Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 20-08-2016 Uruchomiony przez Arek (administrator) ARO (21-08-2016 00:58:11) Uruchomiony z G:\Torrent Załadowane profile: Arek (Dostępne profile: Arek) Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 8 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Arcai.com) C:\Program Files (x86)\netcut\services\aips.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe () C:\Program Files (x86)\Razer\Lachesis\razerhid.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe (razercfg MFC Application) C:\Program Files (x86)\Razer\Lachesis\OSD.exe () C:\Program Files (x86)\Razer\Lachesis\razertra.exe (Razer Inc.) C:\Program Files (x86)\Razer\Lachesis\razerofa.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Ghisler Software GmbH) C:\Program Files (x86)\totalcmd\TOTALCMD.EXE () E:\jhnmqgsg.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.) HKLM-x32\...\Run: [AsioThk32Reg] => REGSVR32.EXE /S CTASIO.DLL HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-06-27] (Intel Corporation) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-17] (Intel Corporation) HKLM-x32\...\Run: [Lachesis] => C:\Program Files (x86)\Razer\Lachesis\razerhid.exe [248320 2009-11-10] () HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [54520 2015-10-22] (Panda Security, S.L.) HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe, HKU\S-1-5-21-1171517029-3279150813-2758121507-1001\...\Run: [Arek] => explorer.exe hxxp://sd-steam.info <===== UWAGA HKU\S-1-5-21-1171517029-3279150813-2758121507-1001\...\MountPoints2: {15340659-41cd-11e5-8ba2-00e04c7658c1} - P:\Startme.exe IFEO\RegWorks.exe: [Debugger] svchost.exe IFEO\RSITx64.exe: [Debugger] svchost.exe ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Arek\AppData\Local\MEGAsync\ShellExtX64.dll Brak pliku ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Arek\AppData\Local\MEGAsync\ShellExtX64.dll Brak pliku ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Arek\AppData\Local\MEGAsync\ShellExtX64.dll Brak pliku ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Brak pliku ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Arek\AppData\Local\MEGAsync\ShellExtX32.dll Brak pliku ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Arek\AppData\Local\MEGAsync\ShellExtX32.dll Brak pliku ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Arek\AppData\Local\MEGAsync\ShellExtX32.dll Brak pliku GroupPolicyScripts-x32: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{DC872584-B097-46A4-B3E1-0A79573456B4}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com SearchScopes: HKU\S-1-5-21-1171517029-3279150813-2758121507-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-20] (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-20] (Oracle Corporation) BHO-x32: Pomocnik logowania za pomocą identyfikatora Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Arek\AppData\Roaming\Mozilla\Firefox\Profiles\5ypy6n3n.default-1471656733042 FF Homepage: hxxps://www.google.pl/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] () FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-20] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-20] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-17] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-17] (Intel Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-07-11] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-07-11] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1171517029-3279150813-2758121507-1001: @my.com/Games -> C:\Users\Arek\AppData\Local\MyComGames\NPMyComDetector.dll [2016-04-11] (MY.COM B.V.) FF Plugin HKU\S-1-5-21-1171517029-3279150813-2758121507-1001: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-11-17] (The Happy Cloud) FF Extension: Ghostery - C:\Users\Arek\AppData\Roaming\Mozilla\Firefox\Profiles\5ypy6n3n.default-1471656733042\Extensions\firefox@ghostery.com.xpi [2016-08-20] FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2016-07-26] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AIPS; C:\Program Files (x86)\netcut\services\AIPS.exe [262144 2011-07-28] (Arcai.com) [Brak