Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 07-12-2016
Uruchomiony przez USER (administrator)  USER-KOMPUTER (15-12-2016 15:56:08)
Uruchomiony z C:\Users\USER\Desktop\FRST
Załadowane profile: USER & Mugenos & postgres & test (Dostępne profile: USER & Mugenos & postgres & test)
Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: "C:\Program Files (x86)\Firefox\Firefox.exe" -osint -url "%1")
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(hxxp://www.amule.org/) C:\Program Files (x86)\walalala co\aMuleCustom\ed2k.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Copyright (c) 2016 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(www.shadowexplorer.com) C:\Program Files (x86)\ShadowExplorer\sesvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\SAgent4.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
() C:\Program Files (x86)\PLAY ONLINE\AssistantServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.SmartMonitor.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ICQ, LLC.) C:\Program Files (x86)\ICQ7.7\ICQ.exe
(GG Network S.A.) C:\Users\USER\AppData\Local\GG\Application\gghub.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Cyfrowy Polsat S.A.) C:\Program Files (x86)\ipla\ipla.exe
( ) C:\Program Files (x86)\ChomikBox\chomikbox.exe
(GG Network S.A.) C:\Users\USER\AppData\Local\GG\Application\ggapp.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.427\SSScheduler.exe
(Dropbox, Inc.) C:\Users\USER\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\PLAY ONLINE\UIExec.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
() C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Redefine Sp z o.o.) C:\Program Files (x86)\ipla\iplabrowser.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Copyright (c) 2016 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera_crashreporter.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_ep64.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe

==================== Rejestr (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3666800 2011-01-21] (Dell Inc.)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-12-17] (Intel(R) Corporation)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-15] ()
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4926664 2016-02-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\PLAY ONLINE\UIExec.exe [138584 2010-04-30] ()
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1493288 2012-01-13] (Nero AG)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [Guard.Mail.ru.gui] => C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-02-07] ()
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1928776 2016-11-09] (APN)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51984 2016-12-14] (Copyright (c) 2016 Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2016-09-28] (Raptr, Inc)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2555031829-1915374467-2933209100-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-2555031829-1915374467-2933209100-1000\...\Run: [ICQ] => C:\Program Files (x86)\ICQ7.7\ICQ.exe [127040 2012-02-07] (ICQ, LLC.)
HKU\S-1-5-21-2555031829-1915374467-2933209100-1000\...\Run: [Google Update] => C:\Users\USER\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-2555031829-1915374467-2933209100-1000\...\Run: [GG] => C:\Users\USER\AppData\Local\GG\Application\gghub.exe [4078144 2015-04-02] (GG Network S.A.)
HKU\S-1-5-21-2555031829-1915374467-2933209100-1000\...\Run: [Dropbox Update] => C:\Users\USER\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
HKU\S-1-5-21-2555031829-1915374467-2933209100-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-2555031829-1915374467-2933209100-1000\...\Run: [IPLA!] => C:\Program Files (x86)\ipla\ipla.exe [21032736 2016-07-11] (Cyfrowy Polsat S.A.)
HKU\S-1-5-21-2555031829-1915374467-2933209100-1000\...\Run: [ChomikBox] => C:\Program Files (x86)\ChomikBox\chomikbox.exe [3939840 2015-12-17] ( )
HKU\S-1-5-21-2555031829-1915374467-2933209100-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27011712 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-2555031829-1915374467-2933209100-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-2555031829-1915374467-2933209100-1000\...\Run: [Wyślij do programu OneNote 2010] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGAE.EXE [224768 2010-01-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2555031829-1915374467-2933209100-1000\...\MountPoints2: {99a045e4-d4dd-11e1-b8ab-ac7289578bf3} - G:\Startme.exe
HKU\S-1-5-21-2555031829-1915374467-2933209100-1000\...\MountPoints2: {a70bfd4b-c360-11e3-a507-ac7289578bf3} - G:\.\StartModem.exe
HKU\S-1-5-21-2555031829-1915374467-2933209100-1000\...\MountPoints2: {d5bc5b62-567b-11e3-ae5b-ac7289578bf3} - G:\Startme.exe
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27011712 2016-10-17] (Skype Technologies S.A.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.)
ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} =>  Brak pliku
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} =>  Brak pliku
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-10-27]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.427\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Mugenos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk [2011-05-07]
ShortcutTarget: Intel(R) Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Startup: C:\Users\test.USER-Komputer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk [2011-05-07]
ShortcutTarget: Intel(R) Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Startup: C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-12-01]
ShortcutTarget: Dropbox.lnk -> C:\Users\USER\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

ProxyEnable: [HKLM-x32] => Proxy [funkcja włączona]
ProxyServer: [HKLM-x32] => 190.38.2.7:8080
AutoConfigURL: [HKLM] => 190.38.2.7:8080
ProxyServer: [S-1-5-21-2555031829-1915374467-2933209100-1000] => 201.73.200.82:3128
Hosts: 0.0.0.1	mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 85.202.144.12 85.202.144.11 212.87.241.6
Tcpip\Parameters: [NameServer] 8.8.8.8,208.67.222.222
Tcpip\..\Interfaces\{0B1F64BC-CCFA-40BE-824F-5236F115D28A}: [DhcpNameServer] 85.202.144.12 85.202.144.11 212.87.241.6
Tcpip\..\Interfaces\{81E4FFBD-B21B-476A-ACB8-71D47C702CEA}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{CC5F79F0-4D04-44E6-B18F-26B33A20DCB3}: [DhcpNameServer] 195.88.28.30 89.174.23.99

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131232184613576198&GUID=349B58DA-38A8-327F-ED97-3E8F0F4F4E34
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.delta-homes.com/web/?type=ds&ts=1388680489&from=wpm0102&uid=WDCXWD5000BPKT-75PK4T0_WD-WX51A71Y2161Y2161&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mylucky123.com/?type=hp&ts=1476786623&z=358522b4141e4cb57770e3eg9z3m0qam5b8q9q9o3z&from=amule1017&uid=WDCXWD5000BPKT-75PK4T0_WD-WX51A71Y2161Y2161
