Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:05-03-2016 01 Uruchomiony przez Krzysztof (administrator) LENOVO-PC (07-03-2016 18:17:40) Uruchomiony z C:\Users\Krzysztof\Downloads Załadowane profile: Krzysztof (Dostępne profile: Krzysztof) Platform: Windows 10 Home (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe (Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe (LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe (PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Realtek semiconductor) C:\Windows\RTFTrack.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Lavalys, Inc.) C:\Program Files (x86)\Lavalys\EVEREST Home Edition\everest.bin (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Tamas Miklos) C:\Users\Krzysztof\Downloads\aida3942(dobreprogramy.pl)\aida32.bin (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor) HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo) HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [802800 2015-03-30] (Lenovo) HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5052120 2015-06-01] (Realtek semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3947704 2015-09-18] (Synaptics Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.) HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110344 2014-09-09] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492808 2014-09-09] (CyberLink Corp.) HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [326264 2016-02-01] (QIHU 360 SOFTWARE CO. LIMITED) HKU\S-1-5-21-1521892006-3733085634-2522138808-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [3014224 2016-02-04] (Valve Corporation) HKU\S-1-5-21-1521892006-3733085634-2522138808-1001\...\Run: [DS4Windows] => C:\Program Files (x86)\DSDCS\InputMapper\InputMapper.exe [2723840 2015-05-25] (DSD Consulting Services) HKU\S-1-5-21-1521892006-3733085634-2522138808-1001\...\Run: [uTorrent] => C:\Users\Krzysztof\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2016-01-05] (BitTorrent Inc.) HKU\S-1-5-21-1521892006-3733085634-2522138808-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd) HKU\S-1-5-21-1521892006-3733085634-2522138808-1001\...\Run: [GoogleChromeAutoLaunch_7B3544DB2BF2BDA701CE6E4B862755A0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [746648 2016-02-18] (Google Inc.) HKU\S-1-5-21-1521892006-3733085634-2522138808-1001\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [3040160 2015-12-14] (Comfort Software Group) HKU\S-1-5-21-1521892006-3733085634-2522138808-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony) HKU\S-1-5-21-1521892006-3733085634-2522138808-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-11-30] (Apple Inc.) HKU\S-1-5-21-1521892006-3733085634-2522138808-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd) HKU\S-1-5-21-1521892006-3733085634-2522138808-1001\...\MountPoints2: {3a26514a-4382-11e5-826f-2c337af29a06} - "F:\setup.exe" HKU\S-1-5-21-1521892006-3733085634-2522138808-1001\...\MountPoints2: {a59d6cfc-3c19-11e5-826b-2c337af29a06} - "E:\setup.exe" HKU\S-1-5-21-1521892006-3733085634-2522138808-1001\...\MountPoints2: {adc975cb-244e-11e5-8259-2c337af29a06} - "E:\SETUP.EXE" HKU\S-1-5-21-1521892006-3733085634-2522138808-1001\...\MountPoints2: {b3542e15-a834-11e5-82a7-2c337af29a06} - "E:\startme.exe" ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{069c25e2-7f7e-4b63-95ea-7e35644a8cc8}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{39103d74-47e0-4d15-9b73-f78b92ed3b0e}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{74f37e48-2c88-4db2-9598-d5a821c4d3ae}: [DhcpNameServer] 172.20.10.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-1521892006-3733085634-2522138808-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://mystart.lenovo.com HKU\S-1-5-21-1521892006-3733085634-2522138808-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130849035839202997&GUID=3FFD2FF7-BA25-4ADB-A8DB-D391129C0EF9 SearchScopes: HKU\S-1-5-21-1521892006-3733085634-2522138808-1001 -> {9CFAB77D-A8FF-4B83-974A-E87A3B1AE2E7} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-03-01] (Microsoft Corporation) BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2016-02-01] (Qihu 360 Software Co., Ltd.) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-03-01] (Microsoft Corporation) BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2016-02-01] (Qihu 360 Software Co., Ltd.