Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 25.04.2018 Uruchomiony przez MiG (administrator) DOM (25-04-2018 18:52:39) Uruchomiony z T:\ Załadowane profile: MiG (Dostępne profile: MiG) Platform: Windows 8.1 Pro (Update) (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (AMD) C:\Windows\System32\atiesrxx.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AMD) C:\Windows\System32\atieclxx.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe () C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe (Electronic Arts) D:\Gry\Origin\OriginWebHelperService.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (CyberGhost S.A.) C:\Program Files\CyberGhost 6\CyberGhost.Service.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdcBase.exe (ESET) C:\Program Files\ESET\ESET Security\egui.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe (WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Electronic Arts) D:\Gry\Origin\OriginThinSetupInternal.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (ESET) C:\Program Files\ESET\ESET Security\eOPPFrame.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [404376 2015-08-09] () HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe" HKLM\...\Run: [Persistence] => "C:\WINDOWS\system32\igfxpers.exe" HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7156296 2013-03-05] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation) HKLM\...\Run: [Usługa Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519584 2013-08-21] (Acronis) HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [178496 2018-03-30] (ESET) HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.) HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3642688 2018-04-09] (Dropbox, Inc.) HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7840448 2014-03-19] (Acronis) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104792 2013-10-10] (Acronis International GmbH) HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) HKU\S-1-5-21-628164274-2098269284-3657745687-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-30] (Disc Soft Ltd) HKU\S-1-5-21-628164274-2098269284-3657745687-1001\...\MountPoints2: R - "R:\setup\rsrc\Autorun.exe" HKU\S-1-5-21-628164274-2098269284-3657745687-1001\...\MountPoints2: {26fe2289-1c56-11e7-80ed-ac220bc9d845} - "E:\setup.exe" HKU\S-1-5-21-628164274-2098269284-3657745687-1001\...\MountPoints2: {362d4e20-9eb0-11e5-8024-ac220bc9d845} - "R:\PreyLauncher.exe" HKU\S-1-5-21-628164274-2098269284-3657745687-1001\...\MountPoints2: {57b420e2-d6eb-11e4-bf44-ac220bc9d845} - "R:\.\Bin\ASSETUP.exe" HKU\S-1-5-21-628164274-2098269284-3657745687-1001\...\MountPoints2: {ab36a1d5-0dfd-11e5-bf69-ac220bc9d845} - "R:\setup.exe" HKU\S-1-5-21-628164274-2098269284-3657745687-1001\...\MountPoints2: {ad0700ab-3e6a-11e5-bfac-ac220bc9d845} - "R:\.\Bin\ASSETUP.exe" HKU\S-1-5-21-628164274-2098269284-3657745687-1001\...\MountPoints2: {dfccc5a2-40d1-11e4-bf03-ac220bc9d845} - "R:\setup\rsrc\Autorun.exe" HKU\S-1-5-18\...\Run: [KSS] => "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2017-06-24] ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk [2016-03-08] ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.) GroupPolicy: Ograniczenia <==== UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{4E644522-D936-437E-A514-D106E3BD5228}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{CF305E3C-9ADA-412C-BE72-5FA3B690B823}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Internet Explorer: ================== HKU\S-1-5-21-628164274-2098269284-3657745687-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.pl/ HKU\S-1-5-21-628164274-2098269284-3657745687-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie SearchScopes: HKU\S-1-5-21-628164274-2098269284-3657745687-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-01-25] (IObit) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: hgb9rab9.default-1481305115686-1524673635562 FF ProfilePath: C:\Users\MiG\AppData\Roaming\Mozilla\Firefox\Profiles\hgb9rab9.default-1481305115686-1524673635562 [2018-04-25] FF Extension: (HTTPS Everywhere) - C:\Users\MiG\AppData\Roaming\Mozilla\Firefox\Profiles\hgb9rab9.default-1481305115686-1524673635562\Extensions\https-everywhere@eff.org.xpi [2018-04-25] FF Extension: (LastPass: Free Password Manager) - C:\Users\MiG\AppData\Roaming\Mozilla\Firefox\Profiles\hgb9rab9.default-1481305115686-1524673635562\Extensions\support@lastpass.com.xpi [2018-04-25] FF Extension: (uBlock Origin) - C:\Users\MiG\AppData\Roaming\Mozilla\Firefox\Profiles\hgb9rab9.default-1481305115686-1524673635562\Extensions\uBlock0@raymondhill.net.xpi [2018-04-25] FF Extension: (Flagfox) - C:\Users\MiG\AppData\Roaming\Mozilla\Firefox\Profiles\hgb9rab9.default-1481305115686-1524673635562\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2018-04-25] FF HKU\S-1-5-21-628164274-2098269284-3657745687-1001\...\Firefox\Extensions: [{54affe52-8223-453b-be1e-2fe2e250045c}] - C:\Users\MiG\AppData\Roaming\Lamantine\Sticky Password\spAutofill FF Extension: (Sticky Password Autofill Engine) - C:\Users\MiG\AppData\Roaming\Lamantine\Sticky Password\spAutofill [2014-12-13] [Przestarzałe] [Brak podpisu cyfrowego] FF HKU\S-1-5-21-628164274-2098269284-3657745687-1001\...