podpisu cyfrowego] R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) S3 ArcService; G:\Games\Arc Games\Arc\ArcService.exe [88400 2015-06-25] (Perfect World Entertainment Inc) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1314848 2016-01-19] () S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-11-08] (Creative Labs) [Brak podpisu cyfrowego] R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [Brak podpisu cyfrowego] S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-17] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7184440 2015-12-14] (GOG.com) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [54976 2014-03-27] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation) R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-10-18] (Panda Security, S.L.) S3 Origin Client Service; M:\Origin\OriginClientService.exe [2122248 2016-07-24] (Electronic Arts) R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [73176 2016-02-22] (Panda Security, S.L.) R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-10-22] (Panda Security, S.L.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S3 NMIndexingService; "C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe" [X] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 CT20XUT.DLL; C:\Windows\System32\CT20XUT.DLL [252712 2007-04-10] (Creative Technology Ltd.) S3 CTEAPSFX.DLL; C:\Windows\System32\CTEAPSFX.DLL [219432 2007-04-10] (Creative Technology Ltd) S3 CTEDSPFX.DLL; C:\Windows\System32\CTEDSPFX.DLL [321832 2007-04-10] (Creative Technology Ltd) S3 CTEDSPIO.DLL; C:\Windows\System32\CTEDSPIO.DLL [190248 2007-04-10] (Creative Technology Ltd) S3 CTEDSPSY.DLL; C:\Windows\System32\CTEDSPSY.DLL [363304 2007-04-10] (Creative Technology Ltd) S3 CTEXFIFX.DLL; C:\Windows\System32\CTEXFIFX.DLL [1571112 2007-04-10] (Creative Technology Ltd.) S3 CTHWIUT.DLL; C:\Windows\System32\CTHWIUT.DLL [123688 2007-04-10] (Creative Technology Ltd.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-08] (Disc Soft Ltd) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [54320 2009-09-21] (Symantec Corporation) S3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] () R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46016 2012-10-23] () R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [129200 2014-03-27] (Qualcomm Atheros, Inc.) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation) R2 memudrv; C:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.sys [260328 2016-01-16] (Microvirt Corporation) R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [94456 2015-07-09] (Panda Security, S.L.) R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [201976 2015-07-09] (Panda Security, S.L.) R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110840 2015-07-09] (Panda Security, S.L.) R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [110840 2015-07-09] (Panda Security, S.L.) R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [57648 2015-05-20] (Panda Security, S.L.) R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [103160 2015-07-09] (Panda Security, S.L.) R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [73464 2015-08-31] (Panda Security, S.L.) R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124152 2015-07-09] (Panda Security, S.L.) R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [300280 2015-07-09] (Panda Security, S.L.) R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [170232 2015-07-09] (Panda Security, S.L.) R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113400 2015-07-09] (Panda Security, S.L.) R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257784 2015-07-09] (Panda Security, S.L.) R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106232 2015-07-09] (Panda Security, S.L.) S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation) R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [164088 2015-07-19] (Panda Security, S.L.) R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121592 2015-07-19] (Panda Security, S.L.) R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197880 2015-07-19] (Panda