Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:27-02-2016 Uruchomiony przez Aleksiejuk (administrator) LAPTOP-176JQC2V (28-02-2016 10:58:06) Uruchomiony z C:\Users\Aleksiejuk\Downloads Załadowane profile: Aleksiejuk (Dostępne profile: Aleksiejuk) Platform: Windows 10 Home Wersja 1511 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Edge) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Intel Corporation) C:\Windows\syswow64\IntelCpHeciSvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe () C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe (Intel Corporation) C:\Windows\syswow64\esif_uf.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe () C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe (Lenovo) C:\Program Files (x86)\Lenovo\LenovoPortal\FastBoot\FbService.exe () C:\Program Files\update\UpdateAgent.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe () C:\Program Files (x86)\Realtek\Realtek Bluetooth\SkypePlugin.exe (Lenovo) C:\Program Files\Lenovo\BatteryGauge\BatteryGaugeIcon.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe () C:\Program Files\Lenovo\LenovoUtility\utility.exe (Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2016.27.2.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe (Microsoft Corporation) C:\Windows\System32\wuapihost.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.6734\Battle.net.exe (Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4791\Agent.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (Google Inc.) C:\Users\Aleksiejuk\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Aleksiejuk\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Aleksiejuk\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Aleksiejuk\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13877464 2015-05-15] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3937448 2015-08-11] (Synaptics Incorporated) HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [230104 2015-07-10] (Realtek Semiconductor Corporation) HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2015-09-26] () HKU\S-1-5-21-1931283843-340991006-2778759058-1001\...\Run: [Google Update] => C:\Users\Aleksiejuk\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-02-28] (Google Inc.) HKU\S-1-5-21-1931283843-340991006-2778759058-1001\...\RunOnce: [Uninstall C:\Users\Aleksiejuk\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Aleksiejuk\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{03776fe9-7e0f-416d-983d-cd04d90c8804}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-1931283843-340991006-2778759058-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE HKU\S-1-5-21-1931283843-340991006-2778759058-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE HKU\S-1-5-21-1931283843-340991006-2778759058-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com HKU\S-1-5-21-1931283843-340991006-2778759058-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://mystart.lenovo.com Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-02-08] (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-08] (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-02-08] (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-08] (McAfee, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll [2015-11-10] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-11-10] (McAfee, Inc.) FireFox: ======== FF ProfilePath: C:\Users\Aleksiejuk\AppData\Roaming\Mozilla\Firefox\Profiles\uwrd134i.default FF Homepage: www.wp.pl FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-11-10] () FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-11-10] () FF Plugin HKU\S-1-5-21-1931283843-340991006-2778759058-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Aleksiejuk\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-28] (Google Inc.) FF Plugin HKU\S-1-5-21-1931283843-340991006-2778759058-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Aleksiejuk\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-28] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll [2009-07-16] (mozilla.org) FF Extension: anonymoX - C:\Users\Aleksiejuk\AppData\Roaming\Mozilla\Firefox\Profiles\uwrd134i.default\Extensions\client@anonymox.net.xpi [2016-02-28] FF Extension: X-Forwarded-For Header - C:\Users\Aleksiejuk\AppData\Roaming\Mozilla\Firefox\Profiles\uwrd134i.default\Extensions\jid1-vasLCl9ZsexfAQ@jetpack.xpi [2016-02-28] FF Extension: Adblock Plus - C:\Users\Aleksiejuk\AppData\Roaming\Mozilla\Firefox\Profiles\uwrd134i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-28] FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-12-29] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-02-28] [Brak podpisu cyfrowego] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-branding.js [2009-07-15] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-l10n.js [2009-07-15] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox.js [2009-07-15] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\reporter.js [2009-07-15] Chrome: ======= CHR StartupUrls: Default -> "hxxp://wp.pl/" CHR Profile: C:\Users\Aleksiejuk\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Dokumenty Google) - C:\Users\Aleksiejuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-28] CHR Extension: (Dysk Google) - C:\Users\Aleksiejuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-28] CHR Extension: (YouTube) - C:\Users\Aleksiejuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-28] CHR Extension: (Google Search) - C:\Users\Aleksiejuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-28] CHR Extension: (Dokumenty Google