Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 23-04-2017 01 Uruchomiony przez Michał (administrator) MICHAL (24-04-2017 20:05:16) Uruchomiony z C:\Users\Michał\Desktop\frst Załadowane profile: Michał (Dostępne profile: Michał) Platform: Windows 10 Education Wersja 1703 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\SysWOW64\spdsvc.exe (Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe (Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes) HKU\S-1-5-21-2280503538-1542354952-1058851140-1001\...\Run: [Spotify Web Helper] => C:\Users\Michał\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1483888 2016-10-15] (Spotify Ltd) HKU\S-1-5-21-2280503538-1542354952-1058851140-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-02] (Disc Soft Ltd) ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog5-x64 07 C:\Windows\system32\wlidnsp.dll [65536 2017-03-18] (Microsoft Corporation) Winsock: Catalog5-x64 08 C:\Windows\system32\wlidnsp.dll [65536 2017-03-18] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 82.160.1.1 Tcpip\..\Interfaces\{3a389187-b12f-48f3-bbed-e1df0ac794f5}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{6bb4b957-a9b3-4317-9b3b-da92bab40581}: [DhcpNameServer] 8.8.8.8 82.160.1.1 Tcpip\..\Interfaces\{a4315855-e32e-45d7-a4e8-132acaadec78}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{c47df16c-d791-4f54-b45d-00ab23f8bc10}: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{d8cc3db4-8d4f-4b3b-9fca-e5746bd01d81}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-2280503538-1542354952-1058851140-1001\Software\Microsoft\Internet Explorer\Main,Start Page = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-03-06] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-03-06] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-03-06] (Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-03-06] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation) Edge: ====== Edge HomeButtonPage: HKU\S-1-5-21-2280503538-1542354952-1058851140-1001 -> hxxp://google.pl/ Chrome: ======= CHR DefaultProfile: Profile 4 CHR StartupUrls: Profile 4 -> "hxxps://www.google.pl/" CHR Profile: C:\Users\Michał\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile [2017-04-24] <==== UWAGA CHR Profile: C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Profile 4 [2017-04-24] CHR Extension: (Prezentacje Google) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-24] CHR Extension: (Dokumenty Google) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-24] CHR Extension: (Dysk Google) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-24] CHR Extension: (YouTube) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-24] CHR Extension: (uBlock Origin) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-04-24] CHR Extension: (Arkusze Google) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-24] CHR Extension: (Dokumenty Google offline) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-24] CHR Extension: (AdBlock) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-24] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-24] CHR Extension: (Gmail) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-24] CHR Extension: (Chrome Media Router) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-24] CHR Profile: C:\Users\Michał\AppData\Local\Google\Chrome\User Data\System Profile [2017-04-24] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S4 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [Brak podpisu cyfrowego] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3737792 2017-03-26] (Microsoft Corporation) R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [254520 2017-02-22] (Connectify) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-02] (Disc Soft Ltd) R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-09] (Intel Corporation) R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2015-11-20] (Microsoft Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation) S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [198192 2017-03-25] (Microsoft Corporation) [Brak podpisu cyfrowego] S4 