Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:05-11-2015 Uruchomiony przez Admin (administrator) IDEA-PC (06-11-2015 16:20:26) Uruchomiony z C:\Users\Admin\Downloads Załadowane profile: Admin (Dostępne profile: UpdatusUser & Admin) Platform: Windows 8.1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe (Ares Development Group) C:\Program Files (x86)\Ares\Ares.exe (Vimicro) C:\Program Files (x86)\USB Camera2\VM332STI.EXE (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\dfrgui.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-08] (ELAN Microelectronics Corp.) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-14] (Conexant Systems, Inc.) HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-19] (Qualcomm Atheros) HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-19] (Atheros Communications) HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2012-10-28] (Lenovo (Beijing) Limited) HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2012-10-28] (Lenovo(beijing) Limited) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332STI.EXE [548864 2012-03-20] (Vimicro) HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink) HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.) HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.) HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1130408 2015-10-16] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3826600 2015-10-30] (AVG Technologies CZ, s.r.o.) HKU\S-1-5-21-1179075916-1230099672-3418183226-1002\...\Run: [HP Deskjet 3070 B611 series (NET)] => C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-1179075916-1230099672-3418183226-1002\...\Run: [ares] => C:\Program Files (x86)\Ares\Ares.exe [3404288 2014-06-29] (Ares Development Group) HKU\S-1-5-21-1179075916-1230099672-3418183226-1002\...\MountPoints2: {004f903b-20d2-11e2-be69-806e6f6e6963} - "E:\Launcher.exe" AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [184048 2013-12-26] (NVIDIA Corporation) AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [156256 2013-12-26] (NVIDIA Corporation) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google) ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{991EF052-97E9-425A-A3F7-56323ED3F22D}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-1179075916-1230099672-3418183226-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-19] (Qualcomm Atheros Commnucations) Chrome: ======= CHR HomePage: Default -> search.ask.com/?gct=hp CHR DefaultSearchURL: Default -> hxxp://www.search.ask.com/web?q={searchTerms} CHR DefaultSearchKeyword: Default -> search.ask.com CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms} CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Dokumenty Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05] CHR Extension: (Dysk Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-05] CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-10] CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05] CHR Extension: (Dokumenty Google offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-09] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26] CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-01] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-19] (Qualcomm Atheros Commnucations) [Brak podpisu cyfrowego] S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [595376 2015-10-30] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3815648 2015-10-30] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1046952 2015-10-16] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [579776 2015-10-30] (AVG Technologies CZ, s.r.o.) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272424 2015-08-17] (Lenovo) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-19] (Atheros) [Brak podpisu cyfrowego] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [23152 2015-09-09] (AVG Technologies CZ, s.r.o.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [197040 2015-08-10] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313776 2015-10-19] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [255408 2015-10-21] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.) R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [306608 2015-10-08] (AVG Technologies CZ, s.r.o.) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-19] (Qualcomm Atheros) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-11-06 15:26 - 2015-11-06 15:26 - 00001213 _____ C:\Users\Admin\Desktop\CrystalDiskInfo.lnk 2015-11-06 15:26 - 2015-11-06 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo 2015-11-06 15:26 - 2015-11-06 15:26 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo 2015-11-06 15:17 - 2015-11-06 15:25 - 03907296 _____ (Crystal Dew World ) C:\Users\Admin\Downloads\CrystalDiskInfo6_5_2-en.exe 2015-11-05 21:45 - 2015-11-05 21:45 - 00000000 ____D C:\Users\Admin\Desktop\My Shared Folder 2015-11-05 21:28 - 2015-11-05 21:29 - 00000000 ____D C:\Users\Admin\Desktop\Nowy folder 2015-11-05 21:21 - 2015-11-05 21:21 - 02198528 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe 2015-11-05 16:51 - 2015-11-05 16:51 - 00372576 _____ C:\WINDOWS\Minidump\110515-60531-01.dmp 2015-11-05 16:51 - 2015-11-05 16:51 - 00000000 ____D C:\WINDOWS\Minidump 2015-11-05 16:40 - 2015-11-05 16:40 - 00054993 _____ C:\Users\Admin\Downloads\Shortcut.txt 2015-11-05 16:39 - 2015-11-06 