Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:05-03-2016 01 Uruchomiony przez jan (administrator) JEBACZ (26-03-2016 12:01:44) Uruchomiony z C:\Users\jan\Downloads Załadowane profile: jan (Dostępne profile: jan) Platform: Windows 8.1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe () C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe () C:\Program Files (x86)\thirteen degrees\updatethirteendegrees.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files (x86)\thirteen degrees\bin\utilthirteendegrees.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Users\jan\Downloads\42wd5w3s.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McA8CC4.tmp (McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.8.267.0\McCSPServiceHost.exe (Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe (McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\CommonBuild\McCBEntAndInstru.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Farbar) C:\Users\jan\Downloads\FRST64 (1).exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13650648 2013-08-21] (Realtek Semiconductor) HKU\S-1-5-21-3451131124-2045846987-1590504244-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3074128 2016-03-10] (Valve Corporation) HKU\S-1-5-21-3451131124-2045846987-1590504244-1001\...\Run: [MyComGames] => C:\Users\jan\AppData\Local\MyComGames\MyComGames.exe [4853616 2016-03-22] (MY.COM B.V.) HKU\S-1-5-21-3451131124-2045846987-1590504244-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.) HKU\S-1-5-21-3451131124-2045846987-1590504244-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [18923008 2015-06-16] () ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{851C1639-84A9-464F-A95C-7282616F255D}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3451131124-2045846987-1590504244-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3451131124-2045846987-1590504244-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3451131124-2045846987-1590504244-1001 -> DefaultScope {3672D504-4E65-4A9B-8153-E40B027FA20E} URL = SearchScopes: HKU\S-1-5-21-3451131124-2045846987-1590504244-1001 -> {3672D504-4E65-4A9B-8153-E40B027FA20E} URL = Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-03-21] (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-03-21] (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-03-21] (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-03-21] (McAfee, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-03-03] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-03-03] (McAfee, Inc.) FireFox: ======== FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-03-03] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-19] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-19] (Intel Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-03-03] () FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-01-24] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-01-24] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-06] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-06] (Google Inc.) FF Plugin HKU\S-1-5-21-3451131124-2045846987-1590504244-1001: @my.com/Games -> C:\Users\jan\AppData\Local\MyComGames\NPMyComDetector.dll [2016-02-06] (MY.COM B.V.) FF Plugin HKU\S-1-5-21-3451131124-2045846987-1590504244-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\jan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-01-22] (Unity Technologies ApS) FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-12-29] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-02-11] [Brak podpisu cyfrowego] Chrome: ======= CHR HomePage: Default -> hxxp://www.yessearches.com/?mode=nnnb&ptid=wak&uid=157D6EA249D4382594CA6F4A767AC2A7&v=20160323&ts=AHEpC3YlBXMmBk.. CHR StartupUrls: Default -> "hxxp://www.yessearches.com/?mode=nnnb&ptid=wak&uid=157D6EA249D4382594CA6F4A767AC2A7&v=20160323&ts=AHEpC3YlBXMmBk.." CHR DefaultSearchURL: Default -> hxxp://www.yessearches.com/chrome.php?q={searchTerms}&ts=AHEpC3YlBXMmBk..&v=20160323&uid=157D6EA249D4382594CA6F4A767AC2A7&ptid=wak&mode=nnnb CHR DefaultSearchKeyword: Default -> yessearches CHR Profile: C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Prezentacje Google) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-06] CHR Extension: (Dokumenty Google) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-06] CHR Extension: (Dysk Google) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-06] CHR Extension: (YouTube) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-06] CHR Extension: (Adblock Plus) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-10] CHR Extension: (Google Search) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-06] CHR Extension: (Arkusze Google) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-06] CHR