Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja:18-01-2016 Uruchomiony przez MG (administrator) X (22-01-2016 09:35:12) Uruchomiony z C:\Users\MG\Downloads Załadowane profile: MG (Dostępne profile: MG) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Datpol) C:\Program Files\SpyShelter Free Anti-keylogger\SpyShelterSrv.exe (AMD) C:\Windows\System32\atiesrxx.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (AMD) C:\Windows\System32\atieclxx.exe (Emsisoft Ltd) C:\Program Files\Emsisoft Internet Security\a2service.exe () C:\Users\MG\Downloads\Programy\K10STAT154\K10STAT.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe () C:\Program Files\MSI Afterburner\MSIAfterburner.exe () C:\Windows\System32\ASGT.exe (cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe (CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe () C:\ProgramData\DatacardService\HWDeviceService.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe () C:\Windows\System32\PnkBstrA.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe () C:\Program Files\EaseUS\Todo Backup\bin\TodoBackupService.exe (Microsoft Corporation) C:\Windows\System32\vds.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Virage Logic Corporation / Sonic Focus) C:\Program Files\ASUS\ASUS Sonic Focus\SonicFocusTray.exe (Datpol) C:\Program Files\SpyShelter Free Anti-keylogger\SpyShelter.exe (cFos Software GmbH) C:\Program Files\cFosSpeed\cfosspeed.exe (Emsisoft Ltd) C:\Program Files\Emsisoft Internet Security\a2guard.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe (Advanced Micro Devices Inc.) C:\Program Files\AMD\ATI.ACE\Core-Static\MOM.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Advanced Micro Devices Inc.) C:\Program Files\AMD\ATI.ACE\Core-Static\CCC.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11430504 2011-10-17] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1571432 2011-10-14] (Realtek Semiconductor) HKLM\...\Run: [SonicMasterTray] => C:\Program Files\ASUS\ASUS Sonic Focus\SonicFocusTray.exe [984400 2010-07-09] (Virage Logic Corporation / Sonic Focus) HKLM\...\Run: [SpyShelter] => C:\Program Files\SpyShelter Free Anti-keylogger\SpyShelter.exe [3178536 2016-01-21] (Datpol) HKLM\...\Run: [cFosSpeed] => C:\Program Files\cFosSpeed\cFosSpeed.exe [1602472 2015-09-09] (cFos Software GmbH) HKLM\...\Run: [StartCCC] => C:\Program Files\AMD\ATI.ACE\Core-Static\x86\CLIStart.exe [748744 2015-08-04] (Advanced Micro Devices, Inc.) HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft internet security\a2guard.exe [6264944 2016-01-06] (Emsisoft Ltd) HKLM\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe [2621240 2015-11-18] (Malwarebytes Corporation) HKLM\...\Policies\Explorer: [StartMenuLogoff] 1 HKU\S-1-5-21-2226444264-1822766488-2759232319-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [634504 2015-10-22] (Sandboxie Holdings, LLC) HKU\S-1-5-21-2226444264-1822766488-2759232319-1000\...\MountPoints2: {9f51611c-8aaa-11e5-aec9-f46d04aa0bb2} - F:\autorun.exe HKU\S-1-5-21-2226444264-1822766488-2759232319-1000\...\MountPoints2: {b3921618-8a01-11e5-80b2-f46d04aa0bb2} - F:\autorun.exe HKU\S-1-5-21-2226444264-1822766488-2759232319-1000\...\MountPoints2: {ee264c37-892a-11e4-8b8e-f46d04aa0bb2} - G:\autorun.exe HKU\S-1-5-21-2226444264-1822766488-2759232319-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [878592 2010-11-20] (Microsoft Corporation) HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-12-22] (Microsoft Corporation) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{95F532BC-79F1-46EF-AF29-A17FFAA293B7}: [DhcpNameServer] 192.168.0.254 Internet Explorer: ================== Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) FireFox: ======== FF ProfilePath: C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default FF Homepage: about:blank FF NetworkProxy: "http_port", 8080 FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2226444264-1822766488-2759232319-1000: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-01-21] () FF user.js: detected! => C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\user.js [2014-12-21] FF Extension: SmoothWheel (mozdev.org) - C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.xpi [2015-05-31] FF Extension: MinimizeToTray revived (MinTrayR) - C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\extensions\mintrayr@tn123.ath.cx [2015-05-31] FF Extension: AniWeather - C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi [2015-05-31] FF Extension: Greasemonkey - C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-11-23] FF Extension: DownThemAll! - C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-12-05] FF Extension: PajacykXPI - C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\extensions\{6E21139C-F48B-11DA-B59C-B582C6649067}.xpi [2015-12-07] FF Extension: HTTPS-Everywhere - C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\extensions\https-everywhere-eff@eff.org [2015-12-18] FF Extension: Flashblock - C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2016-01-03] FF Extension: Ghostery - C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\Extensions\firefox@ghostery.com.xpi [2015-12-30] FF Extension: ZenMate Security, Privacy & Unblock VPN - C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\Extensions\firefox@zenmate.com.xpi [2015-12-05] FF Extension: LavaFox V2 - C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\Extensions\info@djzig.com [2016-01-13] FF Extension: uBlock - C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\Extensions\{2b10c1c8-a11f-4bad-fe9c-1c11e82cac42}.xpi [2015-12-05] FF Extension: Configuration Mania - C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\Extensions\{c4d362ec-1cff-4ca0-9031-99a8fad7995a}.xpi [2015-12-31] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 a2AntiMalware; C:\Program Files\Emsisoft Internet Security\a2service.exe [7189688 2016-01-06] (Emsisoft Ltd) R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [276992 2015-08-03] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] R2 ASGT; C:\Windows\System32\ASGT.exe [55296 2012-01-16] () [Brak podpisu cyfrowego] R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [618920 2015-09-09] (cFos Software GmbH) S4 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65640 2015-11-05] (CyberGhost S.R.L) R2 EaseUS Agent; C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe [36904 2015-08-01] (CHENGDU YIWO Tech Development Co., Ltd) S3 HiSuiteOuc.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe [117552 2015-05-20] () S4 HuaweiHiSuiteService.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe [154928 2015-05-20] () R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] () S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Brak podpisu cyfrowego] R2 MbaeSvc; C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe [739640 2015-11-18] (Malwarebytes Corporation) S4 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S4 Mobile Partner. RunOuc; C:\Program Files\Mobile Partner\UpdateDog\ouc.exe [655744 2012-09-22] () R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2016-01-21] () R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [137352 2015-10-22] (Sandboxie Holdings, LLC) R2 SpyShelterSrv; C:\Program Files\SpyShelter Free Anti-keylogger\SpyShelterSrv.exe [60968 2016-01-21] (Datpol) S4 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.) S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 AiCharger; C:\Windows\System32\DRIVERS\AiCharger.sys [14720 2011-10-14] (ASUSTek Computer Inc.) S3 awUSB; C:\Windows\System32\DRIVERS\USBDrv.sys [13824 2015-11-24] (Scott) R1 cFosSpeed; C:\Windows\System32\DRIVERS\cfosspeed6.sys [1426856 2015-09-09] (cFos Software GmbH) S3 diagswitchdrv; C:\Windows\System32\DRIVERS\diagswitchdrv.sys [102912 2012-12-05] (Huawei Technologies Co., Ltd.) R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG) S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [15968 2014-11-18] () R1 epp; C:\PROGRAM FILES\EMSISOFT INTERNET SECURITY\epp.sys [102128 2015-10-23] (Emsisoft Ltd) R1 ESProtectionDriver; C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys [47928 2015-11-18] () R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [51752 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd) R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [41512 2014-12-15] () R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [15912 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd) R1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [189992 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd) S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10208 2014-11-18] () R1 FWNDIS_LWF; C:\Windows\System32\DRIVERS\fwndislwf32.sys [306384 2015-12-08] () R1 fwwfp; C:\Program Files\Emsisoft Internet Security\fwwfp732.sys [556120 2015-12-08] () S4 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [26328 2015-05-17] (Sony Mobile Communications) S3 HWHandSet; C:\Windows\System32\DRIVERS\hw_quusbmdm.sys [195200 2015-05-07] (Huawei Technologies Co., Ltd.) S3 HWHandSetProLine; C:\Windows\System32\DRIVERS\hw_quusbmdm.sys [195200 2015-05-07] (Huawei Technologies Co., Ltd.) S4 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes) S4 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation) R3 RTCore32; C:\Program Files\MSI Afterburner\RTCore32.sys [5632 2015-04-24] () [Brak podpisu cyfrowego] R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [166024 2015-10-22] (Sandboxie Holdings, LLC) R1 Spyshelter; C:\Program Files\SpyShelter Free Anti-keylogger\SpyShelter.sys [362024 2016-01-21] (SpyShelter) R1 SpyshelterKb; C:\Program Files\SpyShelter Free Anti-keylogger\SpyshelterKb.sys [145960 2016-01-21] (SpyShelter) S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [184192 2014-10-13] (DEVGURU Co., LTD.(www.devguru.co.kr)) R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project) R3 WinRing0_1_2_0; C:\Users\MG\Downloads\Programy\K10STAT154\WinRing0.sys [14416 2008-07-26] (OpenLibSys.org) R3 pxldipow; C:\pxldipow.sys [104960 2016-01-22] (GMER) [Brak podpisu cyfrowego] U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2011-10-24] (Huawei Technologies Co., Ltd.) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-01-22 09:35 - 2016-01-22 09:39 - 00014026 ____C C:\Users\MG\Downloads\FRST.txt 2016-01-22 09:34 - 2016-01-22 09:35 - 00000000 ___DC C:\FRST 2016-01-22 09:34 - 2016-01-22 09:34 - 02383755 ____C C:\Users\MG\Documents\Gmer.txt 2016-01-22 08:08 - 2016-01-22 08:08 - 00104960 ____C (GMER) C:\pxldipow.sys 2016-01-22 08:07 - 2016-01-22 08:07 - 01721856 ____C (Farbar) C:\Users\MG\Downloads\FRST.exe 2016-01-22 08:07 - 2016-01-22 08:07 - 00380416 ____C C:\Users\MG\Downloads\bbxprnx9.exe 2016-01-21 18:41 - 2016-01-21 18:41 - 00000000 ___DC C:\Users\MG\Documents\My Games 2016-01-21 18:38 - 2016-01-21 18:38 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games 2016-01-21 18:22 - 2016-01-21 18:22 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyShelter 2016-01-21 17:52 - 2016-01-21 19:03 - 00000000 ___DC C:\Users\MG\AppData\Local\Ubisoft Game Launcher 2016-01-21 17:40 - 2016-01-21 19:07 - 00000000 ___DC C:\Users\MG\Documents\Assassin's Creed Revelations 2016-01-21 17:40 - 2016-01-21 17:40 - 00000000 ___DC C:\ProgramData\Ubisoft 2016-01-21 17:34 - 2016-01-21 17:34 - 00189248 ____C C:\Windows\system32\PnkBstrB.exe 2016-01-21 17:34 - 2016-01-21 17:34 - 00075136 ____C C:\Windows\system32\PnkBstrA.exe 2016-01-21 17:33 - 2016-01-21 17:33 - 00000000 ___DC C:\Users\MG\AppData\Roaming\PunkBuster 2016-01-21 16:56 - 2016-01-21 16:56 - 00000000 ___DC C:\Program Files\Ubisoft 2016-01-21 15:16 - 2016-01-21 15:16 - 00000000 ___DC C:\Windows\system32\AGEIA 2016-01-21 15:16 - 2016-01-21 15:16 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-01-21 15:15 - 2016-01-21 15:16 - 00000000 ___DC C:\Program Files\AGEIA Technologies 2016-01-21 15:13 - 2016-01-21 15:13 - 00000000 ___DC C:\Program Files\Common Files\Wise Installation Wizard 2016-01-21 14:55 - 2016-01-21 14:55 - 00000000 ___DC C:\ProgramData\Caphyon 2016-01-21 14:40 - 2016-01-21 15:49 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wiedźmin Powrót Białego Wilka 2016-01-21 14:39 - 2016-01-21 14:39 - 00000000 ___DC C:\Program Files\CD Projekt RED 2016-01-21 14:29 - 2016-01-21 14:29 - 00000000 ___DC C:\Users\MG\AppData\Roaming\CD Projekt RED 2016-01-21 10:53 - 2016-01-21 16:07 - 00000000 ___DC C:\Program Files\Common Files\BioWare 2016-01-20 22:14 - 2016-01-20 22:14 - 00000031 ____C C:\Windows\progress 2016-01-19 17:55 - 2016-01-22 08:01 - 00000000 ___DC C:\Program Files\MSI Afterburner 2016-01-19 17:55 - 2016-01-19 17:55 - 00000000 ___DC C:\Users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner 2016-01-17 14:03 - 2016-01-17 14:03 - 00091983 ____C C:\Users\MG\Downloads\BoardingPass.pdf 2016-01-15 14:50 - 2016-01-15 14:50 - 00000000 ___DC C:\Users\DG 2016-01-15 11:07 - 2016-01-15 11:07 - 00000022 ____C C:\Windows\GPU-Z.INI 2016-01-15 10:59 - 2016-01-15 10:59 - 00000000 ___DC C:\Windows\Downloaded Installations 2016-01-15 10:59 - 2016-01-15 10:59 - 00000000 ___DC C:\Users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS 2016-01-15 10:49 - 2016-01-15 10:49 - 00084968 ____C C:\Users\MG\AppData\Local\GDIPFONTCACHEV1.DAT 2016-01-15 10:47 - 2016-01-15 10:48 - 00336912 ____C C:\Windows\system32\FNTCACHE.DAT 2016-01-14 20:35 - 2016-01-15 15:59 - 00000000 ___DC C:\Users\MG\Documents\Witcher 2 2016-01-14 20:35 - 2016-01-14 20:35 - 00000000 ___DC C:\Users\MG\AppData\Local\The Witcher 2 2016-01-14 20:33 - 2016-01-14 20:33 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\cdp.pl 2016-01-13 15:13 - 2016-01-14 13:05 - 20367360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-01-13 15:13 - 2016-01-14 13:05 - 12856320 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-01-13 15:13 - 2016-01-14 13:05 - 04610560 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-01-13 15:13 - 2016-01-14 13:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-01-13 15:13 - 2016-01-14 13:05 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-01-13 15:13 - 2016-01-14 13:05 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-01-13 15:13 - 2016-01-14 13:05 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-01-13 15:13 - 2016-01-14 13:05 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-01-13 15:13 - 2016-01-14 13:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-01-13 15:13 - 2016-01-14 13:05 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-01-13 15:13 - 2016-01-14 13:05 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-01-13 15:13 - 2016-01-14 13:05 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-01-13 15:13 - 2016-01-14 13:05 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-01-13 15:13 - 2016-01-14 13:05 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-01-13 15:13 - 2016-01-14 13:05 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-01-13 15:13 - 2016-01-14 13:05 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-01-13 15:13 - 2016-01-14 13:05 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-01-13 15:13 - 2016-01-14 13:05 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-01-13 15:13 - 2016-01-14 13:05 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-01-13 15:13 - 2016-01-14 13:05 - 00341192 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-01-13 15:13 - 2016-01-14 13:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-01-13 15:13 - 2016-01-14 13:05 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-01-13 15:13 - 2016-01-14 13:05 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-01-13 15:13 - 2016-01-14 13:05 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-01-13 15:13 - 2016-01-14 13:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-01-13 15:13 - 2016-01-14 13:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-01-13 15:13 - 2016-01-14 13:05 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-01-13 15:13 - 2016-01-14 13:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-01-13 15:13 - 2016-01-14 13:05 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-01-13 15:13 - 2016-01-14 13:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-01-13 15:13 - 2016-01-14 13:05 