Witajcie! Problem wygląda tak, że opis aukcji na allegro pojawia się na sekundę, strona przeładowuje się i pojawiają się reklamy a opis znika. Widziałem już taki problem tutaj na forum, wykonałem wszystko po kolei (skan malwarebytes anti-malware, adwcleaner, cc cleaner, eset) - ogólnie coś tam znalazły i usunęły, ale to nic nie zmieniło. Następnie zmieniłem DNS na windowsie i w routerze na 8.8.8.8 i 8.8.4.4 - nadal nic. Niestety ze względu na inny router "Szczegolnie wazne jest zablokowanie dostepu do panelu: http://www.tp-link.com.pl/article/?faqid=568" nie mam tam takich opcji jak we wskazanym artykule, w zakładce access control zaznaczyłem "Enable Internet Access Control". W cmd zrobiłem również ipconfig/flushdns. Załączam również logi z FRST. Co jeszcze mogę zrobić..?
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 18-02-2017
Uruchomiony przez Dawid (administrator) PC (18-02-2017 15:12:10)
Uruchomiony z C:\Users\Dawid\Downloads
Załadowane profile: Dawid (Dostępne profile: Dawid)
Platform: Windows 8.1 Pro (Update) (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: " D:\Programy\Firefox\firefox.exe " -osint -url " %1 " )
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesy (filtrowane) =================
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(CHENGDU YIWO Tech Development Co., Ltd) D:\Programy\Todo Backup\bin\Agent.exe
(ESET) C:\Program Files\ESET\ESET Antivirus\x86\ekrn.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() D:\Programy\Todo Backup\bin\TodoBackupService.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(ESET) C:\Program Files\ESET\ESET Antivirus\egui.exe
(ACD Systems) C:\Program Files\ACD Systems\ACDSee Ultimate\9.0\acdIDInTouch2.exe
() C:\Program Files\ACD Systems\ACDSee Ultimate\9.0\ACDSeeCommanderUltimate9.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dassault Systèmes SolidWorks Corp.) D:\Programy\sw\SOLIDWORKS\sldworks_fs.exe
(PTC) C:\Program Files (x86)\PTC\WindchillSharePointProducts\ClientManager\ProductPointService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) D:\Programy\Firefox\firefox.exe
(Mozilla Corporation) D:\Programy\Firefox\firefox.exe
==================== Rejestr (filtrowane) ====================
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
HKLM\...\Run: [Logitech Download Assistant] = & gt; C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [egui] = & gt; C:\Program Files\ESET\ESET Antivirus\egui.exe [5595848 2015-07-08] (ESET)
HKLM\...\Run: [ACUW09EN] = & gt; C:\Program Files\ACD Systems\ACDSee Ultimate\9.0\acdIDInTouch2.exe [2099656 2016-07-14] (ACD Systems)
HKLM\...\Run: [AdobeAAMUpdater-1.0] = & gt; C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] = & gt; C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] = & gt; D:\Programy\adobe reader\Reader\Reader_sl.exe [37296 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] = & gt; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] = & gt; C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [ADSKAppManager] = & gt; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] = & gt; C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] = & gt; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] = & gt; C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [] = & gt; [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] = & gt; C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-10-01] (Adobe Systems Inc.)
HKU\S-1-5-21-2272929598-1003954470-4142707412-1001\...\Run: [ChomikBox] = & gt; C:\Program Files (x86)\ChomikBox\chomikbox.exe [3939840 2015-12-10] ( )
HKU\S-1-5-21-2272929598-1003954470-4142707412-1001\...\Run: [DAEMON Tools Lite Automount] = & gt; C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-06-22] (Disc Soft Ltd)
HKU\S-1-5-21-2272929598-1003954470-4142707412-1001\...\Run: [ACDSeeCommanderUltimate9] = & gt; C:\Program Files\ACD Systems\ACDSee Ultimate\9.0\ACDSeeCommanderUltimate9.exe [3146936 2016-07-19] ()
HKU\S-1-5-21-2272929598-1003954470-4142707412-1001\...\Run: [AdobeBridge] = & gt; [X]
HKU\S-1-5-21-2272929598-1003954470-4142707412-1001\...\Run: [BitTorrent] = & gt; C:\Users\Dawid\AppData\Roaming\BitTorrent\BitTorrent.exe [1984200 2017-02-07] (BitTorrent Inc.)
