 000000000 _SHDL C:\Users\TEMP\Moje dokumenty 2017-07-29 14:55 - 2017-07-29 14:55 - 000000000 _SHDL C:\Users\TEMP\Menu Start 2017-07-29 14:55 - 2017-07-29 14:55 - 000000000 _SHDL C:\Users\TEMP\Documents\Moje wideo 2017-07-29 14:55 - 2017-07-29 14:55 - 000000000 _SHDL C:\Users\TEMP\Documents\Moje obrazy 2017-07-29 14:55 - 2017-07-29 14:55 - 000000000 _SHDL C:\Users\TEMP\Documents\Moja muzyka 2017-07-29 14:55 - 2017-07-29 14:55 - 000000000 _SHDL C:\Users\TEMP\Dane aplikacji 2017-07-29 14:55 - 2017-07-29 14:55 - 000000000 _SHDL C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2017-07-29 14:55 - 2017-07-29 14:55 - 000000000 _SHDL C:\Users\TEMP\AppData\Local\Historia 2017-07-29 14:55 - 2017-07-29 14:55 - 000000000 _SHDL C:\Users\TEMP\AppData\Local\Dane aplikacji 2017-07-29 14:55 - 2017-07-29 14:55 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Adobe 2017-07-29 14:55 - 2017-07-29 14:55 - 000000000 ____D C:\Users\TEMP\AppData\Local\VirtualStore 2017-07-29 14:55 - 2017-07-10 12:55 - 000000153 _____ C:\Users\TEMP\BullseyeCoverageError.txt 2017-07-29 14:55 - 2014-11-21 06:46 - 000000369 _____ C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2017-07-29 14:55 - 2014-11-21 06:46 - 000000369 _____ C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2017-07-29 14:54 - 2017-07-29 14:54 - 000291256 _____ C:\Windows\Minidump\072917-22875-01.dmp ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-08-26 17:33 - 2017-06-24 15:44 - 000000000 ____D C:\Users\Ubunciak\AppData\Local\ClassicShell 2017-08-26 17:28 - 2017-06-24 15:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-08-26 17:16 - 2017-06-24 14:27 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2103040207-4066334510-1387865864-1001 2017-08-26 17:15 - 2017-06-24 15:40 - 000000000 ____D C:\Users\Ubunciak\AppData\LocalLow\Mozilla 2017-08-26 17:13 - 2017-06-27 18:02 - 000000000 ____D C:\Users\Ubunciak\AppData\Local\LogMeIn Hamachi 2017-08-25 21:08 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-08-25 21:08 - 2013-08-22 16:44 - 000442880 _____ C:\Windows\system32\FNTCACHE.DAT 2017-08-25 18:28 - 2017-06-24 18:23 - 000000000 ____D C:\ProgramData\Package Cache 2017-08-25 17:16 - 2014-11-21 06:07 - 000838356 _____ C:\Windows\system32\perfh015.dat 2017-08-25 17:16 - 2014-11-21 06:07 - 000179220 _____ C:\Windows\system32\perfc015.dat 2017-08-25 17:16 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp 2017-08-25 17:15 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf 2017-08-25 16:49 - 2013-08-22 17:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2017-08-25 16:36 - 2017-06-24 15:59 - 000000000 ____D C:\Program Files (x86)\MSBuild 2017-08-25 16:35 - 2013-08-22 17:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-08-25 15:08 - 2017-06-23 22:02 - 000000000 ____D C:\Users\Ubunciak 2017-08-24 17:06 - 2017-07-16 21:19 - 000000000 ____D C:\Users\Ubunciak\Documents\GTA San Andreas User Files 2017-08-24 16:09 - 2017-06-24 15:48 - 000000000 ____D C:\ProgramData\Oracle 2017-08-24 16:06 - 2017-06-24 15:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-08-24 16:06 - 2017-06-24 15:48 - 000000000 ____D C:\Program Files (x86)\Java 2017-08-24 16:05 - 2017-06-24 15:49 - 000097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2017-08-23 22:31 - 2017-06-28 19:17 - 000000000 ____D C:\Users\Ubunciak\VirtualBox VMs 2017-08-23 22:09 - 2017-06-28 19:14 - 000000000 ____D C:\Users\Ubunciak\.VirtualBox 2017-08-23 18:16 - 2017-07-10 13:21 - 000002229 _____ C:\Users\Ubunciak\Desktop\Discord.lnk 2017-08-23 18:16 - 2017-07-10 13:20 - 000000000 ____D C:\Users\Ubunciak\AppData\Roaming\discord 2017-08-23 18:14 - 2017-07-10 13:20 - 000000000 ____D C:\Users\Ubunciak\AppData\Local\Discord 2017-08-23 18:13 - 2017-06-23 22:25 - 000000000 ____D C:\Users\UpdatusUser 2017-08-20 14:23 - 2014-11-21 06:46 - 001825074 _____ C:\Windows\system32\PerfStringBackup.INI 2017-08-11 18:31 - 2017-06-28 20:08 - 345127625 _____ C:\Windows\MEMORY.DMP 2017-08-11 18:31 - 2017-06-28 20:08 - 000000000 ____D C:\Windows\Minidump 2017-08-11 18:29 - 2017-06-23 22:11 - 000000448 __RSH C:\ProgramData\ntuser.pol 2017-08-11 18:23 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI 2017-08-11 18:21 - 2001-03-11 01:12 - 000268288 _____ (Cronos) C:\Users\Ubunciak\Desktop\borg.exe 2017-07-31 17:54 - 2017-06-27 19:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio 2017-07-31 17:53 - 2017-07-15 20:42 - 000002136 _____ C:\Users\Public\Desktop\MTA San Andreas 1.5.lnk 2017-07-31 16:16 - 2017-07-15 20:30 - 000000000 ____D C:\Windows\SysWOW64\directx 2017-07-31 10:04 - 2017-06-28 19:20 - 000000000 ____D C:\Users\Ubunciak\Desktop\devos 2017-07-31 09:48 - 2017-06-28 20:34 - 000000000 ____D C:\Users\Ubunciak\AppData\Roaming\DAEMON Tools Lite 2017-07-31 09:47 - 2017-06-28 20:35 - 000000000 ____D C:\Users\Public\Documents\Daemon Tools Images 2017-07-29 15:25 - 2017-07-15 20:41 - 000000000 ____D C:\Program Files (x86)\MTA San Andreas 1.5 2017-07-29 14:57 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness ==================== Pliki w katalogu głównym wybranych folderów ======= 2017-07-31 18:17 - 2017-07-31 18:17 - 000007605 _____ () C:\Users\Ubunciak\AppData\Local\Resmon.ResmonCfg Niektóre pliki w TEMP: ==================== 2017-08-24 16:04 - 2017-08-24 16:04 - 000740416 _____ (Oracle Corporation) C:\Users\Ubunciak\AppData\Local\Temp\jre-8u144-windows-au.exe 2017-07-31 15:27 - 2017-07-31 15:28 - 002919683 _____ ( ) C:\Users\Ubunciak\AppData\Local\Temp\reshacker_setup.exe ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-07-29 15:14 ==================== Koniec FRST.txt ============================