Security, S.L.) R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124152 2015-07-19] (Panda Security, S.L.) R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [134392 2015-07-19] (Panda Security, S.L.) R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107768 2015-07-19] (Panda Security, S.L.) R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-05-22] (Panda Security, S.L.) R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation ) S3 s1029bus; C:\Windows\System32\DRIVERS\s1029bus.sys [116264 2009-05-25] (MCCI Corporation) S3 s1029mdfl; C:\Windows\System32\DRIVERS\s1029mdfl.sys [19496 2009-05-25] (MCCI Corporation) S3 s1029mdm; C:\Windows\System32\DRIVERS\s1029mdm.sys [158760 2009-05-25] (MCCI Corporation) S3 s1029mgmt; C:\Windows\System32\DRIVERS\s1029mgmt.sys [139304 2009-05-25] (MCCI Corporation) S3 s1029nd5; C:\Windows\System32\DRIVERS\s1029nd5.sys [34856 2009-05-25] (MCCI Corporation) S3 s1029obex; C:\Windows\System32\DRIVERS\s1029obex.sys [135208 2009-05-25] (MCCI Corporation) S3 s1029unic; C:\Windows\System32\DRIVERS\s1029unic.sys [151592 2009-05-25] (MCCI Corporation) R3 VaneFltr; C:\Windows\System32\drivers\Lachesis.sys [29952 2009-10-16] (Razer (Asia-Pacific) Pte Ltd) S3 COMMONFX.DLL; system32\COMMONFX.DLL [X] S3 CTAUDFX.DLL; system32\CTAUDFX.DLL [X] S3 CTERFXFX.DLL; system32\CTERFXFX.DLL [X] S3 CTSBLFX.DLL; system32\CTSBLFX.DLL [X] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [X] U2 V2iMount; Brak ImagePath S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] U3 pxldrpow; \??\C:\Users\Arek\AppData\Local\Temp\pxldrpow.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-08-21 00:58 - 2016-08-21 00:58 - 00000000 ____D C:\FRST 2016-08-21 00:08 - 2016-08-21 00:08 - 00000000 ____D C:\Users\Arek\AppData\Local\{CEC04F66-A4A9-4CC9-BC38-A0DDF44359F7} 2016-08-20 21:30 - 2016-08-20 21:30 - 00007639 _____ C:\Users\Arek\AppData\Local\Resmon.ResmonCfg 2016-08-20 21:21 - 2015-05-22 10:45 - 00061712 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys 2016-08-20 19:30 - 2016-08-20 19:18 - 00004538 _____ C:\Users\Arek\Downloads\Dark.Matter.S02E05.WEB-DL.XviD-FUM[ettv].torrent 2016-08-20 19:29 - 2016-08-20 19:18 - 00004533 _____ C:\Users\Arek\Downloads\Dark.Matter.S02E08.WEBRip.XviD-FUM[ettv].torrent 2016-08-20 19:28 - 2016-08-20 19:18 - 00004538 _____ C:\Users\Arek\Downloads\Dark.Matter.S02E06.WEB-DL.XviD-FUM[ettv].torrent 2016-08-20 19:27 - 2016-08-20 19:18 - 00004538 _____ C:\Users\Arek\Downloads\Dark.Matter.S02E07.WEB-DL.XviD-FUM[ettv].torrent 2016-08-20 05:00 - 2016-08-20 04:36 - 00018541 _____ C:\Users\Arek\Downloads\Vangelis - The Collection (2012). MP3. 320Kbps.WwW.Lokotorrents.CoM.torrent 2016-08-20 04:54 - 2016-08-20 04:35 - 00057469 _____ C:\Users\Arek\Downloads\[FileTracker.pl]Ratchet i Clank[wilu75].torrent 2016-08-20 04:53 - 2016-08-20 04:36 - 00113527 _____ C:\Users\Arek\Downloads\[FileTracker.pl]Iluzja 2[wilu75].torrent 2016-08-20 04:21 - 2016-08-20 04:20 - 00010835 _____ C:\Users\Arek\Downloads\SpyHunter v4.22.8.4668 Portable by MaSTeR.torrent 2016-08-20 03:46 - 2016-08-20 03:47 - 13166304 _____ (Microsoft Corporation) C:\Users\Arek\Downloads\Silverlight_x64.exe 2016-08-20 03:44 - 2016-08-20 03:44 - 00000000 _____ C:\Windows\SysWOW64\RENFEB8.tmp 2016-08-20 03:44 - 2016-08-20 03:44 - 00000000 _____ C:\Windows\SysWOW64\REN23E4.tmp 2016-08-20 03:43 - 2016-08-20 03:43 - 00000000 _____ C:\Windows\SysWOW64\REND529.tmp 2016-08-20 03:40 - 2016-08-20 03:40 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2016-08-20 03:40 - 2016-08-20 03:40 - 00000000 ____D C:\Program Files\Java 2016-08-20 03:39 - 2016-08-20 03:40 - 62041152 _____ (Oracle Corporation) C:\Users\Arek\Downloads\jre-8u101-windows-x64.exe 2016-08-19 18:58 - 2016-08-19 18:09 - 00019925 _____ C:\Users\Arek\Downloads\Fallout.4.Nuka-World.torrent 2016-08-19 18:37 - 2016-08-19 07:33 - 00027512 _____ C:\Users\Arek\Downloads\Sausage.Party.2016.HDCam.HQ-Mic.Xvid.AC3.UnKnOwN.Hive-CM8.torrent 2016-08-19 04:10 - 2016-08-18 00:12 - 00609179 _____ C:\Users\Arek\Downloads\[FileTracker.pl] Wikingowie - Vikings 2015 [Sezon 3] [EXTENDED.480p.BDRip.XviD.AC3-H3Q] [Lektor