Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 01-03-2017 Uruchomiony przez Eliza (administrator) DELLIZA (02-03-2017 17:00:50) Uruchomiony z C:\Users\Eliza\Downloads Załadowane profile: UpdatusUser & Eliza (Dostępne profile: UpdatusUser & Eliza) Platform: Windows 8.1 Pro (Update) (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (ABBYY Production LLC) C:\Program Files (x86)\ABBYY PDF Transformer+\NetworkLicenseServer.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe (Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe (Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (Intel Corporation) C:\Windows\Temp\irstrtsv\scrncap.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Spotify Ltd) C:\Users\Eliza\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Dell) C:\Users\Eliza\AppData\Local\Apps\2.0\333B815C.9H5\4MTL9KQA.HWB\dell..tion_831211ca63b981c5_0008.0003_e23fe183534fdbc1\DellSystemDetect.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe (Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe (Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe (Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe (Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe (Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe (SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe (Microsoft Corporation) C:\Windows\regedit.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-09-11] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-09-11] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-09-11] (Realtek Semiconductor) HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-28] (NVIDIA Corporation) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5773640 2013-08-22] (Dell Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-07-08] (ESET) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-10-28] (Intel Corporation) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-04-22] (Apple Inc.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [1734144 2013-05-29] (iSkySoft) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2384984 2016-12-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1417911127-3688308230-4202644773-1002\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1417911127-3688308230-4202644773-1002\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [3000704 2014-01-29] (ALLPlayer Group Ltd.) HKU\S-1-5-21-1417911127-3688308230-4202644773-1002\...\Run: [Facebook Update] => C:\Users\Eliza\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-04-09] (Facebook Inc.) HKU\S-1-5-21-1417911127-3688308230-4202644773-1002\...\Run: [Spotify Web Helper] => C:\Users\Eliza\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2016-12-13] (Spotify Ltd) HKU\S-1-5-21-1417911127-3688308230-4202644773-1002\...\Run: [GoogleChromeAutoLaunch_AFF635379450E8A09C6AA3E4F840658C] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [945496 2017-02-01] (Google Inc.) HKU\S-1-5-21-1417911127-3688308230-4202644773-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe HKU\S-1-5-21-1417911127-3688308230-4202644773-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe HKU\S-1-5-21-1417911127-3688308230-4202644773-1002\...\Run: [Adobe Acrobat Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" HKU\S-1-5-21-1417911127-3688308230-4202644773-1002\...\Run: [Efption] => regsvr32.exe C:\Users\Eliza\AppData\Local\Efption\tvkdiwdn.dll <===== UWAGA HKU\S-1-5-21-1417911127-3688308230-4202644773-1002\...\Run: [DellSystemDetect] => C:\Users\Eliza\AppData\Local\Apps\2.0\333B815C.9H5\4MTL9KQA.HWB\dell..tion_831211ca63b981c5_0008.0003_e23fe183534fdbc1\DellSystemDetect.exe [311216 2017-02-26] (Dell) HKU\S-1-5-21-1417911127-3688308230-4202644773-1002\...\Policies\Explorer: [] HKU\S-1-5-18\...