Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja: 26-04-2017 Uruchomiony przez Genowefa (administrator) AGNIESZKA (26-04-2017 19:24:10) Uruchomiony z C:\Users\Genowefa\Downloads Załadowane profile: Genowefa (Dostępne profile: Genowefa) Platform: Microsoft Windows 8.1 (Update) (X86) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Acer Incorporated) C:\Program Files\Acer\AOP Framework\CCDMonitorService.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe (Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe (Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe (Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe (Acer Cloud Technology) C:\Program Files\Acer\AOP Framework\acer\ccd.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe\livecomm.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe (Spotify Ltd) C:\Program Files\Spotify\Data\SpotifyWebHelper.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe (Acer Incorporated) C:\Program Files\Acer\AOP Framework\BackgroundAgent.exe () C:\Program Files\Acer\abDocs\abDocsDllLoaderMonitor.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\windows\system32\DptfPolicyLpmServiceHelper.exe [73216 2013-12-30] (Intel Corporation) HKLM\...\Run: [RtkNGUI] => C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe [2912256 2014-06-25] (Realtek Semiconductor) HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" HKU\S-1-5-21-1794316248-3369987829-2041652221-1001\...\Run: [Spotify Web Helper] => C:\Program Files\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-06-25] (Spotify Ltd) HKU\S-1-5-21-1794316248-3369987829-2041652221-1001\...\MountPoints2: {177785ff-7ea0-11e6-9760-bb337f492a69} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1794316248-3369987829-2041652221-1001\...\MountPoints2: {1cb2414d-62e2-11e6-975e-b650db27c163} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1794316248-3369987829-2041652221-1001\...\MountPoints2: {8331836a-24ba-11e6-9754-9effed74d5b4} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [315032 2014-10-29] (Microsoft Corporation) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{C18DF28A-F6FE-4AC2-9E93-E8A21D1AC06A}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-1794316248-3369987829-2041652221-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB HKU\S-1-5-21-1794316248-3369987829-2041652221-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1794316248-3369987829-2041652221-1001 -> DefaultScope {88EC199A-A95A-430D-9CC3-215D47C631D1} URL = SearchScopes: HKU\S-1-5-21-1794316248-3369987829-2041652221-1001 -> {88EC199A-A95A-430D-9CC3-215D47C631D1} URL = Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Genowefa\AppData\Roaming\Mozilla\Firefox\Profiles\v9vu5erk.default-1425052991872 [2017-04-26] FF Homepage: Mozilla\Firefox\Profiles\v9vu5erk.default-1425052991872 -> hxxps://www.google.pl/?gws_rd=ssl FF Session Restore: Mozilla\Firefox\Profiles\v9vu5erk.default-1425052991872 -> [funkcja włączona] FF Extension: (Adblock Plus) - C:\Users\Genowefa\AppData\Roaming\Mozilla\Firefox\Profiles\v9vu5erk.default-1425052991872\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23] FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-12] () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-12-29] (Microsoft Corporation) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S2 BcmBtRSupport; C:\windows\system32\BtwRSupportService.exe [1677016 2013-11-13] (Broadcom Corporation.) R2 CCDMonitorService; C:\Program Files\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-15] (Acer Incorporated) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [2043120 2017-03-14] (Microsoft Corporation) S3 cphs; C:\windows\system32\IntelCpHeciSvc.exe [279000 2014-01-07] (Intel Corporation) R2 DptfParticipantProcessorService; C:\windows\system32\DptfParticipantProcessorService.exe [75264 2013-12-30] (Intel Corporation) R2 