Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:27-02-2016 Uruchomiony przez Alice (administrator) ALICE (01-03-2016 09:26:06) Uruchomiony z C:\Users\Alice\Downloads Załadowane profile: Alice (Dostępne profile: Alice) Platform: Windows 10 Home Wersja 1511 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe () C:\ProgramData\DataCardService\HWDeviceService64.exe (Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DataCardService\DCSHelper.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe (Spotify Ltd) C:\Users\Alice\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Mega Limited) C:\Users\Alice\AppData\Local\MEGAsync\MEGAsync.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxcr.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe () C:\Program Files (x86)\NapiProjekt\napisy.exe (MPC-HC Team) C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1603544 2015-11-04] (Bitdefender) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25122080 2016-02-16] (Dropbox, Inc.) HKU\S-1-5-21-1014199781-1694329412-1083522273-1001\...\Run: [Agent Portfela Bitdefender] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-11-04] (Bitdefender) HKU\S-1-5-21-1014199781-1694329412-1083522273-1001\...\Run: [Spotify] => C:\Users\Alice\AppData\Roaming\Spotify\Spotify.exe [6743664 2016-02-27] (Spotify Ltd) HKU\S-1-5-21-1014199781-1694329412-1083522273-1001\...\Run: [Spotify Web Helper] => C:\Users\Alice\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524336 2016-02-27] (Spotify Ltd) HKU\S-1-5-21-1014199781-1694329412-1083522273-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation) HKU\S-1-5-21-1014199781-1694329412-1083522273-1001\...\RunOnce: [Uninstall C:\Users\Alice\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Alice\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64" HKU\S-1-5-21-1014199781-1694329412-1083522273-1001\...\MountPoints2: {5a445e49-b1dd-11e5-8d7f-68a3c41c5ad3} - "D:\AutoRun.exe" ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Alice\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] () ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Alice\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] () ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Alice\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] () ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Alice\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Alice\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Alice\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () Startup: C:\Users\Alice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2015-12-29] ShortcutTarget: MEGAsync.lnk -> C:\Users\Alice\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited) BootExecute: autocheck autochk /m /f \Device\HarddiskVolume3autocheck autochk * ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 10.10.10.1 Tcpip\..\Interfaces\{dd17babf-5696-4a44-b8e2-ae619570eed1}: [DhcpNameServer] 10.10.10.1 Internet Explorer: ================== SearchScopes: HKU\S-1-5-21-1014199781-1694329412-1083522273-1001 -> {6CF38641-2EC3-4E9A-9F9C-2224D434C5CC} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=435371&p={searchTerms} BHO: Portfel Bitdefender -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-12-16] (Bitdefender) BHO-x32: Portfel Bitdefender -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-12-16] (Bitdefender) Toolbar: HKLM - Portfel Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-12-16] (Bitdefender) Toolbar: HKLM-x32 - Portfel Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-12-16] (Bitdefender) FireFox: ======== FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.) FF HKLM\...\Firefox\Extensions: [bdwteffv19@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2016-01-08] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2016-01-08] [Brak podpisu cyfrowego] FF HKLM-x32\...