Witam. Widzę że yoursite zbiera żniwo :) Do rzeczy: Komputer córki (nie wiem ile razy trzeba tłumaczyć by się nie włóczyła po "obcych" stronach). Przeskanowany webdoctorem (ok 72 zagrożeń - usuń), malawarebytes (ok 207 zagrożeń - napraw), adwcleaner (na każdej zakładce po trochu - usuń). Dalej jakieś ustojstwo siedzi w kompie. Na pewno ten yoursites123. W załączeniu logi z frst'a. Jakby któryś z kolegów miał czas i podsunął tekst wsadu do fixa to było by miło. Na marginesie jest jakaś strona (najlepiej po polsku) jak się nauczyć pisania tych skryptów na podstawie first.txt i addition.txt?
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:09-12-2015
Uruchomiony przez Ewelina (administrator) KOMP_EWELINY (11-12-2015 19:14:10)
Uruchomiony z D:\Programy\Antyrobak
Załadowane profile: Ewelina (Dostępne profile: Marek & Ewelina)
Platform: Windows 8.1 Enterprise (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesy (filtrowane) =================
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TFuns LIMITED) C:\ProgramData\rWdMr\WdMan.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(DJMASTER.COM) C:\Program Files\VoiceMaster\VoiceMaster.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
==================== Rejestr (filtrowane) ===========================
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
HKLM\...\Run: [RtHDVCpl] = & gt; C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] = & gt; C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [V0700Mon.exe] = & gt; C:\Windows\V0700Mon.exe
HKLM-x32\...\Run: [AvastUI.exe] = & gt; C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-12] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SwitchBoard] = & gt; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] = & gt; C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ADSKAppManager] = & gt; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [523144 2015-09-07] (Autodesk Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2704708050-431393269-3011475840-1002\...\Run: [VoiceMaster] = & gt; C:\Program Files\VoiceMaster\VoiceMaster.exe [1064960 2015-10-23] (DJMASTER.COM)
HKU\S-1-5-21-2704708050-431393269-3011475840-1002\...\Run: [Spotify Web Helper] = & gt; C:\Users\Ewelina\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2345584 2015-12-02] (Spotify Ltd)
HKU\S-1-5-21-2704708050-431393269-3011475840-1002\...\Run: [Akamai NetSession Interface] = & gt; C:\Users\Ewelina\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2704708050-431393269-3011475840-1002\...\Run: [Skype] = & gt; C:\Program Files (x86)\Skype\Phone\Skype.exe [50143872 2015-11-17] (Skype Technologies S.A.)
HKU\S-1-5-21-2704708050-431393269-3011475840-1002\...\Policies\Explorer: []
HKU\S-1-5-21-2704708050-431393269-3011475840-1002\...\MountPoints2: {62a25625-2fb9-11e5-8336-94de806e2939} - " J:\HTC_Sync_Manager_PC.exe "
HKU\S-1-5-21-2704708050-431393269-3011475840-1002\Control Panel\Desktop\\SCRNSAVE.EXE - & gt; C:\Windows\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ " DropboxExt1 " ] - & gt; {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} = & gt; C:\Users\Ewelina\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Brak pliku
ShellIconOverlayIdentifiers: [ " DropboxExt2 " ] - & gt; {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} = & gt; C:\Users\Ewelina\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Brak pliku
ShellIconOverlayIdentifiers: [ " DropboxExt3 " ] - & gt; {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} = & gt; C:\Users\Ewelina\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Brak pliku
ShellIconOverlayIdentifiers: [ " DropboxExt4 " ] - & gt; {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} = & gt; C:\Users\Ewelina\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Brak pliku
ShellIconOverlayIdentifiers: [ " DropboxExt5 " ] - & gt; {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} = & gt; C:\Users\Ewelina\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Brak pliku
ShellIconOverlayIdentifiers: [ " DropboxExt6 " ] - & gt; {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} = & gt; C:\Users\Ewelina\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Brak pliku
ShellIconOverlayIdentifiers: [ " DropboxExt7 " ] - & gt; {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} = & gt; C:\Users\Ewelina\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Brak pliku
ShellIconOverlayIdentifiers: [ " DropboxExt8 " ] - & gt; {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} = & gt; C:\Users\Ewelina\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Brak pliku