offline) - C:\Users\Aleksiejuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-28] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Aleksiejuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-28] CHR Extension: (Gmail) - C:\Users\Aleksiejuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-28] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-02-28] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-02-28] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S2 0049031456649503mcinstcleanup; C:\Users\Aleksiejuk\AppData\Local\Temp\0049031456649503mcinst.exe [883024 2015-10-28] (McAfee, Inc.) R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [41176 2015-03-02] (Realtek Semiconductor Corporation) R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [121560 2015-07-20] () R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1385640 2015-05-26] (Intel Corporation) R2 FastbootService; C:\Program Files (x86)\Lenovo\LenovoPortal\FastBoot\FbService.exe [288768 2015-09-26] (Lenovo) [Brak podpisu cyfrowego] R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319888 2015-08-17] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [887232 2013-12-24] (Intel(R) Corporation) R2 LenovoPortalService; C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe [24312 2015-09-26] () R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [163592 2016-02-08] (McAfee, Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2015-11-10] (McAfee, Inc.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe [1694152 2015-12-02] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.) S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [679120 2015-10-20] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.) R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [233680 2015-09-21] (McAfee, Inc.) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [378848 2015-10-21] (McAfee, Inc.) R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [256840 2015-09-21] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.) R2 UpdateAgentService; C:\Program Files\update\UpdateAgent.exe [226216 2015-09-26] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [80760 2015-09-23] (McAfee, Inc.) R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [47096 2015-05-26] (Intel Corporation) R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [251384 2015-05-26] (Intel Corporation) R0 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [67608 2015-09-26] (Windows (R) Win 7 DDK provider) [Brak podpisu cyfrowego] R0 FBFsmon; C:\Windows\System32\DRIVERS\FBFsmon.sys [39448 2015-09-26] (Windows (R) Win 7 DDK provider) [Brak podpisu cyfrowego] S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.) R0 MBI; C:\Windows\System32\drivers\MBI.sys [41464 2015-06-09] (Intel(R) Corporation) R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [415976 2015-09-23] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351120 2015-09-23] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [82072 2015-09-23] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [497888 2015-09-23] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [841944 2015-09-23] (McAfee, Inc.) R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [537192 2015-10-06] (McAfee, Inc.) S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [109480 2015-10-06] (McAfee, Inc.) R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [36968 2016-01-19] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [244544 2015-09-23] (McAfee, Inc.) R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-05-21] (Realtek Semiconductor Corp.) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2016-01-13] (Realtek ) S3 RtkAvrcp; C:\Windows\System32\drivers\RtkAvrcp.sys [67840 2015-09-09] (Realtek Semiconductor Corporation) S3 RtkAvrcpCtrlr; C:\Windows\System32\drivers\RtkAvrcpCtrlr.sys [70672 2015-05-12] (Realtek Semiconductor Corporation) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [593624 2016-01-13] (Realtek Semiconductor Corporation) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3059416 2015-06-11] (Realtek Semiconductor Corp.) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [4641536 2015-08-12] (Realtek Semiconductor Corporation ) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [33448 2015-08-11] (Synaptics Incorporated) R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33960 2015-08-11] (Synaptics Incorporated) R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-02-28 10:58 - 2016-02-28 10:59 - 00017662 _____ C:\Users\Aleksiejuk\Downloads\FRST.txt 2016-02-28 10:57 - 2016-02-28 10:58 - 00000000 ____D C:\FRST 2016-02-28 10:57 - 2016-02-28 10:57 - 01511936 _____ C:\Users\Aleksiejuk\Downloads\AdwCleaner.exe 2016-02-28 10:56 - 2016-02-28 10:57 - 02371072 _____ (Farbar) C:\Users\Aleksiejuk\Downloads\FRST64.exe 2016-02-28 10:43 - 2016-02-28 10:43 - 00001257 _____ C:\Users\Public\Desktop\Hearthstone.lnk 2016-02-28 10:43 - 2016-02-28 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone 2016-02-28 10:36 - 2016-02-28 10:36 - 00000000 ____D C:\Users\Aleksiejuk\Tracing 2016-02-28 10:33 - 2016-02-28 10:39 - 00000000 ____D C:\Users\Aleksiejuk\AppData\Roaming\Skype 2016-02-28 10:33 - 2016-02-28 10:33 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk 2016-02-28 10:33 - 2016-02-28 10:33 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-02-28 10:33 - 2016-02-28 10:33 - 00000000 ____D C:\ProgramData\Skype 2016-02-28 10:33 - 2016-02-28 10:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2016-02-28 10:01 - 2016-02-28 10:01 - 00000000 ____D C:\Users\Aleksiejuk\AppData\Roaming\Macromedia 2016-02-28 10:00 - 2016-02-28 10:00 - 00001996 _____ C:\Users\Public\Desktop\McAfee Internet Security.lnk 2016-02-28 