Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 15-03-2017 Uruchomiony przez Eliza (administrator) DELLIZA (30-03-2017 13:58:19) Uruchomiony z C:\Users\Eliza\Desktop\frst Załadowane profile: UpdatusUser & Eliza (Dostępne profile: UpdatusUser & Eliza) Platform: Windows 8.1 Pro (Update) (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe (Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe (ABBYY Production LLC) C:\Program Files (x86)\ABBYY PDF Transformer+\NetworkLicenseServer.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe (Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe (Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Windows\Temp\irstrtsv\scrncap.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Spotify Ltd) C:\Users\Eliza\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Dell) C:\Users\Eliza\AppData\Local\Apps\2.0\333B815C.9H5\4MTL9KQA.HWB\dell..tion_831211ca63b981c5_0008.0003_e23fe183534fdbc1\DellSystemDetect.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe (Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe (Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe (Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe (Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe (Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe (SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Users\Eliza\Downloads\AdwCleaner.exe (Farbar) C:\Users\Eliza\Desktop\frst\FRST64 (3).exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-09-11] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-09-11] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-09-11] (Realtek Semiconductor) HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-28] (NVIDIA Corporation) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5773640 2013-08-22] (Dell Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-07-08] (ESET) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-10-28] (Intel Corporation) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-04-22] (Apple Inc.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [1734144 2013-05-29] (iSkySoft) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2404952 2017-03-27] (Adobe Systems Incorporated) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1417911127-3688308230-4202644773-1002\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [3000704 2014-01-29] (ALLPlayer Group Ltd.) HKU\S-1-5-21-1417911127-3688308230-4202644773-1002\...\Run: [Facebook Update] => C:\Users\Eliza\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-04-09] (Facebook Inc.) HKU\S-1-5-21-1417911127-3688308230-4202644773-1002\...\Run: [Spotify Web Helper] => C:\Users\Eliza\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2016-12-13] (Spotify Ltd) HKU\S-1-5-21-1417911127-3688308230-4202644773-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe HKU\S-1-5-21-1417911127-3688308230-4202644773-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe HKU\S-1-5-21-1417911127-3688308230-4202644773-1002\...\Run: [Adobe Acrobat Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" HKU\S-1-5-21-1417911127-3688308230-4202644773-1002\...\Run: [DellSystemDetect] => C:\Users\Eliza\AppData\Local\Apps\2.0\333B815C.9H5\4MTL9KQA.HWB\dell..tion_831211ca63b981c5_0008.0003_e23fe183534fdbc1\DellSystemDetect.exe [311216 2017-02-26] (Dell) HKU\S-1-5-18\...\RunOnce: [iCloud] => "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe" HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Eliza\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-03-01] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Eliza\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-03-01] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Eliza\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-03-01] (Microsoft Corporation) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation) ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Eliza\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-03-01] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Eliza\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-03-01] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Eliza\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-03-01] (Microsoft Corporation) Startup: C:\Users\Eliza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Illustrator CC 2014 Crack And Serial Number Latest N Full Version Free Download.lnk [2015-03-11] ShortcutTarget: Adobe Illustrator CC 2014 Crack And Serial Number Latest N Full Version Free Download.lnk -> C:\ProgramData\{c3c944f7-9008-8efc-c3c9-944f790013de}\Adobe Illustrator CC 2014 Crack And Serial Number Latest N Full Version Free Download.exe (Brak pliku) Startup: C:\Users\Eliza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk [2015-05-12] ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 212.166.64.1 8.8.8.8 Tcpip\..