Extension: (SiteAdvisor) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-02-18] CHR Extension: (Dokumenty Google offline) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (AdBlock) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-19] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-06] CHR Extension: (Powiadamiacz Jebacz) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\odnjeeomgmaonkaichjkaglpfopbpdnb [2016-02-22] CHR Extension: (Gmail) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-06] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-03-23] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-03-23] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S2 0105951458989252mcinstcleanup; C:\WINDOWS\TEMP\010595~1.EXE [918056 2015-11-27] (McAfee, Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1362464 2016-03-22] () S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [245544 2016-02-06] (EasyAntiCheat Ltd) S2 ggbugreport; C:\Program Files (x86)\SearchesToYesbnd\bugreport.exe [1610816 2016-03-24] () R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-19] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-19] (Intel Corporation) R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [163592 2016-03-21] (McAfee, Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2016-03-03] (McAfee, Inc.) S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-25] (McAfee, Inc.) R2 mcbootdelaystartsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe [1696712 2016-02-23] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.) S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [681680 2016-02-26] (McAfee, Inc.) S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.) R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [234192 2015-11-18] (McAfee, Inc.) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [380896 2016-01-21] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [275368 2015-11-18] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.) S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation) R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [902112 2015-12-14] (Intel Security, Inc.) S3 Survarium-Steam Update Service; C:\Program Files (x86)\Steam\steamapps\common\Survarium\game\binaries\x86\survarium_service.exe [96856 2016-03-12] () R2 Update thirteen degrees; C:\Program Files (x86)\thirteen degrees\updatethirteendegrees.exe [650464 2016-03-26] () R2 Util thirteen degrees; C:\Program Files (x86)\thirteen degrees\bin\utilthirteendegrees.exe [650464 2016-03-26] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation) S2 Winsere; C:\Program Files (x86)\Winsere\Winsere\Winsere.exe [316984 2016-03-24] () ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [79248 2015-11-25] (McAfee, Inc.) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-19] (Intel Corporation) R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419624 2015-11-25] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351144 2015-11-25] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83096 2015-11-25] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496368 2015-11-25] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [846080 2015-11-25] (McAfee, Inc.) R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [539496 2015-11-20] (McAfee, Inc.) S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-11-20] (McAfee, Inc.) U3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [36968 2016-01-19] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [245096 2015-11-25] (McAfee, Inc.) R2 RtkIOAC60; C:\Windows\system32\DRIVERS\RtkIOAC60.sys [29912 2013-07-19] (Realtek semiconductor corp) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation) S3 mfeaack01; \Device\mfeaack01.sys [X] U3 pxldypow; \??\C:\Users\jan\AppData\Local\Temp\pxldypow.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-03-26 12:01 - 2016-03-26 12:01 - 00018982 _____ C:\Users\jan\Downloads\FRST.txt 2016-03-26 11:47 - 2016-03-26 11:47 - 00004020 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse 2016-03-26 11:34 - 2016-03-26 11:34 - 00380928 _____ C:\Users\jan\Downloads\zsvprdjy.exe 2016-03-26 11:34 - 2016-03-26 11:34 - 00380928 _____ C:\Users\jan\Downloads\uk50tbun.exe 2016-03-26 11:34 - 2016-03-26 11:34 - 00380928 _____ C:\Users\jan\Downloads\no0pol8z.exe 2016-03-26 11:33 - 2016-03-26 11:33 - 02374144 _____ (Farbar) C:\Users\jan\Downloads\FRST64 (1).exe 2016-03-26 11:33 - 2016-03-26 11:33 - 00380928 _____ C:\Users\jan\Downloads\42wd5w3s.exe 2016-03-25 16:10 - 2016-03-25 16:14 - 00003896 _____ C:\Users\jan\Desktop\ak47bloody2.52up.amc 2016-03-25 15:37 - 2016-03-25 20:19 - 00000000 ____D C:\Users\jan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108 