10:00 - 2016-02-28 10:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2016-02-28 09:58 - 2015-05-19 13:59 - 00207208 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys 2016-02-28 09:56 - 2016-02-28 10:43 - 00000000 ____D C:\Program Files (x86)\Hearthstone 2016-02-28 09:55 - 2016-02-28 09:55 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee 2016-02-28 09:54 - 2016-02-28 09:54 - 00000000 ____D C:\Program Files (x86)\McAfee.com 2016-02-28 09:54 - 2015-09-23 09:43 - 00497888 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfefirek.sys 2016-02-28 09:54 - 2015-09-23 09:43 - 00082072 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfeelamk.sys 2016-02-28 09:54 - 2015-09-23 09:43 - 00080760 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\cfwids.sys 2016-02-28 09:53 - 2015-09-23 09:43 - 00244544 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfewfpk.sys 2016-02-28 09:52 - 2016-02-28 09:52 - 00000000 ____D C:\Program Files\McAfee.com 2016-02-28 09:52 - 2015-12-09 04:39 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2016-02-28 09:51 - 2016-02-28 10:01 - 00000000 ____D C:\Program Files (x86)\McAfee 2016-02-28 09:51 - 2016-02-28 09:51 - 00000000 ____D C:\Program Files\Common Files\AV 2016-02-28 09:40 - 2015-09-23 09:43 - 00841944 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfehidk.sys 2016-02-28 09:40 - 2015-09-23 09:43 - 00415976 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfeaack.sys 2016-02-28 09:40 - 2015-09-23 09:43 - 00351120 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfeavfk.sys 2016-02-28 09:40 - 2015-09-21 13:33 - 00256840 _____ (McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe 2016-02-28 09:37 - 2016-02-28 09:37 - 00001552 _____ C:\Users\Aleksiejuk\Desktop\Battle.net.lnk 2016-02-28 09:25 - 2016-02-28 09:57 - 00000000 ____D C:\Program Files\Common Files\McAfee 2016-02-28 09:25 - 2015-09-23 09:43 - 00841944 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfehidk.sys.e22e.deleteme 2016-02-28 09:25 - 2015-09-23 09:43 - 00415976 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfeaack.sys.556b.deleteme 2016-02-28 09:25 - 2015-09-23 09:43 - 00351120 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfeavfk.sys.f48f.deleteme 2016-02-28 09:12 - 2016-02-28 10:55 - 00000000 ____D C:\Users\Aleksiejuk\AppData\Local\Battle.net 2016-02-28 09:12 - 2016-02-28 09:12 - 00000000 ____D C:\Users\Aleksiejuk\AppData\Local\Blizzard Entertainment 2016-02-28 09:12 - 2016-02-28 09:12 - 00000000 ____D C:\ProgramData\Blizzard Entertainment 2016-02-28 09:08 - 2016-02-28 09:16 - 00000000 ____D C:\Users\Aleksiejuk\AppData\Roaming\Battle.net 2016-02-28 09:07 - 2016-02-28 09:55 - 00000000 ____D C:\Program Files (x86)\Battle.net 2016-02-28 09:06 - 2016-02-28 09:08 - 00000000 ____D C:\ProgramData\Battle.net 2016-02-28 08:59 - 2016-02-28 09:00 - 08205800 _____ (McAfee, Inc.) C:\Users\Aleksiejuk\Downloads\Setup_serial_2n7bBd7xwwKeVeb1m45vkw2_key.exe 2016-02-28 08:43 - 2016-02-28 09:40 - 00004972 _____ C:\Users\Aleksiejuk\Desktop\Nowy Dokument tekstowy (2).txt 2016-02-28 08:42 - 2016-02-28 08:42 - 00001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-02-28 08:42 - 2016-02-28 08:42 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-02-28 08:42 - 2016-02-28 08:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-02-28 08:38 - 2016-02-28 08:38 - 00002491 _____ C:\Users\Aleksiejuk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-28 08:38 - 2016-02-28 08:38 - 00002483 _____ C:\Users\Aleksiejuk\Desktop\Google Chrome.lnk 2016-02-28 08:35 - 2016-02-28 08:45 - 00001058 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1931283843-340991006-2778759058-1001Core.job 2016-02-28 08:35 - 2016-02-28 08:40 - 00004236 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1931283843-340991006-2778759058-1001UA 2016-02-28 08:35 - 2016-02-28 08:40 - 00003860 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1931283843-340991006-2778759058-1001Core 2016-02-28 08:35 - 2016-02-28 08:40 - 00001110 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1931283843-340991006-2778759058-1001UA.job 2016-02-28 08:35 - 2016-02-28 08:38 - 00000000 ____D C:\Users\Aleksiejuk\AppData\Local\Google 2016-02-28 08:31 - 2016-02-28 08:31 - 00000000 ____D C:\Users\Aleksiejuk\AppData\Roaming\Mozilla 2016-02-28 08:31 - 2016-02-28 08:31 - 00000000 ____D C:\Users\Aleksiejuk\AppData\Local\Mozilla 2016-02-28 08:30 - 2016-02-28 08:42 - 00001000 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-02-28 08:30 - 2016-02-28 08:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox 2016-02-28 08:30 - 2016-02-28 08:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-02-28 08:17 - 2016-02-28 08:17 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-02-28 08:17 - 2016-02-28 08:17 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-02-28 08:17 - 2016-02-28 08:17 - 00000000 ____D C:\Users\Aleksiejuk\AppData\Local\MicrosoftEdge 2016-02-28 08:13 - 2016-02-28 08:13 - 00000000 ____D C:\Users\Aleksiejuk\AppData\Roaming\LSC 2016-02-28 08:06 - 2016-02-28 08:06 - 00000790 _____ C:\Users\Aleksiejuk\Desktop\Dokumenty.lnk 2016-02-28 08:00 - 2016-02-28 08:00 - 00000000 ____D C:\Users\Aleksiejuk\REACHit 2016-02-28 08:00 - 2016-02-28 08:00 - 00000000 ____D C:\Users\Aleksiejuk\AppData\Local\Lenovo 2016-02-28 05:55 - 2016-02-28 05:55 - 00000000 ____D C:\Users\Aleksiejuk\AppData\Local\Comms 2016-02-28 05:41 - 2016-02-28 05:41 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf 2016-02-28 05:37 - 2016-02-28 08:04 - 00002429 _____ C:\Users\Aleksiejuk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-02-28 05:37 - 2016-02-28 08:04 - 00000000 ___RD C:\Users\Aleksiejuk\OneDrive 