\Interfaces\{46615897-41DD-40C9-8D47-A09FDBF4E567}: [DhcpNameServer] 212.166.64.1 8.8.8.8 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=130921019579939103&GUID=6F5F01F1-2D15-4673-84BF-D853761C62F3 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKU\S-1-5-21-1417911127-3688308230-4202644773-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=130921019579952083&GUID=6F5F01F1-2D15-4673-84BF-D853761C62F3 URLSearchHook: [S-1-5-21-1417911127-3688308230-4202644773-1001] UWAGA => Brak domyślnego URLSearchHook SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1 SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1 SearchScopes: HKU\S-1-5-21-1417911127-3688308230-4202644773-1002 -> {szukaj.gazeta.pl} URL = hxxp://szukaj.gazeta.pl/internet/0,0.html?slowo={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-01-31] (Microsoft Corporation) BHO-x32: Internet Speed Checker -> {11111111-1111-1111-1111-110611171152} -> C:\Program Files (x86)\Internet Speed Checker\Internet Speed Checker-bho.dll => Brak pliku BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-20] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-20] (Oracle Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://distense.com/wp-admin/post-new.php CHR StartupUrls: Default -> "hxxp://greatday.com/" CHR Profile: C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default [2017-03-30] CHR Extension: (Google Docs) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA CHR Extension: (Google Drive) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-04] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA CHR Extension: (YouTube) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (uBlock Origin) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-03-30] CHR Extension: (Google Search) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-16] CHR Extension: (Adobe Acrobat) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-06] CHR Extension: (Google Sheets) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-24] CHR Extension: (Google Docs Offline) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16] CHR Extension: (AdBlock) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-03-11] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA CHR Extension: (the little memory) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\honmnihjmiioifehpiepkldneddleedn [2017-02-21] CHR Extension: (PowerPoint Online) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdafamggmaaaginooondinjgkgcbpnhp [2014-05-21] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA CHR Extension: (Sticky Notes) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbjdhgkkhefpifbifjiflpaajchdkhpg [2017-02-21] CHR Extension: (Google Wallet) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-11] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA CHR Extension: (Gmail) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-01] CHR Extension: (Chrome Media Router) - C:\Users\Eliza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08] CHR HKU\S-1-5-21-1417911127-3688308230-4202644773-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx Opera: ======= OPR StartupUrls: "hxxp://www.gazeta.pl/0,0.html?p=156" ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 ABBYY.Licensing.PDFTransformer.Classic.4.0; C:\Program Files (x86)\ABBYY PDF Transformer+\NetworkLicenseServer.exe [822072 2013-11-22] (ABBYY Production LLC) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [771672 2017-03-14] (Adobe Systems Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated) S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [Brak podpisu cyfrowego] R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2017-01-17] (Microsoft Corporation) R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc.) R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-06-23] (Dell Inc.) R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-06-23] (Dell Inc.) R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1353720 2015-07-08] (ESET) R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1392792 2015-10-30] (Intel Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-10-28] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [155448 2013-09-05] (Intel Corporation) R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [783264 2013-09-09] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-12] (Intel Corporation) R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [67752 2012-10-25] (Robert McNeel & Associates) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-08-23] () R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2012-01-31] (Nalpeiron Ltd.) [Brak podpisu cyfrowego] R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-09-11] (Realtek Semiconductor) R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915408 2013-10-17] (SoftThinks SAS) R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2016-09-09] (Dell Inc.) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Brak podpisu cyfrowego] R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2016-08-26] (Popcorn Time) [Brak podpisu cyfrowego] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3667696 2013-08-23] (Intel® Corporation) S2 a9cff455; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\ReactorExtender\ReactorExtender.dll",serv ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.) R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1386296 2013-08-19] (Motorola Solutions, Inc.) R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-31] (Dell Computer Corporation) R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation) R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [55784 2015-10-30] (Intel Corporation) R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [52200 2015-10-30] (Intel Corporation) R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [50664 2015-10-30] (Intel Corporation) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET) R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-14] (ESET) R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET) R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [168208 2015-07-14] (ESET) R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [260072 2015-10-30] (Intel Corporation) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [117192 2013-08-29] (Intel Corporation) R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [20192 2013-09-09] (Intel Corporation) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-09-12] (Intel Corporation) R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [777944 2016-03-21] (Realsil Semiconductor Corporation) R3 SensorsAlsDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-09-06] (Synaptics Incorporated) R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [34544 2013-09-06] (Synaptics Incorporated) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) R3 ST_ACCEL; C:\Windows\system32\DRIVERS\ST_Accel.sys [83456 2013-08-06] (STMicroelectronics) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) R3 WUDFWpdComp; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-03-30 13:57 - 2017-03-30 13:57 - 00018334 _____ C:\Users\Eliza\Desktop\AdwCleaner[S0].txt 2017-03-30 13:54 - 2017-03-30 13:56 - 00000000 ____D C:\AdwCleaner 2017-03-30 13:53 - 2017-03-30 13:54 - 04089296 _____ C:\Users\Eliza\Downloads\AdwCleaner.exe 2017-03-30 13:40 - 2017-03-30 13:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices 2017-03-30 13:32 - 2017-03-30 13:32 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2017-03-30 13:32 - 2017-03-30 13:32 - 00001159 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk 2017-03-30 13:30 - 2017-03-30 13:36 - 00000000 ____D C:\Users\Eliza\Desktop\frst 2017-03-30 13:27 - 2017-03-30 13:27 - 00496128 _____ C:\Users\Eliza\Downloads\SpyHunterCleaner_1.05.exe 2017-03-30 13:27 - 2017-03-30 13:27 - 00305152 _____ C:\Users\Eliza\Downloads\SpyHunterCleaner-reboot.exe 2017-03-30 13:27 - 2017-03-30 13:27 - 00000226 _____ C:\Users\Eliza\Downloads\SpyHunterCleaner-uninstall.bat 2017-03-26 21:17 - 2017-03-26 21:17 - 00003385 _____ C:\Users\Eliza\Downloads\isometric-perspective-cube.eps 2017-03-26 21:16 - 2017-03-26 21:16 - 00007218 _____ C:\Users\Eliza\Downloads\cube-graphic-of-squares.eps 2017-03-26 21:11 - 2017-03-26 21:11 - 15900408 _____ C:\Users\Eliza\Downloads\Sea-foam-watercolor-background (1).zip 2017-03-26 21:10 - 2017-03-26 21:10 - 00004727 _____ C:\Users\Eliza\Downloads\veranda.eps 2017-03-26 15:30 - 2017-03-26 15:30 - 00007539 _____ C:\Users\Eliza\Downloads\mother-walking-with-three-babies.eps 2017-03-26 15:22 - 2017-03-26 15:22 - 00005093 _____ C:\Users\Eliza\Downloads\family-of-three.eps 2017-03-26 15:18 - 2017-03-26 15:18 - 00003429 _____ C:\Users\Eliza\Downloads\mother-with-baby-in-arms.eps 2017-03-23 21:44 - 2017-03-23 21:44 - 02424832 _____ (Farbar) C:\Users\Eliza\Downloads\FRST64 (3).exe 2017-03-21 14:23 - 2017-03-21 14:23 - 00805714 _____ C:\Users\Eliza\Downloads\presentation 13.03-ilovepdf-compressed.pdf 2017-03-16 15:39 - 2017-03-16 15:39 - 06553621 _____ C:\Users\Eliza\Downloads\Site_1000.dwg 2017-03-15 14:16 - 2017-03-04 10:01 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2017-03-15 14:16 - 2017-03-04 09:59 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2017-03-15 14:16 - 2017-03-04 09:48 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2017-03-15 14:16 - 2017-03-04 09:45 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2017-03-15 14:16 - 2017-03-04 09:44 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2017-03-15 14:16 - 2017-03-04 09:31 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2017-03-15 14:16 - 2017-03-04 09:05 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2017-03-15 14:16 - 2017-03-04 08:54 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2017-03-15 14:16 - 2017-03-04 08:26 - 15259648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2017-03-15 14:16 - 2017-03-04 08:25 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2017-03-15 14:16 - 2017-03-04 08:12 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2017-03-15 14:16 - 2017-03-04 08:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2017-03-15 14:16 - 2017-03-04 06:18 - 20281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-03-15 14:16 - 2017-03-02 20:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2017-03-15 14:16 - 2017-03-02 19:55 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2017-03-15 14:16 - 2017-03-02 19:49 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2017-03-15 14:16 - 2017-03-02 19:25 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2017-03-15 14:16 - 2017-03-02 19:22 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2017-03-15 14:16 - 2017-03-02 19:19 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2017-03-15 14:16 - 2017-03-02 19:11 - 13654528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-03-15 14:16 - 2017-03-02 18:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-03-15 14:16 - 2017-03-02 18:50 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-03-15 14:16 - 2017-03-02 18:50 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2017-03-15 14:16 - 2017-02-11 21:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2017-03-15 14:16 - 2017-02-11 07:12 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2017-03-15 14:16 - 2017-02-11 07:12 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2017-03-15 14:16 - 2017-02-11 07:00 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2017-03-15 14:16 - 2017-02-11 06:58 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2017-03-15 14:16 - 2017-02-11 06:56 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2017-03-15 14:16 - 2017-02-10 21:09 - 04169728 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2017-03-15 14:16 - 2017-02-10 07:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2017-03-15 14:16 - 2017-02-10 07:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2017-03-15 14:16 - 2017-02-10 07:09 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2017-03-15 14:16 - 2017-02-10 07:08 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2017-03-15 14:16 - 2017-02-10 07:01 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2017-03-15 14:16 - 2017-02-10 07:00 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2017-03-15 14:16 - 2017-02-10 06:59 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2017-03-15 14:16 - 2017-02-10 03:31 - 01549144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2017-03-15 14:16 - 2017-02-10 02:12 - 01375960 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2017-03-15 14:16 - 2017-02-09 17:28 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2017-03-15 14:16 - 2017-02-09 17:19 - 01377792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2017-03-15 14:16 - 2017-02-09 17:16 - 01560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2017-03-15 14:16 - 2017-02-09 17:16 - 01094656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2017-03-15 14:16 - 2017-02-09 16:59 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2017-03-15 14:16 - 2017-02-09 16:58 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll 2017-03-15 14:16 - 2017-02-09 16:58 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll 2017-03-15 14:16 - 2017-02-04 22:32 - 07444832 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2017-03-15 14:16 - 2017-02-04 22:30 