16:20 - 00013918 _____ C:\Users\Admin\Downloads\FRST.txt 2015-11-05 16:39 - 2015-11-06 16:20 - 00000000 ____D C:\FRST 2015-11-05 16:39 - 2015-11-05 16:40 - 00034080 _____ C:\Users\Admin\Downloads\Addition.txt 2015-11-05 16:25 - 2015-11-05 16:25 - 00370943 _____ C:\Users\Admin\Downloads\gmer.zip 2015-11-05 16:25 - 2015-11-05 16:25 - 00000000 ____D C:\Users\Admin\Downloads\gmer 2015-11-05 15:52 - 2015-11-05 15:52 - 00000000 ____D C:\Users\Admin\AppData\Roaming\MPC-HC 2015-11-05 15:51 - 2015-11-05 15:51 - 00001725 _____ C:\Users\Admin\Desktop\MPC-HC x64.lnk 2015-11-05 15:51 - 2015-11-05 15:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64 2015-11-05 15:51 - 2015-11-05 15:51 - 00000000 ____D C:\Program Files\MPC-HC 2015-11-05 15:02 - 2015-11-05 15:02 - 00000000 ____D C:\Users\Admin\AppData\Roaming\WinRAR 2015-11-05 15:02 - 2015-11-05 15:02 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-11-05 15:02 - 2015-11-05 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-11-05 15:02 - 2015-11-05 15:02 - 00000000 ____D C:\Program Files (x86)\WinRAR 2015-11-03 18:51 - 2015-11-03 18:51 - 00000000 ____D C:\Users\Admin\AppData\Roaming\AVG 2015-11-03 18:51 - 2015-11-03 18:51 - 00000000 ____D C:\Program Files\Common Files\AV 2015-11-03 18:49 - 2015-11-03 18:49 - 00000963 _____ C:\Users\Public\Desktop\AVG Protection.lnk 2015-11-03 18:49 - 2015-11-03 18:49 - 00000000 ___HD C:\$AVG 2015-11-03 18:49 - 2015-11-03 18:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\TuneUp Software 2015-11-03 18:49 - 2015-11-03 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2015-11-03 18:47 - 2015-11-03 18:49 - 00000000 ____D C:\ProgramData\Avg 2015-11-03 18:47 - 2015-11-03 18:48 - 00000000 ____D C:\Program Files (x86)\AVG 2015-11-03 18:45 - 2015-11-06 15:14 - 00000000 ____D C:\ProgramData\MFAData 2015-11-03 18:45 - 2015-11-03 18:51 - 00000000 ____D C:\Users\Admin\AppData\Local\Avg 2015-11-03 18:45 - 2015-11-03 18:47 - 00000000 ____D C:\Users\Admin\AppData\Local\AvgSetupLog 2015-11-03 18:45 - 2015-11-03 18:45 - 00000000 ____D C:\Users\Admin\AppData\Local\MFAData 2015-11-03 18:45 - 2015-11-03 18:45 - 00000000 ____D C:\Users\Admin\AppData\Local\Avg2015 2015-10-26 19:51 - 2015-10-26 19:51 - 00000000 ____D C:\Users\Default\AppData\Local\Google 2015-10-26 19:51 - 2015-10-26 19:51 - 00000000 ____D C:\Users\Default User\AppData\Local\Google 2015-10-26 19:39 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll 2015-10-26 19:39 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll 2015-10-26 15:16 - 2015-11-03 18:06 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-10-26 15:15 - 2015-10-26 15:15 - 00001129 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-10-26 15:15 - 2015-10-26 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-10-26 15:15 - 2015-10-26 15:15 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-10-26 15:15 - 2015-10-26 15:15 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-10-26 15:15 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-10-26 15:15 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-10-26 15:15 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2015-10-26 14:54 - 2015-11-05 21:27 - 00096768 ___SH C:\Users\Admin\Desktop\Thumbs.db 2015-10-26 14:46 - 2015-08-07 22:40 - 01134752 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2015-10-26 14:46 - 2015-08-07 22:40 - 00686960 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2015-10-26 14:46 - 2015-08-07 22:40 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2015-10-26 14:46 - 2015-08-07 15:13 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2015-10-26 14:46 - 2015-08-06 17:47 - 04710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2015-10-26 14:46 - 2015-08-06 17:18 - 04068352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2015-10-26 14:46 - 2015-07-16 19:58 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcdAutoSetup.dll 2015-10-26 14:45 - 2015-10-26 14:45 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\Intel 2015-10-26 14:45 - 2015-08-06 18:05 - 00669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx 2015-10-26 14:45 - 2015-08-06 17:37 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx 2015-10-26 14:44 - 2015-10-26 14:44 - 00000000 ____D C:\Users\Admin\AppData\Roaming\InstallShield 2015-10-26 14:44 - 2015-09-19 04:18 - 00035384 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2015-10-26 14:44 - 2015-09-18 14:42 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2015-10-26 14:44 - 2015-09-18 14:42 - 01163776 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2015-10-26 14:44 - 2015-09-18 14:42 - 00766464 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2015-10-26 14:44 - 2015-09-18 14:42 - 00699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2015-10-26 14:44 - 2015-09-18 14:42 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2015-10-26 14:44 - 2015-09-18 14:42 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-10-26 14:44 - 2015-08-22 14:42 - 00901264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll 2015-10-26 14:44 - 2015-08-22 14:42 - 00066400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:42 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:42 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:42 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:42 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:42 