DptfPolicyCriticalService; C:\windows\system32\DptfPolicyCriticalService.exe [89088 2013-12-30] (Intel Corporation) R2 DptfPolicyLpmService; C:\windows\system32\DptfPolicyLpmService.exe [82432 2013-12-30] (Intel Corporation) R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [456936 2014-05-22] (Acer Incorporate) R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450792 2014-06-25] (Acer Incorporate) R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [442088 2014-06-25] (Acer Incorporate) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280872 2017-01-12] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103696 2017-01-12] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AX88179; C:\windows\system32\DRIVERS\ax88179_178a.sys [60816 2013-07-08] (ASIX Electronics Corp.) R3 BCMSDH43XX; C:\windows\system32\DRIVERS\bcmdhd63.sys [304344 2013-10-03] (Broadcom Corp) R3 BthMini; C:\windows\System32\Drivers\BTHMINI.sys [23552 2014-10-29] (Microsoft Corporation) S3 btwampfl; C:\windows\System32\drivers\btwampfl.sys [145112 2014-02-03] (Broadcom Corporation.) R3 BtwSerialBus; C:\windows\System32\drivers\BtwSerialBus.sys [130776 2013-09-09] (Broadcom Corporation.) R3 camera; C:\windows\system32\DRIVERS\camera.sys [401408 2013-12-30] (Intel Corporation) R3 CM3218x; C:\windows\system32\DRIVERS\WUDFRd.sys [190976 2014-10-29] (Microsoft Corporation) R3 CPLMACPI; C:\windows\system32\DRIVERS\CPLMACPI.sys [16488 2013-09-07] (Capella Microsystems, Inc.) S3 DptfDevAmbient; C:\windows\System32\drivers\DptfDevAmbient.sys [36352 2013-12-30] (Intel Corporation) S3 DptfDevDBPT; C:\windows\System32\drivers\DptfDevPower.sys [17408 2013-12-30] (Intel Corporation) R3 DptfDevDisplay; C:\windows\System32\drivers\DptfDevDisplay.sys [19968 2013-12-30] (Intel Corporation) R3 DptfDevGen; C:\windows\System32\drivers\DptfDevGen.sys [28160 2013-12-30] (Intel Corporation) R3 DptfDevProc; C:\windows\System32\drivers\DptfDevProc.sys [72704 2013-12-30] (Intel Corporation) R3 DptfManager; C:\windows\System32\drivers\DptfManager.sys [176640 2013-12-30] (Intel Corporation) R3 GPIO; C:\windows\System32\drivers\iaiogpioe.sys [23552 2013-12-30] (Intel Corporation) R3 GpioVirtual; C:\windows\System32\drivers\iaiogpiovirtual.sys [16896 2013-12-30] (Intel Corporation) R3 iaioi2c; C:\windows\System32\drivers\iaioi2ce.sys [58368 2013-12-30] (Intel Corporation) R3 iaiospi; C:\windows\System32\drivers\iaiospi.sys [53760 2013-12-30] (Intel Corporation) R3 iaiouart; C:\windows\System32\drivers\iaiouart.sys [87552 2013-12-30] (Intel Corporation) S3 intaud_WaveExtensible; C:\windows\system32\drivers\intelaud.sys [32664 2013-12-27] (Intel Corporation) R3 IntelSST; C:\windows\system32\drivers\isstrtc.sys [254464 2013-12-30] (Intel(R) Corporation) R3 INVN_MotionApps; C:\windows\system32\DRIVERS\WUDFRd.sys [190976 2014-10-29] (Microsoft Corporation) R3 iwdbus; C:\windows\System32\drivers\iwdbus.sys [23448 2013-12-27] (Intel Corporation) S0 Lm3554; C:\windows\System32\drivers\lm3554.sys [25088 2013-12-30] (Intel Corporation) R3 LMDriver; C:\windows\System32\drivers\LMDriver.sys [18232 2014-06-25] (Acer Incorporated) R0 MBI; C:\windows\System32\drivers\MBI.sys [21456 2013-12-30] (Intel Corporation) R3 ov2722; C:\windows\System32\drivers\ov2722.sys [43520 2013-12-30] (Intel Corporation) R3 PMIC; C:\windows\System32\drivers\PMIC.sys [48128 2013-12-30] (Intel Corporation) R3 RadioShim; C:\windows\System32\drivers\RadioShim.sys [13112 2014-06-25] (Acer Incorporated) R3 rtii2sac; C:\windows\system32\DRIVERS\rtii2sac.sys [167640 2014-02-11] (Realtek Semiconductor Corp.) R3 SensorsServiceDriver; C:\windows\System32\drivers\WUDFRd.sys [190976 2014-10-29] (Microsoft Corporation) R3 SynRMIHID; C:\windows\System32\drivers\SynRMIHID.sys [36080 2014-02-19] (Synaptics Incorporated) R3 TXEI; C:\windows\System32\drivers\TXEI.sys [76304 2013-12-30] (Intel Corporation) S0 