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2017-03-15 14:16 - 2017-02-04 22:30 - 01523216 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2017-03-15 14:16 - 2017-02-04 22:30 - 01490128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2017-03-15 14:16 - 2017-02-04 22:30 - 01358960 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2017-03-15 14:16 - 2017-02-04 21:32 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll 2017-03-15 14:16 - 2017-02-04 21:30 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2017-03-15 14:16 - 2017-02-04 20:14 - 01001472 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe 2017-03-15 14:16 - 2017-02-04 19:50 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll 2017-03-15 14:16 - 2017-02-04 19:40 - 01754112 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2017-03-15 14:16 - 2017-02-04 19:32 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll 2017-03-15 14:16 - 2017-02-04 19:17 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll 2017-03-15 14:16 - 2017-02-04 19:10 - 01491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2017-03-15 14:16 - 2017-02-04 19:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll 2017-03-15 14:16 - 2017-01-21 23:37 - 00567152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2017-03-15 14:16 - 2017-01-21 21:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2017-03-15 14:16 - 2017-01-21 21:27 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\auditpolmsg.dll 2017-03-15 14:16 - 2017-01-21 21:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2017-03-15 14:16 - 2017-01-21 21:22 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2017-03-15 14:16 - 2017-01-21 21:20 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2017-03-15 14:16 - 2017-01-21 20:40 - 00756736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2017-03-15 14:16 - 2017-01-21 20:40 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpolmsg.dll 2017-03-15 14:16 - 2017-01-21 20:40 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2017-03-15 14:16 - 2017-01-21 20:37 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2017-03-15 14:16 - 2017-01-21 19:58 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2017-03-15 14:16 - 2017-01-21 19:48 - 01437696 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2017-03-15 14:16 - 2017-01-14 19:49 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe 2017-03-15 14:16 - 2017-01-11 21:37 - 02345984 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2017-03-15 14:16 - 2017-01-10 21:08 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2017-03-15 14:16 - 2017-01-05 20:20 - 01697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2017-03-15 14:16 - 2017-01-05 20:09 - 07076864 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll 2017-03-15 14:16 - 2017-01-05 19:36 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2017-03-15 14:16 - 2017-01-05 19:29 - 05273600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll 2017-03-15 14:16 - 2017-01-05 19:13 - 07796224 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2017-03-15 14:16 - 2017-01-05 18:57 - 05268480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2017-03-15 14:16 - 2016-11-09 21:22 - 00681472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2017-03-15 13:23 - 2017-02-23 16:50 - 00093360 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2017-03-15 13:23 - 2017-02-22 16:35 - 01609216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2017-03-15 13:23 - 2017-02-22 16:35 - 01286144 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2017-03-15 13:23 - 2017-02-22 16:35 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2017-03-15 13:23 - 2017-02-22 16:35 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2017-03-15 13:23 - 2017-02-22 16:35 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2017-03-15 13:23 - 2017-02-22 16:35 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2017-03-15 13:23 - 2017-02-22 16:35 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2017-03-15 13:23 - 2017-02-22 16:35 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2017-03-15 13:23 - 2016-06-03 19:11 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2017-03-14 17:09 - 2017-03-14 17:09 - 00031782 _____ C:\Users\Eliza\Downloads\Free-Autocad-Layouts.dwg_.zip 2017-03-14 13:49 - 2017-03-14 13:49 - 07452318 _____ C:\Users\Eliza\Downloads\OfficialPlan_Schedule3A.pdf 2017-03-14 12:53 - 2017-03-14 12:54 - 343726620 _____ C:\Users\Eliza\Downloads\Eliza.zip 2017-03-13 04:41 - 2017-03-13 04:41 - 04926172 _____ C:\Users\Eliza\Downloads\presentation