2016-03-25 15:37 - 2016-03-25 19:39 - 00000000 ____D C:\Program Files (x86)\thirteen degrees 2016-03-25 15:37 - 2016-03-25 15:37 - 00015136 _____ C:\WINDOWS\System32\Tasks\WinTaske 2016-03-25 15:37 - 2016-03-25 15:37 - 00000000 ____D C:\Users\Public\Documents\dmp 2016-03-25 15:37 - 2016-03-25 15:37 - 00000000 ____D C:\Program Files (x86)\WinTaske 2016-03-25 15:37 - 2016-03-25 15:37 - 00000000 ____D C:\Program Files (x86)\Winsere 2016-03-25 15:37 - 2016-03-25 15:37 - 00000000 ____D C:\Program Files (x86)\SearchesToYesbnd 2016-03-25 15:36 - 2016-03-25 15:36 - 00526336 _____ C:\Users\jan\Downloads\Bloody2-Ultra Core 3 Activation Code.exe.iso 2016-03-25 15:29 - 2016-03-25 17:14 - 00000000 ____D C:\Users\jan\Desktop\ak-47 2016-03-25 12:26 - 2016-03-25 12:26 - 02362120 _____ C:\Users\jan\Downloads\Bloody-HeadShot-V131113-EN-doc.zip 2016-03-24 19:57 - 2016-03-24 19:57 - 00002005 _____ C:\Users\Public\Desktop\Bloody5.lnk 2016-03-24 19:57 - 2016-03-24 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloody 2016-03-24 19:54 - 2016-03-24 19:55 - 26950764 _____ C:\Users\jan\Downloads\Bloody5 (1).zip 2016-03-24 19:53 - 2016-03-24 19:53 - 00000000 ____D C:\Users\jan\Downloads\KeyResponsePK V2.0_20150707_B1 2016-03-24 19:51 - 2016-03-24 19:52 - 10486312 _____ C:\Users\jan\Downloads\KeyResponsePK V2.0_20150707_B1.zip 2016-03-24 17:20 - 2016-03-24 17:20 - 00000000 ____D C:\Users\jan\AppData\LocalLow\uTorrent 2016-03-24 16:50 - 2016-03-24 19:57 - 00000000 ____D C:\Program Files (x86)\Bloody5 2016-03-24 16:47 - 2016-03-24 16:48 - 26950764 _____ C:\Users\jan\Downloads\Bloody5.zip 2016-03-24 16:43 - 2016-03-24 16:43 - 00000000 ____D C:\Users\jan\AppData\Local\CyberLink 2016-03-23 22:00 - 2016-03-26 11:57 - 00003846 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse 2016-03-23 21:56 - 2016-03-23 21:56 - 00000000 ____D C:\Users\jan\AppData\Roaming\com.geetagames.LillyLookingThrough 2016-03-23 20:50 - 2016-03-24 07:56 - 00000000 ____D C:\Users\jan\Desktop\lindsey starling 2016-03-23 20:11 - 2016-03-23 20:51 - 00000000 ____D C:\Users\jan\Downloads\Lindsey Stirling - Discography (2010-2015) Mp3 - 320 kbps 2016-03-23 19:24 - 2016-03-23 19:24 - 00000222 _____ C:\Users\jan\Desktop\Lilly Looking Through.url 2016-03-22 20:41 - 2016-03-22 20:41 - 00000222 _____ C:\Users\jan\Desktop\Serious Sam 2.url 2016-03-22 16:55 - 2016-03-22 16:56 - 00000000 ____D C:\ProgramData\Package Cache 2016-03-21 19:52 - 2016-03-21 19:52 - 00000222 _____ C:\Users\jan\Desktop\ARK Survival Of The Fittest.url 2016-03-14 09:20 - 2016-03-14 09:20 - 00000896 _____ C:\Users\Public\Desktop\Assassin's Creed IV - Black Flag.lnk 2016-03-14 09:20 - 2016-03-14 09:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed IV - Black Flag 2016-03-13 22:04 - 2016-03-14 09:10 - 00000000 ____D C:\Users\jan\Desktop\Nowy folder 2016-03-13 22:03 - 2016-03-13 22:03 - 00000000 ____D C:\Users\jan\AppData\Local\Setup Integrity Check 2016-03-13 21:59 - 2016-03-13 21:59 - 00000000 ____D C:\Users\jan\Downloads\-Oceanofgames.com-Assassins_Creed_Black_Flag 2016-03-13 16:30 - 2016-03-13 20:57 - 1401363099 _____ C:\Users\jan\Downloads\-Oceanofgames.com-Assassins_Creed_Black_Flag.zip 2016-03-12 15:34 - 2016-03-12 15:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Survarium-Steam 2016-03-12 15:28 - 2016-03-12 16:54 - 00000000 ____D C:\Users\jan\Documents\Survarium-Steam 2016-03-12 10:39 - 2016-03-12 10:39 - 00000222 _____ C:\Users\jan\Desktop\Survarium.url 2016-03-10 08:22 - 2016-02-20 16:45 - 01373184 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-03-10 08:22 - 2016-02-20 16:45 - 01168896 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-03-10 08:22 - 2016-02-20 16:45 - 00696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-03-10 08:22 - 2016-02-20 16:45 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-03-10 08:22 - 2016-02-20 16:45 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-03-10 08:22 - 2016-02-20 16:45 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-03-10 08:22 - 2016-02-08 22:05 - 20352512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-03-10 08:22 - 2016-02-08 21:39 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-03-10 08:22 - 2016-02-08 21:34 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-03-10 08:22 - 2016-02-08 21:29 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll 2016-03-10 08:22 - 2016-02-08 21:28 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2016-03-10 08:22 - 2016-02-08 21:10 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-03-10 08:22 - 2016-02-08 21:07 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2016-03-10 08:22 - 2016-02-08 21:05 - 25816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-03-10 08:22 - 2016-02-08 21:03 