\RunOnce: [iCloud] => "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe" HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Eliza\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-03-01] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Eliza\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-03-01] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Eliza\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-03-01] (Microsoft Corporation) ShellIconOverlayIdentifiers: [0TheftProtectionDll] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => C:\ProgramData\Microsoft\Performance\TheftProtection\TheftProtection.dll [2017-03-01] () ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation) ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Eliza\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-03-01] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Eliza\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-03-01] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Eliza\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-03-01] (Microsoft Corporation) Startup: C:\Users\Eliza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Illustrator CC 2014 Crack And Serial Number Latest N Full Version Free Download.lnk [2015-03-11] ShortcutTarget: Adobe Illustrator CC 2014 Crack And Serial Number Latest N Full Version Free Download.lnk -> C:\ProgramData\{c3c944f7-9008-8efc-c3c9-944f790013de}\Adobe Illustrator CC 2014 Crack And Serial Number Latest N Full Version Free Download.exe (Brak pliku) Startup: C:\Users\Eliza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk [2015-05-12] ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 212.166.64.1 8.8.8.8 Tcpip\..\Interfaces\{46615897-41DD-40C9-8D47-A09FDBF4E567}: [DhcpNameServer] 212.166.64.1 8.8.8.8 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=130921019579939103&GUID=6F5F01F1-2D15-4673-84BF-D853761C62F3 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-1417911127-3688308230-4202644773-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=130921019579952083&GUID=6F5F01F1-2D15-4673-84BF-D853761C62F3 URLSearchHook: [S-1-5-21-1417911127-3688308230-4202644773-1001] UWAGA => Brak domyślnego URLSearchHook SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1 SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1 SearchScopes: HKU\S-1-5-21-1417911127-3688308230-4202644773-1002 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.swellsearch.info/?l=1&q={searchTerms}&pid=22873&r=2015/03/11&hid=12861945587957269436&lg=EN&cc=PL&unqvl=84 SearchScopes: HKU\S-1-5-21-1417911127-3688308230-4202644773-1002 -> {szukaj.gazeta.pl} URL = hxxp://szukaj.gazeta.pl/internet/0,0.html?slowo={searchTerms} BHO: Torntv V9.0 -> {11111111-1111-1111-1111-110511131190} -> C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho64.dll => Brak pliku BHO: Internet Speed Checker -> {11111111-1111-1111-1111-110611171152} -> C:\Program Files (x86)\Internet Speed Checker\Internet Speed Checker-bho64.dll => Brak pliku BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation) BHO-x32: Internet Speed Checker -> {11111111-1111-1111-1111-110611171152} -> C:\Program Files (x86)\Internet Speed Checker\Internet Speed Checker-bho.dll => Brak pliku BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-20] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-20] (Oracle Corporation) Toolbar: HKU\S-1-5-21-1417911127-3688308230-4202644773-1002 -> Brak nazwy - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Brak pliku Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.sweet-page.com/?type=sc&ts=1413973460&from=cor&uid=3219913727_198339_7C595B3A FireFox: ======== FF DefaultProfile: rncrh9mq.default FF ProfilePath: C:\Users\Eliza\AppData\Roaming\Mozilla\Firefox\Profiles\rncrh9mq.default [2016-06-09] FF Extension: (Network and Sharing Center) - C:\Users\Eliza\AppData\Roaming\Mozilla\Firefox\Profiles\rncrh9mq.default\Extensions\{9093C749-5D5C-730F-D68D-D85ED79A9F91} [2017-03-01] [Brak