Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 14.03.2018 Uruchomiony przez KaC (administrator) KAC-KOMPUTER (15-03-2018 22:15:37) Uruchomiony z C:\Users\KaC\Desktop Załadowane profile: KaC & UpdatusUser (Dostępne profile: KaC & postgres & UpdatusUser) Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe (Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Mozilla Corporation) C:\Users\KaC\AppData\Local\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Users\KaC\AppData\Local\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Users\KaC\AppData\Local\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Users\KaC\AppData\Local\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Users\KaC\AppData\Local\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Users\KaC\AppData\Local\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Users\KaC\AppData\Local\Mozilla Firefox\firefox.exe (TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8114720 2009-09-11] (Realtek Semiconductor) HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-170041769-2645518904-2340773898-1001\...\Run: [OscarXG] => "C:\Program Files (x86)\X7 Oscar Mouse Editor\OscarEditor.exe" Minimum HKU\S-1-5-21-170041769-2645518904-2340773898-1001\...\MountPoints2: K - K:\Launch.exe HKU\S-1-5-21-170041769-2645518904-2340773898-1001\...\MountPoints2: L - L:\Launch.exe HKU\S-1-5-21-170041769-2645518904-2340773898-1001\...\MountPoints2: {be779948-dba3-11e3-a6e0-806e6f6e6963} - I:\SecureDriveEX2.exe HKU\S-1-5-21-170041769-2645518904-2340773898-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation) HKU\S-1-5-21-170041769-2645518904-2340773898-1159\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-170041769-2645518904-2340773898-1159\...\Run: [OscarXG] => "C:\Program Files (x86)\X7 Oscar Mouse Editor\OscarEditor.exe" Minimum HKU\S-1-5-21-170041769-2645518904-2340773898-1159\...\Run: [BloodyKeyboard] => "C:\Program Files (x86)\KeyDominator1\KeyDominator1\KeyDominator1.exe" Minimum HKU\S-1-5-21-170041769-2645518904-2340773898-1159\...\MountPoints2: K - K:\Launch.exe HKU\S-1-5-21-170041769-2645518904-2340773898-1159\...\MountPoints2: L - L:\Launch.exe HKU\S-1-5-21-170041769-2645518904-2340773898-1159\...\MountPoints2: {be779948-dba3-11e3-a6e0-806e6f6e6963} - I:\SecureDriveEX2.exe HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 31.11.202.254 37.8.214.2 Tcpip\..\Interfaces\{7E76DF84-8056-4A3A-9653-F2227C6C7BAC}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{8C2F10E9-42B5-4C65-880A-96AD048752E4}: [DhcpNameServer] 31.11.202.254 37.8.214.2 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131036301857164222&GUID=00000000-0000-0000-0000-000000000000 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131036301857724254&GUID=00000000-0000-0000-0000-000000000000 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-170041769-2645518904-2340773898-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.pl/ HKU\S-1-5-21-170041769-2645518904-2340773898-1159\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.pl/ BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab) BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab) Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab) FireFox: ======== FF ProfilePath: C:\Users\KaC\AppData\Roaming\Mozilla\Firefox\Profiles\si4xb0e7.default [2018-03-15] FF Session Restore: Mozilla\Firefox\Profiles\si4xb0e7.default -> [funkcja włączona] FF NewTabOverride: Mozilla\Firefox\Profiles\si4xb0e7.default -> Enabled: uBlock0@raymondhill.net FF Extension: (uBlock Origin) - C:\Users\KaC\AppData\Roaming\Mozilla\Firefox\Profiles\si4xb0e7.default\Extensions\uBlock0@raymondhill.net.xpi [2018-02-28] FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-02-25] FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\addon FF Extension: (Bytemobile Optimization Client) - C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\addon [2010-04-01] [Przestarzałe] [Brak podpisu cyfrowego] FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt FF Extension: (PDF Architect Converter For Firefox) - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-08-23] [Przestarzałe] [Brak podpisu cyfrowego] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-08-29] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-08-29] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-28] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-22] (Adobe Systems Inc.) StartMenuInternet: Firefox-FC46E9D4F7AC379F - C:\Users\KaC\AppData\Local\Mozilla Firefox\firefox.exe Chrome: ======= CHR Session Restore: Default -> [funkcja włączona] CHR Profile: C:\Users\KaC\AppData\Local\Google\Chrome\User Data\Default [2018-03-15] CHR Extension: (Prezentacje) - C:\Users\KaC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-28] CHR Extension: (Super Netflix) - C:\Users\KaC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aioencjhbaolepcoappllicjebblphoc [2018-03-05] CHR Extension: (Dokumenty) - C:\Users\KaC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-28] CHR Extension: (Dysk Google) - C:\Users\KaC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-28] CHR Extension: (YouTube) - C:\Users\KaC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-28] CHR Extension: (uBlock Origin) - C:\Users\KaC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-03-01] CHR Extension: (Adobe Acrobat) - C:\Users\KaC\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-02-28] CHR Extension: (Arkusze) - C:\Users\KaC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-28] CHR Extension: (Kaspersky Protection) - C:\Users\KaC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2018-02-28] CHR Extension: (Dokumenty Google offline) - C:\Users\KaC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-02-28] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\KaC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-02-28] CHR Extension: (Gmail) - C:\Users\KaC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-28] CHR Extension: (Chrome Media Router) - C:\Users\KaC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-28] CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2012-01-28] (Adobe Systems) [Brak podpisu cyfrowego] R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab) R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [121344 2017-04-13] (Dassault Systèmes) [Brak podpisu cyfrowego] S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [662600 2018-02-05] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8410184 2018-02-05] (GOG.com) S3 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6440736 2018-03-03] (Malwarebytes) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [Brak podpisu cyfrowego] S2 Passwdrenew; C:\Windows\System32\rnpasswd.exe [95744 2011-07-06] () [Brak podpisu cyfrowego] R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH) R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [Brak podpisu cyfrowego] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [60488 2013-08-09] (SafeNet Inc.) S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [303624 2013-08-09] (SafeNet Inc.) R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2009-12-15] (Bytemobile, Inc.) [Brak podpisu cyfrowego] R0 BMLoad; C:\Windows\SysWOW64\drivers\BMLoad.sys [16512 2009-12-15] (Bytemobile, Inc.) [Brak podpisu cyfrowego] R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab) R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-09] (SafeNet Inc.) R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31136 2018-03-01] (REALiX(tm)) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-14] (AO Kaspersky Lab) R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [195288 2017-10-15] (AO Kaspersky Lab) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [348376 2017-10-15] (AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1040584 2018-02-25] (AO Kaspersky Lab) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [57024 2018-02-25] (AO Kaspersky Lab) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52144 2016-05-18] (AO Kaspersky Lab) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab) R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [75696 2016-05-17] (AO Kaspersky Lab) R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [135904 2017-03-29] (AO Kaspersky Lab) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [199640 2017-08-02] (AO Kaspersky Lab) R3 MTsensor; C:\Windows\System32\DRIVERS\ATK64AMD.sys [13680 2007-08-09] () R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2009-12-15] (Bytemobile, Inc.) [Brak podpisu cyfrowego] R1 tcpipBM; C:\Windows\SysWOW64\drivers\tcpipBM.sys [39552 2009-12-15] (Bytemobile, Inc.) [Brak podpisu cyfrowego] S3 zte_cdc_acm; C:\Windows\System32\DRIVERS\zte_cdc_acm.sys [79872 2011-08-10] (ZTE) S3 zte_cpo; C:\Windows\System32\DRIVERS\zte_cpo.sys [14336 2011-08-10] (ZTE) S3 klids; \??\C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-03-15 22:15 - 2018-03-15 22:18 - 000016893 _____ C:\Users\KaC\Desktop\FRST.txt 2018-03-15 22:15 - 2018-03-15 22:15 - 000000000 ____D C:\Users\KaC\Desktop\FRST-OlderVersion 2018-03-13 12:46 - 2018-03-13 12:46 - 000000629 _____ C:\Users\Public\Desktop\Steam.lnk 2018-03-13 12:46 - 2018-03-13 12:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2018-03-09 16:59 - 2018-03-09 16:59 - 000001829 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2018-03-09 16:59 - 2018-03-09 16:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2018-03-09 16:59 - 2018-03-09 16:59 - 000000000 ____D C:\Program Files\Malwarebytes 2018-03-09 16:59 - 2018-01-18 08:03 - 000076200 _____ C:\Windows\system32\Drivers\mbae64.sys 2018-03-09 16:54 - 2018-03-10 20:03 - 000000000 ____D C:\AdwCleaner 2018-03-09 16:44 - 2018-03-09 16:45 - 008222496 _____ (Malwarebytes) C:\Users\KaC\Desktop\AdwCleaner.exe 2018-03-09 