Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:25-01-2016 Uruchomiony przez JULIA (administrator) JULKA (27-01-2016 05:23:15) Uruchomiony z C:\Users\JULIA\Downloads Załadowane profile: JULIA (Dostępne profile: JULIA) Platform: Windows 8.1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe () C:\ProgramData\MobileBrServ\mbbService.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe () C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe (Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsCmdServer.exe (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsEventHandler.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Dropbox, Inc.) C:\Users\JULIA\AppData\Roaming\Dropbox\bin\Dropbox.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe (Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.14\AllShareFrameworkManagerDMS.exe (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.14\AllShareFrameworkDMS.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Opera Software) C:\Program Files (x86)\Opera\34.0.2036.50\opera.exe (Opera Software) C:\Program Files (x86)\Opera\34.0.2036.50\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\34.0.2036.50\opera.exe (Opera Software) C:\Program Files (x86)\Opera\34.0.2036.50\opera.exe (Opera Software) C:\Program Files (x86)\Opera\34.0.2036.50\opera.exe (Opera Software) C:\Program Files (x86)\Opera\34.0.2036.50\opera.exe (Opera Software) C:\Program Files (x86)\Opera\34.0.2036.50\opera.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Opera Software) C:\Program Files (x86)\Opera\34.0.2036.50\opera.exe (Opera Software) C:\Program Files (x86)\Opera\34.0.2036.50\opera.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2889072 2013-03-25] (ELAN Microelectronics Corp.) HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64128 2013-04-24] () HKLM\...\Run: [Bitcasa] => C:\Program Files\Bitcasa\Bitcasa.exe [3965904 2013-06-06] () HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated) HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [597576 2013-07-09] (Copyright 2013 SAMSUNG) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems Incorporated) HKU\S-1-5-21-204455593-1543837664-2498303104-1001\...\Run: [Dropbox Update] => C:\Users\JULIA\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.) HKU\S-1-5-21-204455593-1543837664-2498303104-1001\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent HKU\S-1-5-21-204455593-1543837664-2498303104-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [748360 2016-01-12] (Google Inc.) HKU\S-1-5-21-204455593-1543837664-2498303104-1001\...\MountPoints2: {369beb00-5dc2-11e4-be82-48d224595d7f} - "D:\SISetup.exe" HKU\S-1-5-21-204455593-1543837664-2498303104-1001\...\MountPoints2: {3ae0e093-a100-11e5-bebe-48d224595d7f} - "D:\Startme.exe" HKU\S-1-5-21-204455593-1543837664-2498303104-1001\...\MountPoints2: {d7bbe1b8-919f-11e4-be90-48d224595d7f} - "D:\AutoRun.exe" HKU\S-1-5-21-204455593-1543837664-2498303104-1001\...\MountPoints2: {f9a9b473-984f-11e4-be90-48d224595d7f} - "D:\AutoRun.exe" SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation) SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation) ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\JULIA\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\JULIA\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\JULIA\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\JULIA\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\JULIA\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\JULIA\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\JULIA\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\JULIA\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Brak pliku ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {02A05E31-C982-4264-BB20-FB8FDDABE5E0} => C:\windows\SYSTEM32\CbFsMntNtf3.dll [2013-02-11] (EldoS Corporation) ShellIconOverlayIdentifiers: [BitcasaIconOverlay] -> {A6975448-A999-49BB-B3E4-7730CF6A82C0} => C:\Program Files\Bitcasa\ExplorerMenu.dll [2013-06-06] () ShellIconOverlayIdentifiers: [BitcasaProgressOverlay] -> {6FB8D52A-0064-45B2-B687-F596FEAD09C2} => C:\Program Files\Bitcasa\ExplorerMenu.dll [2013-06-06] () ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\system32\CbFsMntNtf3.dll [2013-02-11] (EldoS Corporation) ShellIconOverlayIdentifiers-x32: [1EldosIconOverlay] -> {02A05E31-C982-4264-BB20-FB8FDDABE5E0} => C:\windows\SysWOW64\CbFsMntNtf3.dll [2013-02-11] (EldoS Corporation) ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\SysWow64\CbFsMntNtf3.dll [2013-02-11] (EldoS Corporation) Startup: C:\Users\JULIA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-14] ShortcutTarget: Dropbox.lnk -> C:\Users\JULIA\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{2F6134FA-5470-4682-8EB3-BAEB9E6EB623}: [DhcpNameServer] 192.168.43.