HKU\S-1-5-21-2272929598-1003954470-4142707412-1001\...\Run: [Skype] = & gt; C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2272929598-1003954470-4142707412-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2272929598-1003954470-4142707412-1001\...\MountPoints2: {64fdfddb-38ad-11e6-825f-ac220b501f79} - " K:\setup.exe "
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] - & gt; {36A21736-36C2-4C11-8ACB-D4136F2B57BD} = & gt; C:\WINDOWS\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2015 Fast Start.lnk [2016-06-22]
ShortcutTarget: SOLIDWORKS 2015 Fast Start.lnk - & gt; C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks Pobieracz w tle.lnk [2016-06-22]
ShortcutTarget: SolidWorks Pobieracz w tle.lnk - & gt; C:\Program Files (x86)\Common Files\Menedżer instalacji SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Windchill ProductPoint Client Manager.lnk [2017-02-06]
ShortcutTarget: Windchill ProductPoint Client Manager.lnk - & gt; C:\Windows\Installer\{129024FF-A6C9-4696-91BC-570C6C05193A}\_F5BCEE176F60B4DABC6DF8.exe ()
Startup: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PQI Ur-Fortress 1.0.lnk [2016-03-10]
ShortcutTarget: PQI Ur-Fortress 1.0.lnk - & gt; C:\Program Files (x86)\PQI Ur-Fortress\PQISrv.exe ()
==================== Internet (filtrowane) ====================
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
Hosts: Nie znaleziono pliku Hosts w domyślnym katalogu
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{91017AF8-AE9D-4F27-BB59-D086676E7849}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{91017AF8-AE9D-4F27-BB59-D086676E7849}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Internet Explorer:
==================
HKU\S-1-5-21-2272929598-1003954470-4142707412-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp
BHO-x32: Adobe PDF Link Helper - & gt; {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - & gt; C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - & gt; {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - & gt; C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-31] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-31] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\x4qnazby.default-1487415751062 [2017-02-18]
FF Extension: (Adblock Plus) - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\x4qnazby.default-1487415751062\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-02-18]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\x4qnazby.default-1487415751062\features\{6821ade5-a412-4f22-9807-40157dcd7a7e}\disableSHA1rollout@mozilla.org.xpi [2017-02-18]
FF Plugin: @adobe.com/FlashPlayer - & gt; C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - & gt; C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.2 - & gt; D:\Programy\vlc\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect - & gt; C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - & gt; C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 - & gt; C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 - & gt; C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-31] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - & gt; C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader - & gt; D:\Programy\adobe reader\Reader\AIR\nppdf32.dll [2012-01-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - & gt; C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
StartMenuInternet: FIREFOX.EXE - D:\Programy\Firefox\firefox.exe
==================== Usługi (filtrowane) ====================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego]
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
S3 CoordinatorServiceHost; D:\Programy\sw\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [81400 2015-04-21] (Dassault Systèmes SolidWorks Corporation)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42096 2016-11-07] (Dropbox, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-06-22] (Disc Soft Ltd)
R2 EaseUS Agent; D:\Programy\Todo Backup\bin\Agent.exe [36904 2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Antivirus\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [4609928 2013-08-01] (SafeNet Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2016-06-22] (SolidWorks) [Brak podpisu cyfrowego]
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Brak podpisu cyfrowego]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
S4 TlntSvr; C:\WINDOWS\System32\tlntsvr.exe [146944 2016-10-31] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
===================== Sterowniki (filtrowane) ======================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R0 asstahci64; C:\WINDOWS\System32\drivers\asstahci64.sys [88936 2015-06-17] (Asmedia Technology)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWB6.sys [222720 2015-05-20] (Advanced Micro Devices)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-06-22] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-06-22] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [255240 2015-07-13] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [251632 2015-07-13] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [178520 2015-07-13] (ESET)
R2 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [168208 2015-07-13] (ESET)
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [48168 2015-12-10] ()
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet Inc.)