podpisu cyfrowego] FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-12-09] (Adobe Systems) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-06-03] (DivX, LLC) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-12] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-12] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-20] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-20] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-09-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [Brak pliku] FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [Brak pliku] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-12-09] (Adobe Systems) FF Plugin HKU\S-1-5-21-1417911127-3688308230-4202644773-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Eliza\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://distense.com/wp-admin/post-new.php CHR StartupUrls: Default -> "hxxp://greatday.com/" CHR Profile: C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default [2017-03-02] CHR Extension: (Google Apresentações) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-24] CHR Extension: (Google Docs) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA CHR Extension: (Google Drive) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-04] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA CHR Extension: (YouTube) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Google Search) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-15] CHR Extension: (Adobe Acrobat) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-27] CHR Extension: (Planilhas do Google) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-24] CHR Extension: (Documentos Google off-line) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16] CHR Extension: (AdBlock) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-03-11] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA CHR Extension: (The Missing JSON Inspector) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhffklcokfpbcajebmnpijpkaeadlgfn [2015-03-11] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA CHR Extension: (the little memory) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\honmnihjmiioifehpiepkldneddleedn [2017-02-20] CHR Extension: (PowerPoint Online) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdafamggmaaaginooondinjgkgcbpnhp [2014-05-21] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA CHR Extension: (Sticky Notes) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbjdhgkkhefpifbifjiflpaajchdkhpg [2017-02-20] CHR Extension: (Google Wallet) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-11] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA CHR Extension: (Gmail) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-01] CHR Extension: (Chrome Media Router) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07] CHR HKU\S-1-5-21-1417911127-3688308230-4202644773-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx Opera: ======= OPR StartupUrls: "hxxp://www.gazeta.pl/0,0.html?p=156" ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 ABBYY.Licensing.PDFTransformer.Classic.4.0; C:\Program Files (x86)\ABBYY PDF Transformer+\NetworkLicenseServer.exe [822072 2013-11-22] (ABBYY Production LLC) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [753240 2016-12-09] (Adobe Systems Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated) S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [Brak podpisu cyfrowego] R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2017-01-17] (Microsoft Corporation) R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc.) R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-06-23] (Dell Inc.) R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-06-23] (Dell Inc.) R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1353720 2015-07-08] (ESET) R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1392792 