Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:18-04-2016 Uruchomiony przez Ewelina (administrator) DELLINSPIRION (21-04-2016 20:53:01) Uruchomiony z C:\Users\Ewelina\Desktop Załadowane profile: Ewelina (Dostępne profile: DELL & Ewelina) Platform: Windows 8.1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Opera) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Amazon Inc.) C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe (Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe (Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe (Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Dell) C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe (Atheros Communications) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510232 2014-01-18] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-14] (Realtek Semiconductor) HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [285272 2013-12-31] (Waves Audio Ltd.) HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3777696 2014-01-16] (Dell Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-03] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2857128 2015-01-09] (Synaptics Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2016-04-05] (LogMeIn Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [133760 2014-01-08] (Atheros Communications) HKU\S-1-5-21-1053583817-2471753782-14959594-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd) HKU\S-1-5-21-1053583817-2471753782-14959594-1004\...\MountPoints2: F - "F:\setup.exe" ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Brak pliku ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Brak pliku ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Brak pliku ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation) ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation) CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\..\Interfaces\{3AE80F87-B139-4326-BB8E-BCB7775F2A52}: [DhcpNameServer] 10.62.22.2 10.62.22.3 Tcpip\..\Interfaces\{989FC26A-27AA-4C50-B637-9B99FAFEB915}: [DhcpNameServer] 208.66.222.222 62.233.233.233 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131025853762107109&GUID=7C736AC7-205D-4901-9346-B076B847800A HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131025853762111631&GUID=7C736AC7-205D-4901-9346-B076B847800A HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131025853766383210&GUID=7C736AC7-205D-4901-9346-B076B847800A HKU\S-1-5-21-1053583817-2471753782-14959594-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131025853764757480&GUID=7C736AC7-205D-4901-9346-B076B847800A HKU\S-1-5-21-1053583817-2471753782-14959594-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = hxxps://search.protectedio.com/search.php/?q={searchTerms}&u=24c66708a94aeb404746fc08608c6d1b&c=p1&src=srch&inst=1461240325 SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = hxxps://search.protectedio.com/search.php/?q={searchTerms}&u=24c66708a94aeb404746fc08608c6d1b&c=p1&src=srch&inst=1461240325 BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-04-15] (Oracle Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-15] (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-04-15] (Oracle Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-15] (Oracle Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Ewelina\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1 FF DefaultSearchEngine: Google FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-08] () FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-15] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-15] (Oracle Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-15] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-15] (Oracle Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [Brak pliku] FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [Brak pliku] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\psearch.xml [2016-04-21] FF Extension: Adblock Plus - C:\Users\Ewelina\AppData\Roaming\Mozilla\Firefox\Profiles\z0qz2h2l.