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1388680489&from=wpm0102&uid=WDCXWD5000BPKT-75PK4T0_WD-WX51A71Y2161Y2161&q={searchTerms}
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131056976820336289&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://v9.com?type=hp&ts=1450258856&from=mych123&uid=wdcxwd5000bpkt-75pk4t0_wd-wx51a71y2161y2161&z=5fbfd3366d41532261f238dgfz2wee8o2w4babawfb
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131056976820336289&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://v9.com?type=hp&ts=1450258856&from=mych123&uid=wdcxwd5000bpkt-75pk4t0_wd-wx51a71y2161y2161&z=5fbfd3366d41532261f238dgfz2wee8o2w4babawfb
HKU\S-1-5-21-2555031829-1915374467-2933209100-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=WDCXWD5000BPKT-75PK4T0_WD-WX51A71Y2161Y2161&ts=1393422490&type=default&q={searchTerms}
HKU\S-1-5-21-2555031829-1915374467-2933209100-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131232184613586198&GUID=349B58DA-38A8-327F-ED97-3E8F0F4F4E34
HKU\S-1-5-21-2555031829-1915374467-2933209100-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mylucky123.com/?type=hp&ts=1476786623&z=358522b4141e4cb57770e3eg9z3m0qam5b8q9q9o3z&from=amule1017&uid=WDCXWD5000BPKT-75PK4T0_WD-WX51A71Y2161Y2161
HKU\S-1-5-21-2555031829-1915374467-2933209100-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=WDCXWD5000BPKT-75PK4T0_WD-WX51A71Y2161Y2161&ts=1393422490&type=default&q={searchTerms}
URLSearchHook: HKU\S-1-5-21-2555031829-1915374467-2933209100-1000 - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = 
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2555031829-1915374467-2933209100-1000 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKU\S-1-5-21-2555031829-1915374467-2933209100-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://startsear.ch/?aff=1&src=sp&cf=ee282f47-8e41-11e1-88f6-ac7289578bf3&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2555031829-1915374467-2933209100-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=C46A00FFC9715CC3&affID=121564&tsp=4957
SearchScopes: HKU\S-1-5-21-2555031829-1915374467-2933209100-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mylucky123.com/search/?type=ds&ts=1476786623&z=358522b4141e4cb57770e3eg9z3m0qam5b8q9q9o3z&from=amule1017&uid=WDCXWD5000BPKT-75PK4T0_WD-WX51A71Y2161Y2161&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2555031829-1915374467-2933209100-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKU\S-1-5-21-2555031829-1915374467-2933209100-1000 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKU\S-1-5-21-2555031829-1915374467-2933209100-1000 -> {D0B48296-04EF-45D2-A31C-4353E6244893} URL = 
SearchScopes: HKU\S-1-5-21-2555031829-1915374467-2933209100-1000 -> {EBA63E7C-8D74-472A-94A9-6CAE67390BC4} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^PL&apn_uid=6A424BB3-73DC-48F5-A620-8E8CB9DC56AD&apn_sauid=AA02F8EF-69C9-4368-9446-3AF7A57928D2
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-06] (AO Kaspersky Lab)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Brak nazwy -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Brak pliku
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-11-02] (Intel Security)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-06] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-15] (Oracle Corporation)
BHO-x32: IE5BarLauncherBHO Class -> {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} -> C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll [2011-09-22] (VShare Inc.)
BHO-x32: Pomocnik logowania za pomocą konta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-15] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-06] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2011-08-17] (ICQ)
Toolbar: HKLM-x32 - VShareToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll [2011-09-22] (VShare Inc.)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-11-02] (Intel Security)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-06] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-2555031829-1915374467-2933209100-1000 -> Brak nazwy - {D4027C7F-154A-4066-A1AD-4243D8127440} -  Brak pliku
Toolbar: HKU\S-1-5-21-2555031829-1915374467-2933209100-1000 -> Brak nazwy - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} -  Brak pliku
Toolbar: HKU\S-1-5-21-2555031829-1915374467-2933209100-1000 -> Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-06] (AO Kaspersky Lab)
StartMenuInternet: IEXPLORE.EXE - c:\program files\internet explorer\iexplore.exe hxxp://www.mylucky123.com/?type=sc&ts=1476786623&z=358522b4141e4cb57770e3eg9z3m0qam5b8q9q9o3z&from=amule1017&uid=WDCXWD5000BPKT-75PK4T0_WD-WX51A71Y2161Y2161

FireFox:
========
FF DefaultProfile: rdeikil3.mugenos
FF DefaultProfile: profile.default
FF ProfilePath: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\vhbqnleo.default [2016-12-15]
FF user.js: detected! => C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\vhbqnleo.default\user.js [2016-09-26]
FF Homepage: Mozilla\Firefox\Profiles\vhbqnleo.default -> about:home
FF NetworkProxy: Mozilla\Firefox\Profiles\vhbqnleo.default -> socks", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\vhbqnleo.default -> socks_port", 1080
FF NetworkProxy: Mozilla\Firefox\Profiles\vhbqnleo.default -> type", 0
FF Extension: (xRocket Toolbar) - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\vhbqnleo.default\Extensions\arthurj8283@gmail.com [2016-09-26] [Brak podpisu cyfrowego]
FF Extension: (Brak nazwy) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\content_blocker@kaspersky.com [nie znaleziono]
FF Extension: (Brak nazwy) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\online_banking@kaspersky.com [nie znaleziono]
FF Extension: (Brak nazwy) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [nie znaleziono]
FF SearchPlugin: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\vhbqnleo.default\searchplugins\mylucky123.xml [2016-10-08]
FF SearchPlugin: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\vhbqnleo.default\searchplugins\nice.xml [2016-09-26]
FF SearchPlugin: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\vhbqnleo.default\searchplugins\nuesearch.xml [2016-09-14]
FF ProfilePath: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\rdeikil3.mugenos [2016-12-15]
FF Homepage: Mozilla\Firefox\Profiles\rdeikil3.mugenos -> hxxp://www.nuesearch.com/?type=hp&ts=1473838790&z=9d681582679e8edafd841ccg9z4m7c5b3cdbbm5t4o&from=qks0914&uid=WDCXWD5000BPKT-75PK4T0_WD-WX51A71Y2161Y2161
FF SearchPlugin: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\rdeikil3.mugenos\searchplugins\nice.xml [2016-09-26]
FF ProfilePath: C:\Users\USER\AppData\Roaming\idesktop\DFolder\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default [2015-06-11]