2015-10-30] (Intel Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-10-28] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [155448 2013-09-05] (Intel Corporation) R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [783264 2013-09-09] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-12] (Intel Corporation) R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [67752 2012-10-25] (Robert McNeel & Associates) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-08-23] () R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2012-01-31] (Nalpeiron Ltd.) [Brak podpisu cyfrowego] R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-09-11] (Realtek Semiconductor) R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915408 2013-10-17] (SoftThinks SAS) R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2016-09-09] (Dell Inc.) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Brak podpisu cyfrowego] R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2016-08-26] (Popcorn Time) [Brak podpisu cyfrowego] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3667696 2013-08-23] (Intel® Corporation) S2 a9cff455; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\ReactorExtender\ReactorExtender.dll",serv S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X] ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.) R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1386296 2013-08-19] (Motorola Solutions, Inc.) R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation) R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation) R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [55784 2015-10-30] (Intel Corporation) R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [52200 2015-10-30] (Intel Corporation) R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [50664 2015-10-30] (Intel Corporation) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET) R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-14] (ESET) R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET) R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [168208 2015-07-14] (ESET) R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [260072 2015-10-30] (Intel Corporation) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [117192 2013-08-29] (Intel Corporation) R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [20192 2013-09-09] (Intel Corporation) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-09-12] (Intel Corporation) R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [777944 2016-03-21] (Realsil Semiconductor Corporation) R3 SensorsAlsDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-09-06] (Synaptics Incorporated) R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [34544 2013-09-06] (Synaptics Incorporated) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) R3 ST_ACCEL; C:\Windows\system32\DRIVERS\ST_Accel.sys [83456 2013-08-06] (STMicroelectronics) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) R3 WUDFWpdComp; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) S3 DptfDevDram; \SystemRoot\system32\DRIVERS\DptfDevDram.sys [X] S3 DptfDevGen; \SystemRoot\system32\DRIVERS\DptfDevGen.sys [X] S3 DptfDevPch; \SystemRoot\system32\DRIVERS\DptfDevPch.sys [X] S3 DptfDevProc; \SystemRoot\system32\DRIVERS\DptfDevProc.sys [X] S3 DptfManager; \SystemRoot\system32\DRIVERS\DptfManager.sys [X] S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S2 npf; \??\C:\Windows\system32\drivers\npf.sys [X] S3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X] S1 {dc592624-f532-4311-9fc7-6920126fc404}Gw64; system32\drivers\{dc592624-f532-4311-9fc7-6920126fc404}Gw64.