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-204455593-1543837664-2498303104-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} HKU\S-1-5-21-204455593-1543837664-2498303104-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-204455593-1543837664-2498303104-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006 SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-204455593-1543837664-2498303104-1001 -> {306586E7-F494-4E28-96D7-E8E9E9F6C4E5} URL = SearchScopes: HKU\S-1-5-21-204455593-1543837664-2498303104-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-04-24] (Qualcomm Atheros Commnucations) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-12-02] (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-12-02] (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-12-02] (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-12-02] (McAfee, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-12-03] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-12-03] (McAfee, Inc.) FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-22] () FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-12-03] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-22] () FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-12-03] () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-12-17] (Adobe Systems Inc.) FF Plugin-x32: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll [2013-07-09] (Samsung) FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-11-23] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-01-06] [Brak podpisu cyfrowego] Chrome: ======= CHR HomePage: Default -> hxxp://www.interia.pl/#utm_source=instalki1&utm_medium=installer&utm_campaign=instalki1&iwa_source=installer_instalki CHR Profile: C:\Users\JULIA\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Dokumenty Google) - C:\Users\JULIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-12] CHR Extension: (Adblock Plus) - C:\Users\JULIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-01-05] CHR Extension: (SiteAdvisor) - C:\Users\JULIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-01-06] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\JULIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-01-06] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-01-06] Opera: ======= OPR StartupUrls: "hxxp://www.google.pl/" OPR Session Restore: -> [funkcja włączona] OPR Extension: (Adblock Plus) - C:\Users\JULIA\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-01-16] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [172104 2013-01-26] (Adobe Systems Incorporated) R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.14\AllShareFrameworkManagerDMS.exe [404360 2013-06-18] (Samsung) [Brak podpisu cyfrowego] R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [310400 2013-04-24] (Windows (R) Win 7 DDK provider) [Brak podpisu cyfrowego] R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.) R2 Huawei E3372; C:\ProgramData\MobileBrServ\mbbservice.exe [240720 2014-03-07] () R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [157928 2015-12-02] (McAfee, Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2015-12-03] (McAfee, Inc.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe [1694152 2015-12-02] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.) S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [679120 2015-10-20] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.) R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [233680 2015-09-21] (McAfee, Inc.) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [378848 2015-10-21] (McAfee, Inc.) R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [256840 2015-09-21] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.) S2 PLAY ONLINE. RunOuc; C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe [246112 2014-11-25] () R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [605768 2013-07-09] (Copyright 2013 SAMSUNG) R2 Settings Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe [1594928 2013-06-14] (Samsung Electronics CO., LTD.) R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3014704 2013-06-18] (Samsung Electronics CO., LTD.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-04-24] (Atheros) [Brak podpisu cyfrowego] S2 0073281453489422mcinstcleanup; C:\WINDOWS\TEMP\007328~1.EXE -cleanup -nolog [X] S2 PrivoxyService; "C:\Program Files (x86)\Softcomp Software\privoxy.exe" --service [X] <==== UWAGA S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [X] S2 TDataSvr; C:\Program Files (x86)\TDataDld\TData.exe [X] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-17] (AppEx Networks Corporation) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-13] (Advanced Micro Devices) R3 BTATH_HID; C:\Windows\system32\DRIVERS\btath_hid.sys [223432 2013-04-24] (Qualcomm Atheros) R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-24] (Qualcomm Atheros) R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352448 2013-02-11] (EldoS Corporation) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [80760 2015-09-23] (McAfee, Inc.) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-01-27] () S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.) S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [223744 2014-11-25] (Huawei Technologies Co., Ltd.) R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [415976 2015-09-23] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351120 2015-09-23] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [82072 2015-09-23] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [497888 2015-09-23] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [841944 2015-09-23] (McAfee, Inc.) R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [537192 2015-10-06] (McAfee, Inc.) S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [109480 2015-10-06] (McAfee, Inc.) R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37960 2015-12-02] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [244544 2015-09-23] (McAfee, Inc.) R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation) R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-01-27 05:22 - 2016-01-27 05:23 - 00023366 _____ C:\Users\JULIA\Downloads\FRST.txt 2016-01-27 05:19 - 2016-01-27 05:23 - 00000000 ____D C:\FRST 2016-01-27 05:19 - 2016-01-27 05:19 - 00000228 _____ C:\Users\JULIA\Downloads\Search.txt 2016-01-27 05:14 - 2016-01-27 05:14 - 02370560 _____ (Farbar) C:\Users\JULIA\Downloads\FRST64.exe 2016-01-27 04:23 - 2016-01-27 04:23 - 00001093 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk 2016-01-27 04:23 - 2016-01-27 04:23 - 00000000 ____D C:\Users\JULIA\AppData\Local\VS Revo Group 2016-01-27 04:23 - 2016-01-27 04:23 - 00000000 ____D C:\ProgramData\VS Revo Group 2016-01-27 04:23 - 2016-01-27 04:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro 2016-01-27 04:23 - 2016-01-27 04:23 - 00000000 ____D C:\Program Files\VS Revo Group 2016-01-27 04:23 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys 2016-01-27 04:22 - 2016-01-27 04:22 - 11199448 _____ (VS Revo Group ) C:\Users\JULIA\Downloads\RevoUninProSetup.exe 2016-01-27 04:20 - 2016-01-27 04:20 - 00000000 ___RD C:\Users\JULIA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2016-01-27 04:06 - 2016-01-27 04:09 - 00000000 ____D C:\Users\JULIA\AppData\Roaming\Wise Uninstaller 2016-01-27 04:03 - 2016-01-27 04:03 - 02017644 _____ C:\Users\JULIA\Downloads\WPU.zip 2016-01-27 03:47 - 2016-01-27 03:47 - 00030720 ___SH C:\Users\JULIA\Downloads\Thumbs.db 2016-01-27 01:14 - 2016-01-27 04:18 - 00487424 ___SH C:\Users\JULIA\Desktop\Thumbs.db 2016-01-27 01:14 - 2016-01-27 01:14 - 00021388 _____ C:\Users\JULIA\Desktop\konsul honorowy.odt 2016-01-27 01:14 - 2016-01-27 01:14 - 00000088 ____H C:\Users\JULIA\Desktop\.~lock.konsul honorowy.odt# 2016-01-27 00:57 - 2016-01-27 01:12 - 00000000 ____D C:\AdwCleaner 2016-01-27 00:57 - 2016-01-27 00:57 - 00003454 _____ C:\WINDOWS\System32\Tasks\JULIACongenialityModulatorV2 2016-01-27 00:57 - 2016-01-27 00:57 - 00000000 ____D C:\Users\JULIA\AppData\Local\CongenialityModulator 2016-01-27 00:34 - 2016-01-27 00:34 - 00000000 _____ C:\autoexec.bat 2016-01-27 00:33 - 2016-01-27 00:33 - 00000000 ____D C:\Users\JULIA\AppData\Roaming\Enigma Software Group 2016-01-27 00:32 - 2016-01-27 00:32 - 00000000 ____D C:\sh4ldr 2016-01-27 00:31 - 2016-01-27 00:31 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys 2016-01-22 20:05 - 2016-01-27 03:36 - 00003976 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse 2016-01-22 20:05 - 2016-01-26 23:56 - 00004152 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse 2016-01-17 18:08 - 2016-01-17 18:08 - 00186370 ____T C:\Users\JULIA\Documents\wyyydarki.oxps 2016-01-17 18:05 - 2016-01-17 18:05 - 00217935 ____T C:\Users\JULIA\Desktop\pozew1.oxps 2016-01-17 18:03 - 2016-01-17 18:03 - 00251345 ____T C:\Users\JULIA\Desktop\pozew.oxps 2016-01-17 00:17 - 2016-01-17 21:42 - 00041979 _____ C:\Users\JULIA\Desktop\etyka zawodowa w sluzbach mundurowych.odt 2016-01-13 19:34 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll 2016-01-13 19:34 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL 2016-01-13 19:34 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL 2016-01-13 19:34 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL 2016-01-13 19:34 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll 2016-01-13 19:34 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL 2016-01-13 19:34 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL 2016-01-13 