FF Extension: (HTTPS-Everywhere) - C:\Users\USER\AppData\Roaming\idesktop\DFolder\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\Extensions\https-everywhere@eff.org [2015-06-11] [Brak podpisu cyfrowego]
FF Extension: (Polski Language Pack) - C:\Users\USER\AppData\Roaming\idesktop\DFolder\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\Extensions\langpack-pl@firefox.mozilla.org.xpi [2000-01-01] [Brak podpisu cyfrowego]
FF Extension: (TorLauncher) - C:\Users\USER\AppData\Roaming\idesktop\DFolder\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\Extensions\tor-launcher@torproject.org.xpi [2000-01-01] [Brak podpisu cyfrowego]
FF Extension: (Torbutton) - C:\Users\USER\AppData\Roaming\idesktop\DFolder\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\Extensions\torbutton@torproject.org.xpi [2000-01-01] [Brak podpisu cyfrowego]
FF Extension: (NoScript) - C:\Users\USER\AppData\Roaming\idesktop\DFolder\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2000-01-01] [Brak podpisu cyfrowego]
FF Extension: (Brak nazwy) - C:\Users\USER\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions\https-everywhere@eff.org [nie znaleziono]
FF Extension: (Brak nazwy) - C:\Users\USER\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions\tor-launcher@torproject.org.xpi [nie znaleziono]
FF Extension: (Brak nazwy) - C:\Users\USER\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions\torbutton@torproject.org.xpi [nie znaleziono]
FF Extension: (Brak nazwy) - C:\Users\USER\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [nie znaleziono]
FF ProfilePath: C:\Users\USER\AppData\Roaming\Firefox\Firefox\Profiles\vhbqnleo.default [2016-09-22]
FF user.js: detected! => C:\Users\USER\AppData\Roaming\Firefox\Firefox\Profiles\vhbqnleo.default\user.js [2016-06-30]
FF Homepage: Firefox\Firefox\Profiles\vhbqnleo.default -> about:home
FF NetworkProxy: Firefox\Firefox\Profiles\vhbqnleo.default -> socks", "127.0.0.1"
FF NetworkProxy: Firefox\Firefox\Profiles\vhbqnleo.default -> socks_port", 1080
FF NetworkProxy: Firefox\Firefox\Profiles\vhbqnleo.default -> type", 0
FF SearchPlugin: C:\Users\USER\AppData\Roaming\Firefox\Firefox\Profiles\vhbqnleo.default\searchplugins\nuesearch.xml [2016-09-14]
FF ProfilePath: C:\Users\USER\AppData\Roaming\Firefox\Firefox\Profiles\rdeikil3.mugenos [2016-12-15]
FF Homepage: Firefox\Firefox\Profiles\rdeikil3.mugenos -> hxxp://www.searchinme.com/?type=hp&ts=1474538256256&z=0a72d2f934b980fdcc46348gcz7m0zdqfoae6g7e5o&from=official&uid=WDCXWD5000BPKT-75PK4T0_WD-WX51A71Y2161Y2161
FF Extension: (SimilarWeb) - C:\Users\USER\AppData\Roaming\Firefox\Firefox\Profiles\rdeikil3.mugenos\Extensions\@DA3566E2-F709-11E5-8E87-A604BC8E7F8B.xpi [2016-09-23] [Brak podpisu cyfrowego]
FF Extension: (Fontface Ninja) - C:\Users\USER\AppData\Roaming\Firefox\Firefox\Profiles\rdeikil3.mugenos\Extensions\@ffn.xpi [2016-10-21]
FF Extension: (English (US) Language Pack) - C:\Users\USER\AppData\Roaming\Firefox\Firefox\Profiles\rdeikil3.mugenos\Extensions\langpack-en-US@firefox.mozilla.org.xpi [2016-12-05] [Brak podpisu cyfrowego]
FF SearchPlugin: C:\Users\USER\AppData\Roaming\Firefox\Firefox\Profiles\rdeikil3.mugenos\searchplugins\searchinme.xml [2016-08-25]
FF ProfilePath: c:\programdata\kaspersky lab\safebrowser\kis\s-1-5-21-2555031829-1915374467-2933209100-1000\firefox [2016-11-25]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-11-16] [Brak podpisu cyfrowego]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-06]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\8dx8lkb2.default\extensions\quick_start@gmail.com => nie znaleziono
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\dcg868ls.default-1393424603765\extensions\faststartff@gmail.com => nie znaleziono
FF HKLM-x32\...\Firefox\Extensions: [shortcutff@gmail.com] - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\dcg868ls.default-1393424603765\extensions\shortcutff@gmail.com => nie znaleziono
FF HKLM-x32\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\vhbqnleo.default\extensions\arthurj8283@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml [2014-06-12]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-14] ()
FF Plugin-x32: @idsoftware.com/QuakeLive -> C:\ProgramData\id Software\QuakeLive\npquakezero.dll [2012-02-14] (id Software Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-01-13] (Nero AG)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2010-01-20] (Sony Media Software and Services Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll [2014-05-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll [2014-05-09] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2555031829-1915374467-2933209100-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\USER\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2555031829-1915374467-2933209100-1000: @talk.google.com/O1DPlugin -> C:\Users\USER\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2555031829-1915374467-2933209100-1000: @tools.google.com/Google Update;version=3 -> C:\Users\USER\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-2555031829-1915374467-2933209100-1000: @tools.google.com/Google Update;version=9 -> C:\Users\USER\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll [2011-10-03] (vShare.tv )
FF Plugin ProgramFiles/Appdata: C:\Users\USER\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\USER\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [ainbkicbloikcngphmjfpjdemblcojdd] - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\slidebar.crx [2014-06-12]
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2013-10-19]
CHR HKLM-x32\...\Chrome\Extension: [kpionmjnkbpcdpcflammlgllecmejgjj] - C:\Program Files (x86)\vShare.tv plugin\vshareplg.crx [2011-08-31]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-26]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-06-12]

Opera: 
=======
OPR Session Restore: -> [funkcja włączona]

==================== Usługi (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S4 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [201800 2016-11-09] (APN LLC.)
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 ed2kidle; C:\Program Files (x86)\walalala co\aMuleCustom\ed2k.exe [236544 2016-09-12] (hxxp://www.amule.org/) [Brak podpisu cyfrowego]
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [Brak podpisu cyfrowego]
R2 FirefoxU; C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe [104624 2016-12-05] ()
S4 Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-02-07] ()
R2 ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [247872 2011-08-17] ()
S2 IlS; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S2 IlS; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-07-14] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.427\McCHSvc.exe [329480 2016-10-13] (McAfee, Inc.)