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187824 2016-06-01] () R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [133376 2016-05-30] (Razer Inc.) R2 Samsung Printer Dianostics Service; C:\WINDOWS\SysWOW64\\spdsvc.exe [491328 2015-12-05] () S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation) S3 wlpasvc; C:\WINDOWS\System32\lpasvc.dll [1295360 2017-03-18] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [97680 2015-08-17] (ASUS Corporation) R1 cfywlan2; C:\WINDOWS\system32\DRIVERS\cfywlan2.sys [46088 2017-02-24] (Connectify) R1 cnnctfy4; C:\WINDOWS\system32\DRIVERS\cnnctfy4.sys [53216 2017-02-24] (Connectify) R1 cryptfd; C:\WINDOWS\System32\drivers\cryptfd.sys [193448 2017-03-03] () R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-01-28] (Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-01-28] (Disc Soft Ltd) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-03-22] () S3 iaLPSS2i_GPIO2_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [85504 2017-03-18] (Intel Corporation) S3 iaLPSS2i_I2C_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [168448 2017-03-18] (Intel Corporation) R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [79528 2014-10-16] (Intel Corporation) R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-04-24] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-04-24] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251832 2017-04-24] (Malwarebytes) S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-04-23] (Malwarebytes) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [896272 2016-01-19] (Realtek ) R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [607512 2015-07-09] (Realtek Semiconductor Corporation) R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation) R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [6320640 2017-03-18] (Realtek Semiconductor Corporation ) R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-05-07] (Razer, Inc.) R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-06-01] (Razer, Inc.) S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [196152 2017-02-04] (Duplex Secure Ltd) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) S3 xhunter1; C:\WINDOWS\xhunter1.sys [36904 2016-04-06] (Wellbia.com Co., Ltd.) S3 wfpgameprotect; \??\C:\Users\MICHA~1\AppData\Local\Temp\B5DB.tmp.sys [X] <==== UWAGA ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-04-24 20:00 - 2017-04-24 19:43 - 00004368 _____ C:\Users\Michał\Desktop\AdwCleaner[S25].txt 2017-04-24 19:59 - 2017-04-24 19:59 - 00859988 _____ C:\Users\Michał\Desktop\malware log.txt 2017-04-24 19:47 - 2017-04-24 19:47 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-04-24 19:47 - 2017-04-24 19:47 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-04-24 19:47 - 2017-04-24 19:47 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-04-24 19:47 - 2017-04-24 19:47 - 00001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-04-24 19:47 - 2017-04-24 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-04-24 19:47 - 2017-03-22 11:02 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-04-24 19:46 - 2017-04-24 19:46 - 60107896 _____ (Malwarebytes ) C:\Users\Michał\Downloads\mb3-setup-consumer-3.0.6.1469-10103.exe 2017-04-24 19:30 - 2017-04-24 20:05 - 00000000 ____D C:\Users\Michał\Desktop\frst 2017-04-24 19:30 - 2017-04-24 19:32 - 00015797 _____ C:\Users\Michał\Desktop\Fixlog.txt 2017-04-24 19:29 - 2017-04-24 19:29 - 02426368 _____ (Farbar) C:\Users\Michał\Downloads\FRST64.exe 2017-04-24 19:24 - 2017-04-24 19:24 - 00307788 _____ C:\Users\Michał\Desktop\WG1-Pytlik-2.xps 2017-04-24 19:02 - 2017-04-24 19:02 - 00820965 _____ C:\Users\Michał\Downloads\ĆWICZENIE_1.pdf 2017-04-24 19:02 - 2017-04-24 19:02 - 00374898 _____ C:\Users\Michał\Downloads\ĆWICZENIE_0.pdf 2017-04-24 18:18 - 2017-04-24 18:18 - 52769312 _____ C:\Users\Michał\Downloads\SmartGesture_Win81_64_VER409.zip 2017-04-24 09:44 - 2017-04-24 09:44 - 00000085 _____ C:\WINDOWS\wininit.ini 2017-04-24 08:52 - 2017-04-24 08:52 - 00000622 _____ C:\Users\Michał\Desktop\JRT.txt 2017-04-24 08:48 - 2017-04-24 08:48 - 00000000 ____D C:\WINDOWS\psgo 2017-04-24 08:48 - 2017-04-24 