19:34 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL 2016-01-13 19:34 - 2015-10-22 17:21 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2016-01-13 19:34 - 2015-10-22 17:21 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll 2016-01-13 19:34 - 2015-10-22 16:58 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2016-01-13 19:34 - 2015-10-22 16:58 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll 2016-01-13 19:34 - 2015-10-22 15:08 - 00513456 _____ C:\WINDOWS\SysWOW64\locale.nls 2016-01-13 19:34 - 2015-10-22 15:08 - 00513456 _____ C:\WINDOWS\system32\locale.nls 2016-01-13 19:32 - 2015-12-10 01:40 - 00033456 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-01-13 19:32 - 2015-11-17 22:07 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-01-13 19:32 - 2015-11-17 22:07 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-01-13 19:32 - 2015-11-17 22:07 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-01-13 17:45 - 2015-12-11 05:38 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-01-13 17:45 - 2015-12-11 05:00 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-01-13 17:45 - 2015-12-11 04:45 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2016-01-13 17:45 - 2015-12-11 04:21 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-01-13 17:45 - 2015-12-11 04:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2016-01-13 17:45 - 2015-12-11 04:09 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2016-01-13 17:45 - 2015-12-11 04:09 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2016-01-13 17:45 - 2015-12-11 03:59 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-01-13 17:45 - 2015-12-11 03:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2016-01-13 17:45 - 2015-12-11 03:38 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-01-13 17:45 - 2015-12-11 03:37 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-01-13 17:45 - 2015-12-11 03:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-01-13 17:45 - 2015-12-11 03:07 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-01-13 17:44 - 2015-12-11 04:55 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-01-13 17:44 - 2015-12-11 04:50 - 20367360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-01-13 17:44 - 2015-12-11 04:03 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-01-13 17:44 - 2015-12-11 03:43 - 04610560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-01-13 17:44 - 2015-12-11 03:35 - 12856320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-01-13 17:44 - 2015-12-11 03:26 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-01-13 17:44 - 2015-12-11 03:12 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-01-13 17:44 - 2015-12-11 03:08 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-01-13 17:39 - 2015-12-02 16:04 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2016-01-13 17:39 - 2015-12-02 16:01 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2016-01-13 17:38 - 2015-12-30 20:32 - 07453016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-01-13 17:38 - 2015-12-30 20:32 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-01-13 17:38 - 2015-12-30 20:32 - 01499912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-01-13 17:38 - 2015-12-11 01:13 - 01164800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-01-13 17:38 - 2015-12-11 01:13 - 00705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-01-13 17:38 - 2015-12-11 01:13 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-01-13 17:38 - 2015-12-11 01:13 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2016-01-13 17:38 - 2015-12-07 11:56 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-01-13 17:38 - 2015-12-05 06:58 - 02745184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL 2016-01-13 17:38 - 2015-12-05 06:58 - 02528784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL 2016-01-13 17:38 - 2015-12-05 06:58 - 02450240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL 2016-01-13 17:38 - 2015-12-05 06:58 - 02447136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL 2016-01-13 17:38 - 2015-12-05 06:58 - 02334104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-01-13 17:38 - 2015-12-05 06:58 - 02324744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-01-13 17:38 - 2015-12-05 06:58 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll 2016-01-13 17:38 - 2015-12-05 06:58 - 01798480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll 2016-01-13 17:38 - 2015-12-05 06:58 - 01484888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll 2016-01-13 17:38 - 2015-12-05 06:58 - 01288128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2016-01-13 17:38 - 2015-12-05 06:58 - 01210200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL 2016-01-13 17:38 - 