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-01-13 15:13 - 2016-01-14 13:05 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-01-13 15:13 - 2016-01-14 13:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-01-13 15:13 - 2016-01-14 13:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-01-13 15:12 - 2016-01-14 13:03 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-01-13 15:11 - 2016-01-14 13:02 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-01-13 15:11 - 2016-01-14 13:02 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-01-13 15:11 - 2016-01-14 13:02 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-01-13 15:11 - 2016-01-14 13:02 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-01-13 15:11 - 2016-01-14 13:02 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-01-13 15:11 - 2016-01-14 13:02 - 00022464 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-01-13 15:10 - 2016-01-14 13:01 - 03993536 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2016-01-13 15:10 - 2016-01-14 13:01 - 03938240 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-01-13 15:10 - 2016-01-14 13:01 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-01-13 15:10 - 2016-01-14 13:01 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-01-13 15:10 - 2016-01-14 13:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-01-13 15:10 - 2016-01-14 13:01 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-01-13 15:10 - 2016-01-14 13:01 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-01-13 15:10 - 2016-01-14 13:01 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-01-13 15:10 - 2016-01-14 13:01 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-01-13 15:10 - 2016-01-14 13:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-01-13 15:10 - 2016-01-14 13:01 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-01-13 15:10 - 2016-01-14 13:01 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-01-13 15:10 - 2016-01-14 13:01 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-01-13 15:10 - 2016-01-14 13:01 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-01-13 15:10 - 2016-01-14 13:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-01-13 15:10 - 2016-01-14 13:01 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-01-13 15:10 - 2016-01-14 13:01 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-01-13 15:10 - 2016-01-14 13:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-01-13 15:10 - 2016-01-14 13:01 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-01-13 15:10 - 2016-01-14 13:01 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-01-13 15:10 - 2016-01-14 13:01 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-01-13 15:10 - 2016-01-14 13:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-01-13 15:10 - 2016-01-14 13:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-01-13 15:10 - 2016-01-14 13:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-01-13 15:10 - 2016-01-14 13:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-01-13 15:10 - 2016-01-14 13:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-01-13 15:10 - 2016-01-14 13:01 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-01-13 15:10 - 2016-01-14 13:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-01-13 15:10 - 2016-01-14 13:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-01-13 15:10 - 2016-01-14 13:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-01-13 15:10 - 2016-01-14 13:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-01-13 15:10 - 2016-01-14 13:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-01-13 15:09 - 2016-01-14 13:00 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-01-13 15:09 - 2016-01-14 13:00 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2016-01-13 15:08 - 2016-01-14 12:45 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2016-01-13 15:08 - 2016-01-14 12:45 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2016-01-13 15:07 - 2016-01-14 12:45 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-01-13 15:06 - 2016-01-14 12:45 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll 2016-01-13 15:06 - 2016-01-14 12:45 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll 2016-01-13 15:06 - 2016-01-14 12:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe 2016-01-13 15:05 - 2016-01-14 12:44 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2016-01-13 15:05 - 2016-01-14 12:44 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2016-01-13 15:05 - 2016-01-14 12:44 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2016-01-13 15:05 - 2016-01-14 12:44 - 01568768 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL 2016-01-13 15:05 - 2016-01-14 12:44 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2016-01-13 15:05 - 2016-01-14 12:44 - 01325056 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL 2016-01-13 15:05 - 2016-01-14 12:44 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll 2016-01-13 15:05 - 2016-01-14 12:44 - 00902144 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL 2016-01-13 15:05 - 2016-01-14 12:44 - 00829952 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL 2016-01-13 15:05 - 2016-01-14 12:44 - 00815616 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL 2016-01-13 15:05 - 2016-01-14 12:44 - 00740352 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll 2016-01-13 15:05 - 2016-01-14 12:44 - 00739328 