16:44 - 2018-03-09 16:44 - 069323904 _____ (Malwarebytes ) C:\Users\KaC\Desktop\mb3-setup-consumer-3.4.4.2398-1.0.322-1.0.4256.exe 2018-03-09 14:58 - 2018-03-15 22:15 - 002403328 _____ (Farbar) C:\Users\KaC\Desktop\FRST64.exe 2018-03-08 23:03 - 2018-03-08 23:03 - 000000000 ____D C:\Users\KaC\AppData\Roaming\.mono 2018-03-08 21:22 - 2018-03-15 20:41 - 000000000 ____D C:\Users\KaC\AppData\Local\Battle.net 2018-03-08 21:22 - 2018-03-08 22:50 - 000000000 ____D C:\Users\KaC\AppData\Roaming\Battle.net 2018-03-08 21:22 - 2018-03-08 21:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2018-03-08 10:43 - 2018-03-08 10:43 - 000000000 ____D C:\Windows\SysWOW64\RTCOM 2018-03-08 10:43 - 2018-03-08 10:43 - 000000000 ____D C:\Program Files\Realtek 2018-03-08 10:43 - 2018-03-08 10:43 - 000000000 ____D C:\Program Files (x86)\Realtek 2018-03-08 10:43 - 2009-09-11 21:45 - 002001056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2018-03-08 10:43 - 2009-09-11 20:57 - 001445408 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2018-03-08 10:43 - 2009-09-11 20:57 - 000611872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2018-03-08 10:43 - 2009-09-11 20:57 - 000436768 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2018-03-08 10:43 - 2009-09-11 20:57 - 000332320 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2018-03-08 10:43 - 2009-09-11 20:57 - 000149536 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2018-03-08 10:43 - 2009-09-11 20:56 - 001178656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2018-03-08 10:43 - 2009-09-11 20:56 - 000064032 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInst64.dll 2018-03-08 10:43 - 2009-08-31 19:49 - 000294912 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2018-03-08 10:43 - 2009-08-18 17:16 - 000831488 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll 2018-03-08 10:43 - 2009-07-02 19:28 - 000363008 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2018-03-08 10:43 - 2009-07-02 19:28 - 000198656 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2018-03-08 10:43 - 2009-07-02 19:28 - 000095744 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2018-03-08 10:43 - 2009-07-02 19:28 - 000073216 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2018-03-08 10:43 - 2009-04-16 10:13 - 000166400 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2018-03-08 10:43 - 2009-03-31 14:02 - 000108032 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2018-03-08 10:43 - 2009-03-09 05:32 - 000304640 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2018-03-08 10:43 - 2009-03-09 05:30 - 000304640 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2018-03-04 18:32 - 2018-03-04 18:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp 2018-03-04 18:31 - 2018-03-04 20:19 - 000000000 ____D C:\Users\KaC\AppData\Roaming\Winamp 2018-03-02 22:02 - 2018-03-02 22:02 - 000000000 ____D C:\Users\KaC\AppData\Local\GOG.com 2018-03-02 22:02 - 2018-03-02 22:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2018-03-02 22:01 - 2018-03-02 22:02 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy 2018-03-02 22:01 - 2018-03-02 22:01 - 000000000 ____D C:\ProgramData\GOG.com 2018-03-02 18:28 - 2018-03-02 18:28 - 000000000 ____D C:\Users\KaC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\K2T 2018-03-02 18:28 - 2018-03-02 18:28 - 000000000 ____D C:\Program Files\WTW 2018-03-02 18:03 - 2018-03-10 16:57 - 000010009 _____ C:\Users\KaC\Desktop\Fixlog.txt 2018-03-02 02:13 - 2018-03-15 22:15 - 000000000 ____D C:\FRST 2018-03-02 02:11 - 2018-03-02 02:11 - 000000832 _____ C:\Users\KaC\Desktop\HWiNFO64 Program.lnk 2018-03-01 23:17 - 2018-03-01 23:17 - 000031136 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO64A.SYS 2018-03-01 23:16 - 2018-03-01 23:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64 2018-03-01 23:16 - 2018-03-01 23:16 - 000000000 ____D C:\Program Files\HWiNFO64 2018-03-01 23:15 - 2018-03-01 23:15 - 000000928 _____ C:\Users\KaC\Desktop\HD Tune.lnk 2018-03-01 23:15 - 2018-03-01 23:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune 2018-03-01 23:15 - 2018-03-01 23:15 - 000000000 ____D C:\Program Files (x86)\HD Tune 2018-03-01 14:43 - 2018-03-01 14:43 - 000000000 ____D C:\Users\KaC\AppData\Local\SRS Labs 2018-03-01 14:37 - 2018-03-01 14:37 - 000000000 ____D C:\Windows\system32\SRSLabs 2018-03-01 14:37 - 2009-09-11 20:57 - 001667104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll 2018-03-01 14:37 - 2009-04-02 16:43 - 000000520 _____ C:\Windows\system32\Drivers\SamSfPa.dat 2018-03-01 14:36 - 2018-03-08 13:08 - 000000000 ___HD C:\Program Files (x86)\Temp 2018-03-01 00:20 - 2018-03-01 00:20 - 000001202 _____ C:\Users\KaC\Desktop\CrystalDiskInfo.lnk 2018-03-01 00:20 - 2018-03-01 00:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo 2018-03-01 00:20 - 2018-03-01 00:20 - 000000000 ____D C:\Program Files (x86)\CrystalDiskInfo 2018-02-28 