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:42 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:42 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:42 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:35 - 00984448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll 2015-10-26 14:44 - 2015-08-22 14:35 - 00063840 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:35 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:35 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:35 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:35 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:35 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:35 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll 2015-10-26 14:44 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll 2015-10-26 14:40 - 2015-09-03 03:18 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2015-10-26 14:40 - 2015-09-03 03:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2015-10-26 14:40 - 2015-09-02 19:48 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2015-10-26 14:40 - 2015-09-02 18:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2015-10-26 14:40 - 2015-07-22 15:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll 2015-10-26 14:40 - 2015-07-22 14:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2015-10-26 14:40 - 2015-07-17 15:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll 2015-10-26 14:40 - 2015-07-17 15:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll 2015-10-26 14:40 - 2015-07-13 20:10 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml 2015-10-26 14:40 - 2015-07-10 20:06 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys 2015-10-26 14:40 - 2015-07-09 17:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2015-10-26 14:40 - 2015-07-03 22:51 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2015-10-26 14:40 - 2015-07-03 15:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2015-10-26 14:40 - 2015-06-27 12:47 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe 2015-10-26 14:40 - 2015-06-19 18:07 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2015-10-26 14:04 - 2015-11-05 15:02 - 00070656 ___SH C:\Users\Admin\Downloads\Thumbs.db 2015-10-26 14:02 - 2015-11-05 15:03 - 00003870 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1412409700 2015-10-26 14:02 - 2015-08-27 03:43 - 22372152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-10-26 14:01 - 2015-08-27 03:42 - 19795904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-10-26 13:57 - 2015-10-26 13:58 - 01591187 _____ C:\Users\Admin\Downloads\FRST64.exe.opdownload 2015-10-26 13:55 - 2015-09-29 13:31 - 07457624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-10-26 13:55 - 2015-09-29 13:31 - 01658536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2015-10-26 13:55 - 2015-09-29 13:31 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2015-10-26 13:55 - 2015-09-29 13:31 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2015-10-26 13:55 - 2015-09-29 13:31 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2015-10-26 13:55 - 2015-09-24 17:42 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2015-10-26 13:55 - 2015-09-24 17:40 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2015-10-26 13:55 - 2015-09-10 19:02 - 25851392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-10-26 13:55 - 2015-09-10 18:18 - 02886656 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-10-26 13:55 - 2015-09-10 18:14 - 05990400 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-10-26 13:55 - 2015-09-10 18:09 - 20358144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-10-26 13:55 - 2015-09-10 18:06 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2015-10-26 13:55 - 2015-09-10 17:51 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2015-10-26 13:55 - 2015-09-10 17:35 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2015-10-26 13:55 - 2015-09-10 17:33 - 02279936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-10-26 13:55 - 2015-09-10 17:28 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll 2015-10-26 13:55 - 2015-09-10 17:27 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-10-26 13:55 - 2015-09-10 17:24 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-10-26 13:55 - 2015-09-10 17:17 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2015-10-26 13:55 - 2015-09-10 17:05 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2015-10-26 13:55 - 2015-09-10 17:02 - 04527616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-10-26 13:55 - 2015-09-10 17:00 - 12853760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-10-26 13:55 - 2015-09-10 16:57 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-10-26 13:55 - 2015-09-10 16:45 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-10-26 13:55 - 2015-09-10 16:31 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-10-26 13:55 - 2015-08-07 22:40 - 01736520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2015-10-26 13:55 - 2015-08-07 22:40 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2015-10-26 13:54 - 2015-09-29 13:29 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2015-10-26 13:54 - 2015-09-28 19:45 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-10-26 13:54 - 2015-09-28 19:26 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2015-10-26 