\Firefox\Extensions: [bdwteffv19@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://isearch.omiga-plus.com/?type=hp&ts=1420657305&from=cor&uid=HitachiXHTS545050B9A300_101208PBN404M7GYLWXEX","hxxp://isearch.omiga-plus.com/?type=hppp&ts=1420657361&from=cor&uid=HitachiXHTS545050B9A300_101208PBN404M7GYLWXEX","hxxp://www.interia.pl/#utm_source=instalki1&utm_medium=installer&utm_campaign=instalki1&iwa_source=installer_instalki" CHR Profile: C:\Users\Alice\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Duolingo dla Chrome) - C:\Users\Alice\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-12-09] CHR Extension: (Super Netflix) - C:\Users\Alice\AppData\Local\Google\Chrome\User Data\Default\Extensions\aioencjhbaolepcoappllicjebblphoc [2016-02-24] CHR Extension: (Dysk Google) - C:\Users\Alice\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-09] CHR Extension: (YouTube) - C:\Users\Alice\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-09] CHR Extension: (uBlock Origin) - C:\Users\Alice\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-02-24] CHR Extension: (Google Search) - C:\Users\Alice\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-09] CHR Extension: (Search by Image (by Google)) - C:\Users\Alice\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2015-12-09] CHR Extension: (Eliminator Slajdów) - C:\Users\Alice\AppData\Local\Google\Chrome\User Data\Default\Extensions\eplekpmdodlgejgogbojajncdlapamff [2015-12-09] CHR Extension: (Bitdefender Wallet) - C:\Users\Alice\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih [2015-12-09] CHR Extension: (Czarny metalik motyw.) - C:\Users\Alice\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbhhihkiaeeioepkklgfpdohnemkjcoi [2015-12-09] CHR Extension: (Dokumenty Google offline) - C:\Users\Alice\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-09] CHR Extension: (Dropbox) - C:\Users\Alice\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-12-09] CHR Extension: (Mapy Google) - C:\Users\Alice\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-12-09] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Alice\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-09] CHR Extension: (Checker Plus for Gmail™) - C:\Users\Alice\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2016-02-12] CHR Extension: (Print Friendly & PDF) - C:\Users\Alice\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlencieiipommannpdfcmfdpjjmeolj [2015-12-09] CHR Extension: (Click&Clean App) - C:\Users\Alice\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2016-01-30] CHR Extension: (Gmail) - C:\Users\Alice\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-09] CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2015-11-04] (Bitdefender) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-09] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-09] (Dropbox, Inc.) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [887352 2016-01-28] (Bitdefender) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [100816 2015-11-04] (Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1561344 2015-11-18] (Bitdefender) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 wifimansvc; C:\Program Files (x86)\Mobile Partner\eap\wifimansvc.exe [598528 2011-10-24] () [Brak podpisu cyfrowego] S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 athr; C:\Windows\System32\drivers\athw10x.sys [4342936 2015-12-08] (Qualcomm Atheros Communications, Inc.) R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1600512 2016-01-11] (BitDefender) R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [282000 2016-01-11] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [775424 2016-01-11] (BitDefender) U5 bdelam; C:\Windows\System32\Drivers\bdelam.sys [23568 2013-09-08] (Bitdefender) R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [107496 2016-01-11] (BitDefender LLC) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [115800 2016-01-11] (BitDefender LLC) S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [130656 2016-02-27] (Bitdefender SRL) R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [87912 2016-01-11] (BitDefender) R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160032 2016-02-27] (BitDefender LLC) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek ) R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [45728 2015-12-09] (Toshiba Corporation) R2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [477272 2016-02-27] (BitDefender S.R.L.