R2 MCRL; C:\ProgramData\Microsoft\IdentityCRL\ppcrluiex.dll [349184 2016-11-28] () [Brak podpisu cyfrowego]
R2 MSSQL$FAKTURABYMARCIO; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()
S4 OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] () [Brak podpisu cyfrowego]
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55056 2016-12-14] (Copyright (c) 2016 Plays.tv, LLC)
S3 Program Manager; C:\Program Files (x86)\Common Files\ProgramManager\ProgramManager.exe [1563368 2016-11-14] ()
R2 sesvc; C:\Program Files (x86)\ShadowExplorer\sesvc.exe [9216 2013-01-02] (www.shadowexplorer.com) [Brak podpisu cyfrowego]
S4 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025408 2013-10-18] (Enigma Software Group USA, LLC.)
R2 StatusAgent4; C:\Windows\SysWOW64\SAgent4.exe [131072 2006-12-20] (SEIKO EPSON CORPORATION) [Brak podpisu cyfrowego]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
S2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation) [DependOnService: iThemes5]<==== UWAGA
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [990656 2016-10-28] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2016-10-28] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-10-28] (McAfee, Inc.)
R2 UI Assistant Service; C:\Program Files (x86)\PLAY ONLINE\AssistantServices.exe [252784 2010-04-30] ()
S2 W3PCC; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S2 W3PCC; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Sterowniki (filtrowane) ======================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [70368 2016-02-10] (Advanced Micro Devices, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-05-01] ()
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-12-01] (DT Soft Ltd)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] ()
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2012-06-22] ()
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2016-05-19] (Elex do Brasil Participações Ltda)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [189264 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [305496 2016-09-08] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1036512 2016-12-06] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [57936 2016-12-06] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52144 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [75696 2016-05-17] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [134880 2016-12-06] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-05-01] ()
S3 mtkmbim; C:\Windows\System32\DRIVERS\mtkmbim7_x64.sys [208896 2012-12-13] (MediaTek Inc.)
S3 s1039bus; C:\Windows\System32\DRIVERS\s1039bus.sys [127600 2009-11-19] (MCCI Corporation)
S3 s1039mdfl; C:\Windows\System32\DRIVERS\s1039mdfl.sys [19568 2009-11-19] (MCCI Corporation)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [161904 2009-11-19] (MCCI Corporation)
S3 s1039mgmt; C:\Windows\System32\DRIVERS\s1039mgmt.sys [141424 2009-11-19] (MCCI Corporation)
S3 s1039nd5; C:\Windows\System32\DRIVERS\s1039nd5.sys [34416 2009-11-19] (MCCI Corporation)
S3 s1039obex; C:\Windows\System32\DRIVERS\s1039obex.sys [137328 2009-11-19] (MCCI Corporation)
S3 s1039unic; C:\Windows\System32\DRIVERS\s1039unic.sys [158320 2009-11-19] (MCCI Corporation)
R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)
S3 wdf_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [81408 2013-02-21] (MediaTek Inc.)

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2016-12-15 15:55 - 2016-12-15 15:55 - 00000000 ____D C:\Users\USER\Desktop\Nowy folder
2016-12-15 13:34 - 2016-12-15 13:34 - 00019423 _____ C:\Users\USER\Downloads\rozliczenie_ekomandosi_pazdziernik2016.ods
2016-12-15 11:27 - 2016-12-15 15:56 - 00000000 ____D C:\Users\USER\Desktop\FRST
2016-12-15 11:26 - 2016-12-15 11:28 - 00000000 ____D C:\FRST
2016-12-15 11:23 - 2016-12-15 11:23 - 00004185 _____ C:\Users\USER\Desktop\roziwazanie problemu aero.txt
2016-12-14 19:18 - 2016-12-14 19:18 - 00000000 ____D C:\Users\USER\.QtWebEngineProcess
2016-12-14 19:18 - 2016-12-14 19:18 - 00000000 ____D C:\Users\USER\.Plays.tv
2016-12-14 19:11 - 2016-12-14 19:11 - 00000000 ____D C:\Users\USER\AppData\Local\AMD
2016-12-14 19:09 - 2016-02-10 01:47 - 00070368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdkmpfd.sys
2016-12-14 19:05 - 2016-12-14 19:05 - 00004236 _____ C:\Windows\System32\Tasks\AMD Updater
2016-12-14 19:04 - 2016-12-15 11:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raptr
2016-12-14 19:04 - 2016-12-14 19:04 - 00002023 _____ C:\Users\Public\Desktop\Raptr.lnk
2016-12-14 19:03 - 2016-12-15 13:58 - 00000000 ____D C:\Users\USER\AppData\Roaming\PlaysTV
2016-12-14 19:03 - 2016-12-14 19:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2016-12-14 19:02 - 2016-12-14 19:02 - 00000000 ____D C:\Users\USER\AppData\Roaming\library_dir
2016-12-14 19:02 - 2016-12-14 19:02 - 00000000 ____D C:\Program Files (x86)\Raptr Inc
2016-12-14 19:01 - 2016-12-15 13:59 - 00000000 ____D C:\Users\USER\AppData\Roaming\Raptr
2016-12-14 19:01 - 2016-12-14 19:02 - 00000000 ____D C:\Program Files (x86)\Raptr
2016-12-14 19:01 - 2016-12-14 19:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2016-12-14 19:00 - 2016-12-14 19:00 - 00000000 ____D C:\Program Files (x86)\AMD
2016-12-14 18:53 - 2016-12-14 19:09 - 00000000 ____D C:\Program Files\AMD
2016-12-14 18:51 - 2016-12-14 18:51 - 00000000 ____D C:\AMD
2016-12-14 18:42 - 2016-12-14 18:44 - 328369528 _____ (AMD Inc.) C:\Users\USER\Desktop\non-whql-64bit-nieg-radeon-crimson-16.2.1-win10-win8.1-win7-feb27.exe
2016-12-14 18:36 - 2016-12-14 18:36 - 00002029 _____ C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\888poker.lnk
2016-12-14 18:36 - 2016-12-14 18:36 - 00002005 _____ C:\Users\USER\Desktop\888poker.lnk
2016-12-14 18:36 - 2016-12-14 18:36 - 00002005 _____ C:\Users\test.USER-Komputer\Desktop\888poker.lnk
2016-12-14 18:36 - 2016-12-14 18:36 - 00002005 _____ C:\Users\postgres\Desktop\888poker.lnk
2016-12-14 18:36 - 2016-12-14 18:36 - 00002005 _____ C:\Users\Mugenos\Desktop\888poker.lnk
2016-12-14 18:36 - 2016-12-14 18:36 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\888poker
2016-12-14 18:36 - 2016-12-14 18:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\888poker
2016-12-14 18:35 - 2016-12-14 18:36 - 00000000 ____D C:\Users\USER\AppData\Roaming\PacificPoker
2016-12-14 18:34 - 2016-12-14 21:06 - 00000000 ____D C:\Program Files (x86)\PacificPoker
2016-12-14 17:20 - 2016-12-14 17:20 - 00000000 ____D C:\Users\USER\Desktop\raport z ahrefsa
2016-12-14 17:20 - 2016-12-14 17:20 - 00000000 ____D C:\Users\USER\Desktop\klucz rejestru z ccleanera