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL 2016-01-13 15:05 - 2016-01-14 12:44 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll 2016-01-13 15:05 - 2016-01-14 12:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL 2016-01-13 15:05 - 2016-01-14 12:44 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL 2016-01-13 15:05 - 2016-01-14 12:44 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL 2016-01-13 15:05 - 2016-01-14 12:44 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2016-01-13 15:05 - 2016-01-14 12:44 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2016-01-13 15:05 - 2016-01-14 12:44 - 00415744 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL 2016-01-13 15:05 - 2016-01-14 12:44 - 00358400 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL 2016-01-13 15:05 - 2016-01-14 12:44 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2016-01-13 15:05 - 2016-01-14 12:44 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL 2016-01-13 15:05 - 2016-01-14 12:44 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL 2016-01-13 15:05 - 2016-01-14 12:44 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL 2016-01-13 15:05 - 2016-01-14 12:44 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll 2016-01-13 15:05 - 2016-01-14 12:44 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax 2016-01-13 15:05 - 2016-01-14 12:44 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL 2016-01-13 15:05 - 2016-01-14 12:44 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL 2016-01-13 15:05 - 2016-01-14 12:44 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2016-01-13 15:05 - 2016-01-14 12:44 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL 2016-01-13 15:05 - 2016-01-14 12:44 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll 2016-01-13 15:05 - 2016-01-14 12:44 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll 2016-01-13 15:05 - 2016-01-14 12:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2016-01-13 15:05 - 2016-01-14 12:44 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2016-01-13 15:05 - 2016-01-14 12:44 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll 2016-01-13 15:05 - 2016-01-14 12:44 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2016-01-13 15:05 - 2015-12-08 22:54 - 01202688 ____C (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll 2016-01-13 15:05 - 2015-12-08 22:53 - 00338944 ____C (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll 2016-01-13 15:05 - 2015-12-08 22:43 - 00081408 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2016-01-13 15:05 - 2015-12-08 22:11 - 00177152 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2016-01-13 15:05 - 2015-12-08 22:11 - 00005120 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys 2016-01-07 09:32 - 2016-01-07 13:31 - 00000000 ___DC C:\Program Files\Mozilla Firefox 2015-12-24 15:06 - 2015-12-24 15:06 - 00000000 ___DC C:\Users\MG\AppData\Roaming\ArcticLine 2015-12-24 15:04 - 2016-01-15 11:03 - 00000000 __RDC C:\Program Files\Folder Marker 2015-12-24 10:49 - 2016-01-21 16:06 - 00000000 ___DC C:\Users\MG\AppData\Local\The Witcher 2015-12-24 10:49 - 2015-12-24 15:46 - 00000000 __RDC C:\Users\MG\Documents\The Witcher 2015-12-24 10:39 - 2015-12-24 10:39 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wiedźmin Edycja rozszerzona 2015-12-24 09:50 - 2015-12-24 15:48 - 00000000 __RDC C:\Users\Public\Documents\The Witcher ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-01-22 09:39 - 2015-11-29 19:33 - 00000000 ___DC C:\Program Files\Emsisoft Internet Security 2016-01-22 09:34 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows 2016-01-22 08:41 - 2015-07-20 13:48 - 00000930 ____C C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-01-22 08:33 - 2015-11-14 12:42 - 00000000 ___DC C:\Users\MG\AppData\Local\CrashDumps 2016-01-22 08:08 - 2009-07-14 05:34 - 00023520 ____C C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-01-22 08:08 - 2009-07-14 05:34 - 00023520 ____C C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-01-22 07:59 - 2009-07-14 05:53 - 00000006 ___HC C:\Windows\Tasks\SA.DAT 2016-01-22 07:48 - 2015-09-14 09:13 - 00000000 ____D C:\Program Files\SpyShelter Free Anti-keylogger 2016-01-21 21:06 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\system32\spool 2016-01-21 20:24 - 2015-12-01 18:04 - 00170200 ____C (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-01-21 20:02 - 2015-01-07 10:40 - 00003582 ____C C:\Windows\Sandboxie.ini 2016-01-21 18:39 - 2015-01-02 15:49 - 00000000 ___DC C:\Users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2016-01-21 18:38 - 2014-12-20 20:57 - 00000000 __HDC C:\Program Files\InstallShield Installation Information 2016-01-21 18:25 - 2015-11-29 19:58 - 00000000 __RDC C:\Users\MG\Downloads\Programy 2016-01-21 18:25 - 2015-01-01 12:10 - 00000000 __RDC C:\Gry 2016-01-21 18:08 - 2015-11-29 19:57 - 00000000 __RDC C:\Users\MG\Downloads\Gry 2016-01-21 17:27 - 2009-07-14 05:52 - 00000000 __RDC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-01-21 17:07 - 2014-12-20 19:58 - 01705002 ____C C:\Windows\system32\PerfStringBackup.INI 2016-01-21 17:07 - 2009-07-14 09:07 - 00756488 ____C C:\Windows\system32\perfh015.dat 2016-01-21 17:07 - 2009-07-14 09:07 - 00161710 ____C C:\Windows\system32\perfc015.dat 2016-01-21 12:43 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\inf 2016-01-20 17:41 - 2014-12-21 20:49 - 00796864 