Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:05-12-2015 Uruchomiony przez Tomek (administrator) TOMEK-KOMPUTER (08-12-2015 07:56:24) Uruchomiony z C:\logi Załadowane profile: Tomek (Dostępne profile: Tomek) Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 9 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe (ASUS) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\System32\DeviceDisplayObjectProvider.exe (AIMP DevTeam) D:\Programy\AIMP3\AIMP3.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Mozilla Corporation) D:\Programy\Mozilla Firefox\firefox.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2661672 2012-02-19] (ELAN Microelectronics Corp.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452456 2012-02-21] (Realtek Semiconductor) HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2011-10-19] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-07] (Intel Corporation) HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-03] (Avira Operations GmbH & Co. KG) Winlogon\Notify\igfxcui: igfxdev.dll [X] HKLM\...\Policies\Explorer: [HideSCAHealth] 1 HKU\S-1-5-21-1721066390-4275270589-3150467131-1001\...\Run: [supelek bogiego] => d:\programy\supelek bogiego\supb.exe [457216 1998-08-21] (bogi) HKU\S-1-5-21-1721066390-4275270589-3150467131-1001\...\Run: [tray] => D:\Programy\pogoda\pogoda.exe [2364416 2006-07-22] (Pogoda Inc.) HKU\S-1-5-21-1721066390-4275270589-3150467131-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-18\...\Policies\Explorer: [HideSCAHealth] 1 AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177600 2015-11-05] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155792 2015-11-05] (NVIDIA Corporation) ShellIconOverlayIdentifiers: [4SyncOverlay1] -> {2012DE06-50C0-48BD-ACDE-88F95D4CAD1F} => Brak pliku ShellIconOverlayIdentifiers: [4SyncOverlay2] -> {C72C6188-BEF2-46E5-A89A-52F0ED75219E} => Brak pliku ShellIconOverlayIdentifiers: [4SyncOverlay3] -> {C92F6BC2-AF61-4C0E-80E0-939B8282DDB7} => Brak pliku ShellIconOverlayIdentifiers: [4SyncOverlay4] -> {CB1EFEF8-D5E0-49D1-B768-41B48B1D7803} => Brak pliku BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) ProxyServer: [S-1-5-21-1721066390-4275270589-3150467131-1001] => localhost:8080 Tcpip\..\Interfaces\{57C73123-343B-4EE2-B0F5-620FB9875D2F}: [NameServer] 192.168.1.1,194.204.152.34 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1721066390-4275270589-3150467131-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-21] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-21] (Oracle Corporation) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.) FireFox: ======== FF ProfilePath: C:\Users\Tomek\AppData\Roaming\Mozilla\Firefox\Profiles\jzgbgvw2.default-1401900553949 FF SelectedSearchEngine: Google FF Homepage: google.pl FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-17] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-17] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-21] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-21] (Oracle Corporation) FF Plugin-x32: @mozilla.zeniko.ch/SumatraPDF_Browser_Plugin -> D:\Programy\SumatraPDF\npPdfViewer.dll [2014-05-14] (Simon Bünzli) FF Extension: Flash Control - C:\Users\Tomek\AppData\Roaming\Mozilla\Firefox\Profiles\jzgbgvw2.default-1401900553949\Extensions\jid1-sNL73VCI4UB0Fw@jetpack.xpi [2015-11-07] FF Extension: Flashblock - C:\Users\Tomek\AppData\Roaming\Mozilla\Firefox\Profiles\jzgbgvw2.default-1401900553949\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2015-11-29] FF Extension: Adblock Plus - C:\Users\Tomek\AppData\Roaming\Mozilla\Firefox\Profiles\jzgbgvw2.default-1401900553949\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-25] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-04-28] [Brak podpisu cyfrowego] FF HKU\S-1-5-21-1721066390-4275270589-3150467131-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 StartMenuInternet: FIREFOX.EXE - D:\Programy\Mozilla Firefox\firefox.exe Chrome: ======= CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG) S4 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [250136 2015-11-03] (Avira Operations GmbH & Co. KG) S4 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [Brak podpisu cyfrowego] R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Brak podpisu cyfrowego] R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319080 2015-09-15] (Intel Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Brak podpisu cyfrowego] S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2078216 2015-10-01] (Electronic Arts) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Brak podpisu cyfrowego] S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Brak podpisu cyfrowego] S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-01-30] (ASUSTek Computer Inc.