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-28] FF Extension: Adblock Plus - C:\Users\Ewelina\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-05] FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\5B40800E9809BDF4D2DE0DF666FF75955B40 [2016-01-09] <==== UWAGA Chrome: ======= CHR Profile: C:\Users\Ewelina\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Prezentacje Google) - C:\Users\Ewelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-10] CHR Extension: (Dokumenty Google) - C:\Users\Ewelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-10] CHR Extension: (Dysk Google) - C:\Users\Ewelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-10] CHR Extension: (YouTube) - C:\Users\Ewelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-10] CHR Extension: (Arkusze Google) - C:\Users\Ewelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-10] CHR Extension: (Dokumenty Google offline) - C:\Users\Ewelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-05] CHR Extension: (Skype) - C:\Users\Ewelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-03-10] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Ewelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-17] CHR Extension: (Gmail) - C:\Users\Ewelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-10] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 Amazon 1Button App Service; C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [436032 2016-02-17] (Amazon Inc.) R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [318592 2014-01-08] (Windows (R) Win 7 DDK provider) [Brak podpisu cyfrowego] S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1362464 2016-03-22] () R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation) R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [137968 2015-09-22] (Dell Inc.) R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [119656 2016-01-15] (Dell) S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2573520 2015-05-22] (Dell Inc.) S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [293440 2014-04-01] (Aviata, Inc.) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-05-29] (EasyAntiCheat Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-03] (NVIDIA Corporation) R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2016-04-05] (LogMeIn, Inc.) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-03] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-03] (NVIDIA Corporation) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor) R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1921768 2014-07-02] (SoftThinks SAS) R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [21160 2015-09-30] (Dell Inc.) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) S2 AICY46; Brak ImagePath S2 chk32; Brak ImagePath ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3881472 2013-12-13] (Qualcomm Atheros Communications, Inc.) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2015-09-01] () R1 bsdriver; C:\Windows\system32\drivers\bsdriver.sys [34720 2016-03-14] () S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-01-08] (Qualcomm Atheros) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink) S3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-05-22] (Dell Computer Corporation) S3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation) R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.) S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-02-07] (Disc Soft Ltd) S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-02-07] (Disc Soft Ltd) S3 dtultrascsibus; C:\Windows\System32\drivers\dtultrascsibus.sys [30264 2016-04-04] (Disc Soft Ltd) S3 dtultrausbbus; C:\Windows\System32\drivers\dtultrausbbus.sys [47672 2016-04-04] (Disc Soft Ltd) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-04-05] (LogMeIn Inc.) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2015-09-01] () S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.) S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-03] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation) R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42664 2015-01-09] (Synaptics Incorporated) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S3 BEDaisy; \??\C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [X] U3 kxtyiuob; \??\C:\Users\Ewelina\AppData\Local\Temp\kxtyiuob.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-04-21 20:53 - 2016-04-21 20:53 - 00021223 _____ C:\Users\Ewelina\Desktop\FRST.txt 2016-04-21 14:27 - 2016-04-21 14:27 - 10990968 _____ C:\Users\DELL\Downloads\Monosem_NGplus_3.zip 2016-04-21 06:09 - 2016-04-21 06:09 - 00004858 _____ C:\Users\Ewelina\Documents\GMER.txt 2016-04-20 17:04 - 2016-04-20 17:04 - 00004454 _____ C:\Users\DELL\Downloads\MapAutosave_LS15.zip 2016-04-20 17:02 - 2016-04-20 17:02 - 02652639 _____ C:\Users\DELL\Downloads\Stihl_MS660.zip 2016-04-20 17:00 - 2016-04-20 17:00 - 04525272 _____ C:\Users\DELL\Downloads\HouseV1.zip 2016-04-20 16:23 - 2016-04-20 20:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-04-20 14:36 - 2016-04-20 14:36 - 00056115 _____ C:\Users\Ewelina\Downloads\Addition.txt 2016-04-20 14:34 - 2016-04-20 14:36 - 00043266 _____ C:\Users\Ewelina\Downloads\FRST.txt 2016-04-20 14:25 - 2016-04-21 20:53 - 00000000 ____D C:\FRST 2016-04-20 14:19 - 2016-04-20 14:19 - 00593952 _____ (Duplex Secure Ltd) C:\Users\Ewelina\Downloads\SPTDinst-v189-x64.exe 2016-04-20 14:07 - 2016-04-20 14:09 - 00380928 _____ C:\Users\Ewelina\Downloads\ny88re3k.exe 2016-04-20 14:05 - 2016-04-20 14:06 - 02375680 _____ (Farbar) C:\Users\Ewelina\Desktop\FRST64.exe 2016-04-20 11:40 - 2016-04-20 11:40 - 03683904 _____ C:\Users\Ewelina\Desktop\adwcleaner_5.112.exe 2016-04-20 11:06 - 2016-04-20 11:06 - 00372808 _____ C:\Windows\system32\FNTCACHE.DAT 2016-04-20 09:39 - 2016-04-20 09:39 - 03683904 _____ C:\Users\DELL\Desktop\adwcleaner_5.112.exe 2016-04-19 17:57 - 2016-04-19 17:58 - 10292921 _____ C:\Users\DELL\Downloads\FlieglUniversal.zip 2016-04-19 17:49 - 2016-04-19 17:49 - 00002030 _____ C:\Users\DELL\Desktop\Crystal Launcher.lnk 2016-04-19 09:04 - 2016-04-19 09:04 - 00000000 ___RD C:\Users\Ewelina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2016-04-18 18:34 - 2016-04-18 18:34 - 01067685 _____ C:\Users\DELL\Downloads\Mody_do_Mapy.rar 2016-04-18 18:02 - 2016-04-18 18:29 - 712557855 _____ C:\Users\DELL\Downloads\Bolusowo_v7_MafiaSolec.zip 2016-04-17 14:17 - 2016-04-17 14:17 - 00000000 ____D C:\Users\DELL\AppData\Roaming\Icons 2016-04-16 18:31 - 2016-04-16 18:31 - 377975612 _____ C:\Users\DELL\Downloads\SlmRnchrv030b-mpcg.zip 2016-04-15 13:59 - 2016-04-15 13:59 - 00000000 ____D C:\Program Files (x86)\Amazon 2016-04-15 13:43 - 2016-04-15 13:42 - 00110144 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll 2016-04-15 13:08 - 2016-04-15 13:08 - 00000000 ____D C:\Users\DELL\AppData\LocalLow\Oracle 2016-04-14 16:23 - 2016-04-15 13:02 - 00000000 ____D C:\Users\DELL\Downloads\LEGO.Batman.3.Beyond.Gotham.Proper-RELOADED 2016-04-14 15:15 - 2016-04-20 13:40 - 00001053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2016-04-12 23:01 - 2016-04-12 23:02 - 00349672 _____ C:\Users\DELL\Downloads\map_preview.dds 2016-04-12 23:01 - 2016-04-12 23:02 - 00349672 _____ C:\Users\DELL\Downloads\map_icon.dds 2016-04-12 18:03 - 2016-04-12 18:03 - 00003308 _____ C:\Windows\System32\Tasks\Mighty Installer Logon 2016-04-10 22:53 - 2016-04-14 16:29 - 00699192 _____ C:\Users\DELL\Downloads\pda_map.dds 2016-04-10 22:53 - 2016-04-14 15:23 - 00008158 _____ C:\Users\DELL\Downloads\modDesc.xml 2016-04-10 22:53 - 