13:54 - 2015-09-28 19:25 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2015-10-26 13:54 - 2015-09-28 19:25 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2015-10-26 13:54 - 2015-09-28 19:25 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2015-10-26 13:54 - 2015-09-28 19:22 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2015-10-26 13:54 - 2015-09-28 19:22 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2015-10-26 13:54 - 2015-09-28 19:22 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2015-10-26 13:54 - 2015-09-28 19:15 - 02243072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2015-10-26 13:54 - 2015-09-28 19:13 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2015-10-26 13:54 - 2015-09-28 19:12 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2015-10-26 13:54 - 2015-09-10 18:19 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-10-26 13:54 - 2015-09-10 18:18 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2015-10-26 13:54 - 2015-09-10 18:04 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-10-26 13:54 - 2015-09-10 17:39 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-10-26 13:54 - 2015-09-10 17:37 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2015-10-26 13:54 - 2015-09-10 17:37 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2015-10-26 13:54 - 2015-09-10 17:28 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2015-10-26 13:54 - 2015-09-10 17:21 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2015-10-26 13:54 - 2015-09-10 17:19 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-10-26 13:54 - 2015-09-10 17:19 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2015-10-26 13:54 - 2015-09-10 17:19 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-10-26 13:54 - 2015-09-10 17:17 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-10-26 13:54 - 2015-09-10 17:07 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2015-10-26 13:54 - 2015-09-10 17:01 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2015-10-26 13:54 - 2015-09-10 16:57 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2015-10-26 13:54 - 2015-09-10 16:55 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-10-26 13:54 - 2015-09-10 16:55 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-10-26 13:54 - 2015-09-10 16:55 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-10-26 13:54 - 2015-09-10 16:34 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2015-10-26 13:54 - 2015-09-10 16:27 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-10-26 13:54 - 2015-09-10 16:26 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-10-25 12:01 - 2015-11-05 21:23 - 00025012 _____ C:\WINDOWS\PFRO.log 2015-10-21 16:16 - 2015-10-21 16:16 - 00284080 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgldx64.sys 2015-10-21 16:15 - 2015-10-21 16:15 - 00255408 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx64.sys 2015-10-19 08:03 - 2015-10-19 08:03 - 00313776 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdrivera.sys 2015-10-10 19:42 - 2015-11-06 15:47 - 00001072 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-10-10 19:42 - 2015-11-06 15:11 - 00001068 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-10-10 19:42 - 2015-10-10 19:42 - 00004044 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-10-10 19:42 - 2015-10-10 19:42 - 00003808 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-10-10 19:26 - 2015-10-10 19:26 - 00020853 _____ C:\Users\Admin\Downloads\Hotel_Transylwania_-_Hotel_Transylvania_ 2012 _[MKV2DVD DVDR-NiNa]_[Napisy_i_Dubbing_PL][Torrenty.org].torrent 2015-10-10 19:06 - 2015-07-30 18:18 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll 2015-10-10 19:06 - 2015-07-30 17:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll 2015-10-10 19:04 - 2015-09-02 03:56 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-10-10 19:04 - 2015-09-02 03:55 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-10-10 19:04 - 2015-09-02 03:50 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-10-10 19:04 - 2015-09-02 03:17 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-10-10 19:04 - 2015-09-02 03:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2015-10-10 19:04 - 2015-08-03 22:15 - 00074928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll 2015-10-10 19:04 - 2015-08-03 22:15 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll 2015-10-10 19:04 - 2015-08-01 15:22 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll 2015-10-10 19:04 - 2015-08-01 04:47 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe 2015-10-10 19:04 - 2015-08-01 04:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe 2015-10-10 19:04 - 2015-08-01 04:38 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2015-10-10 19:04 - 2015-08-01 04:37 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe 2015-10-10 19:04 - 2015-08-01 04:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe 2015-10-10 19:04 - 2015-07-22 15:34 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-10-10 19:04 - 2015-07-22 15:33 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2015-10-10 19:04 - 2015-07-22 15:25 - 02461184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-10-10 19:04 - 2015-07-22 15:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2015-10-10 19:04 - 2015-07-18 