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-03-02 17:00 - 2017-03-02 17:01 - 00035535 _____ C:\Users\Eliza\Downloads\FRST.txt 2017-03-02 16:59 - 2017-03-02 17:00 - 00000000 ____D C:\FRST 2017-03-02 16:58 - 2017-03-02 16:58 - 02423808 _____ (Farbar) C:\Users\Eliza\Downloads\FRST64.exe 2017-03-02 16:58 - 2017-03-02 16:58 - 02423808 _____ (Farbar) C:\Users\Eliza\Downloads\FRST64 (1).exe 2017-03-02 16:12 - 2017-03-02 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices 2017-03-01 00:56 - 2017-03-01 11:12 - 00000000 ____D C:\Users\Eliza\AppData\Local\YnPack 2017-03-01 00:56 - 2017-03-01 00:57 - 00000000 ____D C:\Users\Eliza\AppData\Local\Efption 2017-03-01 00:51 - 2017-03-01 16:23 - 00000000 ___HD C:\Users\Eliza\AppData\Local\SysHashTable 2017-03-01 00:37 - 2017-03-01 00:37 - 00001058 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014.lnk 2017-02-28 16:55 - 2017-03-02 12:44 - 00000000 ____D C:\Users\Eliza\Desktop\120hrs 2017-02-28 13:48 - 2017-02-28 13:48 - 00019784 _____ C:\Users\Eliza\Downloads\5116_Potosczopis.torrent 2017-02-28 13:45 - 2017-02-28 13:45 - 00033017 _____ C:\Users\Eliza\Downloads\Adobe Photoshop CC 2015.torrent 2017-02-28 13:43 - 2017-02-28 13:43 - 00014530 _____ C:\Users\Eliza\Downloads\Adobe Photoshop CC 2017 v18.0.0 WINX64.rar 2017-02-28 13:43 - 2017-02-28 13:43 - 00000000 _____ C:\Users\Eliza\Downloads\Adobe Photoshop CC 2017 v18.0.0 WINX64.torrent 2017-02-26 17:22 - 2017-02-26 17:22 - 00836021 _____ C:\Users\Eliza\Downloads\amtlib.rar 2017-02-26 16:41 - 2017-02-26 16:41 - 00001046 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CC 2015.lnk 2017-02-26 14:48 - 2013-08-05 17:50 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll 2017-02-26 14:45 - 2017-02-26 14:45 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf 2017-02-26 14:45 - 2017-02-26 14:45 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_esif_lf_01011.Wdf 2017-02-26 14:45 - 2017-02-26 14:45 - 00000000 ____D C:\Intel 2017-02-26 14:44 - 2015-10-30 02:32 - 01804688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01011.dll 2017-02-26 14:44 - 2015-10-30 02:32 - 01392792 _____ (Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe 2017-02-26 14:44 - 2015-10-30 02:32 - 00971944 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120.dll 2017-02-26 14:44 - 2015-10-30 02:32 - 00668840 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120.dll 2017-02-26 14:44 - 2015-10-30 02:32 - 00260072 _____ (Intel Corporation) C:\Windows\system32\Drivers\esif_lf.sys 2017-02-26 14:44 - 2015-10-30 02:31 - 00055784 _____ (Intel Corporation) C:\Windows\system32\Drivers\dptf_acpi.sys 2017-02-26 14:44 - 2015-10-30 02:31 - 00052200 _____ (Intel Corporation) C:\Windows\system32\Drivers\dptf_cpu.sys 2017-02-26 14:44 - 2015-10-30 02:31 - 00050664 _____ (Intel Corporation) C:\Windows\system32\Drivers\dptf_pch.sys 2017-02-26 14:43 - 2016-03-21 09:47 - 00777944 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsPer.sys 2017-02-26 14:43 - 2016-03-16 09:39 - 04330712 _____ (Realtek Semiconductor Corp.) C:\Windows\RtCRU64.exe 2017-02-26 14:43 - 2014-10-20 17:50 - 00083160 _____ (Realtek Semiconductor.) C:\Windows\system32\RtCRX64.dll 2017-02-26 14:43 - 2014-01-27 12:39 - 09890008 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll 2017-02-26 14:37 - 2017-02-26 14:37 - 00000000 ____D C:\Users\Eliza\Documents\Dell Downloads 2017-02-26 14:36 - 2017-02-26 14:36 - 00575408 _____ () C:\Users\Eliza\Downloads\DellSystemDetectLauncher.exe 2017-02-26 14:36 - 2017-02-26 14:36 - 00000000 ____D C:\Users\Eliza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell 2017-02-26 13:39 - 2017-02-26 13:39 - 00131392 _____ C:\Users\Eliza\Downloads\Contemporary Architectural Issues-Topics-GROUPS-2017-2-19 (1).pdf 2017-02-26 12:59 - 2017-02-26 12:59 - 00000000 ____D C:\Program Files\McAfee 2017-02-25 15:16 - 2017-02-25 15:16 - 03688255 _____ C:\Users\Eliza\Downloads\Kingston-Mapacad-download-map-cad-dwg-dxf-autocad-2d-3d.zip 2017-02-24 19:55 - 2017-02-24 19:55 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows 2017-02-24 19:55 - 2017-02-24 