2016-02-28 05:37 - 2016-02-28 05:37 - 00000000 ____D C:\Users\Aleksiejuk\AppData\Local\Power2Go8 2016-02-28 05:35 - 2016-02-28 05:35 - 00000000 ____D C:\Users\Aleksiejuk\AppData\Local\Publishers 2016-02-28 05:35 - 2016-02-28 05:35 - 00000000 ____D C:\Users\Aleksiejuk\AppData\Local\ActiveSync 2016-02-28 05:34 - 2016-02-28 08:55 - 00000000 ____D C:\Users\Aleksiejuk\AppData\Local\Packages 2016-02-28 05:34 - 2016-02-28 05:34 - 00000000 ____D C:\Users\Aleksiejuk\Documents\My Bluetooth 2016-02-28 05:34 - 2016-02-28 05:34 - 00000000 ____D C:\Users\Aleksiejuk\AppData\Roaming\Adobe 2016-02-28 05:34 - 2016-02-28 05:34 - 00000000 ____D C:\Users\Aleksiejuk\AppData\Local\VirtualStore 2016-02-28 05:34 - 2016-02-28 05:34 - 00000000 ____D C:\Users\Aleksiejuk\AppData\Local\CyberLink 2016-02-28 05:33 - 2016-02-28 10:36 - 00000000 ____D C:\Users\Aleksiejuk 2016-02-28 05:33 - 2016-02-28 09:24 - 00000000 __SHD C:\Users\Aleksiejuk\IntelGraphicsProfiles 2016-02-28 05:33 - 2016-02-28 05:33 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-02-28 05:33 - 2016-02-28 05:33 - 00000020 ___SH C:\Users\Aleksiejuk\ntuser.ini 2016-02-28 05:33 - 2016-02-28 05:33 - 00000000 _SHDL C:\Users\Aleksiejuk\Ustawienia lokalne 2016-02-28 05:33 - 2016-02-28 05:33 - 00000000 _SHDL C:\Users\Aleksiejuk\Szablony 2016-02-28 05:33 - 2016-02-28 05:33 - 00000000 _SHDL C:\Users\Aleksiejuk\Moje dokumenty 2016-02-28 05:33 - 2016-02-28 05:33 - 00000000 _SHDL C:\Users\Aleksiejuk\Menu Start 2016-02-28 05:33 - 2016-02-28 05:33 - 00000000 _SHDL C:\Users\Aleksiejuk\Documents\Moje wideo 2016-02-28 05:33 - 2016-02-28 05:33 - 00000000 _SHDL C:\Users\Aleksiejuk\Documents\Moje obrazy 2016-02-28 05:33 - 2016-02-28 05:33 - 00000000 _SHDL C:\Users\Aleksiejuk\Documents\Moja muzyka 2016-02-28 05:33 - 2016-02-28 05:33 - 00000000 _SHDL C:\Users\Aleksiejuk\Dane aplikacji 2016-02-28 05:33 - 2016-02-28 05:33 - 00000000 _SHDL C:\Users\Aleksiejuk\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2016-02-28 05:33 - 2016-02-28 05:33 - 00000000 _SHDL C:\Users\Aleksiejuk\AppData\Local\Historia 2016-02-28 05:33 - 2016-02-28 05:33 - 00000000 _SHDL C:\Users\Aleksiejuk\AppData\Local\Dane aplikacji 2016-02-28 05:33 - 2016-02-28 05:33 - 00000000 ____D C:\Users\Aleksiejuk\AppData\Local\TileDataLayer 2016-02-28 05:31 - 2016-02-28 05:31 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2016-02-27 22:43 - 2016-02-27 22:43 - 00000000 _SHDL C:\Users\Public\Documents\Moje wideo 2016-02-27 22:43 - 2016-02-27 22:43 - 00000000 _SHDL C:\Users\Public\Documents\Moje obrazy 2016-02-27 22:43 - 2016-02-27 22:43 - 00000000 _SHDL C:\Users\Public\Documents\Moja muzyka 2016-02-27 22:43 - 2016-02-27 22:43 - 00000000 _SHDL C:\Users\Default\Ustawienia lokalne 2016-02-27 22:43 - 2016-02-27 22:43 - 00000000 _SHDL C:\Users\Default\Szablony 2016-02-27 22:43 - 2016-02-27 22:43 - 00000000 _SHDL C:\Users\Default\Moje dokumenty 2016-02-27 22:43 - 2016-02-27 22:43 - 00000000 _SHDL C:\Users\Default\Menu Start 2016-02-27 22:43 - 2016-02-27 22:43 - 00000000 _SHDL C:\Users\Default\Documents\Moje wideo 2016-02-27 22:43 - 2016-02-27 22:43 - 00000000 _SHDL C:\Users\Default\Documents\Moje obrazy 2016-02-27 22:43 - 2016-02-27 22:43 - 00000000 _SHDL C:\Users\Default\Documents\Moja muzyka 2016-02-27 22:43 - 2016-02-27 22:43 - 00000000 _SHDL C:\Users\Default\Dane aplikacji 2016-02-27 22:43 - 2016-02-27 22:43 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2016-02-27 22:43 - 2016-02-27 22:43 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historia 2016-02-27 22:43 - 2016-02-27 22:43 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dane aplikacji 2016-02-27 22:43 - 2016-02-27 22:43 - 00000000 _SHDL C:\Users\Default User\Documents\Moje wideo 2016-02-27 22:43 - 2016-02-27 22:43 - 00000000 _SHDL C:\Users\Default User\Documents\Moje obrazy 2016-02-27 22:43 - 2016-02-27 22:43 - 00000000 _SHDL C:\Users\Default User\Documents\Moja muzyka 2016-02-27 22:43 - 2016-02-27 22:43 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2016-02-27 22:43 - 2016-02-27 22:43 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historia 2016-02-27 22:43 - 2016-02-27 22:43 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dane aplikacji 2016-02-27 22:43 - 2016-02-27 22:43 - 00000000 _SHDL C:\Users\Default User 2016-02-27 22:43 - 2016-02-27 22:43 - 00000000 _SHDL C:\Users\All Users 2016-02-27 22:43 - 2016-02-27 22:43 - 00000000 _SHDL C:\ProgramData\Szablony 2016-02-27 22:43 - 2016-02-27 22:43 - 00000000 _SHDL C:\ProgramData\Pulpit 2016-02-27 22:43 - 2016-02-27 22:43 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy 2016-02-27 22:43 - 2016-02-27 22:43 - 00000000 _SHDL C:\ProgramData\Menu Start 2016-02-27 22:43 - 2016-02-27 22:43 - 00000000 _SHDL C:\ProgramData\Dokumenty 2016-02-27 22:43 - 2016-02-27 22:43 - 00000000 _SHDL C:\ProgramData\Dane aplikacji 2016-02-27 22:42 - 2016-02-27 22:42 - 00023044 _____ C:\WINDOWS\system32\emptyregdb.dat 2016-02-27 22:38 - 2015-10-30 08:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2016-02-27 22:36 - 2016-02-28 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-02-27 22:34 - 2016-02-27 22:34 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-02-27 22:25 - 2016-02-27 22:25 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2016-02-27 22:18 - 2016-02-27 22:25 - 00000000 ____D C:\Intel 2016-02-27 22:18 - 2016-02-27 22:18 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf 2016-02-27 22:18 - 2016-02-27 22:18 - 00000000 ____D C:\WINDOWS\SysWOW64\sda 2016-02-27 22:18 - 2015-08-17 16:27 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2016-02-27 22:18 - 2015-08-17 16:27 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2016-02-27 