hq.compressed.pdf 2017-03-12 18:01 - 2017-03-12 18:01 - 00057577 _____ C:\Users\Eliza\Downloads\gplaypattern.zip 2017-03-12 16:48 - 2017-03-12 16:48 - 00118539 _____ C:\Users\Eliza\Downloads\Social-Housing-in-Spain (1).pptx 2017-03-12 16:39 - 2017-03-12 16:39 - 00082432 _____ C:\Users\Eliza\Downloads\08010000.XLS 2017-03-12 16:28 - 2017-03-12 16:28 - 01126609 _____ C:\Users\Eliza\Downloads\Observatory_Financing SH_Final report_July 2013 (2).pdf 2017-03-12 16:25 - 2017-03-12 16:25 - 01126609 _____ C:\Users\Eliza\Downloads\Observatory_Financing SH_Final report_July 2013 (1).pdf 2017-03-12 16:00 - 2017-03-12 16:00 - 01126609 _____ C:\Users\Eliza\Downloads\Observatory_Financing SH_Final report_July 2013.pdf 2017-03-12 01:25 - 2017-03-12 01:25 - 00041325 _____ C:\Users\Eliza\Downloads\cadmapper-download (23).zip 2017-03-12 01:20 - 2017-03-12 01:20 - 00543346 _____ C:\Users\Eliza\Downloads\cadmapper-download (3).zip 2017-03-11 20:20 - 2017-03-11 20:20 - 00012014 _____ C:\Users\Eliza\Downloads\big-bottle-of-water.eps 2017-03-11 15:07 - 2017-03-11 15:07 - 00540338 _____ C:\Users\Eliza\Downloads\dupa (1).ai 2017-03-11 15:06 - 2017-03-11 15:06 - 00540338 _____ C:\Users\Eliza\Downloads\dupa.ai 2017-03-10 23:42 - 2017-03-10 23:42 - 00753173 _____ C:\Users\Eliza\Downloads\Grey-world-map.zip 2017-03-10 23:39 - 2017-03-10 23:39 - 09671156 _____ C:\Users\Eliza\Downloads\White-world-map.zip 2017-03-10 23:30 - 2017-03-10 23:30 - 00995294 _____ C:\Users\Eliza\Downloads\vector-world-map-v2.2-blank.ai 2017-03-10 23:00 - 2017-03-10 23:00 - 00556800 _____ C:\Users\Eliza\Desktop\Kingston.pdf 2017-03-10 22:38 - 2017-03-10 22:38 - 05649977 _____ C:\Users\Eliza\Downloads\Blue-stages-diagram.zip 2017-03-10 22:36 - 2017-03-10 22:36 - 15900408 _____ C:\Users\Eliza\Downloads\Sea-foam-watercolor-background.zip 2017-03-10 22:19 - 2017-03-10 22:19 - 01199304 _____ C:\Users\Eliza\Downloads\Infographic-timeline-flat-design.zip 2017-03-10 22:09 - 2017-03-10 22:09 - 01272900 _____ C:\Users\Eliza\Downloads\Round-infographic-template.zip 2017-03-10 22:03 - 2017-03-10 22:04 - 121612302 _____ C:\Users\Eliza\Downloads\Polygonal-world-map.zip 2017-03-09 18:54 - 2017-03-09 18:54 - 01735202 _____ C:\Users\Eliza\Downloads\152206ca_att_45_1.pdf 2017-03-09 17:45 - 2017-03-09 17:45 - 00138024 ____H C:\Users\Eliza\Downloads\~WRL2498.tmp 2017-03-09 16:23 - 2017-03-09 16:23 - 01561968 _____ C:\Users\Eliza\Downloads\energies-05-02263.pdf 2017-03-09 16:17 - 2017-03-09 16:17 - 00118539 _____ C:\Users\Eliza\Downloads\Social-Housing-in-Spain.pptx 2017-03-09 15:34 - 2017-03-30 13:38 - 00144384 ___SH C:\Users\Eliza\Desktop\Thumbs.db 2017-03-07 14:36 - 2017-03-07 15:05 - 11707145 _____ C:\Users\Eliza\Downloads\model+existing.skb 2017-03-07 13:57 - 2017-03-07 13:57 - 00370552 _____ C:\Users\Eliza\Downloads\cadmapper-download (1).zip 2017-03-07 13:51 - 2017-03-07 15:37 - 11772570 _____ C:\Users\Eliza\Downloads\model+existing.skp 2017-03-07 13:38 - 2017-03-07 13:38 - 09578746 _____ C:\Users\Eliza\Downloads\model existing (1).skp 2017-03-07 13:28 - 2017-03-07 13:29 - 09409575 _____ C:\Users\Eliza\Downloads\model version2.skp 2017-03-07 13:28 - 2017-03-07 13:29 - 09289261 _____ C:\Users\Eliza\Downloads\model version 1.skp 2017-03-07 13:28 - 2017-03-07 13:28 - 09578746 _____ C:\Users\Eliza\Downloads\model existing.skp 2017-03-07 12:53 - 2017-03-07 12:48 - 09317759 _____ C:\Users\Eliza\Downloads\abaceria sketches (1).skb 2017-03-07 12:48 - 2017-03-07 12:53 - 09277486 _____ C:\Users\Eliza\Downloads\abaceria sketches (1).skp 2017-03-07 12:48 - 2017-03-07 12:48 - 00002180 _____ C:\Users\Public\Desktop\Style Builder 2017.lnk 2017-03-07 12:48 - 2017-03-07 12:48 - 00002094 _____ C:\Users\Public\Desktop\LayOut 2017.lnk 2017-03-07 12:48 - 2017-03-07 12:48 - 00002005 _____ C:\Users\Public\Desktop\SketchUp 2017.lnk 2017-03-07 12:48 - 2017-03-07 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2017 2017-03-07 12:39 - 2017-03-07 12:40 - 155181368 _____ (Trimble, Inc.) C:\Users\Eliza\Downloads\SketchUpPro-en-x64.exe 2017-03-07 12:37 - 2017-03-07 12:37 - 10478796 _____ C:\Users\Eliza\Downloads\abaceria sketches.skb 2017-03-07 12:27 - 2017-03-07 12:27 - 10478796 _____ C:\Users\Eliza\Downloads\abaceria sketches.skp 2017-03-07 12:27 - 2017-03-07 12:27 - 10418210 _____ C:\Users\Eliza\Downloads\abaceria construction (1).skb 2017-03-06 18:10 - 2017-03-06 18:10 - 02423808 _____ (Farbar) C:\Users\Eliza\Downloads\FRST64 (2).exe 2017-03-06 12:48 - 2017-03-06 12:49 - 02531119 _____ C:\Users\Eliza\Downloads\bibliography.pdf 2017-03-06 12:21 - 2017-03-06 