19:55 - 00000000 ____D C:\Program Files\Dell Support Center 2017-02-23 17:34 - 2017-02-23 17:34 - 00038858 _____ C:\Users\Eliza\Downloads\Research-problem_group.pdf 2017-02-23 15:27 - 2017-02-23 15:27 - 00131392 _____ C:\Users\Eliza\Downloads\Contemporary Architectural Issues-Topics-GROUPS-2017-2-19.pdf 2017-02-22 00:56 - 2017-02-28 13:46 - 00000000 ____D C:\Users\Eliza\AppData\LocalLow\uTorrent 2017-02-20 23:46 - 2017-02-20 23:46 - 00000000 ____D C:\Users\Eliza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome 2017-02-20 23:02 - 2017-02-27 13:33 - 00000000 ____D C:\Users\Eliza\Desktop\Book Research 2017-02-20 23:02 - 2017-02-24 14:24 - 00000000 ____D C:\Users\Eliza\Desktop\Urban Project 2017-02-20 23:02 - 2017-02-22 11:21 - 00000000 ____D C:\Users\Eliza\Desktop\Structure Project 2017-02-20 23:00 - 2017-03-01 18:38 - 00000000 ____D C:\Users\Eliza\Desktop\Thesis 2017-02-19 21:11 - 2017-02-19 21:11 - 00001614 _____ C:\Users\Eliza\Downloads\430738.acsm 2017-02-19 21:10 - 2017-02-19 21:10 - 00000000 ____D C:\Users\Eliza\AppData\Local\Adobe_Systems_Incorporate 2017-02-19 21:07 - 2017-02-19 21:16 - 00000000 ____D C:\Users\Eliza\Documents\My Digital Editions 2017-02-19 21:06 - 2017-02-19 21:06 - 08649240 _____ (Adobe Systems Incorporated) C:\Users\Eliza\Downloads\ADE_4.5_Installer.exe 2017-02-19 18:43 - 2017-02-19 18:43 - 00054734 _____ C:\Users\Eliza\Downloads\Calendar updated 2017-2-16 (1).pdf 2017-02-17 15:10 - 2017-02-17 15:10 - 00054734 _____ C:\Users\Eliza\Downloads\Calendar updated 2017-2-16.pdf 2017-02-17 14:23 - 2017-02-17 15:07 - 12177527 _____ C:\Users\Eliza\Documents\AutoSave_Untitled_1.skp 2017-02-17 12:24 - 2017-02-17 12:24 - 00000189 ____H C:\Users\Eliza\Downloads\Building_Mercat Abaceria.dwl2 2017-02-17 12:24 - 2017-02-17 12:24 - 00000039 ____H C:\Users\Eliza\Downloads\Building_Mercat Abaceria.dwl 2017-02-15 12:24 - 2017-02-15 12:24 - 00000000 ____D C:\Windows\SysWOW64\Dell 2017-02-15 12:24 - 2017-02-15 12:24 - 00000000 ____D C:\Program Files (x86)\Dell Customer Connect 2017-02-14 12:53 - 2017-02-14 12:53 - 00000189 ____H C:\Users\Eliza\Downloads\Site_1000.dwl2 2017-02-14 12:53 - 2017-02-14 12:53 - 00000039 ____H C:\Users\Eliza\Downloads\Site_1000.dwl 2017-02-14 12:47 - 2017-02-14 12:47 - 00448790 _____ C:\Users\Eliza\Downloads\VISIT TO VILLA URÀNIA.pdf 2017-02-10 14:38 - 2017-02-10 14:38 - 05765515 _____ C:\Users\Eliza\Downloads\attachments (3).zip 2017-02-08 00:41 - 2017-02-08 00:41 - 01695646 _____ C:\Users\Eliza\Downloads\StockT-shirtDesigns_Free-Sample_08.zip 2017-02-08 00:38 - 2017-02-08 00:39 - 00288455 _____ C:\Users\Eliza\Downloads\Free_Vector_Rose.eps.zip 2017-02-08 00:37 - 2017-02-08 00:37 - 00285432 _____ C:\Users\Eliza\Downloads\free-vectors-musical-score-2.zip 2017-02-08 00:08 - 2017-02-08 00:08 - 00871745 _____ C:\Users\Eliza\Downloads\mawns_handwriting.zip 2017-02-08 00:08 - 2017-02-08 00:08 - 00354772 _____ C:\Users\Eliza\Downloads\housegrind.zip 2017-02-08 00:08 - 2017-02-08 00:08 - 00011604 _____ C:\Users\Eliza\Downloads\linny.zip 2017-02-08 00:07 - 2017-02-08 00:07 - 00077042 _____ C:\Users\Eliza\Downloads\journal.zip 2017-02-08 00:06 - 2017-02-08 00:07 - 00040913 _____ C:\Users\Eliza\Downloads\gunny_rewritten.zip 2017-02-06 11:37 - 2017-02-06 11:37 - 00011394 _____ C:\Users\Eliza\Downloads\jamaica-map-black-silhouette.svg 2017-01-31 02:33 - 2017-01-31 02:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-03-02 16:57 - 2014-02-04 19:13 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1417911127-3688308230-4202644773-1002 2017-03-02 16:46 - 2014-02-04 19:14 - 00003980 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1D3B44F3-3BE7-4DA5-8DED-EA98F706BB83} 2017-03-02 16:36 - 2014-11-15 19:26 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d00101b4a943fc.job 2017-03-02 16:35 - 2014-10-22 15:35 - 00004176 _____ C:\Windows\Tasks\5f3a9516-e3fd-4128-8dfa-20eb4ac27d94-4.job 