Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:18-10-2015 Uruchomiony przez Joanna (administrator) JOANNA-ACER (19-10-2015 00:36:39) Uruchomiony z C:\Users\Joanna\Downloads Załadowane profile: Joanna (Dostępne profile: Joanna) Platform: Windows 8.1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AMD) C:\Windows\System32\atiesrxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Dritek System INC.) C:\Windows\RfBtnSvc64.exe (StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Microsoft Corporation) C:\Windows\System32\vds.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Microsoft Corporation) C:\Windows\System32\OpenWith.exe (AMD) C:\Windows\System32\atieclxx.exe () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe (Microsoft Corporation) C:\Windows\System32\OpenWith.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) C:\Windows\WinStore\WSHost.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (PortableApps.com) C:\Programy\GoogleChromePortable old\GoogleChromePortable.exe (Google Inc.) C:\Programy\GoogleChromePortable old\App\Chrome-bin\chrome.exe (Google Inc.) C:\Programy\GoogleChromePortable old\App\Chrome-bin\chrome.exe (Google Inc.) C:\Programy\GoogleChromePortable old\App\Chrome-bin\chrome.exe (Google Inc.) C:\Programy\GoogleChromePortable old\App\Chrome-bin\chrome.exe (Google Inc.) C:\Programy\GoogleChromePortable old\App\Chrome-bin\chrome.exe (Google Inc.) C:\Programy\GoogleChromePortable old\App\Chrome-bin\chrome.exe (Google Inc.) C:\Programy\GoogleChromePortable old\App\Chrome-bin\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Google Inc.) C:\Programy\GoogleChromePortable old\App\Chrome-bin\chrome.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2015-08-12] (ELAN Microelectronics Corp.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor) HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-07-18] (Alcor Micro Corp.) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3111880 2015-07-23] (Logitech, Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [BakupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533056 2012-07-31] (NTI Corporation) HKLM-x32\...\Run: [LManager] => [X] HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation) HKLM-x32\...\Run: [DemonStarter] => C:\Program Files (x86)\PWN\Definicje\Bin\Starter.exe [36864 1999-12-01] () HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36711472 2015-10-13] (Dropbox, Inc.) HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe [2089056 2015-09-16] (CHENGDU YIWO Tech Development Co., Ltd) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-10] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782520 2015-09-01] (Avira Operations GmbH & Co. KG) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] (Atheros Communications) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) Startup: C:\Users\Joanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2015-08-27] ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{1997F409-7BF7-4BD5-B0AC-8639342636BA}: [DhcpNameServer] 192.168.1.254 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-312703943-2248783029-2232578368-1008\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-312703943-2248783029-2232578368-1008\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-312703943-2248783029-2232578368-1008 -> DefaultScope {F9192740-7387-4B6A-8532-612BC5F8955A} URL = SearchScopes: HKU\S-1-5-21-312703943-2248783029-2232578368-1008 -> {F9192740-7387-4B6A-8532-612BC5F8955A} URL = BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll [2013-01-28] (Qualcomm Atheros Commnucations) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-07-23] (Logitech, Inc.) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation) BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-07-01] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-07-23] (Logitech, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - Brak pliku FireFox: ======== FF ProfilePath: C:\Users\Joanna\AppData\Roaming\Mozilla\Firefox\Profiles\5fz0mat8.default FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-27] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-27] () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] () FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-08-26] [Brak podpisu cyfrowego] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [932912 2015-09-01] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-09-01] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-09-01] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1147720 2015-10-14] (Avira Operations GmbH & Co. KG) R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations) [Brak podpisu cyfrowego] R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [240872 2015-09-10] (Avira Operations GmbH & Co. KG) S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team) R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2415760 2012-07-27] (Acer Incorporated) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-27] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-27] (Dropbox, Inc.) S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [466064 2012-07-31] (Acer Incorporated) R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [36904 2015-08-01] (CHENGDU YIWO Tech Development Co., Ltd) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [659600 2012-07-31] (Acer Incorporated) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation) S3 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-07-31] (NTI Corporation) R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2013-04-02] (Dritek System INC.) R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Brak podpisu cyfrowego] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-08-13] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-08-13] (Microsoft Corporation) S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [X] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-09-01] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-09-01] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-09-01] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-09-01] (Avira Operations GmbH & Co. KG) U3 axscsidrv; C:\Windows\System32\Drivers\axscsidrv.sys [304296 2015-08-13] (Alcohol Soft Development Team) R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-28] (Qualcomm Atheros) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation) R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] () S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] () R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-15] () S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] () S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] () S3 pmxdrv; C:\WINDOWS\system32\drivers\pmxdrv.sys [31152 2015-08-17] () R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-04-02] (Dritek System Inc.) S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [19032 2012-08-20] () S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12384 2012-08-20] () R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2015-08-13] (Duplex Secure Ltd.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-08-13] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-08-13] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-08-13] (Microsoft Corporation) S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X] S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-10-19 00:37 - 2015-10-19 00:37 - 00380416 _____ C:\Users\Joanna\Downloads\tebn8tkd.exe 2015-10-19 00:36 - 2015-10-19 00:37 - 00019310 _____ C:\Users\Joanna\Downloads\FRST.txt 2015-10-19 00:35 - 2015-10-19 00:36 - 00000000 ____D C:\FRST 2015-10-19 00:34 - 2015-10-19 00:33 - 02196992 _____ (Farbar) C:\Users\Joanna\Downloads\FRST64.exe 2015-10-17 12:18 - 2015-10-17 12:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-10-15 09:19 - 2015-09-19 05:18 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2015-10-15 09:19 - 2015-09-18 15:42 - 01290752 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-10-15 09:19 - 2015-09-18 15:42 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-10-15 09:19 - 2015-09-18 15:42 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-10-15 09:19 - 2015-09-18 15:42 - 00699904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-10-15 09:19 - 2015-09-18 15:42 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-10-15 09:19 - 2015-09-18 15:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-10-14 13:47 - 2015-08-27 04:43 - 22372152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-10-14 13:47 - 2015-08-27 04:42 - 19795904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-10-14 