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-03-01 09:26 - 2016-03-01 09:26 - 00019776 _____ C:\Users\Alice\Downloads\FRST.txt 2016-03-01 09:25 - 2016-03-01 09:26 - 00000000 ____D C:\FRST 2016-03-01 09:25 - 2016-03-01 09:25 - 00371057 _____ C:\Users\Alice\Downloads\gm.zip 2016-03-01 09:24 - 2016-03-01 09:25 - 02371072 _____ (Farbar) C:\Users\Alice\Downloads\FRST64.exe 2016-02-29 19:15 - 2016-02-29 19:15 - 02870984 _____ (ESET) C:\Users\Alice\Downloads\esetsmartinstaller_plk.exe 2016-02-29 19:15 - 2016-02-29 19:15 - 00000000 ____D C:\Program Files (x86)\ESET 2016-02-27 17:31 - 2013-06-15 17:10 - 00712430 _____ C:\Users\Alice\Desktop\Jack Reacher #1 Poziom smierci - CHlLD LEE.mobi 2016-02-27 16:49 - 2016-02-27 16:49 - 00003794 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 2016-02-27 16:47 - 2016-02-27 16:47 - 00025190 _____ C:\ProgramData\1456588017.bdinstall.bin 2016-02-27 11:43 - 2016-02-27 11:43 - 00921164 _____ C:\ProgramData\1456567076.bdinstall.bin 2016-02-27 11:24 - 2016-02-27 11:24 - 00000684 ____H C:\bdr-cf01 2016-02-27 11:24 - 2016-02-27 11:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015 2016-02-27 11:04 - 2016-02-27 11:24 - 00253404 ____H C:\bdr-ld01 2016-02-27 11:04 - 2016-02-27 11:24 - 00009216 ____H C:\bdr-ld01.mbr 2016-02-27 11:04 - 2015-07-15 17:13 - 49737193 ____H C:\bdr-im01.gz 2016-02-27 11:04 - 2013-08-13 13:38 - 03271472 ____H C:\bdr-bz01 2016-02-27 10:59 - 2016-02-27 15:14 - 00477272 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys 2016-02-27 10:59 - 2016-02-27 15:14 - 00160032 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys 2016-02-27 10:58 - 2016-03-01 08:57 - 00000000 ____D C:\Program Files\Bitdefender Agent 2016-02-27 10:58 - 2016-02-27 11:36 - 386280328 _____ C:\Users\Alice\Downloads\bitdefender_ts_19_64b.exe 2016-02-27 10:58 - 2016-02-27 10:58 - 07194488 _____ C:\Users\Alice\Downloads\bitdefender_tsecurity.exe 2016-02-27 10:58 - 2016-02-27 10:58 - 00042826 _____ C:\ProgramData\1456567134.bdinstall.bin 2016-02-27 10:58 - 2016-02-27 10:58 - 00000000 ____D C:\ProgramData\Bitdefender Agent 2016-02-26 13:07 - 2016-02-28 19:35 - 00000000 ____D C:\Users\Alice\AppData\LocalLow\uTorrent 2016-02-23 16:58 - 2016-02-23 16:58 - 00000000 ____D C:\Users\Alice\AppData\Local\AMD 2016-02-22 18:22 - 2016-02-28 18:52 - 00078032 _____ (Absolute Software Corp.) C:\WINDOWS\SysWOW64\rpcnet.dll 2016-02-21 14:45 - 2016-02-21 14:45 - 00000218 _____ C:\Users\Alice\Desktop\Counter-Strike.url 2016-02-20 15:17 - 2016-02-20 15:17 - 00092373 _____ C:\Users\Alice\Downloads\faktura_I-0375-02-2016.pdf 2016-02-20 13:07 - 2016-02-20 09:54 - 00394556 _____ C:\Users\Alice\Desktop\Demony Dobrego Dextera - JEFF LINDSAY.mobi 2016-02-20 10:02 - 2016-02-20 10:02 - 00000000 ____D C:\Users\Alice\Downloads\Vikings_04x01_A_Good_Treason 2016-02-20 10:01 - 2016-02-20 10:01 - 00013993 _____ C:\Users\Alice\Downloads\Vikings_04x01_A_Good_Treason.zip 2016-02-20 09:59 - 2016-02-20 09:59 - 00009713 _____ C:\Users\Alice\Downloads\vikings.s04.e01.a.good.treason.(2016).pol.1cd.(6512821).zip 2016-02-20 09:59 - 2016-02-20 09:59 - 00000000 ____D C:\Users\Alice\Downloads\vikings.s04.e01.a.good.treason.(2016).pol.1cd.