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2016-03-10 08:22 - 2016-02-08 21:02 - 13012480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-03-10 08:22 - 2016-02-08 21:02 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-03-10 08:22 - 2016-02-08 21:01 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-03-10 08:22 - 2016-02-08 20:43 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-03-10 08:22 - 2016-02-08 20:39 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-03-10 08:22 - 2016-02-08 20:38 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-03-10 08:22 - 2016-02-08 19:27 - 02887680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-03-10 08:22 - 2016-02-08 19:26 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-03-10 08:22 - 2016-02-08 19:16 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-03-10 08:22 - 2016-02-08 19:14 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll 2016-03-10 08:22 - 2016-02-08 19:13 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2016-03-10 08:22 - 2016-02-08 18:51 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2016-03-10 08:22 - 2016-02-08 18:42 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2016-03-10 08:22 - 2016-02-08 18:37 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2016-03-10 08:22 - 2016-02-08 18:34 - 00798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-03-10 08:22 - 2016-02-08 18:33 - 14613504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-03-10 08:22 - 2016-02-08 18:33 - 02123264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-03-10 08:22 - 2016-02-08 18:19 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-03-10 08:22 - 2016-02-08 18:15 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2016-03-10 08:22 - 2016-02-08 18:07 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-03-10 08:22 - 2016-02-08 17:55 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-03-10 08:22 - 2016-02-05 20:06 - 00046768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-03-10 08:22 - 2016-01-06 19:25 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2016-03-10 08:22 - 2015-12-30 22:53 - 02017624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2016-03-10 08:22 - 2015-11-10 00:36 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-03-10 08:22 - 2015-11-08 22:16 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-03-10 08:22 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-03-10 08:21 - 2016-02-12 20:14 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2016-03-10 08:21 - 2016-02-12 16:14 - 03708416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-03-10 08:21 - 2016-02-12 15:55 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2016-03-10 08:21 - 2016-02-12 15:54 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2016-03-10 08:21 - 2016-02-12 15:54 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2016-03-10 08:21 - 2016-02-12 15:54 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2016-03-10 08:21 - 2016-02-12 15:51 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2016-03-10 08:21 - 2016-02-12 15:51 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2016-03-10 08:21 - 2016-02-12 15:51 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2016-03-10 08:21 - 2016-02-12 15:48 - 02244096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2016-03-10 08:21 - 2016-02-12 15:47 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2016-03-10 08:21 - 2016-02-12 15:46 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2016-03-10 08:21 - 2016-02-11 15:21 - 00869576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll 2016-03-10 08:21 - 2016-02-11 15:21 - 00678600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll 2016-03-10 08:21 - 2016-02-11 15:20 - 00875720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll 2016-03-10 08:21 - 2016-02-11 15:20 - 00536776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll 2016-03-10 08:21 - 2016-02-06 19:08 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll 2016-03-10 08:21 - 2016-02-06 17:58 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-03-10 08:21 - 2016-02-06 17:32 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2016-03-10 08:21 - 2016-02-05 20:07 - 00292696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMASF.DLL 2016-03-10 08:21 - 2016-02-05 20:07 - 00243032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMASF.DLL 2016-03-10 08:21 - 2016-02-05 16:03 - 15432704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2016-03-10 08:21 - 2016-02-05 16:00 - 13318144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2016-03-10 08:21 - 2016-02-05 15:59 - 07784960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-03-10 08:21 - 2016-02-05 15:55 