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-31] (Oracle Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-07-31] (Microsoft Corporation) FireFox: ======== FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [Brak pliku] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [Brak pliku] FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-31] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-31] (Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-07-29] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-02-23] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-02-23] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-29] (Google Inc.) Chrome: ======= CHR Profile: C:\Users\Krzysztof\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Adblock Plus) - C:\Users\Krzysztof\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-09] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Krzysztof\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-21] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.) S3 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [592880 2014-07-09] () R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2787512 2015-12-22] (Microsoft Corporation) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd) S3 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [414360 2016-02-05] () S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-08-17] (Futuremark) S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-18] (NVIDIA Corporation) S3 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company) R3 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-17] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-22] (Lenovo) R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584664 2015-12-14] (LENOVO INCORPORATED.) S3 LenovoPAWDService; C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe [133440 2015-03-30] () R2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe [389680 2015-03-30] (Lenovo(beijing) Limited) R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-03-30] (Lenovo(beijing) Limited) S3 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [37624 2014-04-21] (Lenovo(beijing) Limited) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-18] (NVIDIA Corporation) S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-18] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-03-01] (Electronic Arts) R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-05-28] (PointGrab LTD) R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [515336 2014-05-28] (PointGrab LTD) S3 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [321520 2015-03-30] (Lenovo) S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [338416 2015-03-30] (Lenovo) R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [907384 2016-02-01] (QIHU 360 SOFTWARE CO. LIMITED) S3 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] () S3 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [115864 2016-02-05] () S3 TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [104696 2015-03-30] (Lenovo) S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [414360 2016-02-05] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [137808 2015-12-11] (360.cn) R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77904 2016-02-01] (360.cn) R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [77904 2016-02-01] (360.cn) R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [319568 2016-02-01] (360.cn) R1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-08-10] (360.cn) R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [368720 2016-02-01] (360.cn) R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [181328 2015-12-11] (360.cn) R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.) R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7592664 2014-12-04] (Broadcom Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-08-08] (Disc Soft Ltd) S3 EverestDriver; C:\Users\Krzysztof\AppData\Local\Temp\EverestDriver.sys [9728 2005-08-18] () [Brak podpisu cyfrowego] S3 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [34793 2007-05-23] (Compuware Corporation) [Brak podpisu cyfrowego] S3 HP1319EWS; C:\Windows\System32\Drivers\HP1319EWS.sys [15360 2013-02-06] (Marvell Semiconductor, Inc.) S3 