(6512821) 2016-02-20 09:04 - 2016-02-20 09:04 - 00870582 _____ C:\Users\Alice\Downloads\Ksiaze Mgly - Carlos Ruiz Zafon.mobi 2016-02-20 09:00 - 2016-02-20 09:01 - 00000000 ____D C:\Users\Alice\Desktop\dexter 2016-02-20 05:08 - 2016-02-20 05:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-02-19 19:33 - 2016-02-19 19:33 - 00379960 _____ C:\Users\Alice\Downloads\Potwierdzenie_1072.pdf 2016-02-15 16:20 - 2016-02-15 16:20 - 00000000 ____D C:\Users\Alice\AppData\Local\Steam 2016-02-15 16:10 - 2016-02-29 18:19 - 00000000 ____D C:\Program Files (x86)\Steam 2016-02-15 16:10 - 2016-02-15 16:10 - 01380712 _____ C:\Users\Alice\Downloads\SteamSetup.exe 2016-02-15 16:10 - 2016-02-15 16:10 - 00001036 _____ C:\Users\Public\Desktop\Steam.lnk 2016-02-15 16:10 - 2016-02-15 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2016-02-14 18:14 - 2016-02-14 18:14 - 00038868 _____ C:\Users\Alice\Downloads\The100S01E02720pHDTVx264-BAT.dfxp 2016-02-14 18:12 - 2016-02-14 18:12 - 00038905 _____ C:\Users\Alice\Downloads\The100S01E02720pWEB-DLDD51H264-KiNG.dfxp 2016-02-14 18:10 - 2016-02-14 18:10 - 00000000 ____D C:\Users\Alice\Downloads\the.100.earth.skills.(2014).tv.s01.e02.pol.5cd 2016-02-14 16:39 - 2016-02-14 16:39 - 00053232 _____ C:\Users\Alice\Downloads\the100s01e01hdtvx264-2h.dfxp 2016-02-14 16:39 - 2016-02-14 16:39 - 00000000 ____D C:\Users\Alice\Downloads\the.100.pilot.(2014).tv.s01.e01.pol.5cd 2016-02-14 16:38 - 2016-02-14 16:38 - 00080229 _____ C:\Users\Alice\Downloads\the.100.contents.under.pressure.(2014).tv.s01.e07.pol.7cd.zip 2016-02-14 16:38 - 2016-02-14 16:38 - 00075296 _____ C:\Users\Alice\Downloads\the.100.earth.kills.(2014).tv.s01.e03.pol.6cd.zip 2016-02-14 16:38 - 2016-02-14 16:38 - 00069143 _____ C:\Users\Alice\Downloads\the.100.day.trip.(2014).tv.s01.e08.pol.6cd.zip 2016-02-14 16:38 - 2016-02-14 16:38 - 00066303 _____ C:\Users\Alice\Downloads\the.100.unity.day.(2014).tv.s01.e09.pol.5cd.zip 2016-02-14 16:38 - 2016-02-14 16:38 - 00065514 _____ C:\Users\Alice\Downloads\the.100.pilot.(2014).tv.s01.e01.pol.5cd.zip 2016-02-14 16:38 - 2016-02-14 16:38 - 00065457 _____ C:\Users\Alice\Downloads\the.100.the.calm.(2014).tv.s01.e11.pol.5cd.zip 2016-02-14 16:38 - 2016-02-14 16:38 - 00059527 _____ C:\Users\Alice\Downloads\the.100.i.am.become.death.(2014).tv.s01.e10.pol.5cd.zip 2016-02-14 16:38 - 2016-02-14 16:38 - 00057380 _____ C:\Users\Alice\Downloads\the.100.earth.skills.(2014).tv.s01.e02.pol.5cd.zip 2016-02-14 16:38 - 2016-02-14 16:38 - 00057227 _____ C:\Users\Alice\Downloads\the.100.we.are.grounders.part.2.(2014).tv.s01.e13.pol.5cd.zip 2016-02-14 16:38 - 2016-02-14 16:38 - 00055609 _____ C:\Users\Alice\Downloads\the.100.murphys.law.(2014).tv.s01.e04.pol.5cd.zip 2016-02-14 16:38 - 2016-02-14 16:38 - 00055558 _____ C:\Users\Alice\Downloads\the.100.his.sisters.keeper.(2014).tv.s01.e06.pol.6cd.zip 2016-02-14 16:38 - 2016-02-14 16:38 - 00051004 _____ C:\Users\Alice\Downloads\the.100.we.are.grounders.part.1.(2014).tv.s01.e12.pol.4cd.zip 2016-02-14 16:38 - 2016-02-14 16:38 - 00048008 _____ C:\Users\Alice\Downloads\the.100.twilights.last.gleaming.(2014).tv.s01.e05.pol.4cd.zip 2016-02-10 17:59 - 2016-01-27 06:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-02-10 17:59 - 2016-01-27 06:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-02-10 17:59 - 2016-01-27 06:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-02-10 17:59 - 2016-01-27 06:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-02-10 17:59 - 2016-01-27 06:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-02-10 17:59 - 2016-01-27 05:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-02-10 17:59 - 2016-01-27 05:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-02-10 17:59 - 2016-01-27 05:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-02-10 17:59 - 2016-01-27 05:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-02-10 17:58 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-02-10 17:58 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-02-10 17:58 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-02-10 17:58 - 2016-01-27 07:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-02-10 17:58 - 2016-01-27 07:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-02-10 17:58 