PL].torrent 2016-08-18 20:16 - 2016-08-14 19:41 - 00580568 _____ C:\Users\Arek\Downloads\[FileTracker.pl] Wikingowie - Vikings 2014 [Sezon 2] [EXTENDED.480p.BDRip.XviD.AC3-H3Q] [Lektor PL].torrent 2016-08-18 20:05 - 2016-08-18 18:43 - 00001897 _____ C:\Users\Arek\Downloads\No.Mans.Sky.Update.1-CODEX.torrent 2016-08-18 20:04 - 2016-08-18 20:04 - 00000000 ____D C:\Users\Arek\AppData\Local\{A68D2F21-FE50-4E43-A8B2-A866BCF6BC6E} 2016-08-18 18:52 - 2016-08-18 18:52 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-08-18 18:52 - 2016-08-18 18:52 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-08-18 18:52 - 2016-08-18 18:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-08-18 18:52 - 2016-08-18 18:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-08-17 20:41 - 2016-08-18 18:48 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-08-17 18:26 - 2016-08-17 18:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-08-17 18:25 - 2016-07-11 00:36 - 00127424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2016-08-17 18:24 - 2016-07-11 04:13 - 39977920 _____ C:\Windows\system32\nvcompiler.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 35115968 _____ C:\Windows\SysWOW64\nvcompiler.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 31640512 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 25414080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 17321352 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 16790552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 13581880 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2016-08-17 18:24 - 2016-07-11 04:13 - 10691632 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 10656112 _____ C:\Windows\system32\nvptxJitCompiler.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 10234336 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 09020656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 08742360 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 08615336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 03840096 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 03542072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 03393576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 03099072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 01001016 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 00930360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 00909880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 00852024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 00694672 _____ C:\Windows\system32\nvfatbinaryLoader.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 00583736 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 00544120 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 00490744 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 00459320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 00444472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 00406064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 00394808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 00177952 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 00155768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 00153416 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2016-08-17 18:24 - 2016-07-11 04:13 - 00131584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2016-08-15 16:35 - 2016-07-23 14:35 - 01937344 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436900.dll 2016-08-15 16:35 - 2016-07-23 14:34 - 01585088 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436900.dll 2016-08-15 16:17 - 2016-07-11 04:13 - 01887800 _____ (NVIDIA Corporation) C:\Windows\system32\NvCamera64.dll 2016-08-15 16:17 - 2016-07-11 04:13 - 01595840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvCamera32.dll 2016-08-15 16:15 - 2016-07-15 20:15 - 00214592 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2016-08-15 16:15 - 2016-07-15 20:15 - 00046016 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2016-08-15 16:15 - 2016-07-11 04:13 - 01939000 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436881.dll 