ShellIconOverlayIdentifiers: [00avast] - & gt; {472083B0-C522-11CF-8763-00608CC02F24} = & gt; C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-12] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] - & gt; {36A21736-36C2-4C11-8ACB-D4136F2B57BD} = & gt; C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Uchwyt nakładania ikony podpisu cyfrowego] - & gt; {36A21736-36C2-4C11-8ACB-D4136F2B57BD} = & gt; C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ " DropboxExt1 " ] - & gt; {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} = & gt; Brak pliku
ShellIconOverlayIdentifiers-x32: [ " DropboxExt2 " ] - & gt; {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} = & gt; Brak pliku
ShellIconOverlayIdentifiers-x32: [ " DropboxExt3 " ] - & gt; {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} = & gt; Brak pliku
ShellIconOverlayIdentifiers-x32: [ " DropboxExt4 " ] - & gt; {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} = & gt; Brak pliku
ShellIconOverlayIdentifiers-x32: [ " DropboxExt5 " ] - & gt; {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} = & gt; Brak pliku
ShellIconOverlayIdentifiers-x32: [ " DropboxExt6 " ] - & gt; {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} = & gt; Brak pliku
ShellIconOverlayIdentifiers-x32: [ " DropboxExt7 " ] - & gt; {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} = & gt; Brak pliku
ShellIconOverlayIdentifiers-x32: [ " DropboxExt8 " ] - & gt; {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} = & gt; Brak pliku
==================== Internet (filtrowane) ====================
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
AutoConfigURL: [S-1-5-21-2704708050-431393269-3011475840-1002] = & gt; hxxp://biblioteka.pollub.pl/proxy/proxy.pac
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4D36AB59-79BE-4331-B03C-BD80408449FC}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp & ts=1449838223 & z=52edf39bc303535444cef5fg2z8zbt9bdcfb4ocodz & from=ient07021 & uid=ST1000DM003-1CH162_S1DCTD8VXXXXS1DCTD8V
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp & ts=1449838223 & z=52edf39bc303535444cef5fg2z8zbt9bdcfb4ocodz & from=ient07021 & uid=ST1000DM003-1CH162_S1DCTD8VXXXXS1DCTD8V
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp & ts=1449838223 & z=52edf39bc303535444cef5fg2z8zbt9bdcfb4ocodz & from=ient07021 & uid=ST1000DM003-1CH162_S1DCTD8VXXXXS1DCTD8V
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp & ts=1449838223 & z=52edf39bc303535444cef5fg2z8zbt9bdcfb4ocodz & from=ient07021 & uid=ST1000DM003-1CH162_S1DCTD8VXXXXS1DCTD8V
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2704708050-431393269-3011475840-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds & ts=1449838223 & z=52edf39bc303535444cef5fg2z8zbt9bdcfb4ocodz & from=ient07021 & uid=ST1000DM003-1CH162_S1DCTD8VXXXXS1DCTD8V & q={searchTerms}
HKU\S-1-5-21-2704708050-431393269-3011475840-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
HKU\S-1-5-21-2704708050-431393269-3011475840-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds & ts=1449838223 & z=52edf39bc303535444cef5fg2z8zbt9bdcfb4ocodz & from=ient07021 & uid=ST1000DM003-1CH162_S1DCTD8VXXXXS1DCTD8V & q={searchTerms}
HKU\S-1-5-21-2704708050-431393269-3011475840-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://pl.msn.com/
HKU\S-1-5-21-2704708050-431393269-3011475840-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp & ts=1449838223 & z=52edf39bc303535444cef5fg2z8zbt9bdcfb4ocodz & from=ient07021 & uid=ST1000DM003-1CH162_S1DCTD8VXXXXS1DCTD8V
HKU\S-1-5-21-2704708050-431393269-3011475840-1002\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
HKU\S-1-5-21-2704708050-431393269-3011475840-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp & ts=1449838223 & z=52edf39bc303535444cef5fg2z8zbt9bdcfb4ocodz & from=ient07021 & uid=ST1000DM003-1CH162_S1DCTD8VXXXXS1DCTD8V
SearchScopes: HKLM-x32 - & gt; {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds & ts=1449838223 & z=52edf39bc303535444cef5fg2z8zbt9bdcfb4ocodz & from=ient07021 & uid=ST1000DM003-1CH162_S1DCTD8VXXXXS1DCTD8V & q={searchTerms}
SearchScopes: HKU\S-1-5-21-2704708050-431393269-3011475840-1002 - & gt; DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds & ts=1449838223 & z=52edf39bc303535444cef5fg2z8zbt9bdcfb4ocodz & from=ient07021 & uid=ST1000DM003-1CH162_S1DCTD8VXXXXS1DCTD8V & q={searchTerms}
SearchScopes: HKU\S-1-5-21-2704708050-431393269-3011475840-1002 - & gt; {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds & ts=1449838223 & z=52edf39bc303535444cef5fg2z8zbt9bdcfb4ocodz & from=ient07021 & uid=ST1000DM003-1CH162_S1DCTD8VXXXXS1DCTD8V & q={searchTerms}
SearchScopes: HKU\S-1-5-21-2704708050-431393269-3011475840-1002 - & gt; {ielnksrch} URL = hxxp://www.bing.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper - & gt; {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - & gt; C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-04-14] (Oracle Corporation)
BHO: avast! Online Security - & gt; {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - & gt; C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-12] (Avast Software s.r.o.)