2015-12-05 06:58 - 01150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL 2016-01-13 17:38 - 2015-12-05 06:58 - 01115640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2016-01-13 17:38 - 2015-12-05 06:58 - 01037680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL 2016-01-13 17:38 - 2015-12-05 06:58 - 00914672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL 2016-01-13 17:38 - 2015-12-05 06:58 - 00850680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2016-01-13 17:38 - 2015-12-05 06:58 - 00735496 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2016-01-13 17:38 - 2015-12-05 06:58 - 00700360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2016-01-13 17:38 - 2015-12-05 06:58 - 00629600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL 2016-01-13 17:38 - 2015-12-05 06:58 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2016-01-13 17:38 - 2015-12-05 06:58 - 00557856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL 2016-01-13 17:38 - 2015-12-05 06:58 - 00498472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-01-13 17:38 - 2015-12-05 06:58 - 00492736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL 2016-01-13 17:38 - 2015-12-05 06:58 - 00463776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL 2016-01-13 17:38 - 2015-12-05 06:58 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-01-13 17:38 - 2015-12-05 06:58 - 00299080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL 2016-01-13 17:38 - 2015-12-05 06:58 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL 2016-01-13 17:38 - 2015-12-05 06:58 - 00274280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL 2016-01-13 17:38 - 2015-12-05 06:58 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL 2016-01-13 17:38 - 2015-12-05 06:58 - 00248432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL 2016-01-13 17:38 - 2015-12-05 06:58 - 00246856 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL 2016-01-13 17:38 - 2015-12-05 06:58 - 00244296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2016-01-13 17:38 - 2015-12-05 06:58 - 00229272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL 2016-01-13 17:38 - 2015-12-05 06:58 - 00203016 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL 2016-01-13 17:38 - 2015-12-05 06:58 - 00184912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL 2016-01-13 17:38 - 2015-12-05 06:58 - 00183856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL 2016-01-13 17:38 - 2015-12-05 06:58 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL 2016-01-13 17:38 - 2015-12-05 06:58 - 00110544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2016-01-13 17:38 - 2015-12-05 06:58 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL 2016-01-13 17:38 - 2015-12-05 06:58 - 00090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll 2016-01-13 17:38 - 2015-12-05 06:58 - 00090392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll 2016-01-13 17:38 - 2015-12-05 06:58 - 00081032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll 2016-01-13 17:38 - 2015-12-05 06:58 - 00076936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll 2016-01-13 17:38 - 2015-12-04 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2016-01-13 17:38 - 2015-12-03 20:42 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-01-13 17:38 - 2015-12-03 20:42 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2016-01-13 17:38 - 2015-12-03 20:42 - 00137968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll 2016-01-13 17:38 - 2015-12-03 20:42 - 00106960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2016-01-13 17:38 - 2015-12-03 20:41 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-01-13 17:38 - 2015-12-03 19:52 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2016-01-13 17:38 - 2015-12-03 19:52 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll 2016-01-13 17:38 - 2015-12-03 19:52 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2016-01-13 17:38 - 2015-12-03 19:28 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2016-01-13 17:38 - 2015-12-03 19:28 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2016-01-13 17:38 - 2015-12-03 19:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll 2016-01-13 17:38 - 2015-12-03 19:07 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax 2016-01-13 17:38 - 2015-12-03 19:05 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL 2016-01-13 17:38 - 2015-12-03 19:02 - 01664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL 2016-01-13 17:38 - 2015-12-03 19:00 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL 2016-01-13 17:38 - 2015-12-03 18:58 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll 2016-01-13 17:38 - 2015-12-03 18:51 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2016-01-13 17:38 - 