08:48 - 00000000 ____D C:\Program Files (x86)\MIO 2017-04-24 08:47 - 2017-04-24 08:47 - 00000000 ____D C:\Program Files\65vue5zg 2017-04-23 18:56 - 2017-04-23 18:57 - 00538820 _____ C:\WINDOWS\Minidump\042317-27984-01.dmp 2017-04-23 18:51 - 2017-04-23 18:52 - 00827124 _____ C:\WINDOWS\Minidump\042317-34718-01.dmp 2017-04-23 18:29 - 2017-04-23 18:56 - 00000000 ____D C:\WINDOWS\Minidump 2017-04-23 18:29 - 2017-04-23 18:30 - 00888932 _____ C:\WINDOWS\Minidump\042317-35421-01.dmp 2017-04-23 18:08 - 2017-04-23 18:08 - 00036561 _____ C:\Users\Michał\Desktop\gmer.txt 2017-04-23 16:54 - 2017-04-23 16:54 - 00380928 _____ C:\Users\Michał\Downloads\4wo4h7y8.exe 2017-04-23 16:52 - 2017-04-24 20:05 - 00000000 ____D C:\FRST 2017-04-23 15:53 - 2017-04-23 16:56 - 00000000 ____D C:\Users\Michał\Desktop\FIXIT 2017-04-23 15:51 - 2017-04-23 15:51 - 00000000 ___HD C:\$SysReset 2017-04-23 14:45 - 2017-04-23 14:46 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Michał\Downloads\spybot-2.4.exe 2017-04-23 14:08 - 2017-04-23 14:08 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2017-04-23 14:07 - 2017-04-23 14:07 - 00000000 ____D C:\Program Files\Malwarebytes 2017-04-23 13:30 - 2017-04-23 13:30 - 01663672 _____ (Malwarebytes) C:\Users\Michał\Downloads\JRT.exe 2017-04-23 13:28 - 2017-04-23 13:28 - 04089296 _____ C:\Users\Michał\Downloads\adwcleaner_6.045.exe 2017-04-23 13:26 - 2017-04-23 13:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2017-04-23 13:25 - 2017-04-23 13:26 - 00000000 ___RD C:\Program Files (x86)\Skype 2017-04-23 13:23 - 2017-04-23 18:14 - 00000000 ____D C:\Program Files\Common Files\AV 2017-04-23 13:20 - 2017-04-23 13:20 - 06654960 _____ (AVAST Software) C:\Users\Michał\Downloads\avast_free_antivirus_setup_online.exe 2017-04-23 13:07 - 2017-04-23 13:07 - 00002459 __RSH C:\pagefile.$$$ 2017-04-23 13:01 - 2017-04-23 13:01 - 00000000 ____D C:\Users\Public\Documents\XMUpdate 2017-04-23 12:58 - 2017-04-23 12:58 - 00000000 __SHD C:\Users\Michał\AppData\Local\kemgadeojglibflomicgnfeopkdfflnw 2017-04-23 12:58 - 2017-04-23 12:58 - 00000000 ____D C:\Program Files (x86)\lll 2017-04-23 12:38 - 2017-04-23 14:09 - 00000000 ____D C:\Users\Michał\AppData\Roaming\Grawule 2017-04-23 12:38 - 2017-04-23 12:38 - 00000000 ____D C:\Users\Michał\AppData\Local\Uvurynukerpy 2017-04-23 12:27 - 2017-04-23 08:34 - 00055372 ____N C:\Users\Michał\Desktop\Prison.Break.S05E03.HDTV.KILLERS.en.srt 2017-04-23 12:21 - 2017-04-23 12:38 - 00000000 ____D C:\Users\Michał\Downloads\ii update 2017-04-23 12:09 - 2017-04-23 12:09 - 23680512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 23675392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 19334144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 11869696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 08319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-04-23 12:09 - 2017-04-23 12:09 - 08247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 06756920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 06296064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-04-23 12:09 - 2017-04-23 12:09 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-04-23 12:09 - 2017-04-23 12:09 - 02444184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-04-23 12:09 - 2017-04-23 12:09 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 01411640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 01323880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-04-23 12:09 - 2017-04-23 12:09 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-04-23 12:09 - 2017-04-23 12:09 - 00986592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2017-04-23 12:09 - 2017-04-23 12:09 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2017-04-23 12:09 - 2017-04-23 12:09 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2017-04-23 12:09 - 2017-04-23 12:09 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2017-04-23 12:09 - 2017-04-23 12:09 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2017-04-23 12:09 - 2017-04-23 12:09 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 00205728 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2017-04-23 