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-02-10 17:58 - 2016-01-27 07:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-02-10 17:58 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2016-02-10 17:58 - 2016-01-27 06:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-02-10 17:58 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2016-02-10 17:58 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2016-02-10 17:58 - 2016-01-27 06:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-02-10 17:58 - 2016-01-27 06:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-02-10 17:58 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe 2016-02-10 17:58 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-02-10 17:58 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2016-02-10 17:58 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-02-10 17:58 - 2016-01-27 06:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-02-10 17:58 - 2016-01-27 06:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-02-10 17:58 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-02-10 17:58 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe 2016-02-10 17:58 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-02-10 17:58 - 2016-01-27 06:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-02-10 17:58 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2016-02-10 17:58 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll 2016-02-10 17:58 - 2016-01-27 06:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll 2016-02-10 17:58 - 2016-01-27 06:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2016-02-10 17:58 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2016-02-10 17:58 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll 2016-02-10 17:58 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-02-10 17:58 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll 2016-02-10 17:58 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll 2016-02-10 17:58 - 2016-01-27 06:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2016-02-10 17:58 - 2016-01-27 06:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2016-02-10 17:58 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2016-02-10 17:58 - 2016-01-27 06:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll 2016-02-10 17:58 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll 2016-02-10 17:58 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2016-02-10 17:58 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll 2016-02-10 17:58 - 2016-01-27 05:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-02-10 17:58 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-02-10 17:58 - 2016-01-27 05:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-02-10 17:58 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-02-10 17:58 - 2016-01-27 05:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-02-10 17:58 - 2016-01-27 05:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-02-10 17:58 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2016-02-10 17:58 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-02-10 17:58 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll 2016-02-10 17:58 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-02-10 17:58 - 2016-01-27 05:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-02-10 17:58 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-02-10 17:58 - 2016-01-27 05:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-02-10 17:58 - 2016-01-27 05:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-02-10 17:58 - 2016-01-27 05:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-02-10 17:58 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2016-02-10 17:58 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll 2016-02-07 19:23 - 2016-02-07 19:23 - 00001116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2016-02-07 19:23 - 2016-02-07 19:23 - 00001104 