HP1319FAX; C:\Windows\System32\Drivers\HP1319FAX.sys [16896 2013-02-06] (Marvell Semiconductor, Inc.) R3 KMDFVirtualKbd; C:\Windows\System32\drivers\KMDFVirtualKbd.sys [22264 2014-08-04] () R3 KMDFVirtualMouse; C:\Windows\System32\drivers\KMDFVirtualMouse.sys [21240 2014-08-04] () R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [109272 2015-10-05] (Malwarebytes) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-07] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [183584 2015-06-12] (Intel Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-18] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek ) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [761600 2015-06-15] (Realsil Semiconductor Corporation) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3059416 2015-06-11] (Realtek Semiconductor Corp.) R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions) S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] () R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-09-18] (Synaptics Incorporated) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-03-07 18:17 - 2016-03-07 18:17 - 00049444 _____ C:\Users\Krzysztof\Downloads\Shortcut.txt 2016-03-07 18:16 - 2016-03-07 18:17 - 00020739 _____ C:\Users\Krzysztof\Downloads\FRST.txt 2016-03-07 18:16 - 2016-03-07 18:17 - 00000000 ____D C:\FRST 2016-03-07 18:16 - 2016-03-07 18:16 - 02374144 _____ (Farbar) C:\Users\Krzysztof\Downloads\FRST64.exe 2016-03-07 18:15 - 2016-03-07 18:15 - 00033499 _____ C:\Users\Krzysztof\Downloads\Addition.txt 2016-03-07 18:06 - 2016-03-07 18:06 - 00016148 _____ C:\WINDOWS\system32\LENOVO-PC_Krzysztof_HistoryPrediction.bin 2016-03-07 17:45 - 2016-03-07 17:45 - 00000677 _____ C:\Users\Krzysztof\Downloads\Fixlog.txt 2016-03-07 17:25 - 2016-03-07 17:25 - 00000000 ____D C:\Users\Krzysztof\Downloads\aida3942(dobreprogramy.pl) 2016-03-07 17:24 - 2016-03-07 17:24 - 03256656 _____ C:\Users\Krzysztof\Downloads\aida3942(dobreprogramy.pl).zip 2016-03-07 17:22 - 2016-03-07 17:22 - 00001190 _____ C:\Users\Krzysztof\Desktop\EVEREST Home Edition.lnk 2016-03-07 17:22 - 2016-03-07 17:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys 2016-03-07 17:22 - 2016-03-07 17:22 - 00000000 ____D C:\Program Files (x86)\Lavalys 2016-03-07 17:21 - 2016-03-07 17:21 - 04179293 _____ (Lavalys, Inc. ) C:\Users\Krzysztof\Downloads\everesthome220(dobreprogramy.pl).exe 2016-03-07 02:03 - 2016-03-07 02:03 - 00000000 ____D C:\Users\Krzysztof\AppData\Local\DiskAnalyzer 2016-03-07 01:53 - 2016-03-07 01:53 - 00974733 _____ C:\Users\Krzysztof\Downloads\WinDlg_v1_29.zip 2016-03-07 01:49 - 2016-03-07 01:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Disk Analyzer 2016-03-07 01:49 - 2016-03-07 01:49 - 00000000 ____D C:\ProgramData\DiskAnalyzer 2016-03-07 01:49 - 2016-03-07 01:49 - 00000000 ____D C:\Program Files (x86)\Free Disk Analyzer 2016-03-07 01:47 - 2016-03-07 01:49 - 11680559 _____ (Extensoft) C:\Users\Krzysztof\Downloads\FreeDiskAnalyzer.exe 2016-03-07 01:43 - 2016-03-07 01:43 - 667894608 _____ C:\WINDOWS\MEMORY.DMP 2016-03-07 01:43 - 2016-03-07 01:43 - 00881872 _____ C:\WINDOWS\Minidump\030716-14500-01.dmp 2016-03-06 18:27 - 2016-03-06 18:27 - 00000000 ____D C:\ProgramData\Western Digital 2016-03-06 18:26 - 2016-03-06 18:26 - 00000000 ____D C:\Users\Krzysztof\Downloads\WDDriveUtilitiesSetup_for_web_1.3.0.18 2016-03-06 18:25 - 2016-03-06 18:25 - 08584204 _____ C:\Users\Krzysztof\Downloads\WDDriveUtilitiesSetup_for_web_1.3.0.18.zip 2016-03-06 18:11 - 2016-03-06 18:11 - 02904064 _____ C:\Users\Krzysztof\Downloads\Futuremark_SystemInfo_v442_installer.msi 2016-03-06 18:05 - 2016-03-07 17:13 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-03-06 18:04 - 2016-03-06 18:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-03-06 18:04 - 2016-03-06 18:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-03-06 18:04 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-03-06 18:04 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-03-06 18:03 - 2016-03-06 18:41 - 00001180 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-03-06 18:03 - 2016-03-06 18:04 - 00000000 ____D C:\Users\Krzysztof\AppData\Roaming\Malwarebytes 2016-03-06 18:03 - 2016-03-06 18:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2016-03-06 18:03 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-03-06 18:02 - 2016-03-06 18:26 - 00000000 ____D C:\Users\Krzysztof\Downloads\Malwarebytes Anti-Malware PRO keygen setup-1.70.0.1100 2016-03-06 14:14 - 2016-03-06 18:42 - 00002866 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2016-03-06 14:14 - 2016-03-06 18:41 - 00000912 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-03-06 14:14 - 2016-03-06 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2016-03-06 14:14 - 2016-03-06 14:14 - 00000000 ____D C:\Program Files\CCleaner 2016-03-05 15:07 - 2016-03-05 15:07 - 00363040 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-03-05 14:40 - 2016-03-05 14:40 - 00000000 ____D C:\WINDOWS\System32\Tasks\Games 2016-03-05 01:50 - 2016-03-05 01:50 - 00000000 ____D C:\Users\Krzysztof\AppData\Roaming\NVIDIA 2016-03-05 01:50 - 2016-03-05 01:50 - 00000000 ____D C:\Users\Krzysztof\AppData\Local\2K Games 2016-03-04 23:35 - 2016-03-04 23:35 - 00000136 _____ C:\Users\Krzysztof\Desktop\Mafia II.url 2016-03-04 19:43 - 2016-02-23 20:59 - 00111672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2016-03-04 19:42 - 2016-03-04 19:42 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2016-03-04 19:41 - 2016-02-24 00:57 - 42983480 _____ C:\WINDOWS\system32\nvcompiler.dll 2016-03-04 19:41 - 2016-02-24 00:57 - 37616184 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll 2016-03-04 19:41 - 2016-02-24 00:57 - 31120952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2016-03-04 19:41 - 2016-02-24 00:57 - 24944064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2016-03-04 19:41 - 2016-02-24 00:57 - 21201784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2016-03-04 19:41 - 2016-02-24 00:57 - 20742072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2016-03-04 19:41 - 2016-02-24 00:57 - 19779456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll 2016-03-04 19:41 - 2016-02-24 00:57 - 17631304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2016-03-04 19:41 - 2016-02-24 00:57 - 17224472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2016-03-04 19:41 - 2016-02-24 00:57 - 17175056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll 2016-03-04 19:41 - 2016-02-24 00:57 - 17117128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll 2016-03-04 19:41 - 2016-02-24 00:57 - 14115136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll 2016-03-04 19:41 - 2016-02-24 00:57 - 02541504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2016-03-04 19:41 - 2016-02-24 00:57 - 02187712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2016-03-04 19:41 - 2016-02-24 00:57 - 01924152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436200.dll 2016-03-04 19:41 - 2016-02-24 00:57 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436200.dll 2016-03-04 19:41 - 2016-02-24 00:57 - 00950328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2016-03-04 19:41 - 2016-02-24 00:57 - 00880576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2016-03-04 19:41 - 2016-02-24 00:57 - 00786688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2016-03-04 19:41 - 2016-02-24 00:57 - 00747064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2016-03-04 19:41 - 2016-02-24 00:57 - 00689600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2016-03-04 19:41 - 2016-02-24 00:57 - 00632336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2016-03-04 19:41 - 2016-02-24 00:57 - 00425016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2016-03-04 19:41 - 2016-02-24 00:57 - 00379448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2016-03-04 19:41 - 2016-02-24 00:57 - 00378968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2016-03-04 19:41 - 2016-02-24 00:57 - 00316960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2016-03-04 19:41 - 2016-02-24 00:57 - 00175552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2016-03-04 19:41 - 2016-02-24 00:57 - 00153208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2016-03-04 19:09 - 2016-03-06 18:41 - 00001244 _____ C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.4.lnk 2016-03-04 19:09 - 2016-03-06 14:27 - 00002170 _____ C:\WINDOWS\System32\Tasks\USER_ESRV_SVC_WILLAMETTE 2016-03-04 19:09 - 2016-03-04 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility 2016-03-04 19:09 - 2015-06-04 13:33 - 00021984 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys 2016-03-04 19:08 - 2016-03-04 19:34 - 00000000 ____D C:\Users\Krzysztof\Downloads\Intel Components 2016-03-04 19:08 - 2016-03-04 19:08 - 00000000 ____D C:\ProgramData\IntelDLM 2016-02-29 17:30 - 2016-02-29 17:30 - 00987728 _____ (Google Inc.) C:\Users\Krzysztof\Downloads\ChromeSetup (2).exe 2016-02-29 11:57 - 2016-01-31 07:25 - 01951872 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-02-29 11:57 - 2016-01-31 07:25 - 01248896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-02-29 11:57 - 2016-01-31 07:24 - 01824880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-02-29 11:57 - 2016-01-31 07:23 - 02601160 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2016-02-29 11:57 - 2016-01-31 07:23 - 01420392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-02-29 11:57 - 2016-01-31 07:06 - 01535032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-02-29 11:57 - 2016-01-31 07:06 - 01531368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-02-29 11:57 - 2016-01-31 07:06 - 00809336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2016-02-29 11:57 - 2016-01-31 07:04 - 01811360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2016-02-29 11:57 - 2016-01-31 07:04 - 01180696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-02-29 11:57 - 2016-01-31 06:38 - 21873152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-02-29 11:57 - 2016-01-31 06:34 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll 2016-02-29 11:57 - 2016-01-31 06:33 - 24593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-02-29 11:57 - 2016-01-31 06:33 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\IoTAssignedAccessLockFramework.dll 2016-02-29 11:57 - 2016-01-31 06:29 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-02-29 11:57 - 2016-01-31 06:29 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll 2016-02-29 11:57 - 2016-01-31 06:26 - 06787072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-02-29 11:57 - 2016-01-31 06:26 - 03793408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2016-02-29 11:57 - 2016-01-31 06:25 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-02-29 11:57 - 2016-01-31 06:25 - 02237952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-02-29 11:57 - 2016-01-31 06:25 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2016-02-29 11:57 - 2016-01-31 06:25 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2016-02-29 11:57 - 2016-01-31 06:24 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2016-02-29 11:57 - 2016-01-31 06:24 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2016-02-29 11:57 - 2016-01-31 06:24 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2016-02-29 11:57 - 2016-01-31 06:23 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2016-02-29 11:57 - 2016-01-31 06:22 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2016-02-29 11:57 - 2016-01-31 06:20 - 02849792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-02-29 11:57 - 2016-01-31 06:19 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-02-29 11:57 - 2016-01-31 06:19 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll 2016-02-29 11:57 - 2016-01-31 06:19 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IoTAssignedAccessLockFramework.dll 2016-02-29 11:57 - 2016-01-31 06:18 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-02-29 11:57 - 2016-01-31 06:18 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2016-02-29 11:57 - 2016-01-31 06:17 - 19324928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-02-29 11:57 - 2016-01-31 06:17 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll 2016-02-29 11:57 - 2016-01-31 06:16 - 09889280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-02-29 11:57 - 2016-01-31 06:16 - 00950272 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-02-29 11:57 - 2016-01-31 06:14 - 07525376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-02-29 11:57 - 2016-01-31 06:14 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-02-29 11:57 - 2016-01-31 06:13 - 04791808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-02-29 11:57 - 2016-01-31 06:13 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll 2016-02-29 11:57 - 2016-01-31 06:13 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll 2016-02-29 11:57 - 2016-01-31 06:11 - 05156352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-02-29 