Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:17-02-2016 Uruchomiony przez Łukasz (administrator) LUKASZEK (17-02-2016 17:51:42) Uruchomiony z C:\Users\Łukasz\Downloads\frst64 Załadowane profile: Łukasz (Dostępne profile: Łukasz) Platform: Windows 10 Home Wersja 1511 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Opera) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe (Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe (Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] () HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.) HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [5052120 2015-06-01] (Realtek semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.) HKLM\...\Run: [LenovoUtility] => "C:\Program Files\Lenovo\LenovoUtility\utility.exe" HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110008 2015-08-14] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [499640 2015-08-14] (CyberLink Corp.) HKLM-x32\...\Run: [SystemExplorerAutoStart] => "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.) HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-01-12] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3874216 2016-01-08] (AVG Technologies CZ, s.r.o.) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-3037079269-3341719230-798308799-1001\...\Run: [Power2GoExpress8] => NA BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{a8e9760c-d81d-4e42-b520-fef131c1cf3f}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{f7df9dc4-cfd0-4e31-95ad-93a6b27f4363}: [DhcpNameServer] 150.211.1.2 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-3037079269-3341719230-798308799-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE HKU\S-1-5-21-3037079269-3341719230-798308799-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE FireFox: ======== FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.) Opera: ======= OPR Extension: (AdBlock) - C:\Users\Łukasz\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-02-17] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [627544 2016-01-08] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3906568 2016-01-08] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1048488 2016-01-12] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [583936 2016-01-08] (AVG Technologies CZ, s.r.o.) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation) S3 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [150256 2015-06-09] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation) R3 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.) S3 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.) R2 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group) S4 UpdateAgentService; C:\Program Files\update\UpdateAgent.exe [226216 2015-09-07] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [23152 2015-09-09] (AVG Technologies CZ, s.r.o.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2015-12-04] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [258480 2015-12-04] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.) R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [263952 2015-12-22] (Intel Corporation) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [183584 2015-06-12] (Intel Corporation) R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3485696 2015-10-30] (Intel Corporation) S3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3354384 2015-07-10] (Intel Corporation) S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek ) R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-12-22] (Realsil Semiconductor Corporation) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3059416 2015-06-11] (Realtek Semiconductor Corp.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) S3 ETDSMBus; \SystemRoot\system32\DRIVERS\ETDSMBus.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-02-17 17:32 - 2016-02-17 17:51 - 00000000 ____D C:\Users\Łukasz\Downloads\frst64 2016-02-17 17:32 - 2016-02-17 17:51 - 00000000 ____D C:\FRST 2016-02-17 17:15 - 2016-02-17 17:15 - 00000017 _____ C:\Users\Łukasz\Desktop\Nowy dokument tekstowy.txt 2016-02-17 17:09 - 2016-02-17 17:09 - 00000620 _____ C:\Users\Łukasz\Desktop\z.csv 2016-02-17 17:05 - 2016-02-17 17:05 - 00000750 _____ C:\Users\Łukasz\Desktop\eset log.txt 2016-02-17 16:03 - 2016-02-17 16:03 - 01511936 _____ C:\Users\Łukasz\Downloads\adwcleaner_5.034.exe 2016-02-17 15:59 - 2016-02-17 15:59 - 02870984 _____ (ESET) C:\Users\Łukasz\Downloads\esetsmartinstaller_plk.exe 2016-02-17 15:59 - 2016-02-17 15:59 - 00000000 ____D C:\Program Files (x86)\ESET 2016-02-17 13:43 - 2016-02-17 13:43 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files 2016-02-17 13:41 - 2016-02-17 14:54 - 00000000 ____D C:\Users\Łukasz\AppData\Local\FSDART 2016-02-17 13:41 - 2016-02-17 13:43 - 00000000 ____D C:\ProgramData\F-Secure 2016-02-17 11:16 - 2016-02-17 11:16 - 00000000 ____D C:\WINDOWS\pss 2016-02-17 01:27 - 2016-02-17 15:47 - 00000000 ____D C:\Program Files (x86)\Unlocker 2016-02-14 14:27 - 2016-02-14 14:27 - 01964418 _____ C:\Users\Łukasz\Desktop\DSX-V32 Instrukcja lokatora_A4.pdf 2016-02-10 12:41 - 2016-02-10 12:41 - 00000000 ___HD C:\WINDOWS\msdownld.tmp 2016-02-10 12:41 - 2016-02-10 12:41 - 00000000 ____D C:\WINDOWS\SysWOW64\directx 2016-02-10 12:36 - 2016-02-17 15:38 - 00000000 ____D C:\Users\Łukasz\Documents\Ubisoft 2016-01-28 05:07 - 2016-01-28 05:07 - 00001062 _____ C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wow_panda.lnk 2016-01-27 21:08 - 2016-01-16 07:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll 2016-01-27 21:08 - 2016-01-16 07:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-01-27 21:08 - 2016-01-16 07:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-01-27 21:08 - 2016-01-16 07:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-01-27 21:08 - 2016-01-16 07:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll 2016-01-27 21:08 - 2016-01-16 07:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2016-01-27 21:08 - 2016-01-16 07:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-01-27 21:08 - 2016-01-16 07:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2016-01-27 21:08 - 2016-01-16 07:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2016-01-27 21:08 - 2016-01-16 07:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2016-01-27 21:08 - 2016-01-16 07:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2016-01-27 21:08 - 2016-01-16 07:21 - 22572624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-01-27 21:08 - 2016-01-16 07:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe 2016-01-27 21:08 - 2016-01-16 07:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-01-27 21:08 - 2016-01-16 07:20 - 06600904 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-01-27 21:08 - 2016-01-16 07:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2016-01-27 21:08 - 2016-01-16 07:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll 2016-01-27 21:08 - 2016-01-16 07:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2016-01-27 21:08 - 2016-01-16 07:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-01-27 21:08 - 2016-01-16 07:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2016-01-27 21:08 - 2016-01-16 07:17 - 21125400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-01-27 21:08 - 2016-01-16 07:16 - 05238360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-01-27 21:08 - 2016-01-16 07:13 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-01-27 21:08 - 2016-01-16 07:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-01-27 21:08 - 2016-01-16 07:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-01-27 21:08 - 2016-01-16 07:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2016-01-27 21:08 - 2016-01-16 07:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-01-27 21:08 - 2016-01-16 07:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2016-01-27 21:08 - 2016-01-16 06:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys 2016-01-27 21:08 - 2016-01-16 06:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-01-27 21:08 - 2016-01-16 06:44 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-01-27 21:08 - 2016-01-16 06:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-01-27 21:08 - 2016-01-16 06:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll 2016-01-27 21:08 - 2016-01-16 06:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll 2016-01-27 21:08 - 2016-01-16 06:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll 2016-01-27 21:08 - 2016-01-16 06:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2016-01-27 21:08 - 2016-01-16 06:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll 2016-01-27 21:08 - 2016-01-16 06:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2016-01-27 21:08 - 2016-01-16 06:40 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-01-27 21:08 - 2016-01-16 06:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll 2016-01-27 21:08 - 2016-01-16 06:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe 2016-01-27 21:08 - 2016-01-16 06:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe 2016-01-27 21:08 - 2016-01-16 06:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll 2016-01-27 21:08 - 2016-01-16 06:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-01-27 21:08 - 2016-01-16 06:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-01-27 21:08 - 2016-01-16 06:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll 2016-01-27 21:08 - 2016-01-16 06:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll 2016-01-27 21:08 - 2016-01-16 06:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2016-01-27 21:08 - 2016-01-16 06:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2016-01-27 21:08 - 2016-01-16 06:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2016-01-27 21:08 - 2016-01-16 06:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll 2016-01-27 21:08 - 2016-01-16 06:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-01-27 21:08 - 2016-01-16 06:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll 2016-01-27 21:08 - 2016-01-16 06:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-01-27 21:08 - 2016-01-16 06:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll 2016-01-27 21:08 - 2016-01-16 06:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll 2016-01-27 21:08 - 2016-01-16 06:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-01-27 21:08 - 2016-01-16 06:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-01-27 21:08 - 2016-01-16 06:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll 2016-01-27 21:08 - 2016-01-16 06:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2016-01-27 21:08 - 2016-01-16 06:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll 2016-01-27 21:08 - 2016-01-16 06:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll 2016-01-27 21:08 - 2016-01-16 06:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2016-01-27 21:08 - 2016-01-16 06:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll 2016-01-27 21:08 - 2016-01-16 06:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2016-01-27 21:08 - 2016-01-16 06:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll 2016-01-27 21:08 - 2016-01-16 06:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-01-27 21:08 - 2016-01-16 06:32 - 24602624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-01-27 21:08 - 2016-01-16 06:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2016-01-27 21:08 - 2016-01-16 06:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe 2016-01-27 21:08 - 2016-01-16 06:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-01-27 21:08 - 2016-01-16 06:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2016-01-27 21:08 - 2016-01-16 06:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2016-01-27 21:08 - 2016-01-16 06:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2016-01-27 21:08 - 2016-01-16 06:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe 2016-01-27 21:08 - 2016-01-16 06:30 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-01-27 21:08 - 2016-01-16 06:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-01-27 21:08 - 2016-01-16 06:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-01-27 21:08 - 2016-01-16 06:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-01-27 21:08 - 2016-01-16 06:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll 2016-01-27 21:08 - 2016-01-16 06:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll 2016-01-27 21:08 - 2016-01-16 06:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2016-01-27 21:08 - 2016-01-16 06:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2016-01-27 21:08 - 2016-01-16 06:28 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-01-27 21:08 - 2016-01-16 06:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2016-01-27 21:08 - 2016-01-16 06:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2016-01-27 21:08 - 2016-01-16 06:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll 2016-01-27 21:08 - 2016-01-16 06:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll 2016-01-27 21:08 - 2016-01-16 06:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-01-27 21:08 - 2016-01-16 06:26 - 19338752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-01-27 21:08 - 2016-01-16 06:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2016-01-27 21:08 - 2016-01-16 06:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2016-01-27 21:08 - 2016-01-16 06:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll 2016-01-27 21:08 - 2016-01-16 06:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2016-01-27 21:08 - 2016-01-16 06:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2016-01-27 21:08 - 2016-01-16 06:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2016-01-27 21:08 - 2016-01-16 06:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll 2016-01-27 21:08 - 2016-01-16 06:24 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-01-27 21:08 - 2016-01-16 06:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2016-01-27 21:08 - 2016-01-16 06:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2016-01-27 21:08 - 2016-01-16 06:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2016-01-27 21:08 - 2016-01-16 06:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2016-01-27 21:08 - 2016-01-16 06:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-01-27 21:08 - 2016-01-16 06:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-01-27 21:08 - 2016-01-16 06:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-01-27 21:08 - 2016-01-16 06:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-01-27 21:08 - 2016-01-16 06:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2016-01-27 21:08 - 2016-01-16 06:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2016-01-27 21:08 - 2016-01-16 06:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll 2016-01-27 21:08 - 2016-01-16 06:19 - 12126208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-01-27 21:08 - 2016-01-16 06:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2016-01-27 21:08 - 2016-01-16 06:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2016-01-27 21:08 - 2016-01-16 06:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll 2016-01-27 21:08 - 2016-01-16 06:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-01-27 21:08 - 2016-01-16 06:18 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-01-27 21:08 - 2016-01-16 06:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2016-01-27 21:08 - 2016-01-16 06:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2016-01-27 21:08 - 2016-01-16 06:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2016-01-27 21:08 - 2016-01-16 06:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2016-01-27 21:08 - 2016-01-16 06:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2016-01-27 21:08 - 2016-01-16 06:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-01-27 21:08 - 2016-01-16 06:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-01-27 21:08 - 2016-01-16 06:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2016-01-27 21:08 - 2016-01-16 06:09 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2016-01-27 01:52 - 2016-02-06 11:22 - 00000000 ____D C:\Users\Łukasz\Desktop\Screenshots 