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk 2016-02-07 19:23 - 2016-02-07 19:23 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-02-07 19:21 - 2016-02-07 19:21 - 00000000 ____D C:\Users\Alice\AppData\LocalLow\Temp 2016-02-07 18:42 - 2016-02-07 18:42 - 00000000 ____D C:\Users\Alice\AppData\Roaming\Kodi 2016-02-07 18:42 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll 2016-02-07 18:42 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll 2016-02-07 18:41 - 2016-02-07 18:41 - 00000000 ____D C:\Users\Alice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi 2016-02-07 18:40 - 2016-02-07 18:42 - 00000000 ____D C:\Program Files (x86)\Kodi 2016-02-07 12:05 - 2016-02-07 12:05 - 00000000 ____D C:\Users\Alice\Desktop\moje roznez tel 2016-02-07 09:58 - 2016-02-07 11:12 - 00000000 ____D C:\Users\Alice\Desktop\sgs2 2016-02-07 09:56 - 2016-02-07 09:56 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf 2016-02-06 21:58 - 2016-02-06 21:58 - 00000000 ____D C:\Users\Alice\Desktop\I9100_1GB_System_-_2GB_Data_-_untested (1) 2016-02-06 19:57 - 2016-02-06 19:57 - 00000000 ____D C:\Users\Alice\.android 2016-02-06 19:51 - 2016-02-06 19:51 - 00000000 ____D C:\Program Files\DIFX 2016-02-06 19:51 - 2016-02-06 19:51 - 00000000 ____D C:\adb 2016-02-06 19:51 - 2014-09-20 11:49 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll 2016-02-06 19:51 - 2014-09-20 11:49 - 01002728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll 2016-02-06 17:20 - 2016-02-06 17:20 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2016-02-06 13:08 - 2016-02-06 13:08 - 00000000 ____D C:\Users\Alice\AppData\Roaming\MAGIX 2016-02-06 13:08 - 2016-02-06 13:08 - 00000000 ____D C:\ProgramData\MAGIX 2016-02-06 13:01 - 2016-02-06 13:08 - 00000000 ____D C:\ProgramData\simplitec 2016-02-06 13:01 - 2016-02-06 13:01 - 00000000 ____D C:\Users\Alice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer 2016-02-06 13:01 - 2015-05-06 16:54 - 00120200 _____ () C:\WINDOWS\SysWOW64\DLLDEV32i.dll 2016-02-06 13:00 - 2016-02-20 09:59 - 00000000 ____D C:\KMPlayer 2016-02-06 12:05 - 2016-02-06 12:05 - 00003800 _____ C:\WINDOWS\System32\Tasks\gameo_update 2016-02-06 12:05 - 2016-02-06 12:05 - 00000000 ___HD C:\Users\Alice\AppData\Roaming\GoldenGate 2016-02-06 12:04 - 2016-02-06 13:08 - 00000000 ____D C:\Users\Alice\AppData\Local\Gameo 2016-02-06 12:04 - 2016-02-06 12:04 - 00000173 _____ C:\Users\Alice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url 2016-02-06 11:49 - 2016-02-06 11:49 - 00000000 ___RD C:\Users\Alice\3D Objects 2016-02-06 11:44 - 2016-02-06 11:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dziobas Rar Player 2016-02-06 11:44 - 2016-02-06 11:47 - 00000000 ____D C:\Program Files (x86)\Dziobas Rar Player ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-03-01 09:23 - 2015-12-08 20:10 - 00000000 ____D C:\Users\Alice\AppData\Local\Packages 2016-03-01 09:23 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-03-01 09:23 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-03-01 09:05 - 2015-12-09 15:00 - 00001182 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2016-03-01 08:42 - 2015-12-09 14:50 - 00000000 ____D C:\Users\Alice\AppData\Roaming\Skype 2016-03-01 08:40 - 2015-12-09 11:30 - 00001068 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-02-29 18:18 - 2015-12-09 15:00 - 00001178 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2016-02-29 18:18 - 2015-12-09 11:30 - 00001064 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-02-29 18:17 - 2015-12-09 10:30 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-02-29 04:55 - 2015-12-10 20:26 - 00060647 _____ C:\bdlog.txt 2016-02-29 04:55 - 2015-12-10 13:46 - 00000000 ____D C:\Users\Alice\AppData\Roaming\uTorrent 2016-02-29 04:55 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-02-29 04:28 - 2015-12-08 20:14 - 01845594 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-02-29 04:28 - 2015-10-30 20:19 - 00818302 _____ C:\WINDOWS\system32\perfh015.dat 