13:47 - 2015-08-07 23:40 - 01134752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-10-14 13:47 - 2015-08-07 23:40 - 00686960 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2015-10-14 13:47 - 2015-08-07 23:40 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2015-10-14 13:47 - 2015-08-07 16:13 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-10-14 13:47 - 2015-08-06 19:05 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx 2015-10-14 13:47 - 2015-08-06 18:47 - 04710400 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2015-10-14 13:47 - 2015-08-06 18:37 - 00536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx 2015-10-14 13:47 - 2015-08-06 18:18 - 04068352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2015-10-14 13:46 - 2015-09-29 14:31 - 07457624 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-10-14 13:46 - 2015-09-29 14:31 - 01658536 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-10-14 13:46 - 2015-09-29 14:31 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-10-14 13:46 - 2015-09-29 14:31 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-10-14 13:46 - 2015-09-29 14:31 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2015-10-14 13:46 - 2015-09-24 18:42 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll 2015-10-14 13:46 - 2015-09-24 18:40 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll 2015-10-14 13:46 - 2015-09-10 20:02 - 25851392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-10-14 13:46 - 2015-09-10 19:09 - 20358144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-10-14 13:46 - 2015-08-07 23:40 - 01736520 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-10-14 13:46 - 2015-08-07 23:40 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-10-14 13:44 - 2015-09-10 19:19 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-10-14 13:44 - 2015-09-10 19:18 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-10-14 13:44 - 2015-09-10 19:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-10-14 13:44 - 2015-09-10 19:14 - 05990400 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-10-14 13:44 - 2015-09-10 19:06 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-10-14 13:44 - 2015-09-10 19:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-10-14 13:44 - 2015-09-10 18:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-10-14 13:44 - 2015-09-10 18:39 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-10-14 13:44 - 2015-09-10 18:37 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-10-14 13:44 - 2015-09-10 18:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-10-14 13:44 - 2015-09-10 18:35 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-10-14 13:44 - 2015-09-10 18:33 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-10-14 13:44 - 2015-09-10 18:28 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-10-14 13:44 - 2015-09-10 18:28 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-10-14 13:44 - 2015-09-10 18:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-10-14 13:44 - 2015-09-10 18:24 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-10-14 13:44 - 2015-09-10 18:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-10-14 13:44 - 2015-09-10 18:19 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-10-14 13:44 - 2015-09-10 18:19 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-10-14 13:44 - 2015-09-10 18:19 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-10-14 13:44 - 2015-09-10 18:17 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-10-14 13:44 - 2015-09-10 18:17 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-10-14 13:44 - 2015-09-10 18:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-10-14 13:44 - 2015-09-10 18:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-10-14 13:44 - 2015-09-10 18:02 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-10-14 13:44 - 2015-09-10 18:01 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-10-14 13:44 - 2015-09-10 18:00 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-10-14 13:44 - 2015-09-10 17:57 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-10-14 13:44 - 2015-09-10 17:57 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-10-14 13:44 - 2015-09-10 17:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-10-14 