2016-01-22 18:43 - 2016-01-22 18:44 - 00000000 ____D C:\Users\Łukasz\Desktop\Interface 2016-01-20 14:52 - 2016-01-22 18:42 - 00000000 ____D C:\Users\Łukasz\Desktop\WTF ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-02-17 17:50 - 2015-12-23 13:38 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-02-17 17:50 - 2015-12-23 13:26 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-02-17 17:50 - 2015-12-22 11:41 - 00000000 __SHD C:\Users\Łukasz\IntelGraphicsProfiles 2016-02-17 17:49 - 2015-10-30 20:19 - 00819340 _____ C:\WINDOWS\system32\perfh015.dat 2016-02-17 17:49 - 2015-10-30 20:19 - 00158506 _____ C:\WINDOWS\system32\perfc015.dat 2016-02-17 17:49 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF 2016-02-17 17:49 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-02-17 17:49 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-02-17 17:49 - 2015-07-16 16:54 - 01849016 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-02-17 17:47 - 2015-12-22 20:27 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-02-17 17:46 - 2015-12-22 20:27 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-02-17 16:25 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-02-17 16:25 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-02-17 16:04 - 2015-12-26 01:17 - 00000000 ____D C:\AdwCleaner 2016-02-17 16:00 - 2015-12-25 19:45 - 00000000 ____D C:\ProgramData\MFAData 2016-02-17 15:50 - 2015-12-23 13:31 - 00000000 ____D C:\Users\Łukasz 2016-02-17 15:47 - 2016-01-16 22:17 - 00000000 ____D C:\Heroes of Might and Magic 2016-02-17 15:47 - 2015-12-31 04:10 - 00000000 ____D C:\League of Legends 2016-02-17 15:47 - 2015-12-26 01:31 - 00000000 ____D C:\cc backups 2016-02-17 15:47 - 2015-12-25 23:51 - 00000000 ___RD C:\World of Warcraft 2016-02-17 15:47 - 2015-12-25 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2016-02-17 15:47 - 2015-12-25 18:02 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\Battle.net 2016-02-17 15:47 - 2015-12-25 17:54 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\raidcall 2016-02-17 15:47 - 2015-12-25 17:47 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\RcGameBoxRU 2016-02-17 15:47 - 2015-12-25 17:36 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\RCTW 2016-02-17 15:47 - 2015-12-25 17:36 - 00000000 ____D C:\Users\Łukasz\AppData\LocalLow\raidcall 2016-02-17 15:47 - 2015-12-25 16:53 - 00000000 ____D C:\ProgramData\Skype 2016-02-17 15:47 - 2015-12-25 03:22 - 00000000 ____D C:\Program Files\CCleaner 2016-02-17 15:47 - 2015-12-25 03:10 - 00000000 ____D C:\ProgramData\SystemExplorer 2016-02-17 15:47 - 2015-10-30 20:23 - 00000000 ____D C:\WINDOWS\ShellNew 2016-02-17 15:47 - 2015-10-30 20:23 - 00000000 ____D C:\Program Files\Windows Journal 2016-02-17 15:47 - 2015-10-30 08:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2016-02-17 15:47 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache 2016-02-17 15:47 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2016-02-17 15:47 - 2015-07-16 16:49 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-02-17 15:41 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\registration 2016-02-17 15:38 - 2015-12-25 16:53 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\Skype 2016-02-17 15:37 - 2016-01-16 22:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2016-02-17 15:37 - 2015-12-25 18:10 - 00000000 ____D C:\Program Files (x86)\TradeSkillMaster Application 2016-02-17 15:37 - 2015-12-25 18:01 - 00000000 ____D C:\Program Files (x86)\Battle.net 2016-02-17 15:37 - 2015-09-07 09:54 - 00000000 ____D C:\ProgramData\Package Cache 2016-02-17 10:37 - 2015-12-23 18:20 - 00000000 ____D C:\Users\Łukasz\AppData\Local\ElevatedDiagnostics 2016-02-16 23:45 - 2015-12-25 18:02 - 00000000 ____D C:\Users\Łukasz\AppData\Local\Battle.net 2016-02-16 18:54 - 2015-12-25 18:05 - 00000000 ____D C:\Users\Łukasz\AppData\Local\Deployment 2016-02-12 12:30 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2016-02-07 20:36 - 2015-12-25 17:09 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\AIMP 2016-02-03 20:01 - 2015-10-30 08:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-02-03 20:01 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-01-28 23:46 - 2015-12-23 13:27 - 00000000 ____D C:\ProgramData\NVIDIA 2016-01-28 05:50 - 2015-12-23 13:27 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-01-28 04:59 - 2015-12-25 03:15 - 00007597 _____ C:\Users\Łukasz\AppData\Local\resmon.resmoncfg 2016-01-27 21:10 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12 2016-01-27 21:10 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-01-27 21:10 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-01-27 21:10 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-01-27 21:09 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2016-01-27 21:09 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-01-27 21:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-01-27 21:05 - 2015-12-23 13:26 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2016-01-20 19:18 - 2015-12-25 19:41 - 00000000 ____D C:\Users\Łukasz\AppData\Local\Avg ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-12-25 03:15 - 2016-01-28 04:59 - 0007597 _____ () C:\Users\Łukasz\AppData\Local\resmon.resmoncfg 2015-12-23 13:26 - 2015-12-23 13:26 - 0000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-02-03 20:23 ==================== Koniec FRST.txt ============================