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2011-12-21] (Windows (R) Win 7 DDK provider) R3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2011-11-08] (Windows (R) Win 7 DDK provider) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-01] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG) R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-29] (Disc Soft Ltd) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( ) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation) S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation) S3 PSSDKLBF; C:\Windows\system32\Drivers\pssdklbf.sys [65600 2013-07-11] (microOLAP Technologies LTD) S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2015-11-29] (SlimWare Utilities, Inc.) S4 AthBTPort; system32\DRIVERS\btath_flt.sys [X] S4 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X] S4 btath_avdt; system32\drivers\btath_avdt.sys [X] S4 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X] S4 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X] S4 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X] S4 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X] S4 BtFilter; system32\DRIVERS\btfilter.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-12-07 09:24 - 2015-12-08 07:56 - 00000000 ____D C:\logi 2015-12-07 09:24 - 2015-12-08 07:56 - 00000000 ____D C:\FRST 2015-12-06 22:04 - 2015-12-08 07:32 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-12-06 22:04 - 2015-12-06 22:04 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-12-06 21:57 - 2015-12-06 21:57 - 00000144 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2015-12-03 09:51 - 2015-12-03 09:51 - 00000000 ____D C:\Users\Tomek\AppData\Local\DevComponents.com 2015-12-01 19:10 - 2015-12-01 19:10 - 00000000 ____D C:\Users\Tomek\Documents\My Cheat Tables 2015-12-01 18:42 - 2015-12-01 18:42 - 00000000 ____D C:\Users\Tomek\AppData\Local\ValhallaHills 2015-12-01 18:42 - 2015-12-01 18:42 - 00000000 ____D C:\Users\Tomek\AppData\Local\UnrealEngine 2015-11-29 09:55 - 2015-11-29 09:55 - 00016056 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys 2015-11-28 20:45 - 2015-11-28 20:45 - 00000451 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2015-11-28 20:12 - 2012-07-26 05:55 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2015-11-28 20:12 - 2012-07-26 05:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys 2015-11-28 20:12 - 2012-07-26 04:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll 2015-11-28 20:12 - 2012-07-26 04:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe 2015-11-28 20:12 - 2012-07-26 04:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll 2015-11-28 20:12 - 2012-07-26 04:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll 2015-11-28 20:12 - 2012-07-26 04:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll 2015-11-28 20:12 - 2012-07-26 03:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll 2015-11-28 20:12 - 2012-07-26 03:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys 2015-11-28 20:12 - 2012-07-26 03:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys 2015-11-28 20:12 - 2012-06-02 15:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2015-11-28 20:12 - 2012-06-02 15:35 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf 2015-11-28 19:56 - 2015-11-28 19:56 - 00002956 _____ C:\Windows\System32\Tasks\{0AAD3B8A-F5DF-41D4-A69E-F1427884EB25} 2015-11-28 19:54 - 2015-11-28 19:54 - 00003136 _____ C:\Windows\System32\Tasks\{1093E491-AA2E-404F-94B7-582827678324} 2015-11-28 15:37 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll 2015-11-28 14:43 - 2011-03-30 04:40 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\dxupdate.dll 2015-11-23 21:26 - 2015-11-23 21:26 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2015-11-23 21:26 - 2015-11-23 21:26 - 00000000 ____D C:\Program Files\Realtek 2015-11-23 21:26 - 2012-03-06 13:34 - 03751528 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll 2015-11-23 21:26 - 2012-03-06 12:31 - 02657896 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2015-11-23 21:26 - 2012-03-06 11:48 - 04763112 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2015-11-23 21:26 - 2012-03-06 07:09 - 00240004 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2015-11-23 21:26 - 2012-02-29 07:35 - 02729472 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat 2015-11-23 21:26 - 2012-02-23 12:46 - 01251432 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2015-11-23 21:26 - 2012-02-21 12:45 - 02605400 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll 2015-11-23 21:26 - 2012-02-21 07:26 - 02528832 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2015-11-23 21:26 - 2012-02-17 12:53 - 00102504 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2015-11-23 21:26 - 2012-02-17 08:54 - 00396632 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2015-11-23 21:26 - 2012-02-13 17:05 - 08363864 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll 2015-11-23 21:26 - 2012-02-13 15:35 - 00978776 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll 2015-11-23 21:26 - 2012-01-30 04:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll 2015-11-23 21:26 - 2012-01-23 15:30 - 00537456 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll 2015-11-23 21:26 - 2012-01-23 15:30 - 00524656 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll 2015-11-23 21:26 - 2012-01-23 15:30 - 00449392 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll 2015-11-23 21:26 - 2012-01-10 03:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll 2015-11-23 21:26 - 2011-12-23 06:30 - 00823912 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2015-11-23 21:26 - 2011-12-20 08:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2015-11-23 21:26 - 2011-12-19 22:43 - 00220776 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2015-11-23 21:26 - 2011-12-18 10:58 - 02131288 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll 2015-11-23 21:26 - 2011-12-18 10:58 - 01247576 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll 2015-11-23 21:26 - 2011-12-15 06:16 - 07163744 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll 2015-11-23 21:26 - 2011-12-15 06:16 - 00433504 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll 2015-11-23 21:26 - 2011-12-15 06:16 - 00137056 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll 2015-11-23 21:26 - 2011-12-15 06:16 - 00120160 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll 2015-11-23 21:26 - 2011-12-15 06:16 - 00075104 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll 2015-11-23 21:26 - 2011-12-13 09:58 - 01560168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2015-11-23 21:26 - 2011-12-13 04:01 - 01698408 ____N (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll 2015-11-23 21:26 - 2011-11-22 09:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2015-11-23 21:26 - 2011-09-02 07:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll 2015-11-23 21:26 - 2011-09-02 07:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll 2015-11-23 21:26 - 2011-09-02 07:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll 2015-11-23 21:26 - 2011-08-23 10:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll 2015-11-23 21:26 - 2011-05-31 02:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll 2015-11-23 21:26 - 2011-05-31 02:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll 2015-11-23 21:26 - 2011-05-31 02:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll 2015-11-23 21:26 - 2011-05-31 02:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll 2015-11-23 21:26 - 2011-05-31 02:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll 2015-11-23 21:26 - 2011-05-31 02:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll 2015-11-23 21:26 - 2011-05-31 02:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll 2015-11-23 21:26 - 2011-05-31 02:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll 2015-11-23 21:26 - 2011-05-31 02:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll 2015-11-23 21:26 - 2011-05-31 02:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll 2015-11-23 21:26 - 2011-05-31 02:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll 2015-11-23 21:26 - 2011-05-31 02:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll 2015-11-23 21:26 - 2011-03-17 05:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2015-11-23 21:26 - 2011-03-07 10:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2015-11-23 21:26 - 2010-11-08 00:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2015-11-23 21:26 - 2010-11-08 00:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2015-11-23 21:26 - 2010-11-08 00:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2015-11-23 21:26 - 2010-11-08 00:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2015-11-23 21:26 - 2010-11-08 00:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2015-11-23 21:26 - 2010-11-08 00:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2015-11-23 21:26 - 2010-11-03 11:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2015-11-23 21:26 - 2010-10-03 06:46 - 00341336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2015-11-23 21:26 - 2010-09-27 02:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2015-11-23 21:26 - 2010-07-22 09:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll 2015-11-23 21:26 - 2010-07-22 09:37 - 00200800 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2015-11-23 21:26 - 2009-11-24 02:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2015-11-23 21:26 - 2009-11-24 02:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2015-11-23 21:26 - 2009-11-24 02:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2015-11-23 21:26 - 2009-11-24 02:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2015-11-23 21:26 - 2009-11-17 11:12 - 00108960 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2015-11-23 20:53 - 2015-11-23 21:15 - 00000000 ____D C:\Windows\system32\DAX2 2015-11-23 20:53 - 2015-11-23 20:53 - 00000000 ____H C:\ProgramData\DP45977C.lfl 2015-11-23 19:40 - 2015-12-06 22:36 - 00000000 __SHD C:\Users\Tomek\IntelGraphicsProfiles 2015-11-23 