\Thunderbird\Extensions: [{54affe52-8223-453b-be1e-2fe2e250045c}] - C:\Users\MiG\AppData\Roaming\Lamantine\Sticky Password\spAutofill FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_140.dll [2018-04-10] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_140.dll [2018-04-10] () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-22] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-628164274-2098269284-3657745687-1001: @stickypassword.com/Sticky Password -> C:\Program Files (x86)\Sticky Password\npspAutofill.dll [2014-09-25] (Lamantine Software a.s.) Chrome: ======= CHR Profile: C:\Users\MiG\AppData\Local\Google\Chrome\User Data\Default [2018-04-25] CHR Extension: (Dokumenty) - C:\Users\MiG\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-03] CHR Extension: (Dysk Google) - C:\Users\MiG\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-31] CHR Extension: (YouTube) - C:\Users\MiG\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26] CHR Extension: (Adblock Plus) - C:\Users\MiG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-03-20] CHR Extension: (Google Search) - C:\Users\MiG\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31] CHR Extension: (Adobe Acrobat) - C:\Users\MiG\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-06] CHR Extension: (Sticky Password Autofill Engine) - C:\Users\MiG\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggepjhbdgijjkbelnggboeoehacbphed [2015-06-18] CHR Extension: (Dokumenty Google offline) - C:\Users\MiG\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-23] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\MiG\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05] CHR Extension: (Gmail) - C:\Users\MiG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30] CHR Extension: (Chrome Media Router) - C:\Users\MiG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-20] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] () R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [945664 2013-06-13] (ASUSTeK Computer Inc.) [Brak podpisu cyfrowego] R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] R2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [232528 2017-08-31] (CyberGhost S.A.) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-04-09] (Dropbox, Inc.) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1368408 2015-11-30] (Disc Soft Ltd) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2213344 2018-03-30] (ESET) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation) R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [1770784 2018-01-08] (IObit) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [206096 2018-01-25] (IObit) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation) R2 Leawo_service; C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe [1232880 2014-05-04] () S3 Origin Client Service; D:\Gry\Origin\OriginClientService.exe [2158912 2018-03-28] (Electronic Arts) R2 Origin Web Helper Service; D:\Gry\Origin\OriginWebHelperService.exe [3028808 2018-03-28] (Electronic Arts) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2017-05-05] () S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945776 2017-12-15] (TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 ACSSCR; C:\Windows\system32\DRIVERS\a38usb.sys [62976 2014-11-13] (Advanced Card Systems Ltd.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] () R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] () R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [118848 2016-08-09] (Advanced Micro Devices) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-12-09] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [46392 2015-12-09] (Disc Soft Ltd) R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [564216 2017-04-25] (Intel Corporation) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [137928 2018-03-30] (ESET) R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [110432 2018-03-30] (ESET) S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15872 2018-03-11] (ESET) R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [196112 2018-03-30] (ESET) R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [50136 2018-03-30] (ESET) R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [82816 2018-03-30] (ESET) R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [108320 2018-03-30] (ESET) R1 IMFCameraProtect; C:\Windows\system32\drivers\IMFCameraProtect.sys [26272 2017-03-17] (IObit.com) R3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFDownProtect.sys [21360 2017-03-08] (IObit.com) S4 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [22440 2016-12-22] (IObit) R3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFForceDelete.sys [16216 2017-07-03] (IObit.com) S3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-13] () S3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-13] () S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2016-03-08] (ITE ) R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [21928 2017-06-06] (IObit.com) R3 IURegProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegProcessFilter.sys [22416 2018-01-11] (IObit.com) S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [140672 2017-05-01] (Malwarebytes) S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [47104 2016-05-20] () R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) R0 RAMDiskVE; C:\Windows\System32\Drivers\RAMDiskVE.sys [86768 2014-06-02] (Dataram, Inc.) S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34752 2016-11-03] (IObit.com) R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [25256 2017-04-12] (Audials AG) R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-07-25] (Acronis International GmbH) R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-07-25] (Acronis International GmbH) S3 Trufos; C:\Windows\System32\DRIVERS\TRUFOS.sys [520032 2016-12-05] (BitDefender S.R.L.) R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [203328 2018-02-26] (Oracle Corporation) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [213632 2018-02-26] (Oracle Corporation) S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [138896 2016-10-18] (Oracle Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation) R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2014-02-26] (WinISO.com) S3 dbx; system32\DRIVERS\dbx.sys [X] S3 VirtualDVD; \SystemRoot\system32\DRIVERS\VirtualDVD.sys [X] S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-04-25 18:52 - 2018-04-25 18:52 - 000000000 ____D C:\FRST 2018-04-25 18:27 - 2018-04-25 18:27 - 000000949 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2018-04-25 18:27 - 2018-04-25 18:27 - 000000937 _____ C:\Users\Public\Desktop\Firefox.lnk 2018-04-25 18:27 - 2018-04-25 18:27 - 000000000 ____D C:\Users\MiG\Desktop\Stare dane programu Firefox 2018-04-25 18:27 - 2018-04-25 18:27 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-04-25 18:25 - 2018-04-25 18:25 - 000000004 ____H C:\ProgramData\cm-lock 2018-04-11 20:56 - 2018-04-11 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2018-04-11 17:55 - 2018-03-23 15:50 - 004168704 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2018-04-11 17:55 - 2018-03-23 01:00 - 025742336 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2018-04-11 17:55 - 2018-03-22 23:26 - 020287488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2018-04-11 17:55 - 2018-03-22 23:17 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2018-04-11 17:55 - 2018-03-22 23:15 - 005780480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2018-04-11 17:55 - 2018-03-22 23:06 - 000794112 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2018-04-11 17:55 - 2018-03-22 22:52 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2018-04-11 17:55 - 2018-03-22 22:42 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2018-04-11 17:55 - 2018-03-22 22:37 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2018-04-11 17:55 - 2018-03-22 22:29 - 015282688 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2018-04-11 17:55 - 2018-03-22 22:29 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2018-04-11 17:55 - 2018-03-22 22:29 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2018-04-11 17:55 - 2018-03-22 22:29 - 000381440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2018-04-11 17:55 - 2018-03-22 22:27 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2018-04-11 17:55 - 2018-03-22 22:21 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2018-04-11 17:55 - 2018-03-22 22:20 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2018-04-11 17:55 - 2018-03-22 22:20 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2018-04-11 17:55 - 2018-03-22 22:15 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2018-04-11 17:55 - 2018-03-22 22:15 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2018-04-11 17:55 - 2018-03-22 22:15 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2018-04-11 17:55 - 2018-03-22 22:14 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2018-04-11 17:55 - 2018-03-22 22:04 - 001545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2018-04-11 17:55 - 2018-03-22 21:55 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2018-04-11 17:55 - 2018-03-22 21:53 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2018-04-11 17:55 - 2018-03-22 21:52 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2018-04-11 17:55 - 2018-03-22 21:51 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2018-04-11 17:55 - 2018-03-16 20:51 - 000144000 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2018-04-11 17:55 - 2018-03-14 15:23 - 001993728 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2018-04-11 17:55 - 2018-03-14 15:23 - 001559552 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2018-04-11 17:55 - 2018-03-14 15:23 - 000739840 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2018-04-11 17:55 - 2018-03-14 15:23 - 000656384 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2018-04-11 17:55 - 2018-03-14 15:23 - 000599552 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2018-04-11 17:55 - 2018-03-14 15:23 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2018-04-11 17:55 - 2018-03-14 15:23 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2018-04-11 17:55 - 2018-03-14 15:23 - 000291840 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2018-04-11 17:55 - 2018-03-14 15:23 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2018-04-11 17:55 - 2018-03-10 19:50 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2018-04-11 17:55 - 2018-03-10 02:16 - 001549136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2018-04-11 17:55 - 2018-03-10 02:16 - 000388440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2018-04-11 17:55 - 2018-03-09 23:20 - 007405392 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2018-04-11 17:55 - 2018-03-09 23:20 - 001737592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2018-04-11 17:55 - 2018-03-09 23:20 - 001676056 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2018-04-11 17:55 - 2018-03-09 23:20 - 001536112 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2018-04-11 17:55 - 2018-03-09 23:20 - 001500424 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2018-04-11 17:55 - 2018-03-09 23:20 - 001371344 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2018-04-11 17:55 - 2018-03-09 23:20 - 000418640 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2018-04-11 17:55 - 2018-03-09 21:59 - 000121168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys 2018-04-11 17:55 - 2018-03-09 16:52 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll 2018-04-11 17:55 - 2018-03-09 16:52 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll 2018-04-11 17:55 - 2018-03-09 16:52 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2018-04-11 17:55 - 2018-03-09 16:52 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2018-04-11 17:55 - 2018-03-08 21:53 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcivsp.sys 2018-04-11 17:55 - 2018-03-08 20:15 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2018-04-11 17:55 - 2018-03-08 20:14 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2018-04-11 17:55 - 2018-03-08 16:21 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll 2018-04-11 17:55 - 2018-03-08 01:46 - 000202576 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll 2018-04-11 17:55 - 2018-03-08 01:42 - 000174928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll 2018-04-11 17:55 - 2018-03-07 21:28 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll 2018-04-11 17:55 - 2018-03-07 20:26 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll 2018-04-11 17:55 - 2018-03-03 19:44 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll 2018-04-11 17:55 - 2018-03-03 19:04 - 000252416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll 2018-04-11 17:55 - 2018-02-10 03:29 - 000531632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2018-04-11 17:55 - 2018-02-10 03:25 - 001137872 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2018-04-11 17:55 - 2018-02-09 19:44 - 000276304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2018-04-11 17:55 - 2018-02-09 19:21 - 000862208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2018-04-11 17:55 - 2018-02-08 20:53 - 000309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll 2018-04-11 17:55 - 2018-02-08 20:22 - 000477696 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll 2018-04-11 17:55 - 2018-02-08 20:21 - 000826368 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll 2018-04-11 17:55 - 2018-02-08 20:18 - 000260096 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll 2018-04-11 17:55 - 2018-02-08 20:18 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll 2018-04-11 17:55 - 2018-02-08 20:03 - 000202752 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2018-04-11 17:55 - 2018-02-08 19:49 - 000289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll 2018-04-11 17:55 - 2018-02-08 19:42 - 001001984 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll 2018-04-11 17:55 - 2018-02-08 19:42 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll 2018-04-11 17:55 - 2018-02-08 19:40 - 001096192 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2018-04-11 17:55 - 2018-02-08 19:38 - 000866304 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2018-04-11 17:55 - 2018-02-08 19:27 - 000367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll 2018-04-11 17:55 - 2018-02-08 19:24 - 000199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll 2018-04-11 17:55 - 2018-02-08 19:03 - 000664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll 2018-04-11 17:55 - 2018-02-08 19:03 - 000167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll 2018-04-11 17:55 - 2018-01-25 16:19 - 000995272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2018-04-11 17:55 - 2018-01-25 16:14 - 000922944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2018-04-09 12:17 - 2018-04-09 12:17 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe 2018-04-09 12:17 - 2018-04-09 