13:44 - 2015-09-10 17:55 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-10-14 13:44 - 2015-09-10 17:55 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-10-14 13:44 - 2015-09-10 17:45 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-10-14 13:44 - 2015-09-10 17:34 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-10-14 13:44 - 2015-09-10 17:31 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-10-14 13:44 - 2015-09-10 17:27 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-10-14 13:44 - 2015-09-10 17:26 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-10-14 13:42 - 2015-09-29 14:29 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-10-14 13:42 - 2015-09-28 20:45 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-10-14 13:42 - 2015-09-28 20:26 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-10-14 13:42 - 2015-09-28 20:25 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-10-14 13:42 - 2015-09-28 20:25 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-10-14 13:42 - 2015-09-28 20:25 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-10-14 13:42 - 2015-09-28 20:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-10-14 13:42 - 2015-09-28 20:22 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-10-14 13:42 - 2015-09-28 20:22 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-10-14 13:42 - 2015-09-28 20:15 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-10-14 13:42 - 2015-09-28 20:13 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-10-14 13:42 - 2015-09-28 20:12 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-10-14 13:42 - 2015-08-22 15:42 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2015-10-14 13:42 - 2015-08-22 15:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:35 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2015-10-14 13:42 - 2015-08-22 15:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2015-10-14 13:42 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2015-10-14 13:42 - 2015-07-16 20:58 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\NcdAutoSetup.dll 2015-10-13 01:12 - 2015-10-13 01:12 - 00000000 ____D C:\Users\Joanna\AppData\Roaming\Avira 2015-10-13 01:03 - 2015-09-01 17:09 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2015-10-13 01:03 - 2015-09-01 17:09 - 00137800 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2015-10-13 01:03 - 2015-09-01 17:09 - 00074440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2015-10-13 01:03 - 2015-09-01 17:09 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2015-10-13 00:57 - 2015-10-13 01:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-10-13 00:57 - 2015-10-13 01:03 - 00000000 ____D C:\ProgramData\Avira 2015-10-13 00:57 - 2015-10-13 01:03 - 00000000 ____D C:\Program Files (x86)\Avira 2015-10-13 00:34 - 2015-10-13 00:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2015-10-13 00:25 - 2015-10-13 00:34 - 07430720 _____ (McAfee, Inc.) C:\Users\Joanna\Downloads\MCPR.exe 2015-10-13 00:18 - 2015-10-13 00:18 - 04559688 _____ (Avira Operations GmbH & Co. KG) C:\Users\Joanna\Downloads\avira_en_av_561c313e04a27__ws.exe 2015-10-11 23:48 - 2015-10-11 23:49 - 00000000 ____D C:\Users\Joanna\Desktop\pulpit 2015-10-10 18:33 - 2015-10-10 18:36 - 00000000 ____D C:\Users\Joanna\AppData\Roaming\FreeFileSync 2015-10-10 18:33 - 2015-10-10 18:33 - 00000872 _____ C:\Users\Public\Desktop\FreeFileSync.lnk 2015-10-10 18:33 - 2015-10-10 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileSync 2015-10-10 18:32 - 2015-10-10 18:33 - 00000000 ____D C:\Program Files\FreeFileSync 2015-10-09 15:26 - 2015-10-10 13:24 - 00000000 ____D C:\seriale tata downloaded here 2015-10-09 00:08 - 2015-10-09 00:11 - 00000000 ____D C:\Users\Joanna\AppData\Roaming\uTorrent 2015-10-08 22:26 - 2015-10-08 22:53 - 00000266 __RSH C:\ProgramData\ntuser.pol 2015-10-08 22:26 - 2015-10-08 22:27 - 00000097 _____ C:\Users\Joanna\Downloads\rufus.ini 2015-10-08 22:25 - 2015-10-08 22:25 - 00844200 _____ (Akeo Consulting (http://akeo.ie)) C:\Users\Joanna\Downloads\rufus-2.4p.exe 2015-10-08 22:14 - 2015-10-17 12:19 - 00000000 ___RD C:\Dropbox 2015-10-08 21:50 - 2015-10-08 21:50 - 00000000 ____D C:\Local Disk_10820152150 2015-10-08 21:44 - 2015-10-08 21:44 - 00000000 ____D C:\Local Disk F_10820152144 2015-10-08 21:43 - 2015-10-08 21:50 - 00001427 ____H C:\Windows\EPMBatch.ept 2015-10-08 21:15 - 2015-10-08 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.8 2015-10-08 21:14 - 2015-09-21 00:30 - 03557000 _____ C:\Windows\system32\BootMan.exe 2015-10-08 21:14 - 2015-09-21 00:19 - 02658952 _____ C:\Windows\SysWOW64\BootMan.exe 2015-10-08 21:14 - 2014-11-18 14:46 - 00021088 _____ C:\Windows\SysWOW64\EuEpmGdi.dll 2015-10-08 21:14 - 2014-11-18 14:46 - 00017504 _____ C:\Windows\system32\EuEpmGdi.dll 2015-10-08 21:14 - 2014-11-18 14:39 - 00018528 _____ C:\Windows\system32\epmntdrv.sys 2015-10-08 21:14 - 2014-11-18 14:39 - 00014944 _____ C:\Windows\SysWOW64\epmntdrv.sys 2015-10-08 21:14 - 2014-11-18 14:39 - 00010848 _____ C:\Windows\system32\EuGdiDrv.sys 2015-10-08 21:14 - 2014-11-18 14:39 - 00010208 _____ C:\Windows\SysWOW64\EuGdiDrv.sys 2015-10-08 21:14 - 2014-11-18 14:38 - 00101984 _____ C:\Windows\system32\setupempdrvx64.exe 2015-10-08 21:14 - 2014-11-18 14:38 - 00088160 _____ C:\Windows\SysWOW64\setupempdrv03.exe 2015-10-08 21:10 - 2015-10-08 21:11 - 29407904 _____ (EaseUS ) C:\Users\Joanna\Downloads\epm.exe 2015-10-08 18:48 - 2015-10-08 18:49 - 00000000 ____D C:\Users\Joanna\AppData\Roaming\WildTangent 2015-10-07 12:39 - 2015-10-07 12:41 - 00000000 ____D C:\Windows\system32\config\regsave 2015-10-07 10:31 - 2015-10-07 10:31 - 00000000 _____ C:\Users\Joanna\AppData\Local\{6202B9CC-690A-4EAC-B93F-115AF5A83E38} 2015-10-06 16:26 - 2015-10-13 10:36 - 00155718 _____ C:\Windows\PFRO.log 2015-10-06 14:33 - 2015-10-17 01:03 - 00010972 _____ C:\Windows\setupact.log 2015-10-06 14:33 - 2015-10-06 14:33 - 00000000 _____ C:\Windows\setuperr.log 2015-10-06 13:41 - 2015-10-06 13:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup Free 8.6 2015-10-06 13:41 - 2014-12-15 00:59 - 00192040 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\EuFdDisk.sys 2015-10-06 13:41 - 2014-12-15 00:59 - 00060968 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\eubakup.sys 2015-10-06 13:41 - 2014-12-15 00:59 - 00048168 _____ C:\Windows\system32\Drivers\EUBKMON.sys 2015-10-06 13:41 - 2014-12-15 00:59 - 00018472 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\eudskacs.sys 2015-10-06 13:36 - 2014-12-15 01:03 - 00024104 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\fbnative.exe 2015-10-06 13:35 - 2015-10-08 21:13 - 00000000 ____D C:\Program Files (x86)\EaseUS 2015-10-06 10:15 - 2015-10-06 10:20 - 00001451 _____ C:\Windows\PWCMDLST.TXT 2015-10-06 10:15 - 2015-10-06 10:15 - 00000605 _____ C:\Windows\PWLETTER.TXT 2015-10-06 10:13 - 2012-08-20 16:48 - 02966720 _____ C:\Windows\system32\pwNative.exe 2015-10-06 10:13 - 2012-08-20 16:48 - 00019032 ____N C:\Windows\system32\pwdrvio.sys 2015-10-06 10:13 - 2012-08-20 16:48 - 00012384 ____N C:\Windows\system32\pwdspio.sys 2015-10-05 20:48 - 2015-10-05 20:49 - 00000000 ____D C:\Evernote 2015-10-05 04:12 - 2015-10-05 04:21 - 255852544 _____ C:\Users\Joanna\Downloads\gparted-live-0.23.0-1-i586.iso 2015-10-04 23:02 - 2015-10-05 12:10 - 00000000 ____D C:\Users\Joanna\VirtualBox VMs 2015-10-04 23:01 - 2015-10-07 14:49 - 00000000 ____D C:\Users\Joanna\.VirtualBox 2015-10-04 22:54 - 2015-10-04 22:54 - 00001092 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk 2015-10-04 22:54 - 2015-10-04 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox 2015-10-04 22:54 - 2015-10-04 22:54 - 00000000 ____D C:\Program Files\Oracle 2015-10-04 22:54 - 2014-05-16 14:04 - 00254240 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys 2015-10-04 22:54 - 2014-05-16 14:03 - 00128288 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys 2015-10-04 22:38 - 2015-10-04 22:45 - 109574432 _____ (Oracle Corporation) C:\Users\Joanna\Downloads\VirtualBox-4.3.12-93733-Win.exe 2015-10-04 22:03 - 2015-10-04 22:10 - 110671648 _____ (Oracle Corporation) C:\Users\Joanna\Downloads\VirtualBox-4.3.16-95972-Win.exe 2015-10-04 19:37 - 2015-10-04 21:13 - 00000000 ____D C:\Users\Joanna\Documents\Virtual Machines 2015-10-04 19:29 - 2015-10-11 23:47 - 00000684 _____ C:\Users\Joanna\Desktop\Dropbox — skrót.lnk 2015-10-02 00:29 - 2015-10-02 00:29 - 00001139 _____ C:\Users\Joanna\Desktop\zoro wireless — skrót.lnk 2015-10-01 18:49 - 2014-01-12 02:34 - 00000000 ____D C:\Users\Joanna\Downloads\bthaudhid.inf_amd64_bf8be6e78ac6c240 2015-10-01 18:47 - 2015-10-01 18:47 - 00035505 _____ C:\Users\Joanna\Downloads\bthaudhid.inf_amd64_bf8be6e78ac6c240.zip 2015-10-01 18:46 - 2015-10-01 18:46 - 00950636 _____ (DriverIdentifier ) C:\Users\Joanna\Downloads\driverdouble_setup.exe 2015-09-28 21:33 - 2015-09-28 21:33 - 00000000 ____D C:\Users\Joanna\Documents\PassMark 2015-09-28 21:33 - 2015-09-28 21:33 - 00000000 ____D C:\ProgramData\PassMark 2015-09-28 21:33 - 2015-09-28 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BatteryMon 2015-09-28 21:33 - 2015-09-28 21:33 - 00000000 ____D C:\Program Files (x86)\BatteryMon 2015-09-28 21:30 - 2015-09-28 21:30 - 00997360 _____ (PassMark Software ) C:\Users\Joanna\Downloads\batmon.exe 2015-09-22 01:09 - 2015-09-22 01:08 - 00001124 _____ C:\Users\Joanna\Desktop\KFD — skrót.lnk 2015-09-22 01:07 - 2015-08-13 16:08 - 00002002 _____ C:\Users\Joanna\Desktop\Wielki słownik PWN-OXFORD.lnk ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-10-19 00:35 - 2015-08-17 18:04 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-312703943-2248783029-2232578368-1008 2015-10-19 00:33 - 2015-08-17 19:41 - 00004000 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{E44F0839-3EB4-4135-86F9-46DEA0DCDFB9} 2015-10-19 00:33 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness 2015-10-19 00:30 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru 2015-10-18 13:33 - 2015-08-13 12:08 - 01715850 _____ C:\Windows\WindowsUpdate.log 2015-10-18 13:00 - 2015-08-27 12:55 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2015-10-18 13:00 - 2015-08-27 12:55 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2015-10-18 04:07 - 2015-08-17 17:59 - 00000000 ____D C:\Users\Joanna\Documents\Bluetooth Folder 2015-10-18 02:16 - 2015-08-17 17:57 - 00000000 ____D C:\Users\Joanna\AppData\Local\Packages 2015-10-18 02:07 - 2015-08-17 18:14 - 00000000 ____D C:\Users\Joanna\AppData\Roaming\Mozilla 2015-10-18 01:12 - 2013-04-02 10:45 - 00000000 ____D C:\ProgramData\Norton 2015-10-17 14:31 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache 2015-10-17 12:21 - 2014-11-21 06:46 - 01825074 _____ C:\Windows\system32\PerfStringBackup.INI 2015-10-17 12:21 - 2014-11-21 06:07 - 00807160 _____ C:\Windows\system32\perfh015.dat 2015-10-17 12:21 - 2014-11-21 06:07 - 00163478 _____ C:\Windows\system32\perfc015.dat 2015-10-17 12:19 - 2015-08-27 12:54 - 00000000 ____D C:\Users\Joanna\AppData\Local\Dropbox 2015-10-17 12:18 - 2015-08-27 12:55 - 00000000 ____D C:\Program Files (x86)\Dropbox 2015-10-17 01:06 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\tracing 2015-10-17 01:03 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-10-17 01:01 - 2015-08-13 14:15 - 00000000 ____D C:\Windows\system32\appraiser 2015-10-17 01:01 - 2014-11-21 11:02 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-10-17 01:01 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData 2015-10-17 01:01 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp 2015-10-17 00:48 - 2015-08-13 02:37 - 00000000 ____D C:\Windows\system32\MRT 2015-10-17 00:33 - 2015-08-13 02:37 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-10-13 00:57 - 2015-08-13 12:08 - 00000000 ____D C:\ProgramData\Package Cache 2015-10-13 00:49 - 2015-08-14 11:15 - 00000000 _____ C:\ProgramData\dat.bmp 2015-10-13 00:40 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM 2015-10-13 00:40 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP 2015-10-12 23:41 - 2013-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-10-12 23:41 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-10-12 23:24 - 2013-08-22 15:25 - 00524288 ___SH C:\Windows\system32\config\BBI 2015-10-12 23:19 - 2014-11-21 07:00 - 00725672 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll 2015-10-12 23:19 - 2014-11-21 07:00 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll 2015-10-12 23:19 - 2014-11-21 07:00 - 00102912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpshell.dll 2015-10-12 23:19 - 2013-08-22 08:54 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.tlb 2015-10-12 23:19 - 2013-08-22 08:54 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\amcompat.tlb 2015-10-12 23:18 - 2014-11-21 07:00 - 15432704 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-10-12 23:18 - 2014-11-21 07:00 - 13318144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2015-10-12 