2016-04-10 22:53 - 00000000 ____D C:\Users\DELL\Downloads\vehicles 2016-04-10 22:52 - 2016-04-20 10:57 - 00000000 ____D C:\Users\DELL\Downloads\fruitHuds 2016-04-10 22:52 - 2016-04-14 16:08 - 00000000 ____D C:\Users\DELL\Downloads\map 2016-04-10 22:52 - 2016-04-12 20:21 - 00262272 _____ C:\Users\DELL\Downloads\Bolusiowo-img_briefing3.dds 2016-04-10 22:52 - 2016-04-12 20:20 - 00262272 _____ C:\Users\DELL\Downloads\Bolusiowo-img_briefing2.dds 2016-04-10 22:52 - 2016-04-12 20:20 - 00262272 _____ C:\Users\DELL\Downloads\Bolusiowo-img_briefing1.dds 2016-04-10 22:52 - 2016-04-10 22:52 - 00000000 ____D C:\Users\DELL\Downloads\DoorTrigger 2016-04-10 22:52 - 2016-04-08 07:09 - 00005232 _____ C:\Users\DELL\Downloads\Bolusiowo.lua 2016-04-10 22:52 - 2014-11-23 11:37 - 00000095 _____ C:\Users\DELL\Downloads\defaultVehicles.xml 2016-04-10 22:52 - 2014-09-30 20:40 - 00001939 _____ C:\Users\DELL\Downloads\Bolusiowo.xml 2016-04-10 19:34 - 2016-04-10 19:34 - 00000000 ____D C:\Users\DELL\AppData\LocalLow\Smartly Dressed Games 2016-04-10 14:25 - 2016-04-10 14:26 - 873261652 _____ C:\Users\DELL\Downloads\The Forest v0.36b.rar 2016-04-09 11:07 - 2016-04-09 11:08 - 935612978 _____ C:\Users\DELL\Downloads\Dead.Realm.zip 2016-04-09 10:38 - 2016-04-09 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2016-04-09 10:38 - 2016-04-09 10:38 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2016-04-08 14:43 - 2016-04-16 22:55 - 00000992 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job 2016-04-08 14:43 - 2016-04-08 14:43 - 00003970 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2016-04-07 13:58 - 2016-04-08 06:33 - 00000000 ____D C:\Users\TEMP 2016-04-05 16:14 - 2016-04-05 16:14 - 00045680 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys 2016-04-05 10:32 - 2016-04-05 10:32 - 00000000 ____D C:\Users\DELL\AppData\LocalLow\CampoSanto 2016-04-05 09:05 - 2016-04-20 20:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-04-05 09:05 - 2016-04-20 13:40 - 00001161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-04-05 09:05 - 2016-04-20 13:40 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-04-04 21:18 - 2016-04-04 21:27 - 00000000 ____D C:\Users\DELL\Downloads\Firewatch-CODEX 2016-04-04 21:16 - 2016-04-04 22:10 - 00000000 ____D C:\Users\DELL\AppData\Roaming\DAEMON Tools Ultra 2016-04-04 21:16 - 2016-04-04 21:16 - 00047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtultrausbbus.sys 2016-04-04 21:16 - 2016-04-04 21:16 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtultrascsibus.sys 2016-04-04 21:16 - 2016-04-04 21:16 - 00010780 _____ C:\Users\DELL\Downloads\Firewatch-CODEX.torrent 2016-04-04 21:16 - 2016-04-04 21:16 - 00000000 ____D C:\ProgramData\DAEMON Tools Ultra 2016-04-04 21:12 - 2016-04-04 21:12 - 00672288 _____ (Disc Soft Ltd.) C:\Users\DELL\Downloads\DTUltraInstaller1.1.exe 2016-03-31 14:16 - 2016-04-20 10:01 - 00003290 _____ C:\Windows\System32\Tasks\InternetSoft Computer Service 2016-03-29 10:47 - 2016-03-29 10:48 - 894109768 _____ C:\Users\DELL\Downloads\The Forest 0.35b.rar 2016-03-28 22:15 - 2016-03-28 22:15 - 00000000 ____D C:\Users\DELL\AppData\Local\Targem 2016-03-28 19:55 - 2016-03-28 19:55 - 00795973 _____ C:\Users\DELL\Downloads\_Cube-Escape-Map.zip 2016-03-28 17:55 - 2016-04-20 20:40 - 00000000 ____D C:\Program Files (x86)\Star Conflict 2016-03-28 16:27 - 2014-10-04 20:29 - 00000000 ____D C:\Users\DELL\Desktop\Parkour 1 2016-03-28 16:23 - 2016-03-28 16:23 - 00581195 _____ C:\Users\DELL\Desktop\Parkour 1.rar 2016-03-28 09:58 - 2016-03-28 09:58 - 00000000 ____D C:\Users\DELL\AppData\LocalLow\VIS Games 2016-03-28 09:42 - 2016-03-28 09:42 - 04425176 _____ ( ) C:\Users\DELL\Downloads\starconf_launcher_1.0.1.62.exe 2016-03-28 09:37 - 2016-03-28 09:39 - 48043360 _____ C:\Users\DELL\Downloads\C4D_12.zip 2016-03-28 09:22 - 2016-03-28 09:22 - 03882449 _____ C:\Users\DELL\Downloads\Sv_intro10_by_Velosofy.zip 2016-03-27 22:08 - 2016-04-20 20:33 - 00000000 ____D C:\Users\DELL\AppData\Roaming\Splitscreen Studios 2016-03-27 22:08 - 2016-03-27 22:08 - 27941776 _____ (Splitscreen Studios GmbH) C:\Users\DELL\Downloads\GameLauncher_Setup.exe 2016-03-27 21:12 - 2016-03-27 21:12 - 91626023 _____ C:\Users\DELL\Downloads\[WWW.MPC-G.COM]WhsYrDddV099.zip 2016-03-26 17:27 - 2016-03-26 17:27 - 00000000 ____D C:\Users\DELL\AppData\Local\BattlEye 2016-03-26 11:19 - 2016-03-26 11:19 - 00004038 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask 2016-03-26 11:19 - 2016-03-26 11:19 - 00003484 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask 2016-03-26 11:19 - 2016-03-26 11:19 - 00003346 _____ C:\Windows\System32\Tasks\PCDDataUploadTask 2016-03-26 11:18 - 2016-03-26 11:18 - 00003226 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest 2016-03-26 11:18 - 2016-03-26 11:18 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows 2016-03-26 11:18 - 2016-03-26 11:18 - 00000000 ____D C:\Program Files\Dell Support Center 2016-03-26 11:03 - 2016-03-26 11:05 - 00000000 ____D C:\Users\DELL\AppData\Roaming\.csrvlauncher 2016-03-26 11:03 - 2016-03-26 11:03 - 00000000 ____D C:\Users\DELL\AppData\Roaming\G.b 2016-03-26 10:51 - 2016-03-26 12:01 - 2042626048 _____ C:\Users\DELL\Downloads\-Oceanofgames.com-Professional_Farmer_2017.iso 2016-03-24 23:03 - 2016-03-24 23:03 - 00000000 ____D C:\Program Files (x86)\InternetSoft Computer 2016-03-22 19:06 - 2016-03-22 19:30 - 280683058 _____ C:\Users\DELL\Downloads\PGR_beta.zip 2016-03-22 19:06 - 2016-03-22 19:06 - 00092040 _____ C:\Users\DELL\Downloads\AnimationMapTrigger.zip 2016-03-22 19:06 - 2016-03-22 19:06 - 00092040 _____ C:\Users\DELL\Downloads\AnimationMapTrigger (1).zip ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-04-21 20:49 - 2016-03-07 22:37 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-04-21 20:49 - 2015-07-30 01:40 - 00001034 _____ C:\Windows\Tasks\Z44gsFpAErqtP7i364Q.job 2016-04-21 20:49 - 2015-07-30 01:40 - 00001026 _____ C:\Windows\Tasks\TrJTf5Qb7B6SltM.job 2016-04-21 20:49 - 2015-07-30 01:07 - 00001014 _____ C:\Windows\Tasks\Hg0W2csNe.job 2016-04-21 20:49 - 2015-07-30 01:07 - 00001010 _____ C:\Windows\Tasks\Hg0W2cs.job 2016-04-21 20:49 - 2015-07-21 12:44 - 00001048 _____ C:\Windows\Tasks\Rtjkj4SMEMC5UR2rPuFQZ7srQP.job 2016-04-21 20:49 - 2015-07-21 12:44 - 00001042 _____ C:\Windows\Tasks\ExEoJFeh00jFCxJIlD9FbOC.job 2016-04-21 20:43 - 2015-06-27 10:41 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-04-21 20:42 - 2016-03-07 22:37 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-04-21 20:39 - 2016-02-06 09:53 - 00000000 ____D C:\Users\DELL\Desktop\gry 2016-04-21 20:29 - 2015-07-19 21:47 - 00804352 ___SH C:\Users\DELL\Downloads\Thumbs.db 2016-04-21 20:27 - 2014-03-18 11:52 - 01825074 _____ C:\Windows\system32\PerfStringBackup.INI 2016-04-21 20:27 - 2014-03-18 11:25 - 00807160 _____ C:\Windows\system32\perfh015.dat 2016-04-21 20:27 - 2014-03-18 11:25 - 00163478 _____ C:\Windows\system32\perfc015.dat 2016-04-21 20:27 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf 2016-04-21 20:25 - 2015-07-08 14:57 - 00000000 ____D C:\Users\DELL\AppData\Roaming\Skype 2016-04-21 14:25 - 2015-07-21 14:13 - 00000000 ____D C:\Users\DELL\AppData\Local\CrashDumps 2016-04-21 14:05 - 2014-10-31 13:27 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery 2016-04-21 13:59 - 2015-06-19 18:00 - 00000000 __RDO C:\Users\DELL\OneDrive 2016-04-21 08:01 - 2016-01-25 21:56 - 00000000 ____D C:\Program Files (x86)\Steam 2016-04-21 07:51 - 2015-06-19 09:08 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1053583817-2471753782-14959594-1001 2016-04-20 21:36 - 2015-06-20 22:38 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1053583817-2471753782-14959594-1004 2016-04-20 21:18 - 2016-01-10 21:48 - 00002804 