12:09 - 2017-04-23 12:09 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys 2017-04-23 12:09 - 2017-04-23 12:09 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin 2017-04-23 12:09 - 2017-04-23 12:09 - 00000000 ____D C:\Windows.old 2017-04-23 12:07 - 2017-04-23 12:07 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2017-04-23 12:07 - 2017-04-23 12:07 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2017-04-23 12:06 - 2017-04-23 12:06 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2017-04-23 12:06 - 2017-04-23 11:13 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2017-04-23 12:03 - 2017-04-23 12:03 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2017-04-23 12:03 - 2017-04-23 12:03 - 00000000 ____D C:\Program Files\Reference Assemblies 2017-04-23 12:03 - 2017-04-23 12:03 - 00000000 ____D C:\Program Files\MSBuild 2017-04-23 12:03 - 2017-04-23 12:03 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2017-04-23 12:03 - 2017-04-23 12:03 - 00000000 ____D C:\Program Files (x86)\MSBuild 2017-04-23 12:03 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2017-04-23 12:03 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2017-04-23 12:03 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2017-04-23 12:03 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2017-04-23 12:03 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2017-04-23 12:03 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2017-04-23 11:52 - 2017-04-23 11:52 - 00000000 ____D C:\Users\Michał\AppData\Local\DBG 2017-04-23 11:50 - 2017-04-23 11:50 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2017-04-23 11:48 - 2017-04-23 11:48 - 00000020 ___SH C:\Users\Michał\ntuser.ini 2017-04-23 11:48 - 2017-04-23 11:48 - 00000000 ____D C:\Users\Michał\AppData\Local\ConnectedDevicesPlatform 2017-04-23 11:38 - 2017-04-23 15:51 - 00013320 _____ C:\WINDOWS\diagwrn.xml 2017-04-23 11:38 - 2017-04-23 15:51 - 00013320 _____ C:\WINDOWS\diagerr.xml 2017-04-23 11:35 - 2017-04-23 14:04 - 01922556 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-04-23 11:34 - 2017-04-24 19:44 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-04-23 11:34 - 2017-04-24 18:19 - 00003628 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher 2017-04-23 11:34 - 2017-04-23 13:00 - 00004212 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DB224F33-D891-4CB9-B075-F6E620590E46} 2017-04-23 11:34 - 2017-04-23 11:53 - 00003274 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2017-04-23 11:34 - 2017-04-23 11:34 - 00003494 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2017-04-23 11:34 - 2017-04-23 11:34 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2017-04-23 11:34 - 2017-04-23 11:34 - 00003270 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2017-04-23 11:34 - 2017-04-23 11:34 - 00003040 _____ C:\WINDOWS\System32\Tasks\OInstall 2017-04-23 11:34 - 2017-04-23 11:34 - 00002884 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1 2017-04-23 11:34 - 2017-04-23 11:34 - 00002874 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2 2017-04-23 11:34 - 2017-04-23 11:34 - 00002842 _____ C:\WINDOWS\System32\Tasks\ATK Package 36D18D69AFC3 2017-04-23 11:34 - 2017-04-23 11:34 - 00002812 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2280503538-1542354952-1058851140-1001 2017-04-23 11:34 - 2017-04-23 11:34 - 00002488 _____ C:\WINDOWS\System32\Tasks\Update Checker 2017-04-23 11:34 - 2017-04-23 11:34 - 00002248 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus 2017-04-23 11:34 - 2017-04-23 11:34 - 00002228 _____ C:\WINDOWS\System32\Tasks\{F1AC8AAB-C446-49AB-AB4C-09EB9FCE4B4F} 2017-04-23 11:34 - 2017-04-23 11:34 - 00002114 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON 2017-04-23 11:34 - 2017-04-23 11:34 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD 2017-04-23 11:34 - 2017-04-23 11:34 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking 2017-04-23 11:34 - 2017-04-23 11:34 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform 2017-04-23 11:34 - 2017-04-23 11:34 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee 2017-04-23 