BHO: Office Document Cache Handler - & gt; {B4F3A835-0E21-4959-BA22-42B3008E02FF} - & gt; C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-14] (Oracle Corporation)
BHO-x32: PDF Architect Helper - & gt; {3A2D5EBA-F86D-4BD3-A177-019765996711} - & gt; C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
BHO-x32: Groove GFS Browser Helper - & gt; {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - & gt; C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-14] (Oracle Corporation)
BHO-x32: avast! Online Security - & gt; {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - & gt; C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-12] (Avast Software s.r.o.)
BHO-x32: Office Document Cache Handler - & gt; {B4F3A835-0E21-4959-BA22-42B3008E02FF} - & gt; C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-14] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Ewelina\AppData\Roaming\Mozilla\Firefox\Profiles\orbdjh78.default-1416743094678
FF NewTab: hxxp://www.yoursites123.com/newtab/?type=nt & ts=1449838223 & z=52edf39bc303535444cef5fg2z8zbt9bdcfb4ocodz & from=ient07021 & uid=ST1000DM003-1CH162_S1DCTD8VXXXXS1DCTD8V
FF Homepage: hxxp://www.yoursites123.com/?type=hp & ts=1449838223 & z=52edf39bc303535444cef5fg2z8zbt9bdcfb4ocodz & from=ient07021 & uid=ST1000DM003-1CH162_S1DCTD8VXXXXS1DCTD8V
FF Plugin: @adobe.com/FlashPlayer - & gt; C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @java.com/DTPlugin,version=11.40.2 - & gt; C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 - & gt; C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-14] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - & gt; c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - & gt; C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - & gt; C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - & gt; C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 - & gt; C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 - & gt; C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-14] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - & gt; c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - & gt; C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - & gt; C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 - & gt; C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - & gt; C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - & gt; C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: Adobe Reader - & gt; C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Extension: Brak nazwy - C:\Users\Ewelina\AppData\Roaming\Mozilla\Firefox\Profiles\orbdjh78.default-1416743094678\extensions\quick_searchff@gmail.com [nie znaleziono]
FF Extension: Brak nazwy - C:\Users\Ewelina\AppData\Roaming\Mozilla\Firefox\Profiles\orbdjh78.default-1416743094678\extensions\sweetsearch@gmail.com [nie znaleziono]
FF Extension: Brak nazwy - C:\Users\Ewelina\AppData\Roaming\Mozilla\Firefox\Profiles\orbdjh78.default-1416743094678\extensions\defsearchp@gmail.com [nie znaleziono]
FF Extension: Brak nazwy - C:\Users\Ewelina\AppData\Roaming\Mozilla\Firefox\Profiles\orbdjh78.default-1416743094678\extensions\default_newtabff@gmail.com [nie znaleziono]
FF Extension: Brak nazwy - C:\Users\Ewelina\AppData\Roaming\Mozilla\Firefox\Profiles\orbdjh78.default-1416743094678\extensions\yahooprotected@gmail.com [nie znaleziono]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-10]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-03-18] [Brak podpisu cyfrowego]
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.yoursites123.com/?type=sc & ts=1449838223 & z=52edf39bc303535444cef5fg2z8zbt9bdcfb4ocodz & from=ient07021 & uid=ST1000DM003-1CH162_S1DCTD8VXXXXS1DCTD8V
Chrome:
=======
CHR HomePage: Default - & gt; hxxp://www.onet.pl/
CHR StartupUrls: Default - & gt; " hxxp://www.yoursites123.com/?type=hp & ts=1449838223 & z=52edf39bc303535444cef5fg2z8zbt9bdcfb4ocodz & from=ient07021 & uid=ST1000DM003-1CH162_S1DCTD8VXXXXS1DCTD8V "
CHR DefaultSearchURL: Default - & gt; hxxp://www.yoursites123.com/web/?type=ds & ts=1449838223 & z=52edf39bc303535444cef5fg2z8zbt9bdcfb4ocodz & from=ient07021 & uid=ST1000DM003-1CH162_S1DCTD8VXXXXS1DCTD8V & q={searchTerms}
CHR DefaultSearchKeyword: Default - & gt; yoursites123
CHR Profile: C:\Users\Ewelina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentacje Google) - C:\Users\Ewelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-01]
CHR Extension: (Dokumenty Google) - C:\Users\Ewelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-01]
CHR Extension: (Dysk Google) - C:\Users\Ewelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Ewelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Ewelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Arkusze Google) - C:\Users\Ewelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ewelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (Avast Online Security) - C:\Users\Ewelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-04]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Ewelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-30]
CHR Extension: (Gmail) - C:\Users\Ewelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-12]