2016-12-14 15:51 - 2016-11-21 19:16 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-12-14 15:51 - 2016-11-21 19:16 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-14 15:51 - 2016-11-21 19:12 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-14 15:51 - 2016-11-21 19:12 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-14 15:51 - 2016-11-21 19:12 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-14 15:51 - 2016-11-21 19:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-14 15:51 - 2016-11-21 19:12 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-14 15:51 - 2016-11-21 19:12 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-14 15:51 - 2016-11-21 19:12 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-14 15:51 - 2016-11-21 19:12 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-14 15:51 - 2016-11-21 19:12 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-14 15:51 - 2016-11-21 19:12 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-12-14 15:51 - 2016-11-21 19:12 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-14 15:51 - 2016-11-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-12-14 15:51 - 2016-11-21 19:12 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-14 15:51 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-12-14 15:51 - 2016-11-21 19:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-12-14 15:51 - 2016-11-21 19:12 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-12-14 15:51 - 2016-11-21 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-12-14 15:51 - 2016-11-21 19:12 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-12-14 15:51 - 2016-11-21 19:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-14 15:51 - 2016-11-21 19:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-12-14 15:51 - 2016-11-20 17:20 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-12-14 15:51 - 2016-11-20 17:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-12-14 15:51 - 2016-11-20 17:20 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-12-14 15:51 - 2016-11-20 17:20 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-14 15:51 - 2016-11-20 17:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-12-14 15:51 - 2016-11-20 17:19 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-12-14 15:51 - 2016-11-20 17:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-14 15:51 - 2016-11-20 17:19 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-14 15:51 - 2016-11-20 17:19 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-14 15:51 - 2016-11-20 17:19 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-12-14 15:51 - 2016-11-20 17:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-12-14 15:51 - 2016-11-20 17:19 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-12-14 15:51 - 2016-11-20 17:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-12-14 15:51 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-12-14 15:51 - 2016-11-20 17:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-12-14 15:51 - 2016-11-20 17:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-12-14 15:51 - 2016-11-20 17:19 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-12-14 15:51 - 2016-11-20 17:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-12-14 15:51 - 2016-11-20 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-14 15:51 - 2016-11-20 16:57 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-14 15:51 - 2016-11-20 16:57 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-14 15:51 - 2016-11-20 16:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-12-14 15:51 - 2016-11-20 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-12-14 15:51 - 2016-11-20 16:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-12-14 15:51 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-14 15:51 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-14 15:51 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-12-14 15:51 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-12-14 15:51 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-14 15:51 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-12-14 15:51 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-12-14 15:51 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-14 15:51 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-12-14 15:51 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-14 15:51 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-12-14 15:51 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-14 15:51 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-14 15:51 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-12-14 15:51 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-14 15:51 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-14 15:51 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-14 15:51 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-12-14 15:51 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-14 15:51 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-12-14 15:51 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-14 15:51 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-14 15:51 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-14 15:51 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-14 15:51 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-14 15:51 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-12-14 15:51 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-12-14 15:51 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-14 15:51 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-14 15:51 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-12-14 15:51 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-14 15:51 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-14 15:51 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-12-14 15:51 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-12-14 15:51 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-12-14 15:51 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-14 15:51 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-14 15:51 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-12-14 15:51 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-14 15:51 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-14 15:51 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-14 15:51 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-12-14 15:51 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-12-14 15:51 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-14 15:51 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-12-14 15:51 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-14 15:51 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-14 15:51 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-12-14 15:51 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-14 15:51 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-14 