23:18 - 2014-11-21 07:00 - 01509688 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll 2015-10-12 23:18 - 2014-11-21 07:00 - 00488064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpeffects.dll 2015-10-12 23:18 - 2014-11-21 07:00 - 00447256 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll 2015-10-12 23:18 - 2014-11-21 07:00 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\unregmp2.exe 2015-10-12 23:18 - 2014-11-21 07:00 - 00192512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unregmp2.exe 2015-10-12 23:18 - 2014-11-21 07:00 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpdxm.dll 2015-10-12 23:18 - 2014-11-21 07:00 - 00150776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpps.dll 2015-10-12 23:18 - 2014-11-21 07:00 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\wmpshell.dll 2015-10-12 23:18 - 2014-11-21 07:00 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-10-12 23:18 - 2014-11-21 07:00 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2015-10-12 23:18 - 2014-11-21 07:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-10-12 23:18 - 2014-11-21 07:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-10-12 23:18 - 2014-11-21 07:00 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2015-10-12 23:18 - 2014-11-21 07:00 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2015-10-12 23:18 - 2013-08-22 13:43 - 09374208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-10-12 23:18 - 2013-08-22 06:14 - 09374208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2015-10-12 23:18 - 2013-08-22 01:49 - 00043520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.tlb 2015-10-12 23:18 - 2013-08-22 01:49 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\amcompat.tlb 2015-10-12 22:14 - 2013-08-22 16:44 - 00668760 _____ C:\Windows\system32\FNTCACHE.DAT 2015-10-12 00:10 - 2015-08-14 00:32 - 00000000 ____D C:\Program Files (x86)\SubEdit-Player 2015-10-08 22:26 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2015-10-08 22:26 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy 2015-10-08 18:49 - 2012-10-30 21:19 - 00002636 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - acer.lnk 2015-10-08 18:49 - 2012-10-30 21:19 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-10-07 14:38 - 2015-08-17 17:57 - 00000000 ____D C:\Users\Joanna 2015-10-07 12:40 - 2015-08-13 12:41 - 00000000 ___SD C:\Windows\system32\GWX 2015-10-06 11:34 - 2015-08-28 00:14 - 00000000 ____D C:\Windows\Minidump 2015-10-06 11:34 - 2015-08-13 13:03 - 00000000 ___DC C:\Windows\Panther 2015-10-06 10:49 - 2015-08-13 12:41 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2015-10-05 12:18 - 2015-08-13 18:05 - 00000000 ____D C:\ProgramData\VMware 2015-10-05 12:14 - 2015-08-26 22:39 - 00000000 ____D C:\Users\Joanna\AppData\Roaming\VMware 2015-10-05 03:49 - 2015-08-13 22:46 - 00000000 ____D C:\SHARED 2015-10-04 21:46 - 2015-08-13 14:22 - 00004004 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D78182D0-8E38-4057-981F-A96B4B471EC8} 2015-10-04 21:35 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\FxsTmp 2015-10-04 21:31 - 2015-08-12 14:52 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-312703943-2248783029-2232578368-1001 2015-10-04 21:16 - 2015-08-26 22:39 - 00000000 ____D C:\Users\Joanna\AppData\Local\VMware 2015-10-02 16:24 - 2014-11-21 11:07 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-10-02 16:24 - 2014-11-21 11:07 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-10-01 18:41 - 2015-08-27 13:01 - 00001242 _____ C:\Users\Joanna\Desktop\Dropbox.lnk 2015-09-22 11:13 - 2015-08-30 21:46 - 00000000 ____D C:\Users\Joanna\AppData\Local\Deployment 2015-09-19 12:20 - 2015-08-17 17:57 - 00000000 ____D C:\Users\Joanna\AppData\Local\VirtualStore ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-10-07 10:31 - 2015-10-07 10:31 - 0000000 _____ () C:\Users\Joanna\AppData\Local\{6202B9CC-690A-4EAC-B93F-115AF5A83E38} 2015-08-14 11:15 - 2015-10-13 00:49 - 0000000 _____ () C:\ProgramData\dat.bmp Niektóre pliki w TEMP: ==================== C:\Users\Joanna\AppData\Local\Temp\avgnt.exe C:\Users\Joanna\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptn5t1q.dll ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2015-10-12 15:39 ==================== Koniec FRST.txt ============================