WdBoot; C:\windows\System32\drivers\WdBoot.sys [38920 2017-02-10] (Microsoft Corporation) R0 WdFilter; C:\windows\System32\drivers\WdFilter.sys [231256 2017-01-12] (Microsoft Corporation) R2 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [85336 2017-01-12] (Microsoft Corporation) R3 WUDFWpdMtp; C:\windows\system32\DRIVERS\WUDFRd.sys [190976 2014-10-29] (Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-04-26 19:24 - 2017-04-26 19:24 - 00012408 _____ C:\Users\Genowefa\Downloads\FRST.txt 2017-04-26 19:22 - 2017-04-26 19:22 - 00000000 ____D C:\Users\Genowefa\Downloads\FRST-OlderVersion 2017-04-12 21:15 - 2017-03-21 15:11 - 00875712 _____ (Microsoft Corporation) C:\windows\system32\msvcr120_clr0400.dll 2017-04-12 21:15 - 2017-03-21 15:11 - 00536768 _____ (Microsoft Corporation) C:\windows\system32\msvcp120_clr0400.dll 2017-04-12 19:55 - 2017-03-25 21:39 - 20284416 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2017-04-12 19:55 - 2017-03-25 21:07 - 04604416 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2017-04-12 19:55 - 2017-03-25 21:06 - 13654016 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2017-04-12 19:55 - 2017-03-25 20:55 - 02767360 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2017-04-12 19:55 - 2017-03-25 20:52 - 02289152 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2017-04-12 19:55 - 2017-03-25 20:51 - 01313280 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2017-04-12 19:55 - 2017-03-25 20:47 - 02055680 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2017-04-12 19:55 - 2017-03-25 20:46 - 00693248 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2017-04-12 19:55 - 2017-03-25 20:46 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll 2017-04-12 19:55 - 2017-03-25 20:45 - 00689664 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2017-04-12 19:55 - 2017-03-25 20:45 - 00330752 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll 2017-04-12 19:55 - 2017-03-25 06:40 - 01127968 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll 2017-04-12 19:55 - 2017-03-14 21:28 - 00128568 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe 2017-04-12 19:55 - 2017-03-14 16:13 - 03074048 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll 2017-04-12 19:55 - 2017-03-14 16:07 - 02174464 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll 2017-04-12 19:55 - 2017-03-14 16:06 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll 2017-04-12 19:55 - 2017-03-13 17:56 - 00334336 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll 2017-04-12 19:55 - 2017-03-12 17:01 - 00025600 ____C (Microsoft Corporation) C:\windows\system32\Drivers\BasicRender.sys 2017-04-12 19:55 - 2017-03-11 05:56 - 01489608 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll 2017-04-12 19:55 - 2017-03-11 05:46 - 01325912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys 2017-04-12 19:55 - 2017-03-11 05:46 - 00319320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys 2017-04-12 19:55 - 2017-03-11 05:41 - 00315224 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll 2017-04-12 19:55 - 2017-03-09 21:33 - 03475456 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2017-04-12 19:55 - 2017-03-08 01:21 - 01212760 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll 2017-04-12 19:55 - 2017-03-04 20:15 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\asycfilt.dll 2017-04-12 19:55 - 2017-03-04 18:35 - 02976256 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll 2017-04-12 19:55 - 2017-03-03 17:06 - 01501184 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll 2017-04-12 19:55 - 2017-03-03 17:04 - 00092672 _____ (Microsoft Corporation) C:\windows\system32\mfmjpegdec.dll 2017-04-12 19:55 - 2017-02-11 18:49 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll 2017-04-12 19:55 - 2017-02-11 18:42 - 00204288 _____ (Microsoft Corporation) C:\windows\system32\DafPrintProvider.dll 