11:57 - 2016-01-31 06:11 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2016-02-29 11:57 - 2016-01-31 06:11 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-02-29 11:57 - 2016-01-31 06:11 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2016-02-29 11:57 - 2016-01-31 06:07 - 18802176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-02-29 11:57 - 2016-01-31 06:06 - 02316800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-02-29 11:57 - 2016-01-31 06:05 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-02-29 11:57 - 2016-01-31 06:05 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2016-02-29 11:57 - 2016-01-31 06:05 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2016-02-29 11:57 - 2016-01-31 06:04 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll 2016-02-29 11:57 - 2016-01-31 06:02 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-02-29 11:57 - 2016-01-31 06:02 - 00768000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2016-02-29 11:57 - 2016-01-31 06:00 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-02-29 11:57 - 2016-01-31 05:59 - 05457408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-02-29 11:57 - 2016-01-31 05:58 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll 2016-02-26 22:40 - 2016-02-28 20:40 - 00000000 ____D C:\Users\Krzysztof\Desktop\Iphone zdjecia rzym VICA 2016-02-25 22:46 - 2016-02-25 22:46 - 00000000 ____D C:\Users\Krzysztof\AppData\LocalLow\Google 2016-02-24 13:32 - 2016-02-24 13:32 - 00028601 _____ C:\Users\Krzysztof\Downloads\transfer_20160203.pdf 2016-02-23 18:47 - 2016-02-23 18:47 - 00000000 ____D C:\Users\Krzysztof\Downloads\O.S.T.R. - Podróż Zwana Życiem ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-03-07 17:11 - 2015-08-06 07:33 - 00000000 ____D C:\Users\Krzysztof 2016-03-07 17:11 - 2015-08-06 07:29 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-03-07 17:11 - 2015-07-06 21:55 - 00000000 __SHD C:\Users\Krzysztof\IntelGraphicsProfiles 2016-03-07 17:10 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-03-07 17:01 - 2015-07-06 22:55 - 00000000 ____D C:\Users\Krzysztof\AppData\Local\Battle.net 2016-03-07 15:59 - 2015-08-29 22:48 - 00000000 ____D C:\Users\Krzysztof\AppData\LocalLow\360WD 2016-03-07 15:51 - 2015-07-06 22:55 - 00000000 ____D C:\Program Files (x86)\Battle.net 2016-03-07 15:51 - 2015-07-06 22:03 - 00004222 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C51B306E-5308-440F-9BD1-5744D71BAF46} 2016-03-07 01:43 - 2016-01-16 02:06 - 00000000 ____D C:\WINDOWS\Minidump 2016-03-07 00:33 - 2015-07-06 22:10 - 00000000 ____D C:\Program Files (x86)\Steam 2016-03-06 21:50 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-03-06 20:08 - 2015-08-29 22:48 - 00000000 _RSHD C:\360SANDBOX 2016-03-06 19:55 - 2015-08-29 22:48 - 00000000 ____D C:\ProgramData\360Quarant 2016-03-06 19:55 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-03-06 18:45 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF 2016-03-06 18:43 - 2015-03-30 13:06 - 00000000 ____D C:\ProgramData\Package Cache 2016-03-06 18:41 - 2016-01-30 02:18 - 00001827 _____ C:\Users\Public\Desktop\iTunes.lnk 2016-03-06 18:41 - 2016-01-28 17:00 - 00002812 _____ C:\Users\Krzysztof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pirates[C] Tides of Fortune.lnk 2016-03-06 18:41 - 2016-01-24 02:44 - 00001350 _____ C:\Users\Krzysztof\Desktop\Auslogics DiskDefrag.lnk 2016-03-06 18:41 - 2016-01-08 02:22 - 00001067 _____ C:\Users\Public\Desktop\GTA V.lnk 2016-03-06 18:41 - 2015-12-23 09:22 - 00002180 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk 2016-03-06 18:41 - 2015-12-22 04:27 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Alarm Clock.lnk 2016-03-06 18:41 - 2015-11-25 00:25 - 00001416 _____ C:\Users\Public\Desktop\Need for Speed(TM) The Run.lnk 2016-03-06 18:41 - 2015-11-12 18:23 - 00000872 _____ C:\Users\Public\Desktop\USB Network Joystick.lnk 2016-03-06 18:41 - 2015-09-27 14:50 - 00001289 _____ C:\Users\Krzysztof\Desktop\Uplay.lnk 2016-03-06 18:41 - 2015-09-23 16:35 - 00001229 _____ C:\Users\Public\Desktop\FIFA 16.lnk 2016-03-06 18:41 - 2015-09-14 16:39 - 00001057 _____ C:\Users\Public\Desktop\Origin.lnk 2016-03-06 18:41 - 2015-08-29 22:48 - 00001231 _____ C:\Users\Public\Desktop\360 Total Security.lnk 2016-03-06 18:41 - 2015-08-24 18:04 - 00001278 _____ C:\Users\Public\Desktop\3DMark.lnk 2016-03-06 18:41 - 2015-08-08 22:26 - 00001863 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2016-03-06 18:41 - 2015-08-06 08:40 - 00002445 _____ C:\Users\Krzysztof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-03-06 18:41 - 2015-08-06 07:54 - 00002347 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-03-06 18:41 - 2015-08-06 07:40 - 00001564 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-03-06 18:41 - 2015-07-16 20:42 - 00002268 _____ C:\Users\Krzysztof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk 2016-03-06 18:41 - 2015-07-16 20:42 - 00002238 _____ C:\Users\Krzysztof\Desktop\WarThunder.lnk 2016-03-06 18:41 - 2015-07-07 18:36 - 00002040 _____ C:\Users\Public\Desktop\InputMapper.lnk 2016-03-06 18:41 - 2015-07-07 18:05 - 00001459 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2016-03-06 18:41 - 2015-07-07 17:59 - 00002640 _____ C:\Users\Krzysztof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo Web Start.lnk 2016-03-06 18:41 - 2015-07-07 17:59 - 00002520 _____ C:\Users\Krzysztof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk 2016-03-06 18:41 - 2015-07-07 17:59 - 00002500 _____ C:\Users\Krzysztof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk 2016-03-06 18:41 - 2015-07-07 16:47 - 00001147 _____ C:\Users\Public\Desktop\Diablo III.lnk 2016-03-06 18:41 - 2015-07-07 01:01 - 00002523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2016-03-06 18:41 - 2015-07-07 00:43 - 00001228 _____ C:\Users\Public\Desktop\Heroes of the Storm.lnk 2016-03-06 18:41 - 2015-07-06 22:55 - 00001165 _____ C:\Users\Public\Desktop\Battle.net.lnk 2016-03-06 18:41 - 2015-07-06 22:19 - 00002353 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-03-06 18:41 - 2015-07-06 22:10 - 00000934 _____ C:\Users\Public\Desktop\Steam.lnk 2016-03-06 18:41 - 2015-07-06 22:04 - 00001283 _____ C:\Users\Krzysztof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-FiHotspotChgToast.lnk 2016-03-06 18:41 - 2015-03-30 13:18 - 00001969 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Transfer.lnk 2016-03-06 18:41 - 2015-03-30 13:15 - 00002198 _____ C:\Users\Public\Desktop\Lenovo PowerDVD 10.lnk 2016-03-06 18:41 - 2015-03-30 13:09 - 00002155 _____ C:\Users\Public\Desktop\OneKey Recovery.lnk 2016-03-06 18:39 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\Offline Web Pages 2016-03-06 18:38 - 2016-01-08 00:35 - 00000000 ____D C:\Program Files (x86)\GTA V 2016-03-06 18:28 - 2015-07-12 17:41 - 00007601 _____ C:\Users\Krzysztof\AppData\Local\Resmon.ResmonCfg 2016-03-06 18:03 - 2015-08-24 17:02 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-03-06 15:41 - 2015-07-06 22:58 - 00000000 ____D C:\Program Files (x86)\Diablo III 2016-03-06 15:22 - 2015-08-29 22:48 - 00000000 ____D C:\ProgramData\360safe 2016-03-06 15:12 - 2016-01-31 02:03 - 00002704 _____ C:\WINDOWS\System32\Tasks\Apple Diagnostics 2016-03-06 15:12 - 2015-08-24 16:53 - 00002522 _____ C:\WINDOWS\System32\Tasks\{5D3DB66E-8D97-4FDB-BFBD-AD504C665E7B} 2016-03-06 15:12 - 2015-03-30 13:15 - 00002316 _____ C:\WINDOWS\System32\Tasks\PDVDServ Task 2016-03-05 21:13 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps 2016-03-05 15:17 - 2015-07-06 21:52 - 00000000 ____D C:\Users\Krzysztof\AppData\Local\SweetLabs App Platform 2016-03-04 23:37 - 2015-08-16 12:37 - 00000000 ____D C:\Program Files (x86)\Batman Arkham Knight 2016-03-04 23:35 - 2015-07-06 22:39 - 00000000 ____D C:\Users\Krzysztof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2016-03-04 22:50 - 2015-07-06 23:03 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm 2016-03-04 22:32 - 2015-07-06 22:55 - 00000000 ____D C:\Users\Krzysztof\AppData\Roaming\Battle.net 2016-03-04 22:32 - 2015-07-06 22:49 - 00000000 ____D C:\ProgramData\Battle.net 2016-03-04 19:44 - 2015-08-06 07:30 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-03-04 19:43 - 2015-08-06 07:30 - 00000000 ____D C:\ProgramData\NVIDIA 2016-03-04 19:42 - 2015-08-06 07:30 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-03-04 19:37 - 2015-08-08 23:03 - 00000000 ____D C:\ProgramData\Origin 2016-03-04 19:09 - 2015-08-06 07:28 - 00000000 ____D C:\Program Files\Intel 2016-03-04 19:09 - 2015-07-07 17:27 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility 2016-03-04 19:09 - 2015-03-30 12:44 - 00000000 ____D C:\ProgramData\Intel 