14:02 - 2015-11-23 17:51 - 00000000 ____D C:\Windows\Minidump 2015-11-22 15:26 - 2015-11-22 15:26 - 00003136 _____ C:\Windows\System32\Tasks\{F1E50616-7D24-4C4A-B1A6-EC47193349A2} 2015-11-22 14:58 - 2011-06-11 09:58 - 00773968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll 2015-11-22 14:58 - 2011-06-11 09:58 - 00421200 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll 2015-11-22 14:30 - 2015-11-22 14:30 - 00000000 ____D C:\Users\Tomek\AppData\Local\Intel 2015-11-22 12:46 - 2015-11-22 12:46 - 00000020 _____ C:\Windows\x÷Ż 2015-11-18 12:33 - 2015-11-18 12:33 - 00000000 ____D C:\Users\Tomek\AppData\Local\Fallout4 2015-11-17 19:23 - 2015-12-06 22:05 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\New Technology Studio 2015-11-17 19:23 - 2015-11-17 19:23 - 00000000 ____D C:\Users\Tomek\AppData\Local\New Technology Studio 2015-11-17 08:52 - 2015-11-28 20:44 - 00000000 ____D C:\Windows\SysWOW64\NV 2015-11-17 08:52 - 2015-11-28 20:44 - 00000000 ____D C:\Windows\system32\NV 2015-11-17 08:49 - 2015-11-05 18:13 - 42914096 _____ C:\Windows\system32\nvcompiler.dll 2015-11-17 08:49 - 2015-11-05 18:13 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll 2015-11-17 08:49 - 2015-11-05 18:13 - 22308656 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-11-17 08:49 - 2015-11-05 18:13 - 18362160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-11-17 08:49 - 2015-11-05 18:13 - 17515208 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2015-11-17 08:49 - 2015-11-05 18:13 - 16553568 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-11-17 08:49 - 2015-11-05 18:13 - 15717864 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-11-17 08:49 - 2015-11-05 18:13 - 15121784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-11-17 08:49 - 2015-11-05 18:13 - 14835872 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-11-17 08:49 - 2015-11-05 18:13 - 13527248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-11-17 08:49 - 2015-11-05 18:13 - 12770752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2015-11-17 08:49 - 2015-11-05 18:13 - 12034248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-11-17 08:49 - 2015-11-05 18:13 - 11130488 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-11-17 08:49 - 2015-11-05 18:13 - 03158736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2015-11-17 08:49 - 2015-11-05 18:13 - 02870392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-11-17 08:49 - 2015-11-05 18:13 - 02490488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-11-17 08:49 - 2015-11-05 18:13 - 01905272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435891.dll 2015-11-17 08:49 - 2015-11-05 18:13 - 01564792 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435891.dll 2015-11-17 08:49 - 2015-11-05 18:13 - 00877360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-11-17 08:49 - 2015-11-05 18:13 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-11-17 08:49 - 2015-11-05 18:13 - 00689272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-11-17 08:49 - 2015-11-05 18:13 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-11-17 08:49 - 2015-11-05 18:13 - 00467912 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2015-11-17 08:49 - 2015-11-05 18:13 - 00177600 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-11-17 08:49 - 2015-11-05 18:13 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2015-11-17 08:49 - 2015-11-05 18:13 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-11-17 08:49 - 2015-11-05 18:13 - 00031352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-12-08 07:55 - 2012-09-01 14:50 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\AIMP3 2015-12-07 21:20 - 2013-08-15 17:40 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\uTorrent 2015-12-07 20:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows 2015-12-07 15:35 - 2011-02-19 06:31 - 00752154 _____ C:\Windows\system32\perfh015.dat 2015-12-07 15:35 - 2011-02-19 06:31 - 00160012 _____ C:\Windows\system32\perfc015.dat 2015-12-07 15:35 - 2009-07-14 06:13 - 01701502 _____ C:\Windows\system32\PerfStringBackup.INI 2015-12-07 15:35 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2015-12-07 10:30 - 2012-04-08 13:38 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job 2015-12-06 22:42 - 2009-07-14 05:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-12-06 22:42 - 2009-07-14 05:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-12-06 22:35 - 2015-10-04 06:38 - 00000308 _____ C:\Windows\Tasks\Djzdr.job 2015-12-06 22:35 - 2012-04-08 13:38 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job 2015-12-06 22:35 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-12-06 22:34 - 2011-10-19 23:48 - 00000000 ____D C:\Program Files (x86)\Windows Live 2015-12-06 22:28 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2015-12-06 22:04 - 2012-08-20 13:50 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-12-06 22:04 - 2012-08-20 13:50 