2017-04-12 19:55 - 2017-02-10 20:07 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys 2017-04-12 19:55 - 2017-02-10 16:37 - 00038920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys 2017-04-12 19:55 - 2017-02-04 19:19 - 00065024 _____ (Microsoft Corporation) C:\windows\system32\samlib.dll 2017-04-12 19:55 - 2017-02-04 19:16 - 00616960 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll 2017-04-12 19:55 - 2017-02-01 16:58 - 00328192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys 2017-04-12 19:55 - 2017-02-01 16:58 - 00153088 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys 2017-04-12 19:55 - 2017-01-19 04:21 - 00870224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys 2017-04-12 19:55 - 2017-01-18 16:34 - 00922432 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll 2017-04-12 19:55 - 2017-01-14 21:18 - 00787688 _____ (Microsoft Corporation) C:\windows\system32\mfmp4srcsnk.dll 2017-04-12 19:55 - 2017-01-12 18:55 - 00231256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys 2017-04-12 19:55 - 2017-01-12 18:55 - 00085336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdNisDrv.sys 2017-04-12 19:55 - 2017-01-12 08:15 - 00738136 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys 2017-04-12 19:55 - 2017-01-11 19:31 - 00369496 ____C (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys 2017-04-12 19:55 - 2017-01-11 17:09 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\SessEnv.dll 2017-04-12 19:55 - 2017-01-10 22:21 - 00105472 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys 2017-04-12 19:55 - 2017-01-10 21:20 - 00696832 _____ (Microsoft Corporation) C:\windows\system32\netlogon.dll 2017-04-12 19:55 - 2017-01-10 21:09 - 01108480 _____ (Microsoft Corporation) C:\windows\system32\mispace.dll 2017-04-12 19:55 - 2017-01-06 19:04 - 01495552 _____ (Microsoft Corporation) C:\windows\system32\storagewmi.dll 2017-04-12 19:55 - 2016-12-25 02:19 - 00170496 _____ (Microsoft Corporation) C:\windows\system32\WinSCard.dll 2017-04-12 19:55 - 2016-12-25 01:58 - 00130048 _____ (Microsoft Corporation) C:\windows\system32\certprop.dll 2017-04-12 19:55 - 2016-12-25 01:13 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\ScDeviceEnum.dll 2017-04-12 19:55 - 2016-12-09 10:11 - 00319320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys 2017-04-12 19:54 - 2017-03-25 20:48 - 00499200 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2017-04-12 19:54 - 2017-03-25 20:47 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2017-04-12 19:54 - 2017-03-25 20:46 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2017-04-12 19:54 - 2017-03-25 20:45 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll 2017-04-12 19:54 - 2017-03-13 17:59 - 00124928 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll 2017-04-12 19:54 - 2017-03-13 17:59 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe 2017-04-12 19:54 - 2017-03-13 17:56 - 00081920 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll 2017-04-12 19:54 - 2017-03-09 21:29 - 00035840 _____ (Adobe Systems) C:\windows\system32\atmlib.dll 2017-04-12 19:54 - 2017-01-14 16:37 - 00447095 _____ C:\windows\system32\ApnDatabase.xml 2017-04-12 19:54 - 2016-12-25 02:25 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\scfilter.sys 2017-04-06 19:39 - 2017-04-06 19:39 - 00676474 _____ C:\Users\Genowefa\Downloads\MAC-Cert-kompetencje-speleczne-dzieci-ep-Genowefa--Górecka.pdf 2017-04-06 19:39 - 2017-04-06 19:39 - 00229338 _____ C:\Users\Genowefa\Downloads\f178201d35868e7dcc92b800584db418d9e182bc.pdf 2017-03-29 20:28 - 2017-03-29 20:28 - 00104960 _____ (GMER) C:\kxdorpog.sys 2017-03-29 20:08 - 2017-03-29 20:08 - 00380928 _____ C:\Users\Genowefa\Desktop\bd3vtmve.exe 2017-03-29 20:01 - 2017-04-26 19:24 - 00000000 ____D C:\FRST 2017-03-29 19:53 - 2017-04-26 19:22 - 01768448 _____ (Farbar) C:\Users\Genowefa\Downloads\FRST.exe 