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2016-01-20 17:41 - 2014-12-21 20:48 - 00142528 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2016-01-19 22:14 - 2014-12-20 20:56 - 00000000 __RDC C:\Program Files\ASUS 2016-01-19 19:05 - 2015-12-02 21:35 - 00000000 ___DC C:\Users\MG\AppData\Local\PrivaZer 2016-01-19 19:05 - 2014-12-20 20:56 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asus 2016-01-19 19:03 - 2015-01-01 12:05 - 00000000 __RDC C:\Program Files\Steam 2016-01-16 15:22 - 2015-12-21 19:48 - 00000000 __RDC C:\ProgramData\Malwarebytes Anti-Exploit 2016-01-15 16:06 - 2015-06-23 11:24 - 00002441 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-01-15 10:58 - 2014-12-20 20:57 - 00000000 __RDC C:\Program Files\Common Files\InstallShield 2016-01-15 10:35 - 2014-12-26 10:56 - 00000000 ___DC C:\Windows\Minidump 2016-01-15 10:22 - 2015-12-02 21:35 - 00001847 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivaZer.lnk 2016-01-15 10:22 - 2014-12-23 19:34 - 00000000 __RDC C:\Program Files\AMD 2016-01-15 10:04 - 2014-12-20 20:58 - 00000000 ___DC C:\Users\MG\AppData\Local\Downloaded Installations 2016-01-14 17:48 - 2015-01-04 11:28 - 00000000 ___DC C:\Users\MG\AppData\Local\Adobe 2016-01-14 16:59 - 2014-12-22 09:29 - 00000000 __RDC C:\Program Files\Microsoft Silverlight 2016-01-14 13:07 - 2015-04-16 15:48 - 00000000 __SDC C:\Windows\system32\CompatTel 2016-01-14 13:07 - 2015-04-16 15:48 - 00000000 __RDC C:\Windows\system32\appraiser 2016-01-14 13:07 - 2014-12-20 21:21 - 00000000 __RDC C:\ProgramData\Microsoft Help 2016-01-14 13:04 - 2014-12-22 09:36 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-01-14 12:58 - 2014-12-20 20:40 - 00000000 __RDC C:\Windows\system32\MRT 2016-01-14 12:47 - 2014-12-20 20:40 - 141317472 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-01-08 09:31 - 2014-12-21 20:34 - 00000000 __RDC C:\Program Files\Mozilla Maintenance Service 2015-12-24 16:09 - 2009-07-14 09:07 - 00000000 __RDC C:\Windows\system32\XPSViewer 2015-12-24 16:09 - 2009-07-14 09:07 - 00000000 __RDC C:\Windows\system32\winrm 2015-12-24 16:09 - 2009-07-14 05:52 - 00000000 __RDC C:\Windows\system32\WinBioPlugIns 2015-12-24 16:09 - 2009-07-14 05:52 - 00000000 __RDC C:\Windows\system32\WinBioDatabase 2015-12-24 16:09 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\Web 2015-12-24 16:09 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\Vss 2015-12-24 16:09 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\tracing 2015-12-24 16:09 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\TAPI 2015-12-24 16:09 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\system32\winevt 2015-12-24 16:08 - 2009-07-14 09:07 - 00000000 __RDC C:\Windows\system32\WCN 2015-12-24 16:08 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\system32\sysprep 2015-12-24 16:07 - 2014-12-22 11:46 - 00000000 __RDC C:\Windows\system32\SPReview 2015-12-24 16:07 - 2014-12-20 20:58 - 00000000 __RDC C:\Windows\system32\RTCOM 2015-12-24 16:07 - 2009-07-14 09:07 - 00000000 __RDC C:\Windows\system32\slmgr 2015-12-24 16:07 - 2009-07-14 09:07 - 00000000 __RDC C:\Windows\system32\Printing_Admin_Scripts 2015-12-24 16:07 - 2009-07-14 09:07 - 00000000 __RDC C:\Windows\system32\pl 2015-12-24 16:07 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\system32\SMI 2015-12-24 16:07 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\system32\Setup 2015-12-24 16:07 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\system32\ras 2015-12-24 16:07 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\system32\oobe 2015-12-24 16:07 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\system32\NDF 2015-12-24 16:07 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\system32\MUI 2015-12-24 16:07 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\system32\Msdtc 2015-12-24 16:06 - 2014-12-21 20:48 - 00000000 __RDC C:\Windows\system32\Macromed 2015-12-24 16:06 - 2014-12-21 20:42 - 00000000 __RDC C:\Windows\system32\EventProviders 2015-12-24 16:06 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\system32\migwiz 2015-12-24 16:06 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\system32\manifeststore 2015-12-24 16:06 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\system32\lv-LV 2015-12-24 16:06 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\system32\lt-LT 2015-12-24 16:06 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\system32\inetsrv 2015-12-24 16:06 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\system32\IME 2015-12-24 16:06 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\system32\ias 2015-12-24 16:06 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\system32\GroupPolicyUsers 2015-12-24 16:06 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\system32\et-EE 2015-12-24 15:56 - 2015-12-10 07:54 - 00000000 __RDC C:\Windows\system32\config\regsave 2015-12-24 15:56 - 2009-07-14 09:07 - 00000000 __RDC C:\Windows\system32\0409 2015-12-24 15:56 - 2009-07-14 05:34 - 00000000 __RDC C:\Windows\Setup 2015-12-24 15:56 - 2009-07-14 05:34 - 00000000 __RDC C:\Windows\ServiceProfiles 2015-12-24 15:56 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\system32\Dism 2015-12-24 15:56 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\system32\config\Journal 2015-12-24 15:56 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\system32\com 2015-12-24 15:56 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\system32\catroot2.bak 