11:34 - 2017-04-23 11:34 - 00000000 ____D C:\WINDOWS\System32\Tasks\ASUS 2017-04-23 11:25 - 2017-04-23 11:25 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2017-04-23 11:23 - 2017-04-23 11:23 - 00000000 ____D C:\ProgramData\USOShared 2017-04-23 11:20 - 2017-04-23 11:26 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2017-04-23 11:18 - 2017-04-24 18:20 - 00000000 ____D C:\Users\Michał 2017-04-23 11:18 - 2017-04-23 11:18 - 00000000 _SHDL C:\Users\Michał\Ustawienia lokalne 2017-04-23 11:18 - 2017-04-23 11:18 - 00000000 _SHDL C:\Users\Michał\Szablony 2017-04-23 11:18 - 2017-04-23 11:18 - 00000000 _SHDL C:\Users\Michał\Moje dokumenty 2017-04-23 11:18 - 2017-04-23 11:18 - 00000000 _SHDL C:\Users\Michał\Menu Start 2017-04-23 11:18 - 2017-04-23 11:18 - 00000000 _SHDL C:\Users\Michał\Documents\Moje wideo 2017-04-23 11:18 - 2017-04-23 11:18 - 00000000 _SHDL C:\Users\Michał\Documents\Moje obrazy 2017-04-23 11:18 - 2017-04-23 11:18 - 00000000 _SHDL C:\Users\Michał\Documents\Moja muzyka 2017-04-23 11:18 - 2017-04-23 11:18 - 00000000 _SHDL C:\Users\Michał\Dane aplikacji 2017-04-23 11:18 - 2017-04-23 11:18 - 00000000 _SHDL C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2017-04-23 11:18 - 2017-04-23 11:18 - 00000000 _SHDL C:\Users\Michał\AppData\Local\Historia 2017-04-23 11:18 - 2017-04-23 11:18 - 00000000 _SHDL C:\Users\Michał\AppData\Local\Dane aplikacji 2017-04-23 11:16 - 2017-04-23 11:21 - 00000000 ____D C:\Program Files\Intel 2017-04-23 11:16 - 2017-04-23 11:21 - 00000000 ____D C:\Program Files (x86)\ASUS 2017-04-23 11:16 - 2017-04-23 11:16 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2017-04-23 11:16 - 2017-04-23 11:16 - 00000000 ____D C:\WINDOWS\SysWOW64\sda 2017-04-23 11:16 - 2017-04-23 11:16 - 00000000 ____D C:\ProgramData\SetupTPDriver 2017-04-23 11:16 - 2017-04-23 11:16 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin 2017-04-23 11:16 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2017-04-23 11:16 - 2016-11-30 22:59 - 00099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2017-04-23 11:15 - 2017-04-23 11:21 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2017-04-23 11:15 - 2017-04-23 11:21 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2017-04-23 11:15 - 2017-04-23 11:15 - 00000000 ____D C:\ProgramData\NVIDIA 2017-04-23 11:15 - 2016-08-01 14:54 - 06386744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2017-04-23 11:15 - 2016-08-01 14:54 - 02466360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2017-04-23 11:15 - 2016-08-01 14:54 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2017-04-23 11:15 - 2016-08-01 14:54 - 01365048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2017-04-23 11:15 - 2016-08-01 14:54 - 00547896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2017-04-23 11:15 - 2016-08-01 14:54 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2017-04-23 11:15 - 2016-08-01 14:54 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2017-04-23 11:15 - 2016-08-01 14:54 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2017-04-23 11:15 - 2016-07-28 15:02 - 07242545 _____ C:\WINDOWS\system32\nvcoproc.bin 2017-04-23 11:14 - 2017-04-23 11:14 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf 2017-04-23 11:13 - 2017-04-24 18:52 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-04-23 11:12 - 2017-04-23 13:38 - 00403920 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-04-22 12:16 - 2017-04-23 11:48 - 00000000 ___DC C:\WINDOWS\Panther 2017-04-18 14:43 - 2017-04-18 14:43 - 00001258 _____ C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ustawienia aktualizacji i prywatności.lnk 2017-04-18 14:43 - 2017-04-18 14:43 - 00000000 ____D C:\Users\Michał\AppData\Local\UNP 2017-04-18 13:49 - 2017-04-23 11:26 - 00000000 ____D C:\WINDOWS\system32\UNP 2017-04-18 13:49 - 2017-04-18 13:50 - 00000000 ____D C:\Program Files\UNP 2017-04-11 23:11 - 2017-04-11 23:11 - 00000000 ____D C:\ProgramData\Ralink Driver 2017-04-11 21:09 - 2017-03-28 07:28 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2017-04-11 21:08 - 2017-03-28 07:37 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll 2017-04-11 19:29 - 2017-04-11 19:59 - 00000000 ____D C:\Users\Michał\AppData\LocalLow\Mozilla 2017-04-02 08:15 - 2017-04-02 08:15 - 00087904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UNPUXWorker.exe 2017-03-29 08:48 - 2017-03-29 08:48 - 00022076 _____ C:\Users\Michał\Downloads\aktualny kwiecien (1).xlsx 2017-03-27 08:04 - 2017-03-27 08:04 - 00021686 _____ C:\Users\Michał\Downloads\sluzby na kwiecien (1).xlsx ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-04-24 19:47 - 2016-06-23 20:51 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-04-24 19:44 - 2016-11-12 01:00 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture 2017-04-24 19:44 - 2016-01-27 20:43 - 00000000 __SHD C:\Users\Michał\IntelGraphicsProfiles 2017-04-24 19:43 - 2017-03-18 13:40 - 00524288 _____ C:\WINDOWS\system32\config\BBI 2017-04-24 19:43 - 2016-05-08 00:01 - 00000000 ____D C:\AdwCleaner 2017-04-24 19:34 - 2017-01-03 01:09 - 00000000 ____D C:\Users\Michał\AppData\LocalLow\Temp 2017-04-24 19:33 - 2016-08-13 10:56 - 00000008 __RSH C:\ProgramData\ntuser.pol 2017-04-24 19:31 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2017-04-24 19:31 - 2016-10-27 18:55 - 00000000 ____D C:\Users\Michał\Desktop\Gry 2017-04-24 19:31 - 2016-08-13 11:21 - 00001387 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-04-24 19:31 - 2016-08-13 11:21 - 00001375 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-04-24 19:31 - 2016-01-31 21:56 - 00000000 ____D C:\Users\Michał\Documents\Euro Truck Simulator 2 2017-04-24 19:31 - 2013-08-22 17:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2017-04-24 18:19 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF 2017-04-24 18:19 - 2015-06-09 12:36 - 00000000 ____D C:\Program Files\DIFX 2017-04-24 17:25 - 2016-07-07 11:29 - 00000553 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2017-04-24 09:45 - 2016-08-13 12:59 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2017-04-24 09:44 - 2016-05-25 17:39 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2017-04-23 18:56 - 2016-02-02 16:19 - 474834559 _____ C:\WINDOWS\MEMORY.DMP 2017-04-23 18:14 - 2016-08-13 01:41 - 00000000 ____D C:\ProgramData\AVAST Software 2017-04-23 18:08 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-04-23 14:04 - 2017-03-20 05:58 - 00855740 _____ C:\WINDOWS\system32\perfh015.dat 2017-04-23 14:04 - 2017-03-20 05:58 - 00168876 _____ C:\WINDOWS\system32\perfc015.dat 2017-04-23 13:26 - 2014-10-21 06:29 - 00000000 ____D C:\ProgramData\Skype 2017-04-23 13:25 - 2014-10-21 06:29 - 00000000 ____D C:\ProgramData\Package Cache 2017-04-23 12:45 - 2017-03-24 19:21 - 00000000 ____D C:\WINDOWS\system32\appmgmt 2017-04-23 12:38 - 2016-03-17 22:23 - 00000000 ____D C:\ProgramData\Napisy24 2017-04-23 12:38 - 2016-01-28 00:10 - 00000000 ____D C:\Users\Michał\AppData\Roaming\uTorrent 2017-04-23 12:23 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps 2017-04-23 12:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-04-23 12:11 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2017-04-23 12:09 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup 2017-04-23 12:05 - 2016-01-27 20:44 - 00000000 ____D C:\Users\Michał\AppData\Local\Packages 2017-04-23 12:03 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2017-04-23 12:03 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI 2017-04-23 12:03 - 2017-03-18 22:56 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll 2017-04-23 12:03 - 2017-03-18 22:56 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll 2017-04-23 12:03 - 2017-03-18 22:56 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll 2017-04-23 12:03 - 2017-03-18 22:56 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll 2017-04-23 12:03 - 2017-03-18 22:56 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll 2017-04-23 12:03 - 2017-03-18 22:56 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll 2017-04-23 12:03 - 2017-03-18 22:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe 2017-04-23 12:03 - 2017-03-18 22:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll 2017-04-23 12:03 - 2017-03-18 22:56 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe 2017-04-23 12:03 - 2017-03-18 22:56 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe 2017-04-23 12:03 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll 2017-04-23 12:03 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll 2017-04-23 12:03 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll 2017-04-23 12:03 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll 2017-04-23 12:03 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll 2017-04-23 12:03 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll 2017-04-23 12:03 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll 2017-04-23 12:03 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll 2017-04-23 11:53 - 2016-01-27 23:34 - 00002454 _____ C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-04-23 11:53 - 2016-01-27 20:50 - 00000000 __RDO C:\Users\Michał\OneDrive 2017-04-23 11:48 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-04-23 11:48 - 2016-01-28 03:32 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-04-23 11:45 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration 2017-04-23 11:41 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT 2017-04-23 11:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2017-04-23 11:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache 2017-04-23 11:38 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2017-04-23 11:34 - 2016-01-27 23:18 - 00023140 _____ C:\WINDOWS\system32\emptyregdb.dat 2017-04-23 11:32 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries 2017-04-23 11:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2017-04-23 11:26 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-04-23 11:26 - 2017-02-24 00:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connectify 2017 2017-04-23 11:26 - 2017-02-24 00:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Narzędzia pakietu Microsoft Office 2016 2017-04-23 11:26 - 2017-02-05 22:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2 2017-04-23 11:26 - 2017-02-04 23:22 - 00000000 ____D C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mafia 2017-04-23 11:26 - 2017-02-04 17:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2017-04-23 11:26 - 2017-02-04 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElfBot NG 2017-04-23 11:26 - 2017-01-30 14:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia III 2017-04-23 11:26 - 2016-11-21 20:20 - 00000000 ____D C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder 2017-04-23 11:26 - 2016-04-25 15:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2017-04-23 11:26 - 2016-04-12 16:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2017-04-23 11:26 - 2016-03-23 23:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks 2017-04-23 11:26 - 2016-03-17 22:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Napisy24 2017-04-23 11:26 - 2016-03-17 22:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer 2017-04-23 11:26 - 2016-02-16 13:20 - 00000000 ____D C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2017-04-23 11:26 - 2016-02-16 13:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2017-04-23 11:26 - 2016-02-15 20:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Might and Magic III - Złota Edycja 2017-04-23 11:26 - 2016-02-05 02:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 3 Wild Hunt 2017-04-23 11:26 - 2016-01-31 21:56 - 00000000 ____D C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portable Programs 2017-04-23 11:26 - 2016-01-28 15:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers 2017-04-23 11:26 - 2016-01-28 01:16 - 00000000 ____D C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-04-23 11:26 - 2016-01-28 01:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-04-23 11:26 - 2015-06-09 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2017-04-23 11:26 - 2014-10-21 06:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS 2017-04-23 11:25 - 2016-07-16 08:04 - 00000000 ____D C:\Users\Default.migrated 2017-04-23 11:23 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate 2017-04-23 11:22 - 2017-03-20 05:58 