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-05 18:35 - 2015-04-19 15:33 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\MPC-HC 2015-12-05 08:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2015-12-04 16:03 - 2015-10-07 08:57 - 00000080 _____ C:\Users\Tomek\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦 2015-12-03 09:52 - 2012-06-22 19:06 - 00000000 ____D C:\Users\Tomek\AppData\Local\CrashDumps 2015-12-01 12:48 - 2015-02-14 09:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-12-01 12:46 - 2013-05-06 11:08 - 00075472 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2015-12-01 12:46 - 2013-03-28 21:03 - 00162072 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2015-12-01 12:46 - 2013-03-28 21:03 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2015-11-29 20:21 - 2015-02-08 17:16 - 00000000 ____D C:\Users\Tomek\Documents\My Games 2015-11-29 19:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration 2015-11-28 22:31 - 2014-12-08 13:47 - 01002496 ___SH C:\Users\Tomek\Desktop\Thumbs.db 2015-11-28 15:08 - 2013-11-27 10:32 - 00000000 ____D C:\ProgramData\Package Cache 2015-11-23 21:27 - 2012-04-08 13:44 - 00000000 ___HD C:\Program Files (x86)\Temp 2015-11-23 21:26 - 2012-04-08 13:36 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-11-23 21:20 - 2012-06-23 18:08 - 00000000 ____D C:\Users\Tomek\AppData\Local\ElevatedDiagnostics 2015-11-23 21:17 - 2009-07-14 06:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-11-23 19:40 - 2012-06-22 09:20 - 00000000 ____D C:\Users\Tomek 2015-11-23 19:36 - 2012-04-08 13:37 - 00000000 ____D C:\Program Files\Intel 2015-11-23 19:36 - 2012-04-08 13:34 - 00000000 ____D C:\Program Files (x86)\Intel 2015-11-23 16:57 - 2015-10-07 07:54 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-11-23 16:57 - 2015-10-07 07:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-11-22 14:31 - 2012-04-08 13:37 - 00000000 ____D C:\ProgramData\Intel 2015-11-22 13:14 - 2011-10-19 23:42 - 01646322 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2015-11-22 12:55 - 2015-07-15 09:09 - 00000000 ____D C:\Program Files (x86)\Java 2015-11-22 12:39 - 2015-10-30 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-11-21 21:28 - 2015-09-02 06:42 - 00000000 ____D C:\Users\Tomek\.oracle_jre_usage 2015-11-21 21:27 - 2015-07-15 09:10 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-11-17 13:18 - 2015-09-18 07:31 - 00000000 ____D C:\Program Files\Rockstar Games 2015-11-17 13:18 - 2015-09-18 07:31 - 00000000 ____D C:\Program Files (x86)\Rockstar Games 2015-11-17 11:11 - 2014-09-15 06:56 - 00000000 ____D C:\Users\Tomek\AppData\Local\Adobe 2015-11-17 08:52 - 2014-11-14 14:51 - 00000000 ____D C:\Temp 2015-11-17 08:52 - 2014-06-02 11:27 - 00000000 ____D C:\ProgramData\NVIDIA ==================== Pliki w katalogu głównym wybranych folderów ======= 2014-04-29 19:08 - 2014-04-29 19:08 - 0000024 ___SH () C:\Users\Tomek\AppData\Roaming\1D959CA221C7573.sys 2014-07-18 20:07 - 2014-07-18 20:17 - 0000092 _____ () C:\Users\Tomek\AppData\Roaming\regsvr32.exe_log.txt 2012-06-22 09:21 - 2012-12-02 10:14 - 0000380 _____ () C:\Users\Tomek\AppData\Roaming\sp_data.sys 2014-04-14 19:31 - 2013-06-16 10:36 - 0000024 ___SH () C:\Users\Tomek\AppData\Roaming\System3192SettingsDB.dat 2014-04-29 19:08 - 2014-04-29 19:08 - 0000024 ___SH () C:\Users\Tomek\AppData\Roaming\System5908ConfigCollection.dat 2014-04-14 19:31 - 2013-06-16 10:36 - 0000024 ___SH () C:\Users\Tomek\AppData\Roaming\Win4665 Config DB.dlx 2012-06-25 22:31 - 2014-07-24 07:27 - 0007607 _____ () C:\Users\Tomek\AppData\Local\Resmon.ResmonCfg 2012-10-01 09:19 - 2012-10-01 09:23 - 0002432 _____ () C:\Users\Tomek\AppData\Local\Tempdl3376.html 2012-10-01 09:25 - 2012-10-01 09:25 - 0002089 _____ () C:\Users\Tomek\AppData\Local\TempGR5116.html 2012-10-01 09:25 - 2012-10-01 09:25 - 0002432 _____ () C:\Users\Tomek\AppData\Local\TempLo5116.html 2012-10-01 09:19 - 2012-10-01 09:23 - 0002089 _____ () C:\Users\Tomek\AppData\Local\TempTG3376.html 2015-11-23 20:53 - 2015-11-23 20:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2011-10-20 00:00 - 2010-10-06 17:45 - 0131984 _____ () C:\ProgramData\FullRemove.exe 2014-04-28 18:58 - 2014-04-28 19:04 - 0000360 _____ () C:\ProgramData\hpzinstall.log 2012-07-16 09:50 - 2012-07-16 09:50 - 0005013 _____ () C:\ProgramData\limttbkj.pkw 2012-12-18 21:43 - 2012-12-18 21:43 - 0000121 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc 2012-04-08 13:57 - 2012-04-08 13:57 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log 2012-04-08 13:56 - 2012-04-08 13:57 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log 2012-04-08 13:56 - 2012-04-08 13:56 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log Niektóre pliki w TEMP: ==================== C:\Users\Tomek\AppData\Local\Temp\avgnt.exe C:\Users\Tomek\AppData\Local\Temp\ovi-uninstall.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2015-11-30 08:53 ==================== Koniec FRST.txt ============================