2015-12-24 15:56 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\system 2015-12-24 15:56 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\security 2015-12-24 15:55 - 2015-01-07 11:47 - 00000000 __RDC C:\Windows\pss 2015-12-24 15:55 - 2014-12-20 21:23 - 00000000 __RDC C:\Windows\PCHEALTH 2015-12-24 15:55 - 2014-12-20 18:44 - 00000000 __RDC C:\Windows\Panther 2015-12-24 15:55 - 2009-07-14 05:52 - 00000000 __RDC C:\Windows\Performance 2015-12-24 15:55 - 2009-07-14 05:52 - 00000000 __RDC C:\Windows\Offline Web Pages 2015-12-24 15:55 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\schemas 2015-12-24 15:55 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\SchCache 2015-12-24 15:55 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\Resources 2015-12-24 15:55 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\Registration 2015-12-24 15:55 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\PolicyDefinitions 2015-12-24 15:55 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\PLA 2015-12-24 15:55 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\ModemLogs 2015-12-24 15:50 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\LiveKernelReports 2015-12-24 15:50 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\L2Schemas 2015-12-24 15:49 - 2014-12-22 06:45 - 00000000 __RDC C:\Windows\CheckSur 2015-12-24 15:49 - 2014-12-21 19:57 - 00000000 __RDC C:\Windows\CryptoGuard 2015-12-24 15:49 - 2009-07-14 09:27 - 00000000 __RDC C:\Users\Public\Recorded TV 2015-12-24 15:49 - 2009-07-14 09:07 - 00000000 __RDC C:\Windows\DigitalLocker 2015-12-24 15:49 - 2009-07-14 05:52 - 00000000 __RDC C:\Windows\Downloaded Program Files 2015-12-24 15:49 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\IME 2015-12-24 15:49 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\Help 2015-12-24 15:49 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\Globalization 2015-12-24 15:49 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\Cursors 2015-12-24 15:49 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\Branding 2015-12-24 15:49 - 2009-07-14 03:37 - 00000000 __RDC C:\Windows\AppCompat 2015-12-24 15:48 - 2015-12-16 16:45 - 00000000 __RDC C:\Users\MG\Downloads\tdsskiller 2015-12-24 15:48 - 2015-11-29 19:59 - 00000000 __RDC C:\Users\MG\Downloads\Linux 2015-12-24 15:48 - 2015-11-29 19:56 - 00000000 __RDC C:\Users\MG\Downloads\Windows 2015-12-24 15:48 - 2015-11-15 17:31 - 00000000 __RDC C:\Users\Public\Documents\NativeFus_Log 2015-12-24 15:48 - 2015-10-14 17:14 - 00000000 __RDC C:\Users\MG\Szkoła 2015-12-24 15:48 - 2015-09-06 14:26 - 00000000 __RDC C:\Users\MG\Downloads\no_1175 2015-12-24 15:48 - 2015-06-20 09:32 - 00000000 __RDC C:\Users\MG\Downloads\Klucze 2015-12-24 15:48 - 2015-05-17 12:58 - 00000000 __RDC C:\Users\MG\Downloads\Android 2015-12-24 15:48 - 2015-04-30 19:12 - 00000000 __RDC C:\Users\MG\Downloads\Pit-y 2015-12-24 15:48 - 2015-01-04 11:24 - 00000000 __RDC C:\Users\Public\Documents\Adobe PDF 2015-12-24 15:46 - 2015-12-20 19:52 - 00000000 __RDC C:\Users\MG\Documents\Updater 2015-12-24 15:46 - 2015-11-24 18:18 - 00000000 __RDC C:\Users\MG\Documents\Logi 2015-12-24 15:46 - 2015-11-17 17:09 - 00000000 __RDC C:\Users\MG\Documents\MEGAsync Downloads 2015-12-24 15:46 - 2015-11-17 17:07 - 00000000 __RDC C:\Users\MG\Documents\MEGAsync 2015-12-24 15:46 - 2015-11-15 19:31 - 00000000 __RDC C:\Users\MG\Documents\Tapety 2015-12-24 15:46 - 2015-11-15 17:30 - 00000000 __RDC C:\Users\MG\Documents\samsung 2015-12-24 15:46 - 2015-11-13 16:38 - 00000000 __RDC C:\Users\MG\Documents\HiSuite 2015-12-24 15:46 - 2015-09-15 16:44 - 00000000 __RDC C:\Users\MG\Documents\Textures 2015-12-24 15:46 - 2015-06-20 12:03 - 00000000 __RDC C:\Users\MG\Downloads\7 2015-12-24 15:46 - 2015-05-24 14:51 - 00000000 __RDC C:\Users\MG\Documents\Kopia Huawei 2015-12-24 15:46 - 2015-05-17 08:59 - 00000000 __RDC C:\Users\MG\.android 2015-12-24 15:46 - 2015-05-17 08:58 - 00000000 __RDC C:\Users\MG\.swt 2015-12-24 15:46 - 2015-01-07 10:46 - 00000000 __RDC C:\Sandbox 2015-12-24 15:46 - 2014-12-21 03:55 - 00000000 __RDC C:\Users\MG 2015-12-24 15:46 - 2014-12-20 21:25 - 00000000 __RDC C:\ProgramData\USBChargerPlus 2015-12-24 15:45 - 2014-12-20 20:58 - 00000000 __RDC C:\ProgramData\SonicFocus 2015-12-24 15:44 - 2015-12-21 20:11 - 00000000 __RDC C:\ProgramData\HitmanPro.Alert 2015-12-24 15:44 - 2015-12-21 18:20 - 00000000 __RDC C:\ProgramData\ALLPlayer 2015-12-24 15:44 - 2015-12-05 18:27 - 00000000 __RDC C:\Program Files\TAP-Windows 2015-12-24 15:44 - 2015-12-02 21:35 - 00000000 __RDC C:\ProgramData\privazer 2015-12-24 15:44 - 2015-12-01 18:03 - 00000000 __RDC C:\ProgramData\Malwarebytes 2015-12-24 15:44 - 2015-11-29 19:55 - 00000000 __RDC C:\ProgramData\Emsisoft 2015-12-24 15:44 - 2015-11-17 17:00 - 00000000 __RDC C:\ProgramData\MEGAsync 2015-12-24 15:44 - 2015-09-18 20:02 - 00000000 __RDC C:\ProgramData\ATI 2015-12-24 15:44 - 2015-09-18 19:35 - 00000000 __RDC C:\ProgramData\Package Cache 2015-12-24 15:44 - 2015-05-20 15:46 - 00000000 __RDC C:\ProgramData\HiSuiteOuc 2015-12-24 15:44 - 2015-05-20 15:46 - 00000000 __RDC C:\ProgramData\HandSetService 2015-12-24 15:44 - 2015-05-19 17:23 - 00000000 __RDC C:\ProgramData\HiSuiteDataSvc 2015-12-24 15:44 - 2015-05-17 09:39 - 00000000 __RDC C:\ProgramData\Samsung 2015-12-24 15:44 - 2015-01-30 01:22 - 00000000 __RDC C:\ProgramData\Mobile Partner 2015-12-24 15:44 - 