2016-03-03 22:27 - 2015-08-29 22:48 - 00000000 ____D C:\WINDOWS\Tasks\360Disabled 2016-03-03 22:27 - 2015-07-06 22:18 - 00003646 _____ C:\WINDOWS\System32\Tasks\googleupdatetaskmachineua 2016-03-03 22:26 - 2015-07-06 22:18 - 00003422 _____ C:\WINDOWS\System32\Tasks\googleupdatetaskmachinecore 2016-03-02 18:00 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache 2016-03-01 23:40 - 2016-01-08 02:39 - 00000080 _____ C:\Users\Krzysztof\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦 2016-03-01 23:30 - 2015-09-14 16:39 - 00000000 ____D C:\Program Files (x86)\Origin 2016-03-01 02:04 - 2015-07-29 22:30 - 00000000 ____D C:\Program Files\Microsoft Office 15 2016-03-01 01:50 - 2015-08-29 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center 2016-02-29 15:59 - 2015-03-30 13:08 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo 2016-02-29 15:52 - 2015-07-10 17:34 - 00000000 ____D C:\Program Files\Windows Journal 2016-02-29 12:08 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-02-29 11:17 - 2015-07-10 07:29 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-02-29 11:16 - 2015-08-29 22:48 - 00000000 ____D C:\Users\Krzysztof\AppData\Roaming\360safe 2016-02-29 04:47 - 2015-07-10 17:34 - 00000000 ____D C:\WINDOWS\ShellNew 2016-02-29 04:47 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2016-02-29 04:47 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\Macromed 2016-02-29 04:47 - 2015-07-10 10:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2016-02-29 04:46 - 2015-09-23 23:06 - 00000000 ____D C:\Users\Krzysztof\Documents\FIFA 16 2016-02-29 04:46 - 2015-07-07 16:14 - 00000000 ____D C:\Users\Krzysztof\AppData\Roaming\MK10 2016-02-29 04:34 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\registration 2016-02-29 04:26 - 2016-01-08 02:40 - 00000000 ____D C:\Program Files (x86)\Rockstar Games 2016-02-29 04:25 - 2015-07-06 22:18 - 00000000 ____D C:\Program Files (x86)\Google 2016-02-28 00:24 - 2015-07-07 01:03 - 00000000 ____D C:\Users\Krzysztof\AppData\Roaming\Apple Computer 2016-02-25 02:04 - 2015-07-23 03:02 - 12479040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2016-02-24 00:57 - 2015-07-23 03:02 - 03649760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2016-02-24 00:57 - 2015-07-23 03:02 - 03231360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2016-02-24 00:57 - 2015-07-23 03:02 - 00035832 _____ C:\WINDOWS\system32\nvinfo.pb 2016-02-23 21:28 - 2015-08-06 07:30 - 06368824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2016-02-23 21:28 - 2015-08-06 07:30 - 06154909 _____ C:\WINDOWS\system32\nvcoproc.bin 2016-02-23 21:28 - 2015-08-06 07:30 - 02993720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2016-02-23 21:28 - 2015-08-06 07:30 - 02563128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2016-02-23 21:28 - 2015-08-06 07:30 - 01263040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2016-02-23 21:28 - 2015-08-06 07:30 - 00530368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2016-02-23 21:28 - 2015-08-06 07:30 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2016-02-23 21:28 - 2015-08-06 07:30 - 00121792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll 2016-02-23 21:28 - 2015-08-06 07:30 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2016-02-23 21:28 - 2015-08-06 07:30 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2016-02-12 02:11 - 2015-07-10 07:29 - 00000000 ____D C:\WINDOWS\system32\MRT ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Krzysztof\AppData\Roaming\9jJUiBDUBjSc6QJdvzgJL 2015-03-09 22:30 - 2015-03-09 22:30 - 0005487 _____ () C:\Users\Krzysztof\AppData\Roaming\BYAIAMUF 2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Krzysztof\AppData\Roaming\YZQXmzM3RBP 2015-12-23 09:21 - 2015-12-23 09:21 - 29511952 _____ (Sony Mobile Communications ) C:\Users\Krzysztof\AppData\Local\pcc.exe 2015-07-12 17:41 - 2016-03-06 18:28 - 0007601 _____ () C:\Users\Krzysztof\AppData\Local\Resmon.ResmonCfg 2015-08-06 07:30 - 2015-08-06 07:30 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2015-08-24 16:37 - 2015-08-29 22:59 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Pliki do przeniesienia lub usunięcia: ==================== C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-02-29 12:07 ==================== Koniec FRST.txt ============================