15:51 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-12-14 15:51 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-12-14 15:51 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-14 15:51 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-14 15:51 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-12-14 15:51 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-14 15:51 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-12-14 15:51 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-14 15:51 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-14 15:51 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-14 15:51 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-12-14 15:51 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-14 15:51 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-14 15:51 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-14 15:51 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-14 15:51 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-14 15:51 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-14 15:51 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-14 15:51 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-14 15:51 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-14 15:51 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-12-14 15:51 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-14 15:51 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-14 15:51 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-12-14 15:51 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-12-14 15:51 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-12-14 15:51 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-14 15:51 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-14 15:51 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-14 15:51 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-12-14 15:51 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-12-14 15:51 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-12-14 15:51 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-12-14 15:51 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-14 15:51 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-14 15:51 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-14 15:51 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-14 15:51 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-12-14 15:51 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-12-14 15:51 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-12-14 15:51 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-14 15:51 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-12-14 15:51 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-14 15:51 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-12-14 15:51 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-12-14 15:51 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-12-14 15:51 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-12-14 15:51 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-12-14 15:51 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-12-14 15:51 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-12-14 15:51 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-12-14 15:51 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-12-14 15:51 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-12-14 15:51 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-12-14 15:51 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-12-14 15:51 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-12-14 15:51 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-12-14 15:51 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-12-14 15:51 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-12-14 15:51 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-12-14 15:51 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-12-14 15:51 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-12-14 15:51 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-12-14 15:51 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-12-14 15:51 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-14 15:51 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2016-12-14 15:51 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2016-12-14 15:51 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-12-14 15:51 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-14 15:51 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-14 15:51 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-12-14 15:51 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-12-14 15:51 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-14 15:51 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-12-14 15:51 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-12-14 15:51 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-12-14 13:45 - 2016-12-14 13:45 - 00000000 ____D C:\Users\USER\AppData\Local\ElevatedDiagnostics
2016-12-14 12:28 - 2016-12-14 12:28 - 00087768 _____ C:\Users\USER\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-14 12:25 - 2016-12-14 17:41 - 00352304 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-13 10:08 - 2016-12-13 10:09 - 145634921 _____ C:\Users\USER\Downloads\attachment.rar
2016-12-09 12:59 - 2016-12-09 12:59 - 00000000 ____D C:\Users\USER\AppData\Local\Geckofx
2016-12-09 12:45 - 2016-12-09 12:45 - 06880664 _____ (Tim Kosse) C:\Users\USER\Downloads\FileZilla_3.23.0.2_win64-setup.exe
2016-12-09 09:51 - 2016-12-09 10:37 - 00000116 _____ C:\Users\USER\Desktop\lumidenewslettertest.csv
2016-12-08 11:03 - 2016-12-08 11:04 - 08896598 _____ C:\Users\USER\Downloads\domains_2016-12-08_10_03_26.csv
2016-12-07 13:55 - 2016-12-07 13:55 - 00001180 _____ C:\Users\USER\Desktop\SeoPrzybornik.lnk
2016-12-07 13:55 - 2016-12-07 13:55 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Seo Przybornik
2016-12-07 13:55 - 2016-12-07 13:55 - 00000000 ____D C:\Program Files (x86)\Seo Przybornik
2016-12-07 13:54 - 2016-12-07 13:54 - 52309511 _____ (Seo Solutions) C:\Users\USER\Desktop\SeoPrzybornikInstalator.exe
2016-12-06 10:57 - 2016-12-06 13:11 - 00022300 _____ C:\Users\USER\Downloads\100 linków z sygnatur.xlsx
2016-12-05 14:57 - 2016-12-06 13:11 - 00006397 _____ C:\Users\USER\Desktop\txt6grudzien2016.txt
2016-12-05 14:04 - 2016-12-05 14:04 - 00800400 _____ C:\Users\USER\Downloads\bez-nazwy-3.tif
2016-12-05 13:39 - 2016-12-05 13:39 - 00000000 ____D C:\Program Files (x86)\Firefox
2016-12-05 13:20 - 2016-12-05 13:20 - 00318425 _____ C:\Users\USER\Downloads\lumide_sklep2.gz
2016-12-05 12:49 - 2016-12-05 12:49 - 03293747 _____ C:\Users\USER\Downloads\virt8750_fitline.gz