23:27 - 2018-02-28 23:27 - 000001308 _____ C:\Users\Public\Desktop\Skype.lnk 2018-02-28 23:27 - 2018-02-28 23:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2018-02-28 23:13 - 2018-02-28 23:13 - 000000976 _____ C:\Users\KaC\Desktop\IrfanView 64.lnk 2018-02-28 23:13 - 2018-02-28 23:13 - 000000000 ____D C:\Users\KaC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView 2018-02-28 23:13 - 2018-02-28 23:13 - 000000000 ____D C:\Users\KaC\AppData\Roaming\IrfanView 2018-02-28 23:13 - 2018-02-28 23:13 - 000000000 ____D C:\Program Files\IrfanView 2018-02-28 22:52 - 2018-02-28 22:52 - 000000000 ____D C:\Users\KaC\AppData\Roaming\.wtw 2018-02-28 22:09 - 2018-03-02 15:19 - 000000096 _____ C:\Users\KaC\Desktop\Nowy dokument tekstowy.txt 2018-02-28 21:50 - 2018-02-28 21:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Axantum AxCrypt 2018-02-28 21:50 - 2018-02-28 21:50 - 000000000 ____D C:\Program Files\Axantum 2018-02-28 19:52 - 2018-03-15 22:11 - 000000000 ____D C:\Users\KaC\AppData\Roaming\TS3Client 2018-02-28 19:52 - 2018-02-28 19:52 - 000000969 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2018-02-28 19:52 - 2018-02-28 19:52 - 000000931 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk 2018-02-28 19:39 - 2018-03-15 21:29 - 000000000 ____D C:\Users\KaC\AppData\LocalLow\Mozilla 2018-02-28 19:39 - 2018-02-28 19:44 - 000000000 ____D C:\Users\KaC\AppData\Local\Mozilla 2018-02-28 19:39 - 2018-02-28 19:39 - 000001202 _____ C:\Users\KaC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2018-02-28 19:39 - 2018-02-28 19:39 - 000000000 ____D C:\Users\KaC\AppData\Local\Mozilla Firefox 2018-02-28 19:36 - 2018-03-09 14:09 - 000003482 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2018-02-28 19:36 - 2018-03-09 14:09 - 000003354 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2018-02-28 19:36 - 2018-02-28 19:36 - 000002304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-02-25 15:43 - 2018-02-25 15:43 - 000000000 ____D C:\Users\KaC\AppData\Roaming\uTorrent ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-03-15 21:44 - 2014-02-13 15:02 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2018-03-15 21:28 - 2009-07-14 05:45 - 000027776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-03-15 21:28 - 2009-07-14 05:45 - 000027776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-03-15 21:18 - 2015-06-02 09:51 - 000000000 ____D C:\ProgramData\NVIDIA 2018-03-15 21:18 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-03-12 20:34 - 2017-01-23 08:44 - 000000000 ____D C:\Program Files (x86)\Hearthstone 2018-03-10 16:17 - 2017-03-06 23:29 - 000000000 ____D C:\Users\KaC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KGS Online 2018-03-10 16:17 - 2013-10-01 06:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rodos 2010 2018-03-10 16:17 - 2013-01-13 16:44 - 000000000 ____D C:\Users\KaC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pandanet IGS 2018-03-10 14:35 - 2009-07-14 18:55 - 000741082 _____ C:\Windows\system32\perfh015.dat 2018-03-10 14:35 - 2009-07-14 18:55 - 000156598 _____ C:\Windows\system32\perfc015.dat 2018-03-10 14:35 - 2009-07-14 06:13 - 001672188 _____ C:\Windows\system32\PerfStringBackup.INI 2018-03-10 14:35 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2018-03-10 01:05 - 2013-01-26 02:16 - 000000000 ____D C:\Windows\rescache 2018-03-09 16:59 - 2015-06-02 07:04 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-03-09 14:28 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\Windows Sidebar 2018-03-09 14:09 - 2017-08-05 20:01 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2018-03-09 14:09 - 2011-04-21 17:00 - 000002880 _____ C:\Windows\System32\Tasks\{C802F2D5-B21C-43F4-99FD-8B197252A33C} 2018-03-08 21:13 - 2017-01-23 08:54 - 000000000 ____D C:\Users\KaC\AppData\Local\Blizzard 2018-03-08 10:43 - 2011-04-20 23:12 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2018-03-06 12:33 - 2013-06-21 22:16 - 000000000 ____D C:\Users\postgres.KaC-Komputer 2018-03-04 18:32 - 2011-04-20 23:02 - 000000000 ____D C:\Program Files (x86)\Winamp 2018-03-03 13:23 - 2011-04-20 21:59 - 000111304 _____ C:\Users\KaC\AppData\Local\GDIPFONTCACHEV1.DAT 2018-03-03 13:16 - 2009-07-14 05:45 - 000420616 _____ C:\Windows\system32\FNTCACHE.DAT 2018-03-02 18:03 - 2011-04-21 22:14 - 000000000 ____D C:\Users\KaC\AppData\LocalLow\Temp 2018-03-01 19:02 - 2013-08-01 08:51 - 000000000 ____D C:\Windows\SysWOW64\SCDRV 2018-03-01 18:58 - 2013-10-16 06:50 - 000000000 ____D C:\Program Files (x86)\etiLABEL 2018-03-01 18:58 - 2013-05-03 15:47 - 000000000 ____D C:\Windows\SysWOW64\Adobe 2018-03-01 18:45 - 2014-08-31 16:31 - 000000000 ____D C:\Program Files (x86)\HP 2018-03-01 18:44 - 2014-08-31 16:22 - 000000000 ____D C:\ProgramData\HP 2018-03-01 18:40 - 2016-11-02 19:12 - 000000000 ____D C:\Program Files (x86)\KeyDominator1 2018-03-01 18:40 - 2014-06-01 07:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sage 