22:17 - 2016-02-27 22:26 - 00000000 ____D C:\Program Files\Intel 2016-02-27 22:17 - 2016-02-27 22:17 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf 2016-02-27 22:17 - 2016-02-27 22:17 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf 2016-02-27 22:17 - 2016-02-27 22:17 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_esif_lf_01011.Wdf 2016-02-27 22:17 - 2016-02-27 22:17 - 00000000 ____H C:\ProgramData\DP45977C.lfl 2016-02-27 22:17 - 2016-02-27 22:17 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2016-02-27 22:17 - 2016-02-27 22:17 - 00000000 ____D C:\Program Files\Realtek 2016-02-27 22:16 - 2016-02-27 22:26 - 00000000 ____D C:\Program Files (x86)\Intel 2016-02-27 22:11 - 2016-02-28 09:22 - 00193504 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-02-27 22:11 - 2016-02-27 22:11 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2016-02-27 22:10 - 2016-02-27 22:10 - 00000000 _____ C:\Recovery.txt 2016-02-27 22:10 - 2015-04-28 19:06 - 00043256 _____ C:\WINDOWS\system32\oemlogo.bmp 2016-02-27 19:21 - 2016-02-28 05:28 - 00000000 ___DC C:\WINDOWS\Panther 2016-02-27 19:21 - 2016-02-27 19:21 - 00000000 ____D C:\WINDOWS\InfusedApps 2016-02-27 19:20 - 2016-02-27 19:20 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2016-02-27 19:19 - 2016-02-27 19:19 - 00000000 ____D C:\Program Files\Synaptics 2016-02-27 19:17 - 2016-02-27 19:17 - 00000000 ____D C:\WINDOWS\Setup 2016-02-27 19:15 - 2016-02-27 22:32 - 00000000 ____D C:\WINDOWS\OCR 2016-02-27 19:15 - 2016-02-27 19:15 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2016-02-27 19:15 - 2016-02-27 19:15 - 00000000 ____D C:\Program Files\Reference Assemblies 2016-02-27 19:15 - 2016-02-27 19:15 - 00000000 ____D C:\Program Files\MSBuild 2016-02-27 19:15 - 2016-02-27 19:15 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2016-02-27 19:15 - 2016-02-27 19:15 - 00000000 ____D C:\Program Files (x86)\MSBuild 2016-02-27 19:14 - 2016-02-28 09:30 - 00819738 _____ C:\WINDOWS\system32\perfh015.dat 2016-02-27 19:14 - 2016-02-28 09:30 - 00158390 _____ C:\WINDOWS\system32\perfc015.dat 2016-02-27 19:14 - 2016-02-27 19:13 - 00342912 _____ C:\WINDOWS\system32\perfi015.dat 2016-02-27 19:14 - 2016-02-27 19:13 - 00041236 _____ C:\WINDOWS\system32\perfd015.dat 2016-02-27 19:13 - 2016-02-27 19:13 - 00000000 ____D C:\WINDOWS\SysWOW64\pl 2016-02-27 19:13 - 2016-02-27 19:13 - 00000000 ____D C:\WINDOWS\system32\pl 2016-02-27 19:09 - 2016-02-27 19:13 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm 2016-02-27 19:09 - 2016-02-27 19:13 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN 2016-02-27 19:09 - 2016-02-27 19:13 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr 2016-02-27 19:09 - 2016-02-27 19:13 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2016-02-27 19:09 - 2016-02-27 19:13 - 00000000 ____D C:\WINDOWS\system32\winrm 2016-02-27 19:09 - 2016-02-27 19:13 - 00000000 ____D C:\WINDOWS\system32\WCN 2016-02-27 19:09 - 2016-02-27 19:13 - 00000000 ____D C:\WINDOWS\system32\slmgr 2016-02-27 19:09 - 2016-02-27 19:13 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2016-02-27 19:09 - 2016-02-27 19:09 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep 2016-02-27 19:09 - 2016-02-27 19:09 - 00000000 ____D C:\WINDOWS\SysWOW64\0409 2016-02-27 19:09 - 2016-02-27 19:09 - 00000000 ____D C:\WINDOWS\system32\0409 2016-02-27 19:09 - 2016-02-27 19:09 - 00000000 ____D C:\WINDOWS\DigitalLocker 2016-02-27 19:04 - 2016-02-03 20:01 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-02-27 19:04 - 2016-02-03 20:01 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-02-27 19:01 - 2016-02-27 22:10 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2016-02-27 19:01 - 2016-02-27 18:56 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2016-02-27 19:01 - 2016-02-27 18:56 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat 2016-02-27 19:01 - 2016-02-27 18:56 - 00215943 _____ C:\WINDOWS\system32\dssec.dat 2016-02-27 19:01 - 2016-02-27 18:56 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2016-02-27 19:01 - 2016-02-27 18:56 - 00015462 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2016-02-27 19:01 - 2016-02-27 18:56 - 00008798 _____ C:\WINDOWS\SysWOW64\icrav03.rat 2016-02-27 19:01 - 2016-02-27 18:56 - 00008798 _____ C:\WINDOWS\system32\icrav03.rat 2016-02-27 19:01 - 2016-02-27 18:56 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam 2016-02-27 19:01 - 2016-02-27 18:56 - 00001988 _____ C:\WINDOWS\SysWOW64\ticrf.rat 2016-02-27 19:01 - 2016-02-27 18:56 - 00001988 _____ C:\WINDOWS\system32\ticrf.rat 2016-02-27 19:01 - 2016-02-27 18:56 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json 2016-02-27 19:01 - 2016-02-27 18:56 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT 2016-02-27 19:01 - 2016-02-27 18:56 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT 2016-02-27 19:01 - 2016-02-27 18:56 - 00000389 _____ C:\WINDOWS\system32\AutoWorkplace.exe.config 2016-02-27 19:00 - 2016-02-28 09:54 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2016-02-27 19:00 - 2016-02-28 09:21 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-02-27 19:00 - 2016-02-28 09:19 - 00000000 ___SD C:\WINDOWS\system32\F12 2016-02-27 19:00 - 2016-02-28 09:19 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2016-02-27 19:00 - 2016-02-28 09:19 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-02-27 19:00 - 2016-02-28 09:19 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2016-02-27 19:00 - 2016-02-28 09:19 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-02-27 19:00 - 2016-02-28 09:19 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2016-02-27 19:00 - 2016-02-28 