2017-03-02 16:35 - 2014-10-22 15:35 - 00003486 _____ C:\Windows\Tasks\5f3a9516-e3fd-4128-8dfa-20eb4ac27d94-1.job 2017-03-02 16:35 - 2014-10-22 15:35 - 00002464 _____ C:\Windows\Tasks\5f3a9516-e3fd-4128-8dfa-20eb4ac27d94-5_user.job 2017-03-02 16:35 - 2014-10-22 15:35 - 00002464 _____ C:\Windows\Tasks\5f3a9516-e3fd-4128-8dfa-20eb4ac27d94-5.job 2017-03-02 16:35 - 2014-10-22 15:35 - 00002128 _____ C:\Windows\Tasks\5f3a9516-e3fd-4128-8dfa-20eb4ac27d94-2.job 2017-03-02 16:34 - 2014-10-22 15:34 - 00005202 _____ C:\Windows\Tasks\5f3a9516-e3fd-4128-8dfa-20eb4ac27d94-11.job 2017-03-02 16:34 - 2014-10-22 15:34 - 00004176 _____ C:\Windows\Tasks\5f3a9516-e3fd-4128-8dfa-20eb4ac27d94-6.job 2017-03-02 16:34 - 2014-10-22 15:34 - 00003832 _____ C:\Windows\Tasks\5f3a9516-e3fd-4128-8dfa-20eb4ac27d94-7.job 2017-03-02 16:31 - 2014-08-27 13:16 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2017-03-02 16:17 - 2014-01-16 19:37 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery 2017-03-02 16:14 - 2014-01-16 19:23 - 01828496 _____ C:\Windows\system32\PerfStringBackup.INI 2017-03-02 16:14 - 2013-08-23 00:12 - 00809634 _____ C:\Windows\system32\perfh015.dat 2017-03-02 16:14 - 2013-08-23 00:12 - 00164434 _____ C:\Windows\system32\perfc015.dat 2017-03-02 16:14 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf 2017-03-02 16:11 - 2016-12-29 23:48 - 00003324 _____ C:\Windows\System32\Tasks\Intel(R) Rapid Start Technology Manager 2017-03-02 16:10 - 2016-12-18 17:49 - 00000000 ___RD C:\Users\Eliza\Creative Cloud Files 2017-03-02 16:10 - 2016-12-18 17:49 - 00000000 ____D C:\ProgramData\boost_interprocess 2017-03-02 16:10 - 2014-02-05 12:51 - 00000000 ____D C:\Users\Eliza\AppData\Local\Adobe 2017-03-02 16:10 - 2014-02-04 19:09 - 00000000 __RDO C:\Users\Eliza\SkyDrive 2017-03-02 16:09 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-03-02 16:04 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2017-03-02 15:19 - 2014-04-09 21:14 - 00000944 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1417911127-3688308230-4202644773-1002UA.job 2017-03-02 13:19 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-03-02 13:13 - 2014-09-07 10:57 - 00000000 ____D C:\Program Files\Microsoft Office 15 2017-03-02 13:11 - 2016-11-13 20:11 - 00000000 ____D C:\Users\Eliza\AppData\Roaming\WhatsApp 2017-03-02 12:52 - 2013-08-22 15:44 - 05441312 _____ C:\Windows\system32\FNTCACHE.DAT 2017-03-02 12:51 - 2014-02-04 19:07 - 00000000 ____D C:\Users\Eliza 2017-03-02 12:50 - 2014-03-23 02:11 - 00000000 ____D C:\Users\Eliza\AppData\Roaming\uTorrent 2017-03-01 21:19 - 2014-04-09 21:14 - 00000922 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1417911127-3688308230-4202644773-1002Core.job 2017-03-01 18:09 - 2014-02-04 19:08 - 00000000 ____D C:\Users\Eliza\AppData\Roaming\Adobe 2017-03-01 11:13 - 2016-12-13 10:46 - 00003170 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2 2017-03-01 11:13 - 2016-04-23 10:50 - 00002387 _____ C:\Users\Eliza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive dla Firm.lnk 2017-03-01 11:13 - 2015-10-11 15:31 - 00003178 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1417911127-3688308230-4202644773-1002 2017-03-01 00:37 - 2014-02-05 20:53 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2017-03-01 00:36 - 2014-02-05 20:52 - 00000000 ____D C:\Program Files\Adobe 2017-03-01 00:25 - 2014-04-03 13:56 - 12939776 ___SH C:\Users\Eliza\Downloads\Thumbs.db 2017-02-28 14:00 - 2014-12-13 19:42 - 00000034 _____ C:\Users\Eliza\AppData\Roaming\AdobeWLCMCache.dat 2017-02-28 02:50 - 2014-01-16 19:31 - 00000000 ____D C:\Users\UpdatusUser 2017-02-26 20:34 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness 2017-02-26 16:35 - 2014-02-05 20:50 - 00000000 ____D C:\Program Files\Common Files\Adobe 2017-02-26 15:10 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps 2017-02-26 14:57 - 2014-01-17 03:45 - 