12:21 - 00040796 _____ C:\Users\Eliza\Desktop\My Collection.xml 2017-03-06 12:18 - 2017-03-06 12:18 - 00000000 ____D C:\Users\Eliza\.QtWebEngineProcess 2017-03-06 12:18 - 2017-03-06 12:18 - 00000000 ____D C:\Users\Eliza\.Mendeley Desktop 2017-03-06 12:17 - 2017-03-06 12:17 - 00001116 _____ C:\Users\Public\Desktop\Mendeley Desktop.lnk 2017-03-06 12:17 - 2017-03-06 12:17 - 00000000 ____D C:\Users\Eliza\AppData\Local\Mendeley Ltd 2017-03-06 12:17 - 2017-03-06 12:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mendeley Desktop 2017-03-06 12:16 - 2017-03-06 12:17 - 00000000 ____D C:\Program Files (x86)\Mendeley Desktop 2017-03-06 12:15 - 2017-03-06 12:16 - 56266424 _____ C:\Users\Eliza\Downloads\Mendeley-Desktop-1.17.8-win32.exe 2017-03-06 12:11 - 2017-03-06 12:11 - 00022839 _____ C:\Users\Eliza\Desktop\lol.html 2017-03-06 12:08 - 2017-03-06 12:08 - 00022157 _____ C:\Users\Eliza\Downloads\xml-export (1).xml 2017-03-06 11:56 - 2017-03-06 11:56 - 00022157 _____ C:\Users\Eliza\Downloads\xml-export.xml 2017-03-02 18:08 - 2017-03-02 18:08 - 00380928 _____ C:\Users\Eliza\Downloads\vxrlj4yv.exe 2017-03-02 18:06 - 2017-03-23 21:56 - 00130424 _____ C:\Users\Eliza\Downloads\Shortcut.txt 2017-03-02 18:02 - 2017-03-23 21:56 - 00091068 _____ C:\Users\Eliza\Downloads\Addition.txt 2017-03-02 18:00 - 2017-03-23 21:56 - 00072265 _____ C:\Users\Eliza\Downloads\FRST.txt 2017-03-02 17:59 - 2017-03-30 13:58 - 00000000 ____D C:\FRST 2017-03-02 17:58 - 2017-03-02 17:58 - 02423808 _____ (Farbar) C:\Users\Eliza\Downloads\FRST64.exe 2017-03-02 17:58 - 2017-03-02 17:58 - 02423808 _____ (Farbar) C:\Users\Eliza\Downloads\FRST64 (1).exe 2017-03-01 01:56 - 2017-03-01 12:12 - 00000000 ____D C:\Users\Eliza\AppData\Local\YnPack 2017-03-01 01:56 - 2017-03-01 01:57 - 00000000 ____D C:\Users\Eliza\AppData\Local\Efption 2017-03-01 01:51 - 2017-03-01 17:23 - 00000000 ___HD C:\Users\Eliza\AppData\Local\SysHashTable 2017-03-01 01:37 - 2017-03-01 01:37 - 00001058 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014.lnk 2017-02-28 17:55 - 2017-03-02 13:44 - 00000000 ____D C:\Users\Eliza\Desktop\120hrs 2017-02-28 14:48 - 2017-02-28 14:48 - 00019784 _____ C:\Users\Eliza\Downloads\5116_Potosczopis.torrent 2017-02-28 14:45 - 2017-02-28 14:45 - 00033017 _____ C:\Users\Eliza\Downloads\Adobe Photoshop CC 2015.torrent 2017-02-28 14:43 - 2017-02-28 14:43 - 00014530 _____ C:\Users\Eliza\Downloads\Adobe Photoshop CC 2017 v18.0.0 WINX64.rar 2017-02-28 14:43 - 2017-02-28 14:43 - 00000000 _____ C:\Users\Eliza\Downloads\Adobe Photoshop CC 2017 v18.0.0 WINX64.torrent ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-03-30 13:46 - 2014-02-04 20:13 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1417911127-3688308230-4202644773-1002 2017-03-30 13:46 - 2014-01-16 20:37 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery 2017-03-30 13:43 - 2014-01-16 20:23 - 01828496 _____ C:\Windows\system32\PerfStringBackup.INI 2017-03-30 13:43 - 2013-08-23 01:12 - 00809634 _____ C:\Windows\system32\perfh015.dat 2017-03-30 13:43 - 2013-08-23 01:12 - 00164434 _____ C:\Windows\system32\perfc015.dat 2017-03-30 13:43 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf 2017-03-30 13:39 - 2016-12-18 18:49 - 00000000 ___RD C:\Users\Eliza\Creative Cloud Files 2017-03-30 13:39 - 2016-12-18 18:49 - 00000000 ____D C:\ProgramData\boost_interprocess 2017-03-30 13:39 - 2014-02-05 13:51 - 00000000 ____D C:\Users\Eliza\AppData\Local\Adobe 2017-03-30 13:38 - 2016-12-30 00:48 - 00003328 _____ C:\Windows\System32\Tasks\Intel(R) Rapid Start Technology Manager 2017-03-30 13:38 - 2014-02-04 20:09 - 00000000 __RDO C:\Users\Eliza\SkyDrive 2017-03-30 13:37 - 2014-02-04 20:07 - 00000000 ____D C:\Users\Eliza 2017-03-30 13:37 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-03-30 13:37 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2017-03-30 13:36 - 2014-11-15 20:26 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d00101b4a943fc.job 2017-03-30 13:35 - 2014-04-27 19:06 - 00000000 ____D C:\Users\Eliza\AppData\LocalLow\Temp 2017-03-30 13:32 - 2014-01-16 20:31 - 00000000 ____D C:\Users\UpdatusUser 2017-03-30 13:31 - 2014-08-27 14:16 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2017-03-30 13:31 - 2014-02-05 21:51 - 00000000 ____D C:\Program Files (x86)\Adobe 2017-03-30 13:19 - 2014-02-04 20:14 - 00003980 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1D3B44F3-3BE7-4DA5-8DED-EA98F706BB83} 2017-03-30 00:19 - 2014-04-09 22:14 - 00000944 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1417911127-3688308230-4202644773-1002UA.job 2017-03-29 