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-03-10 08:21 - 2016-02-05 15:48 - 07075840 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll 2016-03-10 08:21 - 2016-02-05 15:47 - 05268480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll 2016-03-10 08:21 - 2016-02-04 19:18 - 04174336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-03-10 08:21 - 2016-02-04 19:18 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2016-03-10 08:21 - 2016-02-04 19:12 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2016-03-10 08:21 - 2016-02-04 18:44 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2016-03-10 08:21 - 2016-02-04 18:39 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2016-03-10 08:21 - 2016-02-04 18:24 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2016-03-10 08:21 - 2016-02-04 18:02 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2016-03-10 08:21 - 2016-02-03 21:37 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-03-10 08:21 - 2016-02-03 21:36 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-03-10 08:21 - 2016-02-03 16:09 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2016-03-10 08:21 - 2016-02-03 16:00 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2016-03-10 08:21 - 2016-02-03 16:00 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2016-03-10 08:21 - 2016-01-31 20:16 - 00148832 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2016-03-10 08:21 - 2016-01-24 19:19 - 00419160 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2016-03-10 08:21 - 2016-01-24 19:19 - 00378712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2016-03-10 08:21 - 2016-01-24 19:19 - 00331608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys 2016-03-10 08:21 - 2016-01-24 12:57 - 01335296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2016-03-10 08:21 - 2016-01-24 12:45 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2016-03-10 08:21 - 2016-01-15 17:56 - 02487296 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2016-03-10 08:21 - 2016-01-15 17:45 - 01482240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll 2016-03-10 08:21 - 2016-01-10 17:41 - 01707008 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll 2016-03-10 08:21 - 2016-01-10 17:31 - 01344512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll 2016-03-10 08:21 - 2016-01-09 02:49 - 00218448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll 2016-03-10 08:21 - 2016-01-09 02:49 - 00192120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll 2016-03-10 08:21 - 2016-01-09 02:38 - 00091992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys 2016-03-10 08:21 - 2016-01-07 00:46 - 00148752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll 2016-03-10 08:21 - 2016-01-07 00:45 - 00177712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll 2016-03-10 08:21 - 2016-01-06 17:47 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2016-03-10 08:21 - 2016-01-05 16:00 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2016-03-10 08:21 - 2015-12-30 21:49 - 00470360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2016-03-10 08:21 - 2015-12-20 15:57 - 00839168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2016-03-10 08:21 - 2015-12-20 15:56 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe 2016-03-10 08:21 - 2015-12-20 15:43 - 00696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2016-03-10 08:21 - 2015-11-19 15:33 - 00994760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll 2016-03-10 08:21 - 2015-11-19 15:26 - 00922432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll 2016-03-09 16:12 - 2016-03-09 16:12 - 00001864 _____ C:\Users\Public\Desktop\McAfee LiveSafe .lnk 2016-03-09 16:12 - 2016-03-09 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2016-03-05 14:57 - 2016-03-05 15:50 - 4050900392 _____ C:\Users\jan\Downloads\Harry Potter Insygnia Śmierci cz 2-3D-SBS-PL-mHD-DJPiHOOLIMAN.mkv 2016-03-05 14:56 - 2016-03-05 14:56 - 00019862 _____ C:\Users\jan\Downloads\[torrenty.pl] Harry Potter i Insygnia Śmierci 3D (SBS) Część 2 - Harry Potter and the Deathly Hallows Part 2 (2011) [mini-HD 1080p Side by Side-DJP] [Dubbing PL].torrent 2016-03-05 13:43 - 2016-03-05 14:55 - 00000000 ____D C:\Users\jan\Downloads\Harry Potter and the Deathly Hallows Part 1 (2010) [mini-HD.1080p.AC3.BDRip.x264] (gixerk9) 2016-03-05 13:43 - 2016-03-05 13:43 - 00015923 _____ C:\Users\jan\Downloads\[torrenty.pl] Harry Potter i Insygnia Śmierci- Część 1 - Harry Potter and the Deathly Hallows- Part 1 -2010- [mini-HD 1080p AC3 BDRip x264] (gixerk9) [Dubbing PL].torrent 2016-03-02 19:10 - 2016-03-02 19:10 - 00000000 ____D C:\Users\jan\AppData\Roaming\.mono 2016-02-27 10:09 - 2016-02-27 10:09 - 00000000 ____D C:\Users\jan\AppData\LocalLow\SUPERHOT_Team 2016-02-27 