2016-08-15 16:15 - 2016-07-11 04:13 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436881.dll 2016-08-15 16:15 - 2016-07-11 04:13 - 00000594 _____ C:\Windows\SysWOW64\nv-vk32.json 2016-08-15 16:15 - 2016-07-11 04:13 - 00000594 _____ C:\Windows\system32\nv-vk64.json 2016-08-15 16:15 - 2016-04-14 07:38 - 00113216 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2016-08-15 16:15 - 2016-04-14 07:38 - 00102976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2016-08-15 16:15 - 2016-04-14 07:38 - 00056384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2016-08-12 21:02 - 2016-08-12 21:02 - 00000000 ____D C:\Users\Arek\AppData\Roaming\HelloGames 2016-08-12 20:45 - 2016-08-12 20:45 - 00000751 _____ C:\Users\Arek\Desktop\No Mans Sky.lnk 2016-08-12 20:45 - 2016-08-12 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\No Mans Sky 2016-08-09 18:41 - 2016-08-09 18:41 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk 2016-08-09 18:41 - 2016-08-09 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2016-08-09 18:40 - 2016-08-09 18:41 - 00000000 ____D C:\Program Files\iTunes 2016-08-09 18:40 - 2016-08-09 18:40 - 00000000 ____D C:\Program Files\iPod 2016-08-09 18:40 - 2016-08-09 18:40 - 00000000 ____D C:\Program Files (x86)\iTunes 2016-08-07 21:45 - 2016-08-07 21:45 - 00000000 ____D C:\Users\Arek\Documents\Square Enix 2016-08-07 18:58 - 2016-08-07 18:58 - 00000000 ____D C:\Users\Arek\AppData\LocalLow\Flox Studios 2016-08-07 16:00 - 2016-08-07 16:00 - 00003456 _____ C:\Windows\System32\Tasks\Arek 2016-08-07 15:35 - 2016-08-07 15:35 - 00000000 ____D C:\Users\Arek\AppData\Local\AbzuGame 2016-08-07 11:00 - 2016-08-07 11:00 - 00000000 ____D C:\Users\Arek\AppData\LocalLow\Playdead 2016-08-07 10:17 - 2016-08-07 10:17 - 00000000 ____D C:\Users\Arek\AppData\Local\{661DE9BB-9813-4F7C-9B2E-42031248275B} 2016-08-01 23:40 - 2016-08-01 23:40 - 00000000 ____D C:\Users\Arek\AppData\Local\{AB18B758-4407-430C-8AE2-8EE4EBAAEFDA} 2016-07-28 00:45 - 2016-07-28 00:45 - 00000735 _____ C:\Users\Public\Desktop\Starbound.lnk 2016-07-24 16:26 - 2016-07-24 16:26 - 00000000 ____D C:\Users\Arek\AppData\Local\MercurySteam 2016-07-24 02:32 - 2016-07-24 02:32 - 00000000 ____D C:\ProgramData\EA Games 2016-07-24 02:28 - 2016-07-24 02:29 - 00000000 ____D C:\Users\Arek\AppData\Local\{67EAADCC-3B99-49F3-A7DC-D20325E50A96} 2016-07-24 02:09 - 2016-07-27 07:31 - 00000000 ____D C:\ProgramData\Media Center Programs ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-08-21 00:46 - 2009-07-14 06:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-08-21 00:46 - 2009-07-14 06:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-08-21 00:44 - 2009-07-14 19:55 - 00740422 _____ C:\Windows\system32\perfh015.dat 2016-08-21 00:44 - 2009-07-14 19:55 - 00155996 _____ C:\Windows\system32\perfc015.dat 2016-08-21 00:44 - 2009-07-14 07:13 - 01670518 _____ C:\Windows\system32\PerfStringBackup.INI 2016-08-21 00:44 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2016-08-21 00:39 - 2014-11-08 00:10 - 00000000 ____D C:\Users\Arek\AppData\Local\Battle.net 2016-08-21 00:38 - 2015-08-21 22:28 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-08-21 00:38 - 2015-05-12 17:21 - 00000000 ____D C:\ProgramData\NVIDIA 2016-08-21 00:38 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-08-21 00:37 - 2014-11-08 01:43 - 00000000 ____D C:\Users\Arek\AppData\Roaming\AIMP3 2016-08-21 00:37 - 2014-11-08 00:38 - 00029604 _____ C:\Windows\system32\BMXBkpCtrlState-{00000005-00000000-00000001-00001102-00000008-10211102}.rfx 2016-08-21 00:37 - 2014-11-08 00:38 - 00011564 _____ C:\Windows\system32\DVCState-{00000005-00000000-00000001-00001102-00000008-10211102}.rfx 2016-08-21 00:37 - 2014-11-07 23:37 - 00033688 _____ C:\Windows\system32\BMXStateBkp-{00000005-00000000-00000001-00001102-00000008-10211102}.rfx 2016-08-21 00:37 - 2014-11-07 23:37 - 00033688 _____ C:\Windows\system32\BMXState-{00000005-00000000-00000001-00001102-00000008-10211102}.rfx 2016-08-21 00:37 - 2014-11-07 23:37 - 00029604 _____ C:\Windows\system32\BMXCtrlState-{00000005-00000000-00000001-00001102-00000008-10211102}.rfx 2016-08-21 00:13 - 2015-08-21 22:28 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-08-21 00:00 - 2014-11-08 02:06 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-08-20 21:23 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker 2016-08-20 20:35 - 2014-11-08 00:53 - 00000000 ____D C:\Users\Arek\AppData\Roaming\uTorrent 2016-08-20 10:21 - 2015-02-16 20:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-08-20 10:21 - 2015-02-16 20:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-08-20 04:05 - 2014-11-12 02:16 - 00000000 ____D C:\Users\Arek\AppData\Roaming\vlc 2016-08-20 03:47 - 2015-02-16 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-08-20 03:44 - 2015-04-09 09:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-08-20 03:40 - 2015-08-19 18:37 - 00000000 ____D C:\Users\Arek\.oracle_jre_usage 2016-08-20 03:07 - 2015-01-13 21:21 - 00000000 ____D C:\Users\Arek\AppData\Local\Ubisoft Game Launcher 2016-08-19 17:34 - 2015-09-15 02:06 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-08-18 17:25 - 2016-03-07 19:17 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2016-08-17 18:26 - 2014-11-07 23:43 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-08-17 18:25 - 2014-11-07 23:43 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2016-08-15 16:17 - 2014-11-07 23:41 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-08-12 18:56 - 2014-11-08 21:40 - 00000000 ____D C:\Users\Arek\Documents\My Games 2016-08-09 18:40 - 2015-01-06 22:30 - 00000000 ____D C:\Program Files\Common Files\Apple 2016-08-07 21:13 - 2015-02-28 13:05 - 00000000 ____D C:\Windows\SysWOW64\directx 2016-08-07 21:12 - 2016-01-12 02:24 - 00000000 ____D C:\Users\Arek\AppData\Local\{4DB59F80-0DFB-46EF-82A5-3437C2D356D7} 2016-08-07 15:59 - 2015-11-06 01:21 - 00000000 ____D C:\Users\Arek\AppData\Local\UnrealEngine 2016-08-07 10:17 - 2014-11-08 00:11 - 00003245 _____ C:\Users\Arek\Desktop\Hasła.txt 2016-08-03 20:58 - 2015-11-08 21:24 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-07-29 02:08 - 2015-08-21 22:28 - 00004044 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-07-29 02:08 - 2015-08-21 22:28 - 00003792 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-07-28 00:46 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-07-28 00:45 - 2015-02-03 01:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2016-07-27 07:34 - 2014-11-08 04:31 - 00000000 ____D C:\Users\Arek\AppData\Local\Glyph 2016-07-26 14:24 - 2014-11-07 23:48 - 00504488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2016-07-24 17:51 - 2014-11-08 00:11 - 00002936 _____ C:\Users\Arek\Desktop\ÅÅÅÅÂÂÂ.txt 2016-07-24 12:55 - 2014-12-27 19:15 - 00000000 ____D C:\ProgramData\Origin 2016-07-24 04:26 - 2014-11-08 01:24 - 00000000 ____D C:\ProgramData\Package Cache 2016-07-24 02:09 - 2015-02-09 01:49 - 00000000 ____D C:\Users\Arek\Documents\EA Games ==================== Pliki w katalogu głównym wybranych folderów ======= 2016-04-18 21:27 - 2016-04-18 22:07 - 0001993 _____ () C:\Users\Arek\AppData\Roaming\droid4xinstaller.log 2014-12-25 07:11 - 2014-12-25 07:11 - 0079493 _____ () C:\Users\Arek\AppData\Roaming\icarus-dxdiag.xml 2015-06-06 15:25 - 2015-06-06 15:25 - 0099384 _____ () C:\Users\Arek\AppData\Roaming\inst.exe 2015-06-06 15:25 - 2015-06-06 15:25 - 0007859 _____ () C:\Users\Arek\AppData\Roaming\pcouffin.cat 2015-06-06 15:25 - 2015-06-06 15:25 - 0001167 _____ () C:\Users\Arek\AppData\Roaming\pcouffin.inf 2015-06-06 15:25 - 2015-06-06 15:25 - 0000055 _____ () C:\Users\Arek\AppData\Roaming\pcouffin.log 2015-06-06 15:25 - 2015-06-06 15:25 - 0082816 _____ (VSO Software) C:\Users\Arek\AppData\Roaming\pcouffin.sys 2015-04-06 19:33 - 2016-02-19 00:10 - 0005120 _____ () C:\Users\Arek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-12-24 14:59 - 2014-12-24 14:59 - 0000000 ___SH () C:\Users\Arek\AppData\Local\LumaEmu 2016-08-20 21:30 - 2016-08-20 21:30 - 0007639 _____ () C:\Users\Arek\AppData\Local\Resmon.ResmonCfg 2015-10-25 21:58 - 2015-10-25 21:58 - 0000206 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-08-17 01:33 ==================== Koniec FRST.txt ============================