09:19 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-02-27 19:00 - 2016-02-28 09:19 - 00000000 ____D C:\WINDOWS\system32\Dism 2016-02-27 19:00 - 2016-02-28 09:19 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-02-27 19:00 - 2016-02-28 09:19 - 00000000 ____D C:\WINDOWS\Provisioning 2016-02-27 19:00 - 2016-02-28 09:19 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-02-27 19:00 - 2016-02-28 09:19 - 00000000 ____D C:\Program Files\Windows Journal 2016-02-27 19:00 - 2016-02-28 09:16 - 00000000 ___HD C:\Program Files\WindowsApps 2016-02-27 19:00 - 2016-02-28 05:52 - 00000000 ___RD C:\WINDOWS\DevicesFlow 2016-02-27 19:00 - 2016-02-28 05:34 - 00000000 ___RD C:\WINDOWS\PrintDialog 2016-02-27 19:00 - 2016-02-28 05:34 - 00000000 ___RD C:\WINDOWS\MiracastView 2016-02-27 19:00 - 2016-02-27 22:46 - 00000000 ____D C:\WINDOWS\rescache 2016-02-27 19:00 - 2016-02-27 22:43 - 00000000 ____D C:\WINDOWS\Registration 2016-02-27 19:00 - 2016-02-27 22:43 - 00000000 ____D C:\Program Files\Windows NT 2016-02-27 19:00 - 2016-02-27 22:41 - 00000000 __RHD C:\Users\Public\Libraries 2016-02-27 19:00 - 2016-02-27 22:32 - 00000000 ____D C:\WINDOWS\system32\spool 2016-02-27 19:00 - 2016-02-27 22:29 - 00000000 ____D C:\ProgramData\USOPrivate 2016-02-27 19:00 - 2016-02-27 22:29 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-02-27 19:00 - 2016-02-27 22:26 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-02-27 19:00 - 2016-02-27 22:25 - 00000000 ____D C:\WINDOWS\appcompat 2016-02-27 19:00 - 2016-02-27 22:21 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2016-02-27 19:00 - 2016-02-27 19:15 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2016-02-27 19:00 - 2016-02-27 19:15 - 00000000 ____D C:\WINDOWS\system32\MUI 2016-02-27 19:00 - 2016-02-27 19:13 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2016-02-27 19:00 - 2016-02-27 19:13 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2016-02-27 19:00 - 2016-02-27 19:13 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs 2016-02-27 19:00 - 2016-02-27 19:13 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe 2016-02-27 19:00 - 2016-02-27 19:13 - 00000000 ____D C:\WINDOWS\SysWOW64\Com 2016-02-27 19:00 - 2016-02-27 19:13 - 00000000 ____D C:\WINDOWS\system32\migwiz 2016-02-27 19:00 - 2016-02-27 19:13 - 00000000 ____D C:\WINDOWS\system32\Com 2016-02-27 19:00 - 2016-02-27 19:13 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2016-02-27 19:00 - 2016-02-27 19:13 - 00000000 ____D C:\WINDOWS\IME 2016-02-27 19:00 - 2016-02-27 19:13 - 00000000 ____D C:\WINDOWS\Help 2016-02-27 19:00 - 2016-02-27 19:13 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2016-02-27 19:00 - 2016-02-27 19:13 - 00000000 ____D C:\Program Files\Windows Defender 2016-02-27 19:00 - 2016-02-27 19:13 - 00000000 ____D C:\Program Files\Common Files\System 2016-02-27 19:00 - 2016-02-27 19:13 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2016-02-27 19:00 - 2016-02-27 19:13 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2016-02-27 19:00 - 2016-02-27 19:09 - 00000000 ___SD C:\WINDOWS\system32\dsc 2016-02-27 19:00 - 2016-02-27 19:09 - 00000000 ____D C:\WINDOWS\SysWOW64\setup 2016-02-27 19:00 - 2016-02-27 19:09 - 00000000 ____D C:\WINDOWS\system32\setup 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 __RSD C:\WINDOWS\Media 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ___SD C:\WINDOWS\system32\Nui 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ___RD C:\WINDOWS\Offline Web Pages 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ___RD C:\WINDOWS\DesktopTileResources 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ____D C:\WINDOWS\system32\WinMetadata 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ____D C:\WINDOWS\system32\MsDtc 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ____D C:\WINDOWS\system32\icsxml 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ____D C:\WINDOWS\system32\ias 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ____D C:\WINDOWS\system32\downlevel 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ____D C:\WINDOWS\system32\Bthprops 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ____D C:\WINDOWS\ShellNew 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ____D C:\WINDOWS\L2Schemas 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ____D C:\WINDOWS\Cursors 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ____D C:\WINDOWS\addins 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ____D C:\Program Files\Windows Portable Devices 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ____D C:\Program Files\Windows Multimedia Platform 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices 2016-02-27 19:00 - 2016-02-27 19:01 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 __SHD C:\Program Files\Windows Sidebar 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ___SD C:\WINDOWS\system32\Configuration 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\Web 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\Vss 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\tracing 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\TAPI 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\SysWOW64\ras 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\SysWOW64\IME 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\SystemResources 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\SystemApps 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\system32\winevt 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\system32\ras 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\system32\ProximityToast 