R3 KovaPlusFltr; C:\WINDOWS\system32\drivers\KovaPlusFltr.sys [15104 2010-01-25] (ROCCAT Development, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2017-02-18] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
==================== Jeden miesiąc - utworzone pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2017-02-18 15:12 - 2017-02-18 15:12 - 00016276 _____ C:\Users\Dawid\Downloads\FRST.txt
2017-02-18 15:12 - 2017-02-18 15:12 - 00000000 ____D C:\FRST
2017-02-18 15:11 - 2017-02-18 15:11 - 02422272 _____ (Farbar) C:\Users\Dawid\Downloads\FRST64.exe
2017-02-18 12:26 - 2017-02-18 12:26 - 04015056 _____ C:\Users\Dawid\Downloads\adwcleaner_6.043.exe
2017-02-18 12:12 - 2017-02-18 12:12 - 00000000 ____D C:\Users\Dawid\Desktop\cc
2017-02-18 11:45 - 2017-02-18 15:09 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-18 11:44 - 2017-02-18 11:44 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2017-02-18 11:44 - 2017-02-18 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2017-02-18 11:44 - 2017-02-18 11:44 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-18 11:44 - 2017-02-18 11:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-02-18 11:44 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-02-18 11:44 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2017-02-18 11:44 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2017-02-18 11:43 - 2017-02-18 11:43 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Dawid\Desktop\Malwarebytes Anti-Malware 2.1.4 PL wersja 32 i 64 bitowa.exe
2017-02-18 11:17 - 2017-02-18 11:44 - 00000000 ____D C:\Program Files\Plumbytes Software
2017-02-18 02:19 - 2017-02-18 11:18 - 00000000 ____D C:\ProgramData\TEMP
2017-02-18 02:19 - 2017-02-18 02:20 - 00030838 _____ C:\WINDOWS\system32\Drivers\Cat.DB
2017-02-18 02:17 - 2017-02-18 02:17 - 64859896 _____ (PC Tools ) C:\Users\Dawid\Desktop\sdsetup_dl.exe
2017-02-18 02:17 - 2017-02-18 02:17 - 00000864 _____ C:\Users\Dawid\Desktop\Serial.rar
2017-02-17 22:34 - 2017-02-17 22:34 - 00000000 ____D C:\Users\Dawid\AppData\Local\Tempzxpsign5ee6d3f140eaa65b
2017-02-17 22:34 - 2017-02-17 22:34 - 00000000 ____D C:\Users\Dawid\AppData\Local\Tempzxpsign25ecedd3efa889c7
2017-02-17 15:43 - 2017-02-17 15:43 - 00000000 ____D C:\Users\Dawid\AppData\Local\Tempzxpsign190ee8821b1f3e3e
2017-02-17 15:42 - 2017-02-17 15:42 - 00000000 ____D C:\Users\Dawid\AppData\Local\Tempzxpsign9c7fb94fe6014cdf
2017-02-17 15:42 - 2017-02-17 15:42 - 00000000 ____D C:\Users\Dawid\AppData\Local\Tempzxpsign97efd4ad88ce4744
2017-02-17 15:22 - 2017-02-18 15:10 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\Skype
2017-02-17 15:22 - 2017-02-17 15:22 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk
2017-02-17 15:22 - 2017-02-17 15:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-17 15:22 - 2017-02-17 15:22 - 00000000 ____D C:\ProgramData\Skype
2017-02-17 15:22 - 2017-02-17 15:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-02-17 15:21 - 2017-02-17 15:21 - 01629144 _____ (Skype Technologies S.A.) C:\Users\Dawid\Desktop\SkypeSetup.exe
2017-02-12 18:51 - 2017-02-12 18:52 - 07532750 _____ C:\Users\Dawid\Desktop\Segui_Steel_Design_5th_ED.pdf
2017-02-12 14:33 - 2017-02-17 15:43 - 00000028 _____ C:\Users\Dawid\AppData\Roaming\kulerdata.json
2017-02-12 14:33 - 2017-02-12 14:33 - 00000000 ____D C:\Users\Dawid\AppData\Local\Tempzxpsigne76b8c2c92023349
2017-02-12 14:05 - 2017-02-12 14:05 - 00000000 ____D C:\Users\Dawid\AppData\Local\Tempzxpsignba23b28833a84405
2017-02-12 14:04 - 2017-02-12 14:04 - 00000000 ____D C:\Users\Dawid\AppData\Local\Tempzxpsigna8b520884da7944a
2017-02-12 14:04 - 2017-02-12 14:04 - 00000000 ____D C:\Users\Dawid\AppData\Local\Tempzxpsign167db77fc9193c06
2017-02-12 13:59 - 2017-02-12 13:59 - 00000842 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2017.lnk
2017-02-12 13:57 - 2017-02-12 13:57 - 00000897 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2017 (32 Bit).lnk
2017-02-11 17:46 - 2017-02-11 17:46 - 67062366 _____ C:\Users\Dawid\Desktop\cialo obce.rar
2017-02-11 17:46 - 2017-02-10 20:10 - 00000000 ____D C:\Users\Dawid\Desktop\cialo obce