2015-12-03 18:36 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2016-01-13 17:38 - 2015-12-03 18:30 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL 2016-01-13 17:38 - 2015-12-03 18:28 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll 2016-01-13 17:38 - 2015-12-03 18:28 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax 2016-01-13 17:38 - 2015-12-03 18:27 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL 2016-01-13 17:38 - 2015-12-03 18:24 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL 2016-01-13 17:38 - 2015-12-03 18:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL 2016-01-13 17:38 - 2015-12-03 18:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2016-01-13 17:38 - 2015-12-03 18:13 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-01-13 17:38 - 2015-12-03 18:07 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2016-01-13 17:38 - 2015-12-03 18:06 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2016-01-13 17:38 - 2015-12-03 18:01 - 00743936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL 2016-01-13 17:38 - 2015-12-03 17:45 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2016-01-13 17:38 - 2015-12-03 17:40 - 01010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL 2016-01-13 17:38 - 2015-12-03 17:29 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL 2016-01-12 22:57 - 2015-12-08 20:08 - 00685432 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2016-01-12 22:57 - 2015-12-08 20:07 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2016-01-07 22:24 - 2016-01-07 22:32 - 00316451 _____ C:\Users\JULIA\Desktop\prezentacja-tem.3.odt 2016-01-06 01:29 - 2016-01-06 01:33 - 00000000 ____D C:\Users\JULIA\Desktop\polityczna 2016-01-06 01:19 - 2016-01-06 01:19 - 00001932 _____ C:\Users\Public\Desktop\McAfee LiveSafe.lnk 2016-01-06 01:19 - 2016-01-06 01:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2016-01-06 01:18 - 2016-01-06 01:18 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee 2016-01-06 01:18 - 2016-01-06 01:18 - 00000000 ____D C:\Program Files (x86)\McAfee.com 2016-01-06 01:18 - 2015-05-19 13:59 - 00207208 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys 2016-01-06 01:17 - 2015-09-23 09:43 - 00497888 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfefirek.sys 2016-01-06 01:17 - 2015-09-23 09:43 - 00082072 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfeelamk.sys 2016-01-06 01:17 - 2015-09-23 09:43 - 00080760 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\cfwids.sys 2016-01-06 01:16 - 2016-01-06 01:18 - 00000000 ____D C:\Program Files\McAfee 2016-01-06 01:16 - 2016-01-06 01:16 - 00000000 ____D C:\Program Files\McAfee.com 2016-01-06 01:16 - 2015-09-23 09:43 - 00244544 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfewfpk.sys 2016-01-06 01:15 - 2016-01-07 21:59 - 00000000 ____D C:\Program Files (x86)\McAfee 2016-01-06 01:06 - 2015-09-23 09:43 - 00841944 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfehidk.sys 2016-01-06 01:06 - 2015-09-23 09:43 - 00415976 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfeaack.sys 2016-01-06 01:06 - 2015-09-23 09:43 - 00351120 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfeavfk.sys 2016-01-06 01:06 - 2015-09-21 13:33 - 00256840 _____ (McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe 2016-01-06 00:56 - 2016-01-22 20:05 - 00000000 ____D C:\ProgramData\McAfee 2016-01-06 00:56 - 2016-01-06 01:19 - 00000000 ____D C:\Program Files\Common Files\McAfee 2016-01-06 00:54 - 2016-01-06 00:56 - 00000000 ____D C:\Users\JULIA\Desktop\pobrane 2016-01-05 22:43 - 2016-01-05 23:25 - 00323352 _____ C:\Users\JULIA\Desktop\Ostapiuk_Niemcy.odt 2016-01-05 19:05 - 2016-01-05 19:05 - 00000000 ____D C:\Users\JULIA\AppData\Roaming\LibreOffice 2016-01-05 19:04 - 2016-01-05 19:04 - 00001450 _____ C:\Users\Public\Desktop\LibreOffice 5.0.lnk 2016-01-05 19:04 - 2016-01-05 19:04 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.0 2016-01-05 19:02 - 2016-01-05 19:04 - 00000000 ____D C:\Program Files\LibreOffice 5 ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-01-27 05:23 - 2014-12-29 22:38 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-01-27 05:19 - 2013-08-22 14:36 - 00000000 ____D C:\Windows 2016-01-27 05:06 - 2015-06-17 12:49 - 00001174 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-204455593-1543837664-2498303104-1001UA.job 2016-01-27 04:30 - 2014-10-20 13:16 - 00001068 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-27 04:29 - 2014-10-16 21:06 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-204455593-1543837664-2498303104-1001 2016-01-27 04:29 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf 2016-01-27 04:24 - 2014-09-24 16:08 - 01825074 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-01-27 04:24 - 2014-09-24 