2016-12-05 12:40 - 2016-12-05 12:41 - 00046141 _____ C:\Users\USER\Downloads\sql(1)
2016-12-05 12:40 - 2016-12-05 12:40 - 00046141 _____ C:\Users\USER\Downloads\sql
2016-12-05 10:59 - 2016-12-05 11:01 - 00009609 _____ C:\Users\USER\Downloads\file.csv
2016-12-05 00:32 - 2016-12-05 00:43 - 00000361 _____ C:\Users\USER\Desktop\filmy.txt
2016-12-02 14:23 - 2016-12-02 14:44 - 00028563 _____ C:\Users\USER\Desktop\kliencilumide.csv
2016-12-01 22:51 - 2016-12-01 22:51 - 00002587 _____ C:\Users\USER\Downloads\customer_2016-12-01_225204.csv
2016-12-01 20:54 - 2016-12-01 20:54 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-12-01 12:21 - 2016-12-01 12:21 - 00999997 _____ C:\Users\USER\Downloads\logo STRONA.ai
2016-12-01 12:21 - 2016-12-01 12:21 - 00158393 _____ C:\Users\USER\Downloads\logo STRONA.pdf
2016-12-01 10:50 - 2016-12-01 10:51 - 00924157 _____ C:\Users\USER\Downloads\export_Product.csv
2016-11-30 13:05 - 2016-12-12 10:05 - 00000000 ____D C:\Program Files (x86)\CLUSTERIC Search Auditor
2016-11-30 13:05 - 2016-11-30 13:05 - 00001138 _____ C:\Users\Public\Desktop\CLUSTERIC Search Auditor.lnk
2016-11-30 13:05 - 2016-11-30 13:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CLUSTERIC Search Auditor
2016-11-30 10:49 - 2016-11-30 10:49 - 00064173 _____ C:\Users\USER\Downloads\3581-adwokatms.pl-NAP25.xlsx
2016-11-29 22:34 - 2016-11-29 22:34 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00030400 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_clr0400.dll
2016-11-29 17:15 - 2016-11-29 17:15 - 00160229 _____ C:\Users\USER\Downloads\babylove1.csv
2016-11-29 17:11 - 2016-11-29 17:11 - 00162752 _____ C:\Users\USER\Downloads\products_2016_11_29_17_11_13.csv
2016-11-29 17:03 - 2016-11-29 17:03 - 00320460 _____ C:\Users\USER\Downloads\products_2016_11_29_13_16_242.csv
2016-11-29 13:48 - 2016-11-29 13:48 - 00002149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-29 13:48 - 2016-11-29 13:48 - 00002079 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-29 13:48 - 2016-11-29 13:48 - 00000000 ____D C:\Users\USER\AppData\Local\Coldjob
2016-11-29 13:47 - 2016-11-29 13:47 - 00000000 ____D C:\Program Files (x86)\Coldjob
2016-11-29 13:16 - 2016-11-29 17:03 - 00160229 _____ C:\Users\USER\Downloads\products_2016_11_29_13_16_24.csv
2016-11-29 13:04 - 2016-11-29 13:04 - 00010158 _____ C:\Users\USER\Downloads\exportproducts_v2.5.3.zip
2016-11-29 11:47 - 2016-11-29 11:47 - 00000000 ____D C:\Users\USER\AppData\Roaming\MySQL
2016-11-29 11:47 - 2016-11-29 11:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL
2016-11-29 11:46 - 2016-11-29 11:46 - 00000000 ____D C:\Program Files\MySQL
2016-11-29 11:39 - 2016-11-29 11:39 - 28016640 _____ C:\Users\USER\Downloads\mysql-workbench-community-6.3.8-winx64.msi
2016-11-29 11:36 - 2016-11-29 11:36 - 01582088 _____ ( ) C:\Users\USER\Desktop\MySQL-Workbench-19040-dp.exe
2016-11-29 11:11 - 2016-11-29 11:11 - 00000000 _____ C:\fs_settings.ini
2016-11-29 11:09 - 2016-11-29 11:11 - 00000000 ____D C:\Users\USER\AppData\Local\eMagicOne Store Manager for PrestaShop
2016-11-29 11:09 - 2016-11-29 11:09 - 00001339 _____ C:\Users\USER\Desktop\eMagicOne Store Manager for PrestaShop.lnk
2016-11-29 11:09 - 2016-11-29 11:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMagicOne
2016-11-29 11:09 - 2016-11-29 11:09 - 00000000 ____D C:\ProgramData\eMagicOne Store Manager for PrestaShop
2016-11-29 11:09 - 2016-11-29 11:09 - 00000000 ____D C:\Program Files (x86)\eMagicOne
2016-11-29 11:09 - 2014-09-08 14:37 - 00451960 _____ (Embarcadero Technologies, Inc.) C:\Windows\SysWOW64\midas.dll
2016-11-29 11:05 - 2016-11-29 11:05 - 01943344 _____ (eMagicOne) C:\Users\USER\Desktop\PrestaShopManagerSetup.exe
2016-11-29 10:41 - 2016-11-29 10:41 - 00000343 _____ C:\Users\USER\Downloads\category_2016-11-29_104151.csv
2016-11-29 10:25 - 2016-11-29 10:25 - 00004681 _____ C:\Users\USER\Downloads\product_2016-11-29_102536.csv
2016-11-29 10:05 - 2016-11-29 10:05 - 00001042 _____ C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-11-29 10:05 - 2016-11-29 10:05 - 00001042 _____ C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-11-28 19:16 - 2016-11-28 19:16 - 00303320 _____ (Random-Logic) C:\Users\USER\Desktop\888poker_installer.exe
2016-11-25 12:35 - 2016-11-25 12:35 - 00498847 _____ C:\Users\USER\Downloads\pl.gzip
2016-11-24 12:22 - 2016-11-24 12:22 - 00002503 _____ C:\Users\USER\Desktop\wpadmin1v12.txt
2016-11-23 14:50 - 2016-11-23 14:50 - 00038542 _____ C:\Users\USER\Downloads\Potwierdzenie_transakcji_nr_0000202501_231116.pdf
2016-11-22 19:27 - 2016-11-22 19:27 - 00000404 _____ C:\Users\USER\Desktop\dnsy lumide.txt
2016-11-22 15:04 - 2016-11-24 14:07 - 00000065 _____ C:\Users\USER\Desktop\keyword.txt
2016-11-22 15:04 - 2016-11-24 10:39 - 00002503 _____ C:\Users\USER\Desktop\wpadmin1v1.txt.txt
2016-11-22 15:04 - 2016-11-23 11:11 - 00000584 _____ C:\Users\USER\Desktop\1v1login.txt.txt
2016-11-22 15:04 - 2016-10-14 18:11 - 00001389 _____ C:\Users\USER\Desktop\1v1pass.txt.txt
2016-11-22 15:02 - 2016-11-22 15:03 - 00000000 ____D C:\Users\USER\Desktop\txt listopad 2016
2016-11-22 14:26 - 2016-11-22 14:26 - 00002292 _____ C:\Users\USER\Desktop\ProjectMaker.lnk
2016-11-22 14:26 - 2016-11-22 14:26 - 00002285 _____ C:\Users\USER\Desktop\ZennoPoster.lnk
2016-11-22 14:26 - 2016-11-22 14:26 - 00002285 _____ C:\Users\USER\Desktop\CodeCreator.lnk
2016-11-22 14:26 - 2016-11-22 14:26 - 00002278 _____ C:\Users\USER\Desktop\CapMonster.lnk
2016-11-22 13:42 - 2016-11-22 14:27 - 00000000 ____D C:\ZL.tmp
2016-11-22 11:32 - 2016-12-06 13:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-11-21 10:22 - 2016-11-21 10:23 - 00000000 ____D C:\Users\USER\Downloads\AXADIRECT dokumenty polisy
2016-11-20 09:20 - 2016-11-20 09:20 - 00038676 _____ C:\Users\USER\Downloads\Potwierdzenie_transakcji_nr_0000131936_201116 (1).pdf
2016-11-20 09:16 - 2016-11-20 09:16 - 00038676 _____ C:\Users\USER\Downloads\Potwierdzenie_transakcji_nr_0000131936_201116.pdf
2016-11-19 14:50 - 2016-11-19 14:50 - 00280984 _____ C:\Users\USER\Downloads\quik-shop.com-Google.pl+%28język+polski%29-19-11-2016-971.pdf
2016-11-18 12:19 - 2016-11-18 12:38 - 00444920 _____ C:\Users\USER\Documents\Oferta-antyki.pdf
2016-11-17 11:23 - 2016-11-17 11:23 - 00074019 _____ C:\Users\USER\Downloads\Analytics Wszystkie dane witryny Kanały 20161017-20161116.pdf
2016-11-17 11:06 - 2016-11-17 11:07 - 00038490 _____ C:\Users\USER\Downloads\potwierdzenie (babylove).pdf
2016-11-16 21:44 - 2016-11-16 21:44 - 00054777 _____ C:\Users\USER\Downloads\freshmail-presta-04-11-2016.zip
2016-11-16 21:26 - 2016-11-16 21:26 - 00254452 _____ C:\Users\USER\Downloads\v2.6.1-sendinblue.zip
2016-11-16 14:07 - 2016-11-16 14:07 - 00001041 _____ C:\Users\USER\Downloads\envato_marketplace_statement_2016-10-01_to_2016-10-31.csv