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.yoursites123.com/?type=sc & ts=1449838223 & z=52edf39bc303535444cef5fg2z8zbt9bdcfb4ocodz & from=ient07021 & uid=ST1000DM003-1CH162_S1DCTD8VXXXXS1DCTD8V
==================== Usługi (filtrowane) ========================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1136520 2015-09-07] (Autodesk Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-12] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-04-12] (Avast Software)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2014-03-08] () [Brak podpisu cyfrowego]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Brak podpisu cyfrowego]
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
R2 WdMan; C:\ProgramData\rWdMr\WdMan.exe [333312 2015-12-04] (TFuns LIMITED) [Brak podpisu cyfrowego]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Sterowniki (filtrowane) ==========================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-12] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-12] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-12] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-12] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-12] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-12] ()
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 V0700Vid; C:\Windows\system32\DRIVERS\V0700Vid.sys [393920 2011-09-06] (Creative Technology Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-04-12] (Avast Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WUDFWpdComp; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
==================== NetSvcs (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
==================== Jeden miesiąc - utworzone pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2015-12-11 18:52 - 2015-12-11 18:57 - 00000080 _____ C:\Users\Public\Desktop\AutoCAD 2015 - Polski (Polish).lnk
2015-12-11 18:52 - 2015-12-11 18:57 - 00000080 _____ C:\Users\Ewelina\Desktop\Zdjęcia II - skrót.lnk
2015-12-11 18:52 - 2015-12-11 18:57 - 00000080 _____ C:\Users\Ewelina\Desktop\Zdjęcia - skrót.lnk
2015-12-11 18:52 - 2015-12-11 18:57 - 00000080 _____ C:\Users\Ewelina\Desktop\wcześniejsze - skrót.lnk
2015-12-11 18:52 - 2015-12-11 18:57 - 00000080 _____ C:\Users\Ewelina\Desktop\Pobrane - skrót.lnk
2015-12-11 18:52 - 2015-12-11 18:57 - 00000080 _____ C:\Users\Ewelina\Desktop\Pictures - skrót.lnk
2015-12-11 18:20 - 2015-12-11 18:20 - 01738240 _____ C:\Users\Ewelina\Downloads\adwcleaner.pl 5.024.exe
2015-12-11 18:16 - 2015-12-11 18:57 - 00001108 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-11 17:35 - 2015-12-11 17:38 - 178560136 _____ C:\Users\Ewelina\Downloads\s1cxni9x.exe
2015-12-11 13:52 - 2015-12-11 13:53 - 00000000 ____D C:\ProgramData\rWdMr
2015-12-11 07:26 - 2015-12-11 07:26 - 00141754 _____ C:\Users\Ewelina\Desktop\ShowDocuments (1).pdf
2015-12-11 07:24 - 2015-12-11 07:24 - 00131392 _____ C:\Users\Ewelina\Desktop\ShowDocuments.pdf
2015-12-10 21:13 - 2015-12-10 21:13 - 00011508 _____ C:\Users\Ewelina\Downloads\drgania.xlsx
2015-12-09 18:54 - 2015-11-05 09:59 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 18:53 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 18:53 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-09 18:53 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 18:53 - 2015-11-11 16:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-12-09 18:53 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-09 18:53 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 18:53 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-09 18:53 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-09 18:53 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-09 18:53 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-09 18:53 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-09 18:53 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-09 18:53 - 2015-11-10 00:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-12-09 18:53 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-09 18:53 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-09 18:53 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 18:53 - 2015-11-10 00:36 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 18:53 - 2015-11-10 00:25 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-12-09 18:53 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-09 18:53 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-09 18:53 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-09 18:53 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 18:53 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 18:53 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 18:53 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 18:53 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 18:53 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 18:53 - 2015-11-08 22:32 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-12-09 18:53 - 2015-11-08 22:25 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-12-09 18:53 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 18:53 - 2015-11-08 22:16 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 18:53 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 18:53 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 18:53 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 18:53 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 18:53 - 2015-11-08 21:53 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-12-09 18:53 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 18:53 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 18:53 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 18:52 - 2015-11-22 07:59 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-12-09 18:52 - 2015-11-22 07:59 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-12-09 18:52 - 2015-11-22 07:59 - 01659568 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-12-09 18:52 - 2015-11-22 07:59 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-12-09 18:52 - 2015-11-22 07:59 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-12-09 18:52 - 2015-11-22 07:59 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-12-09 18:52 - 2015-11-22 07:58 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-12-09 18:52 - 2015-11-21 19:32 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-12-09 18:52 - 2015-11-21 18:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-12-09 18:52 - 2015-11-21 17:59 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 18:52 - 2015-11-21 17:49 - 01344000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 18:52 - 2015-11-21 17:47 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 18:52 - 2015-11-21 17:40 - 00414208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 18:52 - 2015-11-09 01:41 - 01540728 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 18:52 - 2015-11-08 23:30 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 18:52 - 2015-11-08 22:23 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 18:52 - 2015-11-08 22:13 - 01383936 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 18:52 - 2015-11-08 22:01 - 01753600 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2015-12-09 18:52 - 2015-11-08 21:52 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-09 18:52 - 2015-11-08 21:48 - 01376256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-09 18:52 - 2015-11-08 21:42 - 01490944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2015-12-09 18:52 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-12-09 18:52 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZST.DLL
2015-12-09 18:52 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-12-09 18:52 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-12-09 18:52 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-09 18:52 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZST.DLL
2015-12-09 18:52 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-09 18:52 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-09 18:52 - 2015-10-22 17:21 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-12-09 18:52 - 2015-10-22 17:21 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2015-12-09 18:52 - 2015-10-22 16:58 - 00868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-12-09 18:52 - 2015-10-22 16:58 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2015-12-09 18:52 - 2015-10-22 15:08 - 00513456 _____ C:\Windows\SysWOW64\locale.nls
2015-12-09 18:52 - 2015-10-22 15:08 - 00513456 _____ C:\Windows\system32\locale.nls
2015-12-09 18:52 - 2015-10-10 18:20 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-12-09 18:52 - 2015-10-03 20:41 - 01385280 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-12-09 18:52 - 2015-10-03 20:41 - 01124384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-12-09 18:51 - 2015-11-20 23:47 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-09 18:51 - 2015-11-20 19:18 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-09 18:51 - 2015-11-20 17:58 - 03706880 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-09 18:51 - 2015-11-20 17:47 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-09 18:51 - 2015-11-20 17:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-09 18:51 - 2015-11-20 17:44 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-12-09 18:51 - 2015-11-20 17:44 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-09 18:51 - 2015-11-20 17:43 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-09 18:51 - 2015-11-20 17:42 - 02243584 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-09 18:51 - 2015-11-20 17:30 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-09 18:51 - 2015-11-20 17:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-09 18:51 - 2015-11-20 17:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-09 18:51 - 2015-11-20 17:27 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-09 18:51 - 2015-10-28 16:49 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-12-09 18:51 - 2015-10-28 16:29 - 02462720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-12-09 18:51 - 2015-10-11 07:34 - 00468824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-12-09 18:51 - 2015-10-11 07:34 - 00462168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-12-09 18:51 - 2015-10-11 07:34 - 00443224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-12-09 18:51 - 2015-10-11 07:34 - 00092504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-12-09 18:51 - 2015-10-11 07:34 - 00027992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-12-09 18:51 - 2015-10-10 19:41 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-12-09 18:51 - 2015-10-10 19:41 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2015-12-09 18:51 - 2015-10-10 19:40 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys
2015-12-09 18:51 - 2015-10-08 17:11 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
2015-12-09 18:51 - 2015-10-08 16:50 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2015-12-09 18:51 - 2015-10-05 19:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2015-12-09 18:51 - 2015-10-05 19:25 - 00572928 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-12-08 20:25 - 2015-12-08 20:25 - 02486734 _____ C:\Users\Ewelina\Downloads\kolejne wykłady.rar
2015-12-08 20:02 - 2015-12-08 20:05 - 149061154 _____ C:\Users\Ewelina\Downloads\metody numeryczne (1).rar
2015-12-06 23:28 - 2015-12-06 23:28 - 02847005 _____ C:\Users\Ewelina\Downloads\cw25dodatki.zip
2015-12-04 23:40 - 2015-12-04 23:40 - 14237040 _____ C:\Users\Ewelina\Downloads\skanymetro.rar
2015-12-04 23:40 - 2015-12-04 23:40 - 02714158 _____ C:\Users\Ewelina\Downloads\sciagametro.rar
2015-12-03 22:44 - 2015-12-03 22:44 - 02282928 _____ C:\Users\Ewelina\Downloads\zdjęcia.zip
2015-12-03 18:29 - 2015-12-03 18:29 - 00024519 _____ C:\Users\Ewelina\Documents\Ze656565szyt1.xlsx
2015-12-03 17:59 - 2015-12-03 17:59 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2015-12-03 17:59 - 2015-12-03 17:59 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-02 20:23 - 2015-12-04 16:55 - 00000000 ____D C:\Users\Ewelina\Desktop\Paweł II
2015-12-01 19:42 - 2015-12-01 20:19 - 66945690 _____ C:\Users\Ewelina\Downloads\wyklad.rar
2015-12-01 18:12 - 2015-12-01 18:12 - 03524310 _____ C:\Users\Ewelina\Downloads\wykłady-metrologia.pdf
2015-11-29 20:36 - 2015-11-29 20:39 - 00000942 _____ C:\Users\Ewelina\Downloads\metoda-wezlowa.sce
2015-11-29 20:02 - 2015-11-29 20:02 - 00075604 _____ C:\Users\Ewelina\Downloads\cw 20 protokol.pdf
2015-11-24 17:26 - 2015-11-24 17:26 - 08781356 _____ C:\Users\Ewelina\Downloads\pd_teoria_obwodów.zip
2015-11-23 21:41 - 2015-11-23 22:20 - 00000000 ____D C:\Users\Ewelina\Desktop\to
2015-11-23 20:57 - 2015-11-23 20:57 - 00118672 _____ C:\Users\Ewelina\Downloads\Obwody sprzezone magnetycznie.pdf
2015-11-22 12:14 - 2015-11-22 12:17 - 00000000 ____D C:\Users\Ewelina\Desktop\maria
2015-11-21 12:08 - 2015-11-21 12:08 - 00152759 _____ C:\Users\Ewelina\Downloads\spr-lv6.odt
2015-11-20 18:00 - 2015-11-20 18:00 - 09596689 _____ C:\Users\Ewelina\Downloads\EiTO teoria_obwodow_elektrycznych_-_zadania_(bolkowski_brociek_raw-getrightdownload.pdf
2015-11-20 17:50 - 2015-11-20 17:50 - 01637356 _____ C:\Users\Ewelina\Downloads\przebiegi-odkształcone.pdf
2015-11-20 17:47 - 2015-11-20 17:48 - 31807888 _____ C:\Users\Ewelina\Downloads\Fwd__materialy_na_egzamin_z_to.zip
2015-11-20 17:47 - 2015-11-20 17:48 - 08422524 _____ C:\Users\Ewelina\Downloads\EGZAMIN u WACA 2014,2015 Full.rar
2015-11-19 22:26 - 2015-11-19 22:26 - 00001512 _____ C:\Users\Ewelina\Documents\Rysunek1.pdf
2015-11-19 22:00 - 2015-11-19 22:00 - 00495574 _____ C:\Users\Ewelina\Downloads\e1a09df97ead8f56de6051283e304fe8.bmp
2015-11-19 21:42 - 2015-11-19 21:42 - 00000199 ____H C:\Users\Ewelina\Downloads\Rysunek1.dwl2
2015-11-19 21:42 - 2015-11-19 21:42 - 00000049 ____H C:\Users\Ewelina\Downloads\Rysunek1.dwl
2015-11-17 16:46 - 2015-11-17 16:47 - 97187118 _____ C:\Users\Ewelina\Downloads\MATEMATYKA IV, W.ŻAKOWSKI, W.LEKSIŃSKI.pdf
2015-11-17 16:44 - 2015-11-17 16:44 - 72992607 _____ C:\Users\Ewelina\Downloads\E. Kącki, L. Siewierski - Wybrane działy matematyki wyższej z ćwiczeniami.pdf
2015-11-12 13:46 - 2015-11-12 13:46 - 00026431 _____ C:\Users\Ewelina\Downloads\3615414_1of1.xml.gz
2015-11-12 13:43 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-12 13:43 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-12 13:43 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-12 13:43 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-12 13:43 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-12 13:43 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-12 13:43 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-12 13:43 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-12 13:43 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-11-12 13:43 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-11-12 13:43 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-12 13:43 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-12 13:43 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-12 13:43 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-12 13:43 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-11-12 13:43 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-12 13:43 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-12 13:43 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-11-12 13:43 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-12 13:43 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-11-12 13:43 - 2015-09-29 13:24 - 00155480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2015-11-12 13:43 - 2015-09-12 14:47 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml
2015-11-12 13:43 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-11-12 13:43 - 2015-09-07 17:21 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2015-11-12 13:43 - 2015-09-07 17:17 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2015-11-12 13:43 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-11-12 13:43 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-11-12 13:43 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2015-11-12 13:43 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2015-11-12 13:43 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-11-12 13:43 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-11-12 13:43 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-11-12 13:43 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-11-12 13:43 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-11-12 13:43 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-11-12 13:43 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-11-12 13:43 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-11-12 13:43 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-11-12 13:43 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2015-12-11 19:14 - 2014-09-08 21:29 - 00000000 ____D C:\FRST
2015-12-11 19:13 - 2015-04-01 19:00 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-11 19:13 - 2014-03-09 16:03 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-11 19:13 - 2014-03-09 15:23 - 00000000 ____D C:\Users\Ewelina\AppData\Roaming\Skype
2015-12-11 19:11 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-11 19:10 - 2014-11-23 13:21 - 00000000 ____D C:\AdwCleaner
2015-12-11 19:03 - 2014-03-09 15:23 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2704708050-431393269-3011475840-1002
2015-12-11 18:58 - 2014-10-21 20:47 - 00000902 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-12-11 18:58 - 2014-03-23 19:07 - 00001019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-12-11 18:58 - 2014-03-22 19:13 - 00001378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-12-11 18:58 - 2014-03-22 19:13 - 00001309 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-12-11 18:58 - 2014-03-13 00:27 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-12-11 18:58 - 2014-03-08 23:13 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-11 18:58 - 2014-03-08 22:08 - 00001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2015-12-11 18:58 - 2014-03-08 22:08 - 00001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2015-12-11 18:58 - 2014-03-08 22:07 - 00001527 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2015-12-11 18:58 - 2014-03-08 22:07 - 00001357 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2015-12-11 18:57 - 2015-10-19 15:47 - 00001051 _____ C:\Users\Public\Desktop\scilab-5.5.2 (64-bit).lnk
2015-12-11 18:57 - 2015-10-02 19:27 - 00000994 _____ C:\Users\Public\Desktop\MiniTool Partition Wizard Free.lnk
2015-12-11 18:57 - 2015-04-08 18:36 - 00001473 _____ C:\Users\Public\Desktop\Free Video Call Recorder for Skype.lnk
2015-12-11 18:57 - 2015-04-08 18:36 - 00001251 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-12-11 18:57 - 2015-03-31 18:29 - 00000598 _____ C:\Users\Ewelina\Desktop\FreeOCR.lnk
2015-12-11 18:57 - 2015-03-05 11:18 - 00001512 _____ C:\Users\Ewelina\Desktop\Lazarus.lnk
2015-12-11 18:57 - 2014-10-26 21:05 - 00002004 _____ C:\Users\Public\Desktop\AutoCAD 2011 - Polski.lnk
2015-12-11 18:57 - 2014-06-03 23:37 - 00001851 _____ C:\Users\Ewelina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-12-11 18:57 - 2014-03-27 21:55 - 00001063 _____ C:\Users\Ewelina\Desktop\Easy GIF Animator.lnk
2015-12-11 18:57 - 2014-03-27 21:32 - 00002188 _____ C:\Users\Public\Desktop\Xilisoft Video Converter Ultimate.lnk
2015-12-11 18:57 - 2014-03-23 19:07 - 00001019 _____ C:\Users\Ewelina\Desktop\Audacity.lnk
2015-12-11 18:57 - 2014-03-09 15:18 - 00001450 _____ C:\Users\Ewelina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-11 18:53 - 2014-03-09 15:16 - 00000000 ____D C:\Users\Ewelina
2015-12-11 18:53 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\Performance
2015-12-11 18:52 - 2014-11-22 12:17 - 00000000 ____D C:\Users\Ewelina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-12-11 18:52 - 2014-03-08 19:39 - 00000000 ____D C:\Users\Ewelina\Desktop\pamietniki
2015-12-11 18:33 - 2015-04-01 19:00 - 00001074 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-11 18:17 - 2014-09-08 18:49 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-11 18:16 - 2014-09-08 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-11 18:16 - 2014-09-08 18:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-11 17:23 - 2014-11-22 11:48 - 00000000 ____D C:\Users\Ewelina\AppData\Local\Akamai
2015-12-11 16:59 - 2014-06-03 23:37 - 00000000 ____D C:\Users\Ewelina\AppData\Local\Spotify