2017-02-09 17:11 - 2017-02-09 17:11 - 00000000 ____D C:\Users\Public\File Viewer Plus
2017-02-09 17:11 - 2017-02-09 17:11 - 00000000 ____D C:\Users\Dawid\AppData\Local\File Viewer Plus
2017-02-08 23:25 - 2017-02-08 23:25 - 14027674 _____ C:\Users\Dawid\Desktop\jimny.pdf
2017-02-08 21:51 - 2017-02-08 21:51 - 00058020 _____ C:\Users\Dawid\Documents\OŚWIADCZENIE _Regulamin pracy_nowy_15.04.2015.pdf
2017-02-08 21:49 - 2017-02-08 21:52 - 00000000 ____D C:\Users\Dawid\Desktop\marcin
2017-02-06 14:47 - 2017-02-06 14:47 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\PTC
2017-02-06 14:47 - 2017-02-06 14:47 - 00000000 ____D C:\Users\Dawid\AppData\Local\Mathsoft
2017-02-06 14:46 - 2017-02-06 14:46 - 00000000 ____D C:\ProgramData\PTC
2017-02-06 14:46 - 2017-02-06 14:46 - 00000000 ____D C:\Program Files (x86)\PTC
2017-02-06 14:46 - 2008-04-07 05:38 - 00051032 ____R (Adobe Systems Inc) C:\WINDOWS\system32\AdobePDF.dll
2017-02-06 14:46 - 2008-04-07 05:38 - 00024416 ____R (Adobe Systems Inc.) C:\WINDOWS\system32\AdobePDFUI.dll
2017-02-06 14:45 - 2017-02-06 14:45 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\Mathsoft
2017-02-06 14:42 - 2017-02-06 14:42 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2017-02-06 14:38 - 2017-02-06 14:38 - 04015056 _____ C:\Users\Dawid\Desktop\adwcleaner_6.043.exe
2017-02-06 14:25 - 2017-02-06 14:28 - 00009803 _____ C:\Users\Dawid\Documents\ptcsetup.bak
2017-01-27 17:09 - 2017-01-27 17:09 - 00000632 _____ C:\Users\Public\Desktop\Foto-Mosaik-Edda.lnk
2017-01-27 17:09 - 2017-01-27 17:09 - 00000000 ____D C:\Users\Dawid\Documents\Foto-Mosaik-Edda
2017-01-27 17:09 - 2017-01-27 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foto-Mosaik-Edda
2017-01-27 14:28 - 2017-02-18 01:48 - 00000000 ____D C:\Users\Dawid\AppData\LocalLow\BitTorrent
2017-01-27 00:26 - 2017-01-27 00:26 - 00000000 ____D C:\Users\Dawid\Downloads\martyna
2017-01-27 00:11 - 2017-01-27 00:11 - 00000000 ____D C:\Users\Dawid\Downloads\poses1
2017-01-26 23:40 - 2017-01-26 23:41 - 00000000 ____D C:\Users\Dawid\Downloads\props
2017-01-26 23:40 - 2017-01-26 23:41 - 00000000 ____D C:\Users\Dawid\Downloads\location
2017-01-26 23:39 - 2017-01-26 23:41 - 00000000 ____D C:\Users\Dawid\Downloads\poses
2017-01-26 23:32 - 2017-01-27 00:45 - 00000667 _____ C:\Users\Dawid\AppData\Roaming\Stykówka II.xml
2017-01-24 19:31 - 2017-01-24 19:51 - 00000000 ____D C:\Users\Dawid\Documents\Event Album Maker
==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2017-02-18 15:10 - 2016-11-21 20:07 - 00000000 ____D C:\Users\Dawid\AppData\LocalLow\Mozilla
2017-02-18 15:09 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-18 15:05 - 2016-07-15 16:22 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-18 15:00 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2017-02-18 14:22 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-18 14:16 - 2015-09-03 16:44 - 00000000 ____D C:\AdwCleaner
2017-02-18 14:14 - 2016-03-10 21:37 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\vlc
2017-02-18 13:01 - 2016-03-10 20:44 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2272929598-1003954470-4142707412-1001
2017-02-18 12:51 - 2016-03-10 20:40 - 01825074 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-18 12:51 - 2013-08-23 00:12 - 00805918 _____ C:\WINDOWS\system32\perfh015.dat
2017-02-18 12:51 - 2013-08-23 00:12 - 00163272 _____ C:\WINDOWS\system32\perfc015.dat
2017-02-18 12:47 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Performance
2017-02-18 12:46 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2017-02-18 12:16 - 2016-06-22 19:23 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\DAEMON Tools Lite
2017-02-18 12:16 - 2016-03-11 17:56 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\TeamViewer
2017-02-18 12:16 - 2016-03-10 21:18 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\BitTorrent
2017-02-18 12:16 - 2016-03-10 20:29 - 00000000 ___DC C:\WINDOWS\Panther
2017-02-18 01:03 - 2016-06-24 15:33 - 00000000 ____D C:\Users\Dawid\Desktop\media smartfon
2017-02-17 22:45 - 2016-03-10 20:35 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\Adobe