19:31 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll 2015-10-10 19:04 - 2015-07-18 19:29 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2015-10-10 19:04 - 2015-07-18 19:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll 2015-10-10 19:04 - 2015-07-18 19:27 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2015-10-10 19:04 - 2015-07-14 04:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe 2015-10-10 18:51 - 2015-10-10 18:51 - 00014896 _____ C:\Users\Admin\Downloads\Duze_dzieci_-_Grown_Ups_ 2010 _[480p BRRip x264 AC3-LTS]_[Lektor_PL][Torrenty.org].torrent 2015-10-08 07:46 - 2015-10-08 07:46 - 00306608 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgwfpa.sys ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-11-06 16:04 - 2015-03-22 12:10 - 00003980 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7BCFE6B7-FD51-44AA-BBFC-2DAE24DF1463} 2015-11-06 16:01 - 2015-02-16 22:23 - 01187853 _____ C:\WINDOWS\WindowsUpdate.log 2015-11-06 16:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru 2015-11-06 15:43 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-11-06 15:42 - 2013-11-25 11:32 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1179075916-1230099672-3418183226-1002 2015-11-06 15:21 - 2013-08-22 15:46 - 00349025 _____ C:\WINDOWS\setupact.log 2015-11-05 21:27 - 2013-12-18 19:00 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\Temp 2015-11-05 21:24 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-11-05 21:22 - 2012-10-28 09:16 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo 2015-11-05 21:16 - 2012-10-28 09:16 - 00000000 ____D C:\ProgramData\Adobe 2015-11-05 21:16 - 2012-10-28 09:16 - 00000000 ____D C:\Program Files (x86)\Adobe 2015-11-05 18:27 - 2014-11-21 05:46 - 01825074 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-11-05 18:27 - 2014-11-21 05:07 - 00807160 _____ C:\WINDOWS\system32\perfh015.dat 2015-11-05 18:27 - 2014-11-21 05:07 - 00163478 _____ C:\WINDOWS\system32\perfc015.dat 2015-11-05 16:51 - 2014-04-19 15:25 - 635191778 _____ C:\WINDOWS\MEMORY.DMP 2015-11-05 16:09 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-11-05 15:03 - 2014-10-04 09:01 - 00001074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2015-11-05 15:03 - 2014-10-04 09:01 - 00000000 ____D C:\Program Files (x86)\Opera 2015-11-03 18:52 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM 2015-11-03 18:49 - 2012-07-26 09:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2015-11-03 18:41 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\IME 2015-11-03 18:40 - 2014-05-22 17:51 - 00000000 ____D C:\Program Files\Counter-Strike 1.6 2015-11-03 17:48 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-10-26 20:39 - 2015-04-15 20:15 - 00000000 ___SD C:\WINDOWS\system32\GWX 2015-10-26 20:36 - 2012-10-28 09:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2015-10-26 19:56 - 2015-02-17 21:47 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2015-10-26 19:53 - 2013-11-29 21:06 - 00002220 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-10-26 19:51 - 2015-08-10 16:56 - 00002069 _____ C:\Users\Public\Desktop\Google Slides.lnk 2015-10-26 19:51 - 2015-08-10 16:56 - 00002057 _____ C:\Users\Public\Desktop\Google Docs.lnk 2015-10-26 19:51 - 2015-08-10 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2015-10-26 19:38 - 2013-08-22 15:46 - 00000468 _____ C:\WINDOWS\setuperr.log 2015-10-26 15:40 - 2015-04-15 20:15 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX 2015-10-26 15:40 - 2015-01-22 20:18 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-10-26 15:40 - 2014-11-21 10:02 - 00000000 ___SD C:\WINDOWS\system32\CompatTel 2015-10-26 15:40 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData 2015-10-26 15:20 - 2013-11-27 18:52 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-10-26 15:03 - 2015-09-09 17:47 - 00000000 ____D C:\AdwCleaner 2015-10-26 14:51 - 2015-02-17 21:47 - 00000008 __RSH C:\ProgramData\ntuser.pol 2015-10-26 14:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy 2015-10-26 14:44 - 2015-02-16 22:22 - 00000000 ____D C:\Program Files (x86)\Intel 2015-10-26 14:02 - 2013-11-27 18:31 - 00000000 ____D C:\Users\Admin\AppData\Roaming\LSC 2015-10-26 14:01 - 2012-10-28 09:16 - 00000000 ____D C:\Program Files\Lenovo 2015-10-26 14:01 - 2012-10-28 09:11 - 00000000 ____D C:\Program Files (x86)\Lenovo 2015-10-26 14:00 - 2012-10-28 09:16 - 00000000 ____D C:\WINDOWS\Downloaded Installations 2015-10-26 12:31 - 2013-08-22 15:44 - 00355472 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-10-26 12:28 - 2014-11-21 05:29 - 00000000 ____D C:\Program Files\Windows Journal 2015-10-26 12:28 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2015-10-16 05:51 - 2015-09-04 16:29 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-10-16 05:51 - 2015-09-04 16:29 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-10-10 18:49 - 2013-11-29 21:05 - 00000000 ____D C:\Users\Admin\AppData\Local\Google ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-01-20 19:22 - 2015-09-02 15:22 - 0000091 _____ () C:\Users\Admin\AppData\Roaming\WB.CFG 2014-09-22 16:59 - 2014-09-22 16:59 - 0000057 _____ () C:\ProgramData\Ament.ini 2012-10-28 08:54 - 2012-10-28 08:54 - 0000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2015-11-05 16:22 ==================== Koniec FRST.txt ============================