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2016-04-20 21:18 - 2015-11-06 20:35 - 00000000 ____D C:\AdwCleaner 2016-04-20 20:42 - 2015-06-20 08:20 - 00000000 ____D C:\Games 2016-04-20 20:41 - 2015-07-12 16:32 - 00000000 ____D C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2016-04-20 20:41 - 2015-06-19 09:02 - 00000000 ____D C:\Users\DELL\AppData\Local\Packages 2016-04-20 20:41 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-04-20 20:41 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness 2016-04-20 20:30 - 2015-08-31 14:18 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics 2016-04-20 20:21 - 2015-07-21 20:09 - 00000000 ____D C:\Users\DELL\AppData\Local\LogMeIn Hamachi 2016-04-20 20:20 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-04-20 13:42 - 2015-06-28 18:39 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-04-20 13:40 - 2016-02-28 20:12 - 00001880 _____ C:\Users\Ewelina\Desktop\Scrap Mechanic v0.1.16.lnk 2016-04-20 13:40 - 2016-02-18 18:53 - 00001767 _____ C:\Users\Ewelina\Desktop\Stranded Deep.lnk 2016-04-20 13:40 - 2016-02-10 11:53 - 00001110 _____ C:\Users\Public\Desktop\DRUKI Gofin.lnk 2016-04-20 13:40 - 2016-01-25 21:56 - 00000971 _____ C:\Users\Public\Desktop\Steam.lnk 2016-04-20 13:40 - 2016-01-15 18:03 - 00001019 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2016-04-20 13:40 - 2016-01-10 21:48 - 00000874 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-04-20 13:40 - 2015-11-25 00:22 - 00000080 _____ C:\Users\Ewelina\Desktop\uTorrent.lnk 2016-04-20 13:40 - 2015-11-24 21:26 - 00000549 _____ C:\Users\Ewelina\Desktop\Biuro Rachunkowe Rzeczpospolitej.lnk 2016-04-20 13:40 - 2015-11-24 21:25 - 00000532 _____ C:\Users\Ewelina\Desktop\Mała Księgowość Rzeczpospolitej.lnk 2016-04-20 13:40 - 2015-07-08 14:57 - 00002709 _____ C:\Users\Public\Desktop\Skype.lnk 2016-04-20 13:40 - 2015-06-28 18:38 - 00001110 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-04-20 13:40 - 2015-06-20 22:32 - 00001053 _____ C:\Users\Ewelina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-04-20 13:40 - 2015-06-20 22:25 - 00000469 _____ C:\Users\Ewelina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2016-04-20 13:40 - 2015-06-20 22:25 - 00000467 _____ C:\Users\Ewelina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2016-04-20 13:40 - 2015-06-19 15:16 - 00001152 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk 2016-04-20 13:40 - 2014-10-31 13:22 - 00000708 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) HD Graphics Control Panel.lnk 2016-04-20 12:06 - 2015-06-20 22:34 - 00000000 ____D C:\Users\Ewelina\AppData\Local\LogMeIn Hamachi 2016-04-20 11:31 - 2015-06-20 22:35 - 00004012 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{46509D62-EF7D-454E-B718-B3F23DF65C3F} 2016-04-20 11:01 - 2016-01-15 18:03 - 00000000 ____D C:\Users\DELL\AppData\Roaming\TS3Client 2016-04-20 11:01 - 2015-07-26 14:48 - 00000000 ____D C:\Users\DELL\AppData\Roaming\uTorrent 2016-04-20 11:01 - 2015-07-22 23:52 - 00000000 ____D C:\Users\DELL\AppData\Roaming\PhotoScape 2016-04-20 10:01 - 2015-06-20 08:27 - 00000000 ____D C:\Users\DELL\AppData\Local\Google 2016-04-20 10:01 - 2015-06-20 08:27 - 00000000 ____D C:\Program Files (x86)\Google 2016-04-20 10:00 - 2015-08-16 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis 2016-04-20 10:00 - 2015-08-16 14:05 - 00000000 ____D C:\Program Files (x86)\Mirillis 2016-04-20 09:55 - 2015-06-28 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-04-20 09:55 - 2015-06-28 18:38 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-04-20 09:41 - 2015-06-19 09:02 - 00000000 ____D C:\Users\DELL 2016-04-19 17:49 - 2015-08-09 19:08 - 00000000 ____D C:\Users\DELL\AppData\Roaming\Crystal-Launcher 2016-04-19 16:50 - 2015-06-20 22:25 - 00000000 ____D C:\Users\Ewelina 2016-04-16 15:16 - 2015-06-20 08:24 - 00000000 ____D C:\Program Files (x86)\Opera 2016-04-16 10:20 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF 2016-04-16 09:09 - 2015-07-21 20:14 - 00000000 ____D C:\Users\DELL\AppData\Local\Mozilla 2016-04-16 09:09 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\registration 2016-04-15 16:24 - 2016-02-07 12:42 - 00000000 ____D C:\Users\DELL\AppData\LocalLow\uTorrent 2016-04-15 14:43 - 2015-07-17 19:34 - 00000000 ____D C:\ProgramData\Oracle 2016-04-15 13:43 - 2015-07-17 19:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-04-15 13:43 - 2015-07-17 19:34 - 00000000 ____D C:\Program Files (x86)\Java 2016-04-15 13:42 - 2016-01-11 14:58 - 00000000 ____D C:\Users\DELL\.oracle_jre_usage 2016-04-15 13:42 - 2015-08-09 19:12 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2016-04-15 13:42 - 2015-08-09 19:12 - 00000000 ____D C:\Program Files\Java 2016-04-15 13:41 - 2016-01-25 11:05 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2016-04-15 07:57 - 2015-07-15 00:53 - 02717696 ___SH C:\Users\DELL\Desktop\Thumbs.db 2016-04-14 15:16 - 2015-06-20 08:26 - 00003898 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1434781547 2016-04-12 18:03 - 2015-08-11 23:25 - 00003646 _____ C:\Windows\System32\Tasks\Mighty Installer 2016-04-09 10:35 - 2013-08-22 15:25 - 00786432 ___SH C:\Windows\system32\config\BBI 2016-04-08 14:43 - 2015-06-27 10:41 - 00003818 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-04-07 14:58 - 2015-12-20 08:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2016-04-07 14:58 - 2015-07-08 14:57 - 00000000 ____D C:\ProgramData\Skype 2016-04-05 11:05 - 2016-01-15 18:02 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2016-04-02 18:35 - 2015-08-27 12:41 - 00000000 ____D C:\Users\DELL\AppData\Roaming\.minecraftzyczu 2016-04-02 18:34 - 2015-07-17 19:37 - 00000000 ____D C:\Users\DELL\AppData\Roaming\.minecraft 2016-04-01 15:37 - 2015-07-13 00:31 - 00061440 ___SH C:\Users\Ewelina\Desktop\Thumbs.db 2016-03-28 22:15 - 2015-06-19 19:11 - 00000000 ____D C:\Users\DELL\Documents\My Games 2016-03-28 09:06 - 2015-07-08 14:57 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-03-26 11:18 - 2014-10-31 13:23 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell 2016-03-26 11:17 - 2014-10-31 13:23 - 00000000 ____D C:\ProgramData\PCDr 2016-03-24 10:07 - 2016-03-19 10:54 - 00000000 ____D C:\Users\DELL\Desktop\Nowy folder 2016-03-23 13:12 - 2015-12-05 16:01 - 00000000 ____D C:\Users\DELL\AppData\Local\wf-launcher 2016-03-23 12:49 - 2015-12-05 16:01 - 00000000 ____D C:\ProgramData\GFACE 2016-03-22 19:31 - 2015-07-21 20:07 - 00000000 ____D C:\Users\DELL\AppData\Local\VirtualStore ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-11-25 09:19 - 2015-11-25 09:19 - 3029494 _____ () C:\Program Files\Common Files\1qkjgl2s.exe 2016-02-26 13:55 - 2016-02-26 13:55 - 3340327 _____ () C:\Program Files\Common Files\gkl1e10b.exe 2015-12-23 13:51 - 2015-12-23 13:51 - 2396508 _____ () C:\Program Files\Common Files\mdmrldhg.exe 2016-01-21 11:59 - 2016-01-21 11:59 - 3696711 _____ () C:\Program Files\Common Files\rcgmfl0q.exe 2016-02-26 22:06 - 2016-02-26 22:06 - 0005120 _____ () C:\Users\Ewelina\AppData\Roaming\GiftBag.db 2014-10-31 12:55 - 2014-10-31 12:55 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2016-03-14 21:01 - 2016-03-14 21:28 - 0002927 _____ () C:\ProgramData\webad.xml 2014-10-31 13:15 - 2014-10-31 13:15 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log 2014-10-31 13:12 - 2014-10-31 13:13 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log 2014-10-31 13:13 - 2014-10-31 13:14 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log 2014-10-31 13:14 - 2014-10-31 13:15 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log 2014-10-31 13:11 - 2014-10-31 13:12 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-04-21 08:55 ==================== Koniec FRST.txt ============================