2015-12-11 16:48 - 2014-06-03 23:36 - 00000000 ____D C:\Users\Ewelina\AppData\Roaming\Spotify
2015-12-11 12:27 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2015-12-11 07:12 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2015-12-10 16:02 - 2014-03-13 22:20 - 00000000 ____D C:\Users\Ewelina\Desktop\ładniutkie
2015-12-10 15:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2015-12-10 15:32 - 2013-08-22 15:44 - 05172744 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-10 15:31 - 2014-09-29 10:53 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-10 15:31 - 2014-09-29 10:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-09 23:52 - 2015-09-11 18:31 - 00000173 _____ C:\Users\Ewelina\AppData\Local\msmathematics.qat.Ewelina
2015-12-09 20:39 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2015-12-09 20:38 - 2014-09-29 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-09 20:37 - 2014-03-08 21:47 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-09 20:36 - 2014-03-08 22:52 - 00000000 ____D C:\Windows\system32\MRT
2015-12-09 20:31 - 2014-03-08 22:52 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-09 19:13 - 2014-03-09 16:03 - 00003818 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-08 21:52 - 2015-09-25 18:03 - 00000000 ____D C:\Users\Ewelina\Desktop\Nowy folder
2015-12-07 16:55 - 2014-03-08 19:55 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-12-02 20:55 - 2015-08-25 23:32 - 00000132 _____ C:\Users\Ewelina\AppData\Roaming\Preferencje formatu PNG CS6 firmy Adobe
2015-12-02 17:28 - 2015-04-01 19:00 - 00004046 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-02 17:28 - 2015-04-01 19:00 - 00003810 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-01 18:19 - 2015-06-10 21:44 - 00826872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-01 18:19 - 2015-06-10 21:44 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-26 23:06 - 2013-09-30 05:15 - 01825074 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-26 23:06 - 2013-09-30 04:56 - 00805918 _____ C:\Windows\system32\perfh015.dat
2015-11-26 23:06 - 2013-09-30 04:56 - 00163272 _____ C:\Windows\system32\perfc015.dat
2015-11-26 14:46 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-11-23 21:42 - 2014-12-15 22:14 - 00000000 ____D C:\Users\Ewelina\Desktop\Izyyyyy
2015-11-23 21:42 - 2014-10-07 14:21 - 00000000 ____D C:\Users\Ewelina\Desktop\STUDIA
2015-11-23 21:41 - 2015-09-22 11:04 - 00000000 ____D C:\Users\Ewelina\Desktop\porządki
2015-11-22 19:39 - 2014-03-09 15:23 - 00000000 ____D C:\ProgramData\Skype
2015-11-21 23:20 - 2014-03-27 10:29 - 00000000 ____D C:\Users\Ewelina\AppData\Local\Microsoft Help
2015-11-19 22:56 - 2014-11-15 15:55 - 00000000 ____D C:\Users\Ewelina\Desktop\AutoCAD
2015-11-13 00:35 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData
2015-11-11 18:52 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
==================== Pliki w katalogu głównym wybranych folderów =======
2015-08-25 23:32 - 2015-12-02 20:55 - 0000132 _____ () C:\Users\Ewelina\AppData\Roaming\Preferencje formatu PNG CS6 firmy Adobe
2014-06-03 20:58 - 2014-09-08 18:03 - 0000119 _____ () C:\Users\Ewelina\AppData\Roaming\WB.CFG
2015-04-08 18:35 - 2015-04-08 18:35 - 0385602 _____ () C:\Users\Ewelina\AppData\Local\5D515C96_stp.CIS
2015-04-08 18:35 - 2015-04-08 18:35 - 0000220 _____ () C:\Users\Ewelina\AppData\Local\5D515C96_stp.CIS.part
2014-03-22 18:33 - 2014-03-23 17:01 - 0006144 _____ () C:\Users\Ewelina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-11 18:31 - 2015-12-09 23:52 - 0000173 _____ () C:\Users\Ewelina\AppData\Local\msmathematics.qat.Ewelina
2015-10-21 22:26 - 2015-10-21 22:26 - 0000900 _____ () C:\Users\Ewelina\AppData\Local\recently-used.xbel
2014-11-22 12:15 - 2014-11-22 12:15 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Niektóre pliki w TEMP:
====================
C:\Users\Ewelina\AppData\Local\Temp\AcDeltree.exe
C:\Users\Ewelina\AppData\Local\Temp\B82F.exe
C:\Users\Ewelina\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmposkuoh.dll
C:\Users\Ewelina\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Ewelina\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Ewelina\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Ewelina\AppData\Local\Temp\project1.exe
C:\Users\Ewelina\AppData\Local\Temp\Quarantine.exe
C:\Users\Ewelina\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Ewelina\AppData\Local\Temp\sqlite3.dll
C:\Users\Ewelina\AppData\Local\Temp\VMSetup2.0.0.199.exe
C:\Users\Ewelina\AppData\Local\Temp\VMSetup2.0.0.215.exe
==================== Bamital & volsnap =================
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
C:\Windows\system32\winlogon.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\explorer.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\services.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\User32.dll = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\User32.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys = & gt; Plik podpisany cyfrowo
LastRegBack: 2015-12-05 10:05
==================== Koniec FRST.txt ============================