10:09 - 2016-02-27 10:09 - 00000000 ____D C:\Users\jan\AppData\Local\SUPERHOT_Sp_z_o.o 2016-02-27 10:03 - 2016-02-27 10:03 - 00001640 _____ C:\Users\Public\Desktop\SUPERHOT.lnk 2016-02-27 10:03 - 2016-02-27 10:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERHOT [GOG.com] 2016-02-27 10:01 - 2016-02-27 10:01 - 00000000 ____D C:\Users\jan\AppData\LocalLow\SUPERHOT Team 2016-02-27 10:01 - 2016-02-27 10:01 - 00000000 ____D C:\GOG Games 2016-02-27 08:24 - 2016-02-27 08:42 - 1101226816 _____ (GOG.com ) C:\Users\jan\Downloads\-Oceanofgames.com-Superhot.exe 2016-02-25 08:05 - 2016-02-25 08:05 - 00000000 ____D C:\Users\jan\AppData\Local\GWX ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-03-26 12:01 - 2016-02-06 15:13 - 00000000 ____D C:\FRST 2016-03-26 11:58 - 2016-02-10 20:44 - 00000000 ____D C:\Users\jan\AppData\Roaming\Skype 2016-03-26 11:57 - 2016-02-06 14:36 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3451131124-2045846987-1590504244-1001 2016-03-26 11:57 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf 2016-03-26 11:48 - 2016-02-06 20:55 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee 2016-03-26 11:42 - 2016-02-06 14:37 - 00001056 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-03-26 10:43 - 2016-02-06 14:36 - 00003968 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D1F115F8-5716-4E54-8679-6E1786F8ABC9} 2016-03-26 10:42 - 2016-02-06 20:14 - 00000000 ____D C:\Users\jan\AppData\Local\MyComGames 2016-03-26 10:42 - 2016-02-06 14:56 - 00000000 ____D C:\Program Files (x86)\Steam 2016-03-26 10:42 - 2016-02-06 14:37 - 00001052 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-03-26 10:42 - 2016-02-06 14:35 - 00000000 ___DO C:\Users\jan\SkyDrive 2016-03-25 21:08 - 2016-02-06 14:30 - 00000000 ____D C:\Users\jan 2016-03-25 21:08 - 2015-02-18 04:29 - 00805918 _____ C:\WINDOWS\system32\perfh015.dat 2016-03-25 21:08 - 2015-02-18 04:29 - 00163272 _____ C:\WINDOWS\system32\perfc015.dat 2016-03-25 21:08 - 2013-10-04 08:58 - 01825074 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-03-25 15:37 - 2016-02-06 14:38 - 00002095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-03-25 15:37 - 2016-02-06 14:38 - 00002083 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-03-25 14:59 - 2015-02-20 19:49 - 00000000 ____D C:\ProgramData\NVIDIA 2016-03-25 14:59 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-03-25 13:28 - 2013-08-22 16:20 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-03-25 13:26 - 2016-02-23 19:32 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX 2016-03-25 13:26 - 2016-02-23 19:32 - 00000000 ___SD C:\WINDOWS\system32\GWX 2016-03-24 19:53 - 2016-02-15 19:56 - 00000000 __SHD C:\Users\jan\AppData\LocalLow\EmieUserList 2016-03-24 19:53 - 2016-02-15 19:56 - 00000000 __SHD C:\Users\jan\AppData\LocalLow\EmieSiteList 2016-03-24 17:22 - 2016-02-21 17:17 - 00000000 ____D C:\Users\jan\AppData\Roaming\uTorrent 2016-03-23 19:24 - 2016-02-06 15:20 - 00000000 ____D C:\Users\jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2016-03-21 19:34 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM 2016-03-17 21:29 - 2016-02-07 08:56 - 00000000 ____D C:\Fraps 2016-03-17 11:44 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache 2016-03-17 10:42 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-03-14 09:11 - 2016-02-11 09:08 - 00000000 ____D C:\Games 2016-03-12 10:18 - 2016-02-10 20:44 - 00000000 ____D C:\ProgramData\Skype 2016-03-11 18:23 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-03-10 12:28 - 2013-08-22 15:44 - 00339192 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-03-10 12:24 - 2016-02-23 19:32 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-03-10 11:02 - 2016-02-09 15:42 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-03-10 11:02 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-03-10 11:00 - 2016-02-09 15:42 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-03-08 08:00 - 2013-08-22 16:38 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-03-08 08:00 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-03-03 09:48 - 2016-02-06 15:01 - 00000000 ____D C:\Users\jan\AppData\Local\Steam ==================== Pliki w katalogu głównym wybranych folderów ======= 2016-02-10 20:54 - 2016-02-10 20:54 - 0007599 _____ () C:\Users\jan\AppData\Local\Resmon.ResmonCfg 2015-02-20 19:52 - 2015-02-20 19:52 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Niektóre pliki w TEMP: ==================== C:\Users\jan\AppData\Local\Temp\AcerDocsSetup.exe C:\Users\jan\AppData\Local\Temp\AcerPortalSetup.exe C:\Users\jan\AppData\Local\Temp\B5F7.tmp.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-03-26 11:43 ==================== Koniec FRST.txt ============================