2018-03-01 18:40 - 2013-08-23 09:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator 2018-03-01 18:40 - 2013-06-21 22:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.4 2018-03-01 18:40 - 2012-01-28 05:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2018-03-01 18:40 - 2011-11-13 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TongYang Online 2018-03-01 18:40 - 2011-07-07 18:32 - 000000000 ____D C:\Program Files (x86)\X7 Oscar Mouse Editor 2018-03-01 18:40 - 2011-04-20 23:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games 2018-03-01 14:43 - 2011-07-30 15:36 - 000000000 ____D C:\Program Files (x86)\Google 2018-03-01 14:42 - 2009-07-14 06:08 - 000032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2018-03-01 13:18 - 2015-06-02 10:44 - 000000000 ____D C:\Users\UpdatusUser 2018-02-28 23:27 - 2011-04-21 17:00 - 000000000 ____D C:\Users\KaC\AppData\Roaming\Skype 2018-02-28 22:47 - 2012-03-28 15:24 - 000000000 ____D C:\Users\KaC\AppData\Roaming\Notepad++ 2018-02-28 20:30 - 2012-11-06 12:06 - 000000000 ____D C:\Windows\system32\Macromed 2018-02-28 20:30 - 2011-05-11 19:37 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2018-02-28 19:52 - 2011-07-08 18:00 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client 2018-02-28 19:39 - 2011-06-06 13:42 - 000000000 ____D C:\Users\KaC\AppData\Roaming\Mozilla 2018-02-28 19:37 - 2011-04-20 22:00 - 000000000 ____D C:\Users\KaC\AppData\Local\Google 2018-02-28 19:36 - 2011-04-20 21:59 - 000000000 ____D C:\Users\KaC\AppData\Local\Deployment 2018-02-28 19:05 - 2009-07-14 03:34 - 000000528 _____ C:\Windows\win.ini 2018-02-25 16:22 - 2015-03-03 21:51 - 000000000 ____D C:\Users\KaC\AppData\Local\GoPanda2 2018-02-25 16:21 - 2015-07-28 14:03 - 000000000 ____D C:\Users\KaC\AppData\Roaming\DragonRoomGrandPoker 2018-02-25 16:20 - 2014-07-07 16:01 - 000000000 ____D C:\Users\KaC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2018-02-25 16:01 - 2011-04-21 16:59 - 000000000 ____D C:\ProgramData\Skype 2018-02-25 15:59 - 2012-02-20 23:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus 2018-02-25 15:59 - 2012-02-20 23:46 - 000000000 ____D C:\Program Files\DivX 2018-02-25 15:59 - 2012-02-20 23:39 - 000000000 ____D C:\Program Files (x86)\DivX 2018-02-25 15:59 - 2012-02-20 23:37 - 000000000 ____D C:\ProgramData\DivX 2018-02-25 15:57 - 2013-06-06 13:51 - 000000000 ____D C:\Users\KaC\AppData\Local\PokerStars.EU 2018-02-25 15:57 - 2013-06-06 13:50 - 000000000 ____D C:\Program Files (x86)\PokerStars.EU 2018-02-25 15:57 - 2012-08-23 20:07 - 000000000 ____D C:\Program Files (x86)\NapiProjekt 2018-02-25 15:56 - 2017-07-09 18:13 - 000000000 ____D C:\Program Files (x86)\Nanosoft 2018-02-25 15:42 - 2011-11-13 21:47 - 000000000 ____D C:\Program Files (x86)\TygemGlobal 2018-02-25 15:12 - 2017-03-29 03:05 - 001040584 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys 2018-02-25 15:12 - 2017-03-29 03:05 - 000057024 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys 2018-02-25 14:57 - 2015-06-02 08:08 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk ==================== Pliki w katalogu głównym wybranych folderów ======= 2010-06-02 04:21 - 2010-06-02 04:21 - 001347354 _____ () C:\Program Files\Apr2005_d3dx9_25_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 001078962 _____ () C:\Program Files\Apr2005_d3dx9_25_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 001397830 _____ () C:\Program Files\Apr2006_d3dx9_30_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 001115221 _____ () C:\Program Files\Apr2006_d3dx9_30_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000916430 _____ () C:\Program Files\Apr2006_MDX1_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 004162630 _____ () C:\Program Files\Apr2006_MDX1_x86_Archive.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000179133 _____ () C:\Program Files\Apr2006_XACT_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000133103 _____ () C:\Program Files\Apr2006_XACT_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000087101 _____ () C:\Program Files\Apr2006_xinput_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000046010 _____ () C:\Program Files\Apr2006_xinput_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000698612 _____ () C:\Program Files\APR2007_d3dx10_33_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000695865 _____ () C:\Program Files\APR2007_d3dx10_33_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 001607358 _____ () C:\Program Files\APR2007_d3dx9_33_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 001606039 _____ () C:\Program Files\APR2007_d3dx9_33_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000195766 _____ () C:\Program Files\APR2007_XACT_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000151225 _____ () C:\Program Files\APR2007_XACT_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000096817 _____ () C:\Program Files\APR2007_xinput_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000053302 _____ () C:\Program Files\APR2007_xinput_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 001350542 _____ () C:\Program Files\Aug2005_d3dx9_27_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 001077644 _____ () C:\Program Files\Aug2005_d3dx9_27_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000182903 _____ () C:\Program Files\AUG2006_XACT_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000137235 _____ () C:\Program Files\AUG2006_XACT_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000087142 _____ () C:\Program Files\AUG2006_xinput_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000046058 _____ () C:\Program Files\AUG2006_xinput_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000852286 _____ () C:\Program Files\AUG2007_d3dx10_35_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000796867 _____ () C:\Program Files\AUG2007_d3dx10_35_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 001800160 _____ () C:\Program Files\AUG2007_d3dx9_35_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 001708152 _____ () C:\Program Files\AUG2007_d3dx9_35_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000198096 _____ () C:\Program Files\AUG2007_XACT_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000153012 _____ () C:\Program Files\AUG2007_XACT_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000867612 _____ () C:\Program Files\Aug2008_d3dx10_39_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000849167 _____ () C:\Program Files\Aug2008_d3dx10_39_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 001794084 _____ () C:\Program Files\Aug2008_d3dx9_39_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 001464672 _____ () C:\Program Files\Aug2008_d3dx9_39_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000121772 _____ () C:\Program Files\Aug2008_XACT_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000092996 _____ () C:\Program Files\Aug2008_XACT_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000271412 _____ () C:\Program Files\Aug2008_XAudio_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000271038 _____ () C:\Program Files\Aug2008_XAudio_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000919044 _____ () C:\Program Files\Aug2009_D3DCompiler_42_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000900598 _____ () C:\Program Files\Aug2009_D3DCompiler_42_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 003112111 _____ () C:\Program Files\Aug2009_d3dcsx_42_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 003319740 _____ () C:\Program Files\Aug2009_d3dcsx_42_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000232635 _____ () C:\Program Files\Aug2009_d3dx10_42_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000192131 _____ () C:\Program Files\Aug2009_d3dx10_42_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000136301 _____ () C:\Program Files\Aug2009_d3dx11_42_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000105044 _____ () C:\Program Files\Aug2009_d3dx11_42_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000930116 _____ () C:\Program Files\Aug2009_d3dx9_42_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 000728456 _____ () C:\Program Files\Aug2009_d3dx9_42_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000122408 _____ () C:\Program Files\Aug2009_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000093106 _____ () C:\Program Files\Aug2009_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000273264 _____ () C:\Program Files\Aug2009_XAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000272642 _____ () C:\Program Files\Aug2009_XAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 001357976 _____ () C:\Program Files\Dec2005_d3dx9_28_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 001079456 _____ () C:\Program Files\Dec2005_d3dx9_28_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000212807 _____ () C:\Program Files\DEC2006_d3dx10_00_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000191720 _____ () C:\Program Files\DEC2006_d3dx10_00_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 001571154 _____ () C:\Program Files\DEC2006_d3dx9_32_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 001574376 _____ () C:\Program Files\DEC2006_d3dx9_32_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000192475 _____ () C:\Program Files\DEC2006_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000145599 _____ () C:\Program Files\DEC2006_XACT_x86.cab 2011-03-30 10:40 - 2011-03-30 10:40 - 000095576 _____ (Microsoft Corporation) C:\Program Files\DSETUP.dll 2011-03-30 10:40 - 2011-03-30 10:40 - 001566040 _____ () C:\Program Files\dsetup32.dll 2011-03-30 10:40 - 2011-03-30 10:40 - 000044624 _____ () C:\Program Files\dxdllreg_x86.cab 2011-03-30 10:40 - 2011-03-30 10:40 - 000517976 _____ () C:\Program Files\DXSETUP.exe 2011-03-30 10:40 - 2011-03-30 10:40 - 000097152 _____ () C:\Program Files\dxupdate.