2015-01-30 01:19 - 00000000 __RDC C:\ProgramData\DatacardService 2015-12-24 15:44 - 2015-01-26 00:56 - 00000000 __RDC C:\ProgramData\cFos 2015-12-24 15:44 - 2015-01-04 11:20 - 00000000 __RDC C:\ProgramData\Adobe 2015-12-24 15:44 - 2014-12-21 21:00 - 00000000 __RDC C:\ProgramData\Ashampoo 2015-12-24 15:44 - 2014-12-21 20:34 - 00000000 __RDC C:\ProgramData\Mozilla 2015-12-24 15:44 - 2014-12-21 19:54 - 00000000 __RDC C:\ProgramData\HitmanPro 2015-12-24 15:44 - 2014-12-20 21:00 - 00000000 __RDC C:\ProgramData\AMD 2015-12-24 15:44 - 2009-07-14 05:52 - 00000000 __RDC C:\Program Files\Windows Sidebar 2015-12-24 15:44 - 2009-07-14 05:52 - 00000000 __RDC C:\Program Files\Windows Portable Devices 2015-12-24 15:44 - 2009-07-14 05:52 - 00000000 __RDC C:\Program Files\Windows Photo Viewer 2015-12-24 15:44 - 2009-07-14 05:52 - 00000000 __RDC C:\Program Files\Windows Defender 2015-12-24 15:44 - 2009-07-14 03:37 - 00000000 __RDC C:\Program Files\Windows NT 2015-12-24 15:41 - 2015-01-07 10:36 - 00000000 __RDC C:\Program Files\Sandboxie 2015-12-24 15:40 - 2015-12-02 21:35 - 00000000 __RDC C:\Program Files\PrivaZer 2015-12-24 15:40 - 2015-11-14 11:37 - 00000000 __RDC C:\Program Files\Minimal ADB and Fastboot 2015-12-24 15:40 - 2015-05-17 09:39 - 00000000 __RDC C:\Program Files\Samsung 2015-12-24 15:40 - 2015-01-30 01:19 - 00000000 __RDC C:\Program Files\Mobile Partner 2015-12-24 15:40 - 2014-12-24 19:44 - 00000000 __RDC C:\Program Files\PowerDataRecovery 2015-12-24 15:40 - 2014-12-21 20:01 - 00000000 __RDC C:\Program Files\MozBackup 2015-12-24 15:40 - 2014-12-20 21:24 - 00000000 __RDC C:\Program Files\Microsoft Works 2015-12-24 15:40 - 2014-12-20 21:23 - 00000000 __RDC C:\Program Files\Microsoft Visual Studio 2015-12-24 15:40 - 2014-12-20 20:57 - 00000000 __RDC C:\Program Files\Realtek 2015-12-24 15:40 - 2009-07-14 05:52 - 00000000 __RDC C:\Program Files\Reference Assemblies 2015-12-24 15:40 - 2009-07-14 05:52 - 00000000 __RDC C:\Program Files\MSBuild 2015-12-24 15:39 - 2015-12-21 20:33 - 00000000 __RDC C:\Program Files\Malwarebytes Anti-Exploit 2015-12-24 15:39 - 2015-12-01 18:03 - 00000000 __RDC C:\Program Files\Malwarebytes Anti-Malware 2015-12-24 15:39 - 2015-11-14 12:59 - 00000000 __RDC C:\Program Files\Kingo ROOT 2015-12-24 15:39 - 2015-05-21 09:44 - 00000000 __RDC C:\Program Files\Handset WinDriver 2015-12-24 15:39 - 2015-05-21 09:43 - 00000000 __RDC C:\Program Files\HuaweiUpdateExtractor 2015-12-24 15:39 - 2015-05-20 15:43 - 00000000 __RDC C:\Program Files\HiSuite 2015-12-24 15:39 - 2014-12-21 20:21 - 00000000 __RDC C:\Program Files\Elaborate Bytes 2015-12-24 15:39 - 2014-12-20 21:21 - 00000000 __RDC C:\Program Files\Microsoft Office 2015-12-24 15:39 - 2009-07-14 05:52 - 00000000 __RDC C:\Program Files\Microsoft Games 2015-12-24 15:35 - 2015-12-07 17:31 - 00000000 __RDC C:\Program Files\Defraggler 2015-12-24 15:35 - 2015-12-05 18:25 - 00000000 __RDC C:\Program Files\CyberGhost 5 2015-12-24 15:35 - 2015-05-21 08:52 - 00000000 __RDC C:\Program Files\DIFX 2015-12-24 15:35 - 2015-01-04 11:23 - 00000000 __RDC C:\Program Files\Common Files\Adobe Systems Shared 2015-12-24 15:35 - 2015-01-01 12:06 - 00000000 __RDC C:\Program Files\Common Files\Steam 2015-12-24 15:35 - 2014-12-23 19:34 - 00000000 __RDC C:\Program Files\Common Files\ATI Technologies 2015-12-24 15:35 - 2014-12-22 10:18 - 00000000 __RDC C:\Program Files\Common Files\DESIGNER 2015-12-24 15:35 - 2014-12-21 22:01 - 00000000 __RDC C:\Program Files\EaseUS 2015-12-24 15:35 - 2009-07-14 05:52 - 00000000 __RDC C:\Program Files\DVD Maker 2015-12-24 15:35 - 2009-07-14 03:37 - 00000000 __RDC C:\Program Files\Common Files\System 2015-12-24 15:35 - 2009-07-14 03:37 - 00000000 __RDC C:\Program Files\Common Files\SpeechEngines 2015-12-24 15:35 - 2009-07-14 03:37 - 00000000 __RDC C:\Program Files\Common Files\Services 2015-12-24 15:35 - 2009-07-14 03:37 - 00000000 __RDC C:\Program Files\Common Files\microsoft shared 2015-12-24 15:34 - 2015-11-14 12:44 - 00000000 __RDC C:\Program Files\ClockworkMod 2015-12-24 15:34 - 2015-09-18 12:31 - 00000000 __RDC C:\Program Files\cFosSpeed 2015-12-24 15:34 - 2015-01-04 11:20 - 00000000 __RDC C:\Program Files\Common Files\Adobe 2015-12-24 15:34 - 2014-12-23 19:34 - 00000000 __RDC C:\Program Files\AMD APP 2015-12-24 15:34 - 2014-12-21 20:59 - 00000000 __RDC C:\Program Files\Ashampoo 2015-12-24 15:34 - 2014-12-20 20:58 - 00000000 __RDC C:\Program Files\ATI 2015-12-24 15:32 - 2015-12-21 18:20 - 00000000 __RDC C:\Program Files\ALLPlayer 2015-12-24 15:29 - 2015-01-04 11:20 - 00000000 __RDC C:\Program Files\Adobe 2015-12-24 15:29 - 2014-12-21 19:53 - 00000000 __RDC C:\Program Files\7-Zip 2015-12-24 15:27 - 2015-12-08 20:07 - 00000000 __RDC C:\easeus_tb_cloud 2015-12-24 15:27 - 2015-08-05 18:57 - 00000000 __RDC C:\AMD ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-12-02 21:42 - 2015-12-02 21:42 - 1406432 ___CT (CPUID) C:\Users\MG\AppData\Roaming\cpuidsdk.dll 2015-02-16 18:19 - 2015-02-16 20:25 - 0008273 ____C () C:\Users\MG\AppData\Local\unins000.dat 2015-02-16 20:24 - 2015-02-16 20:24 - 0707744 ____C () C:\Users\MG\AppData\Local\unins000.exe 2015-02-16 18:19 - 2015-02-16 20:25 - 0011761 ____C () C:\Users\MG\AppData\Local\unins000.msg Niektóre pliki w TEMP: ==================== C:\Users\MG\AppData\Local\Temp\ubiE103.tmp.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2015-12-07 23:07 ==================== Koniec FRST.txt ============================