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\system32\PointOfService 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\system32\Macromed 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\system32\Ipmi 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\system32\InputMethod 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\system32\inetsrv 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\system32\IME 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\system32\FxsTmp 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\system32\config\Journal 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\system32\AppLocker 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\System 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\SKB 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\security 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\schemas 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\SchCache 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\Resources 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\PLA 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\Performance 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\ModemLogs 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\InputMethod 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\Globalization 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\Branding 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\ProgramData\Comms 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\Program Files\Common Files\Services 2016-02-27 19:00 - 2016-02-27 19:00 - 00000000 ____D C:\Program Files (x86)\Windows NT 2016-02-27 18:58 - 2016-02-28 09:30 - 00000000 ____D C:\WINDOWS\INF 2016-02-27 18:44 - 2016-02-28 08:29 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-02-27 18:33 - 2016-02-28 10:02 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2016-02-27 18:33 - 2016-02-28 09:21 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-02-27 18:33 - 2016-02-27 19:13 - 00000000 ____D C:\WINDOWS\servicing 2016-02-27 18:33 - 2016-02-27 19:00 - 00000000 ____D C:\WINDOWS\system32\SMI 2016-02-27 18:33 - 2015-10-30 07:33 - 00000164 _____ C:\WINDOWS\system32\config\FP 2016-02-27 18:24 - 2016-02-27 22:10 - 00000000 ___HD C:\$SysReset 2016-02-27 18:24 - 2016-02-19 12:00 - 00004934 _____ C:\Users\Aleksiejuk\Documents\Nowy Dokument tekstowy (2).txt 2016-02-27 18:24 - 2007-10-09 18:53 - 00017239 _____ C:\Users\Aleksiejuk\Desktop\mon.exe 2016-02-27 18:22 - 2016-02-28 08:28 - 00000000 ____D C:\Users\Aleksiejuk\Documents\Heroes of the Storm 2016-02-27 18:21 - 2016-02-28 08:28 - 00000000 ____D C:\Users\Aleksiejuk\Documents\Tapety 2016-02-27 18:21 - 2016-02-28 08:28 - 00000000 ____D C:\Users\Aleksiejuk\Documents\screeny 2016-02-27 18:14 - 2016-02-27 18:11 - 00050072 _____ C:\Users\Aleksiejuk\Documents\zakładki_27.02.2016.html 2016-02-27 18:14 - 2015-11-25 13:09 - 00003990 _____ C:\Users\Aleksiejuk\Documents\Maile2.txt 2016-02-27 18:14 - 2012-12-03 09:40 - 51414683 _____ C:\Users\Aleksiejuk\Documents\VW Polo 2001-2005.pdf 2016-02-10 16:06 - 2016-01-27 06:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-02-10 16:06 - 2016-01-27 06:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-02-10 16:06 - 2016-01-27 06:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-02-10 16:06 - 2016-01-27 06:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-02-10 16:06 - 2016-01-27 06:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-02-10 16:06 - 2016-01-27 06:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-02-10 16:06 - 2016-01-27 05:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-02-10 16:06 - 2016-01-27 05:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-02-10 16:06 - 2016-01-27 05:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-02-10 16:06 - 2016-01-27 05:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-02-10 16:06 - 2016-01-27 05:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-02-10 16:05 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-02-10 16:05 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-02-10 16:05 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-02-10 16:05 - 2016-01-27 07:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-02-10 16:05 - 2016-01-27 07:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-02-10 16:05 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-02-10 16:05 - 2016-01-27 07:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-02-10 16:05 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2016-02-10 16:05 - 2016-01-27 06:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-02-10 16:05 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2016-02-10 16:05 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2016-02-10 16:05 - 2016-01-27 06:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-02-10 16:05 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe 2016-02-10 16:05 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-02-10 16:05 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2016-02-10 16:05 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-02-10 16:05 - 2016-01-27 06:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-02-10 16:05 - 2016-01-27 06:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-02-10 16:05 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-02-10 16:05 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe 2016-02-10 16:05 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-02-10 16:05 - 2016-01-27 06:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-02-10 16:05 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2016-02-10 16:05 