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr 2017-04-23 11:22 - 2017-03-20 05:58 - 00000000 ____D C:\WINDOWS\system32\slmgr 2017-04-23 11:22 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2017-04-23 11:22 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2017-04-23 11:22 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE 2017-04-23 11:22 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool 2017-04-23 11:22 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe 2017-04-23 11:22 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF 2017-04-23 11:22 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\lv-LV 2017-04-23 11:22 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\lt-LT 2017-04-23 11:22 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\InputMethod 2017-04-23 11:22 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\et-EE 2017-04-23 11:22 - 2016-01-28 15:18 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-04-23 11:22 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared 2017-04-23 11:22 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared 2017-04-23 11:21 - 2017-03-24 13:53 - 00000000 ____D C:\Program Files\CONEXANT 2017-04-23 11:21 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\InputMethod 2017-04-23 11:21 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2017-04-23 11:21 - 2016-10-27 18:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\City Interactive 2017-04-23 11:21 - 2016-10-19 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games 2017-04-23 11:21 - 2016-06-26 01:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer 2017-04-23 11:21 - 2016-01-29 04:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics 2017-04-23 11:21 - 2015-06-09 12:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower 2017-04-23 11:21 - 2014-10-21 06:30 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2017-04-23 11:19 - 2016-01-31 21:56 - 00000000 ____D C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 v1.18.0.1s beta (26 DLC) 2017-04-23 11:19 - 2016-01-31 21:56 - 00000000 ____D C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run 2017-04-23 11:16 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2017-04-23 11:15 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help 2017-04-23 00:57 - 2017-03-20 06:23 - 00000000 ___HD C:\$WINDOWS.~BT 2017-04-22 12:16 - 2017-02-21 16:59 - 00000000 ____D C:\WINDOWS\files 2017-04-13 06:05 - 2016-01-27 23:32 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-04-11 23:53 - 2016-01-28 15:18 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-04-11 23:11 - 2015-06-09 12:22 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2017-04-11 19:51 - 2016-03-08 01:37 - 00000000 ____D C:\Program Files (x86)\McAfee 2017-04-11 19:51 - 2015-06-09 12:44 - 00000000 ____D C:\ProgramData\McAfee 2017-04-04 21:37 - 2014-10-21 06:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2017-04-03 18:56 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-04-03 18:56 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-03-29 08:18 - 2016-01-28 15:40 - 00000000 ____D C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller 2017-03-28 22:36 - 2017-02-24 00:40 - 01392587 _____ C:\Users\Michał\Desktop\Szkło i wyroby ze szkła.pptx ==================== Pliki w katalogu głównym wybranych folderów ======= 2017-02-04 17:47 - 2002-08-08 06:11 - 0319488 ____R () C:\Users\Michał\AppData\Roaming\MafiaSetup.exe 2016-01-27 20:47 - 2016-05-07 19:28 - 0000125 _____ () C:\Users\Michał\AppData\Roaming\sp_data.sys 2016-01-27 20:44 - 2016-01-27 22:04 - 0002287 _____ () C:\Users\Michał\AppData\Local\BTServer.log 2016-12-18 21:50 - 2016-12-18 21:50 - 0002311 _____ () C:\Users\Michał\AppData\Local\recently-used.xbel 2016-11-01 16:01 - 2016-11-01 16:01 - 0007597 _____ () C:\Users\Michał\AppData\Local\Resmon.ResmonCfg 2014-10-21 06:28 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd 2014-10-21 06:28 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe 2014-10-21 06:28 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-04-23 11:12 ==================== Koniec FRST.txt ============================