21:25 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness 2017-03-29 21:24 - 2016-11-13 21:11 - 00000000 ____D C:\Users\Eliza\AppData\Roaming\WhatsApp 2017-03-28 21:19 - 2014-04-09 22:14 - 00000922 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1417911127-3688308230-4202644773-1002Core.job 2017-03-27 18:44 - 2017-02-21 00:00 - 00000000 ____D C:\Users\Eliza\Desktop\Thesis 2017-03-27 18:10 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF 2017-03-24 13:08 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-03-24 13:06 - 2014-09-07 11:57 - 00000000 ____D C:\Program Files\Microsoft Office 15 2017-03-23 13:53 - 2014-02-04 20:08 - 00000000 ____D C:\Users\Eliza\AppData\Roaming\Adobe 2017-03-21 17:48 - 2017-02-21 00:02 - 00000000 ____D C:\Users\Eliza\Desktop\Urban Project 2017-03-21 14:24 - 2014-04-03 14:56 - 13358080 ___SH C:\Users\Eliza\Downloads\Thumbs.db 2017-03-20 17:09 - 2014-12-13 20:42 - 00000034 _____ C:\Users\Eliza\AppData\Roaming\AdobeWLCMCache.dat 2017-03-20 15:10 - 2017-02-21 00:02 - 00000000 ____D C:\Users\Eliza\Desktop\Book Research 2017-03-20 15:09 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache 2017-03-19 05:53 - 2014-12-11 22:21 - 00000000 ____D C:\Windows\system32\appraiser 2017-03-19 05:51 - 2013-08-22 16:44 - 05441312 _____ C:\Windows\system32\FNTCACHE.DAT 2017-03-19 02:15 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp 2017-03-19 02:07 - 2014-02-20 04:08 - 00000000 ____D C:\Windows\system32\MRT 2017-03-19 01:59 - 2014-02-20 04:08 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-03-19 01:58 - 2015-10-12 02:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2017-03-19 01:55 - 2015-10-12 02:11 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2017-03-19 01:55 - 2015-10-12 02:11 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2017-03-15 14:21 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps 2017-03-13 15:08 - 2014-12-08 01:20 - 00000000 ____D C:\Users\Eliza\AppData\Roaming\Skype 2017-03-11 21:39 - 2016-11-13 21:11 - 00000000 ____D C:\Users\Eliza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2017-03-11 21:39 - 2016-11-13 21:10 - 00000000 ____D C:\Users\Eliza\AppData\Local\WhatsApp 2017-03-11 21:38 - 2016-11-13 21:10 - 00000000 ____D C:\Users\Eliza\AppData\Local\SquirrelTemp 2017-03-10 06:34 - 2016-12-14 19:34 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-03-10 06:34 - 2016-12-14 19:34 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-03-07 13:29 - 2014-02-27 21:16 - 00000000 ____D C:\Users\Eliza\AppData\Roaming\SketchUp 2017-03-07 12:48 - 2015-06-14 12:40 - 00000000 ____D C:\ProgramData\Reprise 2017-03-07 12:46 - 2015-06-14 12:22 - 00000000 ____D C:\Program Files\SketchUp 2017-03-07 12:46 - 2014-02-27 21:13 - 00000000 ____D C:\ProgramData\SketchUp 2017-03-07 12:45 - 2014-01-16 20:32 - 00000000 ____D C:\ProgramData\Package Cache 2017-03-06 11:57 - 2014-02-04 20:08 - 00000000 ____D C:\Users\Eliza\AppData\Local\Packages 2017-03-02 13:50 - 2014-03-23 03:11 - 00000000 ____D C:\Users\Eliza\AppData\Roaming\uTorrent 2017-03-01 12:13 - 2016-12-13 11:46 - 00003170 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2 2017-03-01 12:13 - 2016-04-23 11:50 - 00002387 _____ C:\Users\Eliza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive dla Firm.lnk 2017-03-01 12:13 - 2015-10-11 16:31 - 00003178 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1417911127-3688308230-4202644773-1002 2017-03-01 01:37 - 2014-02-05 21:53 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2017-03-01 01:36 - 2014-02-05 21:52 - 00000000 ____D C:\Program Files\Adobe 2017-02-28 14:46 - 2017-02-22 01:56 - 00000000 ____D C:\Users\Eliza\AppData\LocalLow\uTorrent ==================== Pliki w katalogu głównym wybranych folderów ======= 2014-12-14 03:19 - 2016-12-15 06:28 - 0000132 _____ () C:\Users\Eliza\AppData\Roaming\Adobe PNG Format CS6 Prefs 2014-12-13 20:42 - 2017-03-20 17:09 - 0000034 _____ () C:\Users\Eliza\AppData\Roaming\AdobeWLCMCache.dat 2014-08-27 16:44 - 2015-09-21 14:01 - 0001456 _____ () C:\Users\Eliza\AppData\Local\Adobe Save for Web 13.0 Prefs 2016-12-18 16:14 - 2016-12-18 16:14 - 0003584 _____ () C:\Users\Eliza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-01-10 17:28 - 2016-03-24 14:48 - 0000002 _____ () C:\Users\Eliza\AppData\Local\SendToWorkFiles.txt 2014-01-16 20:14 - 2014-01-16 20:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2014-02-27 22:21 - 2014-02-27 22:21 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-03-24 17:50 ==================== Koniec FRST.txt ============================