00000000 ____D C:\ProgramData\Dell 2017-02-26 14:56 - 2014-01-16 19:35 - 00000000 ____D C:\ProgramData\McAfee 2017-02-26 14:48 - 2014-01-16 19:27 - 00000000 ____D C:\Program Files (x86)\Intel 2017-02-26 14:47 - 2014-01-16 19:27 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2017-02-26 14:47 - 2014-01-16 19:27 - 00000000 ____D C:\Program Files\Intel 2017-02-26 14:44 - 2014-01-16 19:27 - 00000000 ____D C:\Windows\SysWOW64\sda 2017-02-26 14:43 - 2014-01-16 19:27 - 00000000 ____D C:\Program Files (x86)\Realtek 2017-02-26 14:37 - 2014-02-05 12:00 - 00000000 ____D C:\Users\Eliza\AppData\Local\Deployment 2017-02-26 13:11 - 2014-12-03 00:39 - 00000000 ____D C:\Program Files\Common Files\Apple 2017-02-26 13:11 - 2014-02-05 12:51 - 00000000 ____D C:\Users\Eliza\AppData\Roaming\Apple Computer 2017-02-26 13:06 - 2014-02-05 10:22 - 00000000 ____D C:\Program Files (x86)\Sketchup8 2017-02-26 13:03 - 2015-02-19 19:47 - 00000000 ____D C:\Users\Eliza\AppData\Roaming\Garmin 2017-02-26 13:03 - 2015-02-19 19:47 - 00000000 ____D C:\Users\Eliza\AppData\Local\Garmin 2017-02-26 13:03 - 2015-02-19 19:47 - 00000000 ____D C:\ProgramData\Garmin 2017-02-26 13:03 - 2015-02-19 19:47 - 00000000 ____D C:\Program Files (x86)\Garmin 2017-02-26 13:03 - 2014-01-16 19:32 - 00000000 ____D C:\ProgramData\Package Cache 2017-02-26 12:58 - 2014-02-27 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 2017-02-26 12:58 - 2014-02-27 21:18 - 00000000 ____D C:\ProgramData\Autodesk 2017-02-26 12:50 - 2014-02-05 20:24 - 00000000 ____D C:\ProgramData\Adobe 2017-02-26 11:33 - 2015-08-27 15:13 - 00000000 ___RD C:\Users\Eliza\iCloudDrive 2017-02-25 13:36 - 2014-01-16 19:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2017-02-24 19:55 - 2014-01-16 19:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell 2017-02-23 16:15 - 2014-02-20 03:08 - 00000000 ____D C:\Windows\system32\MRT 2017-02-23 16:09 - 2014-02-20 03:08 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-02-22 12:07 - 2016-03-28 23:39 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-02-22 11:32 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp 2017-02-20 23:03 - 2014-02-05 10:52 - 00000000 ____D C:\Users\Eliza\Bjut 2017-02-19 21:07 - 2014-02-05 20:51 - 00000000 ____D C:\Program Files (x86)\Adobe 2017-02-16 11:51 - 2016-11-13 20:11 - 00000000 ____D C:\Users\Eliza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2017-02-16 11:51 - 2016-11-13 20:10 - 00000000 ____D C:\Users\Eliza\AppData\Local\WhatsApp 2017-02-16 11:49 - 2016-11-13 20:10 - 00000000 ____D C:\Users\Eliza\AppData\Local\SquirrelTemp 2017-02-12 00:20 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF 2017-02-06 21:33 - 2014-08-27 13:17 - 00002223 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-02-06 20:41 - 2016-12-14 18:34 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-02-06 20:41 - 2016-12-14 18:34 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-01-31 02:33 - 2014-02-05 12:00 - 00000000 ____D C:\Program Files (x86)\Google ==================== Pliki w katalogu głównym wybranych folderów ======= 2014-12-14 02:19 - 2016-12-15 05:28 - 0000132 _____ () C:\Users\Eliza\AppData\Roaming\Adobe PNG Format CS6 Prefs 2014-12-13 19:42 - 2017-02-28 14:00 - 0000034 _____ () C:\Users\Eliza\AppData\Roaming\AdobeWLCMCache.dat 2014-08-27 15:44 - 2015-09-21 13:01 - 0001456 _____ () C:\Users\Eliza\AppData\Local\Adobe Save for Web 13.0 Prefs 2016-12-18 15:14 - 2016-12-18 15:14 - 0003584 _____ () C:\Users\Eliza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-01-10 16:28 - 2016-03-24 13:48 - 0000002 _____ () C:\Users\Eliza\AppData\Local\SendToWorkFiles.txt 2014-01-16 19:14 - 2014-01-16 19:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2014-02-27 21:21 - 2014-02-27 21:21 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-02-22 19:55 ==================== Koniec FRST.txt ============================