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 001247499 _____ () C:\Program Files\Feb2005_d3dx9_24_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 001013225 _____ () C:\Program Files\Feb2005_d3dx9_24_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 001362796 _____ () C:\Program Files\Feb2006_d3dx9_29_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 001084720 _____ () C:\Program Files\Feb2006_d3dx9_29_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000178359 _____ () C:\Program Files\Feb2006_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000132409 _____ () C:\Program Files\Feb2006_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000194675 _____ () C:\Program Files\FEB2007_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000147983 _____ () C:\Program Files\FEB2007_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000054678 _____ () C:\Program Files\Feb2010_X3DAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000020713 _____ () C:\Program Files\Feb2010_X3DAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000122446 _____ () C:\Program Files\Feb2010_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000093180 _____ () C:\Program Files\Feb2010_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000276960 _____ () C:\Program Files\Feb2010_XAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000277191 _____ () C:\Program Files\Feb2010_XAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 001336002 _____ () C:\Program Files\Jun2005_d3dx9_26_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 001064925 _____ () C:\Program Files\Jun2005_d3dx9_26_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000180785 _____ () C:\Program Files\JUN2006_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000133671 _____ () C:\Program Files\JUN2006_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000699044 _____ () C:\Program Files\JUN2007_d3dx10_34_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000698472 _____ () C:\Program Files\JUN2007_d3dx10_34_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 001607774 _____ () C:\Program Files\JUN2007_d3dx9_34_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 001607286 _____ () C:\Program Files\JUN2007_d3dx9_34_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000197122 _____ () C:\Program Files\JUN2007_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000152909 _____ () C:\Program Files\JUN2007_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000867828 _____ () C:\Program Files\JUN2008_d3dx10_38_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000849919 _____ () C:\Program Files\JUN2008_d3dx10_38_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 001792608 _____ () C:\Program Files\JUN2008_d3dx9_38_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 001463878 _____ () C:\Program Files\JUN2008_d3dx9_38_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000055154 _____ () C:\Program Files\JUN2008_X3DAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000021905 _____ () C:\Program Files\JUN2008_X3DAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000121054 _____ () C:\Program Files\JUN2008_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000093128 _____ () C:\Program Files\JUN2008_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000269628 _____ () C:\Program Files\JUN2008_XAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000269024 _____ () C:\Program Files\JUN2008_XAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000944460 _____ () C:\Program Files\Jun2010_D3DCompiler_43_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000931471 _____ () C:\Program Files\Jun2010_D3DCompiler_43_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000752783 _____ () C:\Program Files\Jun2010_d3dcsx_43_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000762188 _____ () C:\Program Files\Jun2010_d3dcsx_43_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000235955 _____ () C:\Program Files\Jun2010_d3dx10_43_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000197283 _____ () C:\Program Files\Jun2010_d3dx10_43_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000138205 _____ () C:\Program Files\Jun2010_d3dx11_43_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000109445 _____ () C:\Program Files\Jun2010_d3dx11_43_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000937246 _____ () C:\Program Files\Jun2010_d3dx9_43_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000768036 _____ () C:\Program Files\Jun2010_d3dx9_43_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000124596 _____ () C:\Program Files\Jun2010_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000093686 _____ () C:\Program Files\Jun2010_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000277338 _____ () C:\Program Files\Jun2010_XAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000278060 _____ () C:\Program Files\Jun2010_XAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000844884 _____ () C:\Program Files\Mar2008_d3dx10_37_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000818260 _____ () C:\Program Files\Mar2008_d3dx10_37_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 001769862 _____ () C:\Program Files\Mar2008_d3dx9_37_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 001443282 _____ () C:\Program Files\Mar2008_d3dx9_37_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000055058 _____ () C:\Program Files\Mar2008_X3DAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000021867 _____ () C:\Program Files\Mar2008_X3DAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000122336 _____ () C:\Program Files\Mar2008_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000093734 _____ () C:\Program Files\Mar2008_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000251194 _____ () C:\Program Files\Mar2008_XAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000226250 _____ () C:\Program Files\Mar2008_XAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 001067160 _____ () C:\Program Files\Mar2009_d3dx10_41_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 001040745 _____ () C:\Program Files\Mar2009_d3dx10_41_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 001973702 _____ () C:\Program Files\Mar2009_d3dx9_41_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 001612446 _____ () C:\Program Files\Mar2009_d3dx9_41_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000054600 _____ () C:\Program Files\Mar2009_X3DAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000021298 _____ () C:\Program Files\Mar2009_X3DAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000121506 _____ () C:\Program Files\Mar2009_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000092740 _____ () C:\Program Files\Mar2009_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000275044 _____ () C:\Program Files\Mar2009_XAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000273018 _____ () C:\Program Files\Mar2009_XAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000864600 _____ () C:\Program Files\Nov2007_d3dx10_36_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000803884 _____ () C:\Program Files\Nov2007_d3dx10_36_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 001802058 _____ () C:\Program Files\Nov2007_d3dx9_36_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 001709360 _____ () C:\Program Files\Nov2007_d3dx9_36_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000046144 _____ () C:\Program Files\NOV2007_X3DAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000018496 _____ () C:\Program Files\NOV2007_X3DAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000196762 _____ () C:\Program Files\NOV2007_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000148264 _____ () C:\Program Files\NOV2007_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000994154 _____ () C:\Program Files\Nov2008_d3dx10_40_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000965421 _____ () C:\Program Files\Nov2008_d3dx10_40_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 001906878 _____ () C:\Program Files\Nov2008_d3dx9_40_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 001550796 _____ () C:\Program Files\Nov2008_d3dx9_40_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000054522 _____ () C:\Program Files\Nov2008_X3DAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000021851 _____ () C:\Program Files\Nov2008_X3DAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000121794 _____ () C:\Program Files\Nov2008_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000092684 _____ () C:\Program Files\Nov2008_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000273960 _____ () C:\Program Files\Nov2008_XAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000272611 _____ () C:\Program Files\Nov2008_XAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000086037 _____ () C:\Program Files\Oct2005_xinput_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000045359 _____ () C:\Program Files\Oct2005_xinput_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 001412902 _____ () C:\Program Files\OCT2006_d3dx9_31_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 001127217 _____ () C:\Program Files\OCT2006_d3dx9_31_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000182361 _____ () C:\Program Files\OCT2006_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 000138017 _____ () C:\Program Files\OCT2006_XACT_x86.cab 2016-10-26 19:18 - 2016-10-26 19:18 - 000001532 _____ () C:\Users\KaC\AppData\Local\recently-used.xbel ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2018-03-09 11:48 ==================== Koniec FRST.txt ============================