2016-02-29 04:28 - 2015-10-30 20:19 - 00157970 _____ C:\WINDOWS\system32\perfc015.dat 2016-02-29 04:28 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF 2016-02-28 18:54 - 2015-12-09 08:22 - 00049536 _____ (Absolute Software Corp.) C:\WINDOWS\SysWOW64\agremove.exe 2016-02-28 18:52 - 2015-12-09 10:15 - 00017920 _____ C:\WINDOWS\system32\rpcnetp.exe 2016-02-27 19:58 - 2015-12-09 14:55 - 00000000 ____D C:\Users\Alice\AppData\Local\Spotify 2016-02-27 19:55 - 2015-12-09 14:55 - 00000000 ____D C:\Users\Alice\AppData\Roaming\Spotify 2016-02-27 11:26 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2016-02-27 11:24 - 2015-12-09 13:35 - 00000000 ____D C:\Users\Alice\AppData\Roaming\Bitdefender 2016-02-27 11:24 - 2015-12-09 13:33 - 00000000 ____D C:\ProgramData\Bitdefender 2016-02-27 10:59 - 2015-12-09 13:32 - 00000000 ____D C:\Program Files\Common Files\Bitdefender 2016-02-24 04:49 - 2015-12-09 10:24 - 00000000 ____D C:\Users\Alice 2016-02-23 20:44 - 2015-12-29 19:03 - 00000000 ____D C:\Users\Alice\AppData\Roaming\GG 2016-02-22 18:17 - 2015-12-29 11:45 - 00000000 ____D C:\Users\Alice\AppData\Local\MEGAsync 2016-02-20 09:54 - 2016-01-18 11:29 - 00000000 ____D C:\Users\Alice\Documents\Biblioteka calibre 2016-02-20 05:08 - 2015-12-09 14:59 - 00000000 ____D C:\Program Files (x86)\Dropbox 2016-02-20 00:42 - 2015-12-09 11:34 - 00002278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-16 18:45 - 2015-12-09 14:49 - 00000000 ____D C:\ProgramData\Skype 2016-02-13 08:42 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache 2016-02-11 18:22 - 2015-12-08 20:13 - 00002411 _____ C:\Users\Alice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-02-11 18:22 - 2015-12-08 20:13 - 00000000 ___RD C:\Users\Alice\OneDrive 2016-02-11 18:10 - 2015-09-10 06:55 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-02-11 03:30 - 2015-10-30 20:23 - 00000000 ____D C:\Program Files\Windows Journal 2016-02-10 20:38 - 2015-12-09 08:40 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-02-10 20:34 - 2015-12-09 08:40 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-02-10 20:33 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-02-08 04:55 - 2015-12-09 10:15 - 00215216 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-02-07 18:42 - 2015-12-09 10:20 - 00000000 ____D C:\ProgramData\Package Cache 2016-02-07 08:19 - 2015-12-29 19:02 - 00000000 ____D C:\Users\Alice\AppData\Local\GG 2016-02-06 11:48 - 2015-12-08 20:10 - 00000000 ____D C:\Users\Alice\AppData\Local\VirtualStore 2016-02-04 11:25 - 2016-01-27 17:13 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-02-03 20:01 - 2015-10-30 08:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-02-03 20:01 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-02-03 09:35 - 2015-12-09 11:30 - 00004126 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-02-03 09:35 - 2015-12-09 11:30 - 00003894 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-02-01 13:30 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files 2016-02-01 13:30 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\Offline Web Pages 2016-02-01 13:24 - 2015-12-26 14:50 - 00000000 ____D C:\Users\Alice\Desktop\serial ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-12-09 13:53 - 2015-12-09 13:53 - 0651301 _____ () C:\ProgramData\1449664378.bdinstall.bin 2016-02-27 11:43 - 2016-02-27 11:43 - 0921164 _____ () C:\ProgramData\1456567076.bdinstall.bin 2016-02-27 10:58 - 2016-02-27 10:58 - 0042826 _____ () C:\ProgramData\1456567134.bdinstall.bin 2016-02-27 16:47 - 2016-02-27 16:47 - 0025190 _____ () C:\ProgramData\1456588017.bdinstall.bin Niektóre pliki w TEMP: ==================== C:\Users\Alice\AppData\Local\Temp\ggdrive-menu.exe C:\Users\Alice\AppData\Local\Temp\ggdrive-overlay.exe C:\Users\Alice\AppData\Local\Temp\installstats.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-03-01 09:17 ==================== Koniec FRST.txt ============================