2017-02-17 22:33 - 2016-05-30 19:02 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2017-02-17 15:28 - 2016-03-10 21:30 - 00000020 ____H C:\ProgramData\PKP_DLet.DAT
2017-02-15 17:48 - 2016-11-03 17:19 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\Kodi
2017-02-14 19:05 - 2016-07-15 16:22 - 00003818 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-02-14 19:05 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-14 19:05 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-12 15:23 - 2016-11-06 00:28 - 00013370 _____ C:\Users\Dawid\Desktop\Studio fotograficzne.xlsx
2017-02-12 14:02 - 2016-09-27 18:29 - 00001502 _____ C:\WINDOWS\system32\Drivers\etc\hosts.txt
2017-02-12 13:57 - 2016-09-28 19:35 - 00000000 ____D C:\AdobeTemp
2017-02-12 13:55 - 2016-05-30 19:11 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-02-12 13:55 - 2016-03-10 20:48 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-12 13:53 - 2017-01-10 21:08 - 00001562 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2017-02-12 13:53 - 2016-03-10 20:59 - 00000000 ____D C:\ProgramData\Adobe
2017-02-09 22:40 - 2016-03-10 20:35 - 00000000 ____D C:\Users\Dawid
2017-02-06 23:22 - 2013-08-22 15:44 - 05229248 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-06 14:46 - 2016-04-22 15:43 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-02-06 14:44 - 2013-08-23 00:14 - 00000000 ____D C:\WINDOWS\ShellNew
2017-02-04 15:42 - 2016-01-29 22:24 - 00000000 ____D C:\Users\Dawid\Desktop\Korepetycje
==================== Pliki w katalogu głównym wybranych folderów =======
2017-01-26 23:32 - 2017-01-27 00:46 - 0013074 _____ () C:\Users\Dawid\AppData\Roaming\ContactSheetII.log
2017-02-12 14:33 - 2017-02-17 15:43 - 0000028 _____ () C:\Users\Dawid\AppData\Roaming\kulerdata.json
2016-03-10 21:30 - 2016-03-10 21:30 - 0000268 ___RH () C:\Users\Dawid\AppData\Roaming\Static Library
2016-03-10 21:30 - 2016-03-10 21:30 - 0000268 ___RH () C:\Users\Dawid\AppData\Roaming\StatusSheet
2016-03-10 21:30 - 2016-03-10 21:30 - 0000268 ___RH () C:\Users\Dawid\AppData\Roaming\Stingers
2017-01-26 23:32 - 2017-01-27 00:45 - 0000667 _____ () C:\Users\Dawid\AppData\Roaming\Stykówka II.xml
2016-03-11 18:17 - 2016-03-11 18:17 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2016-03-10 21:30 - 2016-03-10 21:30 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2016-03-10 21:30 - 2017-02-17 15:28 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2016-03-10 21:30 - 2016-03-10 21:30 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2016-03-10 21:30 - 2016-03-10 21:30 - 0000268 ___RH () C:\ProgramData\String Ensemble
2016-03-10 21:30 - 2016-03-10 21:30 - 0000268 ___RH () C:\ProgramData\Strings
2016-03-10 21:30 - 2016-03-10 21:30 - 0000268 ___RH () C:\ProgramData\Super Strings
2016-03-10 21:30 - 2016-03-10 21:30 - 0000012 ___RH () C:\ProgramData\Techno Kit
2016-03-10 21:30 - 2016-03-10 21:30 - 0000012 ___RH () C:\ProgramData\Textures
2016-03-10 21:30 - 2016-03-10 21:30 - 0000012 ___RH () C:\ProgramData\Track Settings
==================== Bamital & volsnap ======================
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
C:\WINDOWS\system32\winlogon.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\wininit.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\explorer.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\explorer.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\svchost.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\svchost.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\services.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\User32.dll = & gt; Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\User32.dll = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\userinit.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\userinit.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\rpcss.dll = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\Drivers\volsnap.sys = & gt; Plik podpisany cyfrowo
LastRegBack: 2017-02-15 17:28
==================== Koniec FRST.txt ============================