2017-03-28 21:06 - 2017-03-29 20:26 - 00000000 ____D C:\Program Files\Common Files\AV 2017-03-28 21:05 - 2017-03-28 21:04 - 00921280 _____ (Microsoft Corporation) C:\windows\ucrtbase.dll 2017-03-28 21:00 - 2017-03-29 20:26 - 00000000 ____D C:\ProgramData\AVAST Software ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-04-26 19:20 - 2016-11-20 17:46 - 00000000 ____D C:\Users\Genowefa\AppData\LocalLow\Mozilla 2017-04-26 19:19 - 2014-12-24 22:30 - 00000000 __RDO C:\Users\Genowefa\OneDrive 2017-04-24 18:51 - 2013-08-22 10:17 - 00000000 ____D C:\windows\rescache 2017-04-23 18:26 - 2014-06-25 16:40 - 00808708 _____ C:\windows\system32\perfh015.dat 2017-04-23 18:26 - 2014-06-25 16:40 - 00164328 _____ C:\windows\system32\perfc015.dat 2017-04-23 18:26 - 2014-04-10 03:58 - 01825074 _____ C:\windows\system32\PerfStringBackup.INI 2017-04-23 18:26 - 2013-08-22 08:21 - 00000000 ____D C:\windows\inf 2017-04-23 18:20 - 2016-11-19 22:39 - 00000000 ____D C:\Program Files\Mozilla Firefox 2017-04-23 18:20 - 2014-12-24 22:37 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2017-04-23 18:19 - 2013-08-22 09:23 - 00000006 ____H C:\windows\Tasks\SA.DAT 2017-04-23 18:19 - 2013-08-22 09:22 - 00371984 _____ C:\windows\system32\FNTCACHE.DAT 2017-04-19 21:59 - 2013-08-22 08:13 - 00524288 ___SH C:\windows\system32\config\BBI 2017-04-19 21:57 - 2014-12-29 12:51 - 00000000 ____D C:\windows\system32\MRT 2017-04-19 21:57 - 2013-08-22 10:17 - 00000000 ___RD C:\windows\ToastData 2017-04-19 21:57 - 2013-08-22 10:17 - 00000000 ____D C:\Program Files\Windows Defender 2017-04-19 21:54 - 2014-12-29 12:51 - 145733648 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe 2017-04-19 21:51 - 2013-08-22 10:05 - 00000000 ____D C:\windows\CbsTemp 2017-04-19 09:50 - 2014-12-24 22:24 - 00000000 ____D C:\Users\Genowefa 2017-04-19 09:41 - 2013-08-22 10:17 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-04-19 09:39 - 2014-12-29 12:24 - 00000000 ____D C:\Program Files\Microsoft Office 15 2017-04-19 09:31 - 2016-04-26 22:54 - 00002398 _____ C:\Users\Genowefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive dla Firm.lnk 2017-04-19 09:29 - 2013-08-22 10:17 - 00000000 ____D C:\windows\AppReadiness 2017-04-12 19:54 - 2013-08-22 10:17 - 00000000 ____D C:\windows\system32\Macromed 2017-04-12 19:51 - 2016-04-10 20:31 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-04-08 00:06 - 2014-12-28 21:15 - 00430248 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe 2017-04-01 03:12 - 2016-05-11 22:52 - 00835576 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe 2017-04-01 03:12 - 2016-05-11 22:52 - 00177656 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl 2017-03-28 18:12 - 2014-12-24 22:25 - 00000000 ____D C:\Users\Genowefa\AppData\Local\Packages ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-02-16 20:54 - 2015-02-16 20:54 - 0000288 _____ () C:\Users\Genowefa\AppData\Roaming\.backup.dm Niektóre pliki w TEMP: ==================== 2015-01-03 16:12 - 2014-11-19 20:46 - 1670400 _____ (Acer Incorporated) C:\Users\Genowefa\AppData\Local\Temp\AcerPortalSetup.exe 2014-12-29 12:24 - 2014-06-25 18:44 - 0946920 _____ (Microsoft Corporation) C:\Users\Genowefa\AppData\Local\Temp\SetupHomeStudentRetail.x86.pl-PL_HomeStudentRetail_4Q6ND-T2972-J4DG7-6K6R9-HCB3D_act_1_.exe ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\windows\explorer.exe => Plik podpisany cyfrowo C:\windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\windows\system32\wininit.exe => Plik podpisany cyfrowo C:\windows\system32\svchost.exe => Plik podpisany cyfrowo C:\windows\system32\services.exe => Plik podpisany cyfrowo C:\windows\system32\User32.dll => Plik podpisany cyfrowo C:\windows\system32\userinit.exe => Plik podpisany cyfrowo C:\windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-04-23 19:21 ==================== Koniec FRST.txt ============================