12:17 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys 2018-04-09 12:17 - 2018-04-09 12:17 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys 2018-04-09 12:17 - 2018-04-09 12:17 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-04-25 18:52 - 2016-11-23 22:24 - 000000000 ____D C:\Users\MiG\AppData\LocalLow\Mozilla 2018-04-25 18:52 - 2015-06-20 11:26 - 000001154 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2018-04-25 18:45 - 2014-02-12 20:25 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-628164274-2098269284-3657745687-1001 2018-04-25 18:43 - 2013-11-14 09:32 - 001828860 _____ C:\Windows\system32\PerfStringBackup.INI 2018-04-25 18:43 - 2013-11-14 09:13 - 000803502 _____ C:\Windows\system32\perfh015.dat 2018-04-25 18:43 - 2013-11-14 09:13 - 000162268 _____ C:\Windows\system32\perfc015.dat 2018-04-25 18:43 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf 2018-04-25 18:27 - 2014-02-23 13:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-04-25 18:26 - 2015-11-03 20:59 - 000000000 ____D C:\ProgramData\ProductData 2018-04-25 18:25 - 2018-03-18 09:33 - 000065536 _____ C:\Windows\system32\spu_storage.bin 2018-04-25 18:25 - 2016-12-06 19:45 - 000000282 _____ C:\Windows\Tasks\Uninstaller_SkipUac_MiG.job 2018-04-25 18:25 - 2015-06-20 11:26 - 000001150 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2018-04-25 18:25 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-04-25 18:25 - 2013-08-22 15:25 - 000524288 ___SH C:\Windows\system32\config\BBI 2018-04-25 18:24 - 2017-04-18 20:04 - 000001371 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk 2018-04-25 18:24 - 2016-12-06 19:45 - 000001383 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk 2018-04-25 18:24 - 2016-12-06 19:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller 2018-04-21 11:26 - 2014-02-15 16:35 - 000000000 ____D C:\Users\MiG\.VirtualBox 2018-04-12 22:34 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness 2018-04-11 21:11 - 2015-09-26 17:06 - 000000448 __RSH C:\ProgramData\ntuser.pol 2018-04-11 20:56 - 2015-09-29 16:02 - 000000000 ____D C:\Users\MiG\Desktop\Rufus 2018-04-11 20:56 - 2015-06-20 11:26 - 000000000 ____D C:\Program Files (x86)\Dropbox 2018-04-11 18:10 - 2016-11-23 23:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2018-04-11 18:10 - 2015-04-20 19:55 - 000000000 ____D C:\Windows\system32\appraiser 2018-04-11 18:10 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData 2018-04-11 18:10 - 2013-08-22 16:44 - 000502720 _____ C:\Windows\system32\FNTCACHE.DAT 2018-04-11 17:58 - 2014-02-12 21:14 - 000000000 ____D C:\Windows\system32\MRT 2018-04-11 17:56 - 2017-10-15 11:06 - 136971704 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe 2018-04-11 17:56 - 2014-02-12 21:14 - 136971704 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2018-04-11 17:56 - 2012-07-26 09:59 - 000000000 ____D C:\Windows\CbsTemp 2018-04-10 20:48 - 2018-03-13 22:05 - 000004548 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier 2018-04-10 20:48 - 2014-12-10 16:18 - 000004388 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2018-04-10 20:48 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2018-04-10 20:48 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed 2018-04-07 10:38 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps 2018-04-06 21:31 - 2014-08-18 18:37 - 000000000 ____D C:\ProgramData\Origin 2018-04-06 21:05 - 2014-08-18 18:38 - 000000000 ____D C:\Users\MiG\AppData\Roaming\Origin 2018-04-05 20:09 - 2018-03-12 20:21 - 000000000 ____D C:\Users\MiG\AppData\Roaming\ControlCenter4 2018-04-05 20:09 - 2014-06-30 16:56 - 000000000 ____D C:\ProgramData\ControlCenter4 2018-04-05 17:38 - 2014-06-29 12:46 - 000000000 ____D C:\Program Files (x86)\ControlCenter4 2018-04-03 03:01 - 2018-03-11 11:01 - 000835064 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2018-04-03 03:01 - 2018-03-11 11:01 - 000179704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2018-04-01 19:47 - 2014-07-09 12:37 - 000192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2018-03-30 21:43 - 2017-03-09 21:55 - 000196112 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys 2018-03-30 21:43 - 2017-03-09 21:55 - 000137928 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys 2018-03-30 21:43 - 2017-03-09 21:55 - 000110432 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys 2018-03-30 21:43 - 2017-03-09 21:55 - 000108320 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys 2018-03-30 21:43 - 2017-03-09 21:55 - 000082816 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys 2018-03-30 21:43 - 2017-03-09 21:55 - 000050136 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys ==================== Pliki w katalogu głównym wybranych folderów ======= 2014-10-25 21:33 - 2017-08-15 19:26 - 000001064 _____ () C:\Users\MiG\AppData\Roaming\burnaware.ini 2017-06-24 13:00 - 2017-06-24 13:00 - 000007602 _____ () C:\Users\MiG\AppData\Local\Resmon.ResmonCfg ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-01-08 19:52 ==================== Koniec FRST.txt ============================