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll 2016-02-10 16:05 - 2016-01-27 06:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll 2016-02-10 16:05 - 2016-01-27 06:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2016-02-10 16:05 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2016-02-10 16:05 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll 2016-02-10 16:05 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-02-10 16:05 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll 2016-02-10 16:05 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll 2016-02-10 16:05 - 2016-01-27 06:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2016-02-10 16:05 - 2016-01-27 06:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2016-02-10 16:05 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2016-02-10 16:05 - 2016-01-27 06:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll 2016-02-10 16:05 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll 2016-02-10 16:05 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2016-02-10 16:05 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll 2016-02-10 16:05 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-02-10 16:05 - 2016-01-27 05:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-02-10 16:05 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-02-10 16:05 - 2016-01-27 05:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-02-10 16:05 - 2016-01-27 05:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-02-10 16:05 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2016-02-10 16:05 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-02-10 16:05 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll 2016-02-10 16:05 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-02-10 16:05 - 2016-01-27 05:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-02-10 16:05 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-02-10 16:05 - 2016-01-27 05:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-02-10 16:05 - 2016-01-27 05:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-02-10 16:05 - 2016-01-27 05:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-02-10 16:05 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2016-02-10 16:05 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-02-28 10:06 - 2015-09-26 03:08 - 00000000 ____D C:\ProgramData\McAfee 2016-02-28 09:58 - 2015-09-26 03:08 - 00000000 ____D C:\Program Files\mcafee 2016-02-28 09:30 - 2015-07-16 16:54 - 01845594 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-02-28 09:24 - 2015-07-16 16:49 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-02-28 09:03 - 2015-07-10 10:05 - 00000000 ____D C:\Users\Default.migrated 2016-02-28 08:17 - 2015-09-26 03:17 - 00000000 ____D C:\ProgramData\Lenovo 2016-02-28 08:17 - 2015-09-26 03:05 - 00000000 ____D C:\Program Files\Lenovo 2016-02-28 08:17 - 2015-09-26 03:02 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo 2016-02-28 08:17 - 2015-09-26 03:02 - 00000000 ____D C:\Program Files (x86)\Lenovo 2016-02-28 08:16 - 2015-09-26 03:07 - 00000000 ____D C:\ProgramData\CyberLink 2016-02-28 08:16 - 2015-09-26 03:05 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-02-28 08:16 - 2015-09-26 03:02 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo 2016-02-28 08:11 - 2015-09-26 03:05 - 00000000 ____D C:\ProgramData\Temp 2016-02-28 08:11 - 2015-09-26 03:05 - 00000000 ____D C:\ProgramData\SUPPORTDIR 2016-02-28 08:10 - 2015-09-26 03:07 - 00000000 ____D C:\WINDOWS\System32\Tasks\CyberLink 2016-02-27 22:39 - 2015-09-26 04:20 - 00000000 ____D C:\Users\Public\Documents\Lenovo 2016-02-27 22:32 - 2015-09-26 03:17 - 00000000 ____D C:\WINDOWS\Downloaded Installations 2016-02-27 22:30 - 2015-09-26 03:13 - 00000000 ____D C:\Users\Public\CyberLink 2016-02-27 22:29 - 2015-09-26 04:22 - 00000000 ____D C:\ProgramData\OneKey Recovery 2016-02-27 22:29 - 2015-09-26 04:15 - 00000000 ____D C:\ProgramData\Realtek 2016-02-27 22:29 - 2015-09-26 04:12 - 00000000 ____D C:\Program Files (x86)\Realtek Wireless LAN Adapter Software 2016-02-27 22:29 - 2015-09-26 04:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek 2016-02-27 22:29 - 2015-09-26 04:10 - 00000000 ____D C:\Program Files (x86)\Realtek 2016-02-27 22:29 - 2015-09-26 04:08 - 00000000 ____D C:\ProgramData\Intel 2016-02-27 22:29 - 2015-09-26 03:05 - 00000000 ____D C:\ProgramData\install_clap 2016-02-27 22:29 - 2015-09-26 03:02 - 00000000 ____D C:\ProgramData\Package Cache 2016-02-27 22:29 - 2015-07-16 16:50 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2016-02-27 22:29 - 2015-07-10 13:22 - 00000000 ____D C:\ProgramData\USOShared 2016-02-27 22:28 - 2015-09-26 03:07 - 00000000 ____D C:\Program Files (x86)\NSIS Uninstall Information 2016-02-27 22:28 - 2015-09-26 03:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-02-27 22:26 - 2015-09-26 04:20 - 00000000 ____D C:\Program Files\update 2016-02-27 22:26 - 2015-09-26 04:13 - 00000000 ____D C:\Program Files (x86)\Cisco ==================== Pliki w katalogu głównym wybranych folderów ======= 2016-02-28 05:34 - 2016-02-28 09:24 - 0013827 _____ () C:\Users\Aleksiejuk\AppData\Local\BTServer.log 2016-02-27 22:17 - 2016-02-27 22:17 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Niektóre pliki w TEMP: ==================== C:\Users\Aleksiejuk\AppData\Local\Temp\0049031456649503mcinst.exe C:\Users\Aleksiejuk\AppData\Local\Temp\0282141456646607mcinst.exe C:\Users\Aleksiejuk\AppData\Local\Temp\McCSPInstall.dll C:\Users\Aleksiejuk\AppData\Local\Temp\mccspuninstall.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-02-27 22:11 ==================== Koniec FRST.txt ============================