15:35 - 00807160 _____ C:\WINDOWS\system32\perfh015.dat 2016-01-27 04:24 - 2014-09-24 15:35 - 00163478 _____ C:\WINDOWS\system32\perfc015.dat 2016-01-27 04:20 - 2013-07-23 17:19 - 00000000 ____D C:\ProgramData\WinClon 2016-01-27 04:18 - 2015-04-29 00:06 - 00000000 ___RD C:\Users\JULIA\Dropbox 2016-01-27 04:18 - 2015-04-10 14:11 - 00000000 ____D C:\Users\JULIA\AppData\Roaming\Dropbox 2016-01-27 04:17 - 2014-10-20 13:16 - 00001064 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-27 04:17 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-01-27 04:06 - 2015-11-15 21:52 - 00000000 ____D C:\Users\JULIA\Desktop\Jerzy Holzer Demografia I rozdzial 2016-01-27 03:45 - 2014-12-19 21:11 - 00000000 ____D C:\Users\JULIA 2016-01-27 01:10 - 2015-07-26 22:20 - 00000992 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job 2016-01-27 01:10 - 2013-08-22 14:25 - 01048576 ___SH C:\WINDOWS\system32\config\BBI 2016-01-27 01:09 - 2014-10-20 13:17 - 00001312 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-01-27 01:09 - 2014-10-20 13:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2016-01-27 01:09 - 2014-10-16 21:09 - 00000994 _____ C:\Users\Public\Desktop\Opera.lnk 2016-01-27 00:56 - 2014-12-19 21:59 - 00000000 __SHD C:\Users\JULIA\AppData\Local\EmieUserList 2016-01-27 00:56 - 2014-12-19 21:59 - 00000000 __SHD C:\Users\JULIA\AppData\Local\EmieSiteList 2016-01-27 00:56 - 2014-12-19 21:59 - 00000000 __SHD C:\Users\JULIA\AppData\Local\EmieBrowserModeList 2016-01-27 00:06 - 2015-06-17 12:49 - 00001122 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-204455593-1543837664-2498303104-1001Core.job 2016-01-26 23:25 - 2014-12-19 21:59 - 00003972 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{13465D71-185B-4F74-93F2-C4B06069C8C7} 2016-01-25 00:24 - 2015-07-26 22:20 - 00003950 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2016-01-25 00:24 - 2014-12-29 22:38 - 00003818 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2016-01-22 20:05 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM 2016-01-22 19:58 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-01-22 19:58 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-01-21 19:51 - 2014-10-16 21:09 - 00003882 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1413490159 2016-01-21 19:51 - 2014-10-16 21:09 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2016-01-21 19:51 - 2014-10-16 21:09 - 00000000 ____D C:\Program Files (x86)\Opera 2016-01-19 00:02 - 2015-09-29 19:10 - 00000000 ____D C:\Users\JULIA\Desktop\bezpieczeńswo narodowe 2016-01-16 22:48 - 2013-07-23 17:22 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2016-01-16 22:45 - 2015-01-19 00:52 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2016-01-16 18:19 - 2013-08-22 15:44 - 00455656 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-01-16 18:11 - 2014-12-19 20:04 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-01-16 18:11 - 2014-09-24 17:37 - 00000000 ___SD C:\WINDOWS\system32\CompatTel 2016-01-16 17:57 - 2014-10-18 17:05 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-01-16 17:57 - 2014-10-18 17:05 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-01-13 19:35 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-01-13 18:40 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache 2016-01-13 15:50 - 2015-09-29 19:04 - 00000000 ____D C:\Users\JULIA\Desktop\PRAWO 2016-01-06 14:27 - 2014-10-16 21:55 - 00000000 ____D C:\Users\JULIA\AppData\Local\CrashDumps 2016-01-06 01:17 - 2012-07-26 09:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2016-01-06 01:15 - 2015-12-07 13:05 - 00000000 ____D C:\Program Files\Common Files\AV 2016-01-06 01:04 - 2015-04-19 13:10 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX 2016-01-06 01:04 - 2015-04-19 13:10 - 00000000 ___SD C:\WINDOWS\system32\GWX 2016-01-06 01:04 - 2014-11-15 14:48 - 00000000 ____D C:\ProgramData\AVAST Software 2016-01-06 01:02 - 2015-05-06 15:44 - 00108793 _____ C:\Users\JULIA\Desktop\notatka o czyms waznym.txt 2016-01-05 21:04 - 2014-09-24 17:40 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-01-05 21:04 - 2014-09-24 17:40 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl ==================== Pliki w katalogu głównym wybranych folderów ======= 2014-10-15 17:25 - 2014-12-19 21:41 - 0002469 _____ () C:\Users\JULIA\AppData\Roaming\AbsoluteReminder.xml 2013-07-23 17:27 - 2013-02-19 08:34 - 2064264 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe 2013-07-23 17:27 - 2013-01-12 15:51 - 0003004 _____ () C:\ProgramData\MakeMarkerFile.xml Niektóre pliki w TEMP: ==================== C:\Users\JULIA\AppData\Local\Temp\MailedAppointment.dll ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-01-16 23:03 ==================== Koniec FRST.txt ============================