2016-11-16 13:50 - 2016-11-16 13:50 - 00019897 _____ C:\Users\USER\Downloads\rozliczenie_ekomandosi_wrzesien2016 (1).ods
2016-11-16 13:39 - 2016-11-16 13:39 - 00019897 _____ C:\Users\USER\Downloads\rozliczenie_ekomandosi_wrzesien2016.ods
2016-11-16 11:33 - 2016-11-16 11:33 - 00000000 ____D C:\Users\USER\AppData\Roaming\Riot Games
2016-11-16 09:51 - 2016-12-15 11:09 - 00000000 ____D C:\Users\USER\AppData\LocalLow\Mozilla
2016-11-16 09:51 - 2016-12-14 18:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-15 12:16 - 2016-11-15 12:17 - 00070508 _____ C:\Users\USER\Downloads\lumide_logo+r.pdf

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2016-12-15 15:59 - 2013-11-04 20:11 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2555031829-1915374467-2933209100-1000UA.job
2016-12-15 15:59 - 2012-04-02 16:25 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-15 15:58 - 2011-11-04 11:54 - 00000000 ____D C:\Users\USER\AppData\Roaming\Skype
2016-12-15 15:55 - 2009-07-14 05:45 - 00032096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-15 15:55 - 2009-07-14 05:45 - 00032096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-15 15:53 - 2013-10-19 17:57 - 00000288 _____ C:\Windows\Tasks\DigitalSite.job
2016-12-15 15:52 - 2016-05-26 13:03 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-12-15 15:52 - 2015-06-25 11:26 - 00001158 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2555031829-1915374467-2933209100-1000UA.job
2016-12-15 15:52 - 2014-02-17 14:06 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-15 15:52 - 2014-02-12 00:18 - 00000288 _____ C:\Windows\Tasks\Update Bonanza.job
2016-12-15 14:04 - 2012-01-31 16:10 - 00000000 ____D C:\Users\Public\Documents\KopiaBazyFakturaByMarcio
2016-12-15 14:01 - 2016-11-08 09:27 - 00000000 ____D C:\Users\USER\AppData\Local\CrashDumps
2016-12-15 13:59 - 2014-03-27 09:55 - 00000000 ___RD C:\Users\USER\Dropbox
2016-12-15 13:56 - 2014-10-25 12:07 - 00000000 ____D C:\Users\USER\.gstreamer-0.10
2016-12-15 13:56 - 2012-02-07 14:24 - 00000000 ____D C:\Users\USER\AppData\Roaming\ICQ
2016-12-15 13:55 - 2013-10-10 13:29 - 00000000 ____D C:\Users\USER\AppData\Roaming\ipla
2016-12-15 13:54 - 2015-11-04 23:04 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-12-15 13:54 - 2014-02-17 14:06 - 00001040 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-15 13:52 - 2016-09-12 16:48 - 00000000 _____ C:\Users\Public\Documents\temp.dat
2016-12-15 13:52 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-15 11:06 - 2014-10-25 12:07 - 00000000 ____D C:\Users\USER\AppData\Local\ChomikBox
2016-12-15 11:02 - 2013-07-12 08:00 - 00000000 ____D C:\Users\USER\AppData\Roaming\GG
2016-12-15 11:00 - 2012-02-06 15:08 - 00000000 ____D C:\Users\USER\AppData\Roaming\FileZilla
2016-12-15 10:12 - 2013-04-09 11:42 - 00000000 ____D C:\Users\USER\Downloads\toplister
2016-12-15 09:42 - 2013-11-04 20:11 - 00001002 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2555031829-1915374467-2933209100-1000Core.job
2016-12-15 09:33 - 2010-11-21 13:53 - 00787396 _____ C:\Windows\system32\perfh015.dat
2016-12-15 09:33 - 2010-11-21 13:53 - 00174172 _____ C:\Windows\system32\perfc015.dat
2016-12-15 09:33 - 2009-07-14 06:13 - 01802618 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-15 09:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-15 00:06 - 2015-06-25 11:26 - 00001106 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2555031829-1915374467-2933209100-1000Core.job
2016-12-14 21:07 - 2016-01-17 16:24 - 00000000 ____D C:\Users\USER\Documents\888poker
2016-12-14 20:15 - 2011-10-31 20:03 - 00000000 ____D C:\ProgramData\RDRM
2016-12-14 20:12 - 2015-07-17 14:37 - 00000992 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-12-14 20:10 - 2015-07-17 14:37 - 00003994 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-12-14 20:10 - 2012-04-02 16:25 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-14 20:10 - 2012-04-02 16:25 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-12-14 20:10 - 2011-11-14 20:34 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-14 20:10 - 2011-10-29 07:35 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-14 20:10 - 2011-10-29 07:35 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-14 19:08 - 2012-05-03 09:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-14 19:04 - 2015-11-28 23:24 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-14 19:00 - 2011-05-07 02:40 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-12-14 18:16 - 2016-11-14 10:36 - 00001075 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-12-14 18:16 - 2016-09-22 10:17 - 00001087 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-14 16:21 - 2013-07-18 08:52 - 00000000 ____D C:\Windows\system32\MRT
2016-12-14 16:11 - 2011-10-31 10:14 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-14 16:08 - 2012-01-31 16:07 - 01775224 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-14 15:26 - 2016-11-09 18:25 - 00000000 ____D C:\Users\USER\Desktop\obrazy jakies i zrzuty
2016-12-14 12:20 - 2012-03-26 22:13 - 00000000 ____D C:\Users\USER\AppData\Roaming\uTorrent
2016-12-14 12:05 - 2016-02-22 08:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2016-12-14 12:05 - 2015-04-22 08:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
2016-12-14 12:05 - 2015-02-14 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2016-12-14 12:05 - 2014-11-17 11:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zebroid
2016-12-14 12:05 - 2013-12-27 23:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-12-14 12:05 - 2013-10-19 17:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2016-12-14 12:05 - 2012-06-20 08:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstantArticleWizard
2016-12-14 12:04 - 2013-02-04 00:34 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SEO Moderator
2016-12-14 12:04 - 2011-11-15 11:11 - 00000000 ____D C:\Windows\Minidump
2016-12-14 10:21 - 2016-08-11 11:59 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-12-14 10:20 - 2016-08-11 11:49 - 00000000 ____D C:\Program Files\TrueKey
2016-12-13 14:50 - 2012-10-26 09:39 - 00002104 ____H C:\Users\USER\Documents\Default.rdp
2016-12-13 14:39 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-12-13 11:33 - 2016-08-11 12:03 - 00001190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2016-12-12 00:04 - 2011-10-30 10:53 - 00000000 ____D C:\Users\USER\AppData\Local\PokerStars.EU
2016-12-11 15:08 - 2011-10-30 10:47 - 00000000 ____D C:\Program Files (x86)\PokerStars
2016-12-09 11:15 - 2016-05-20 12:43 - 00000256 _____ C:\Users\USER\AppData\Roaming\RO39-2M3Q
2016-12-06 12:01 - 2016-11-06 10:37 - 01036512 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2016-12-06 12:01 - 2016-09-08 13:18 - 00134880 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwtp.sys
2016-12-06 12:01 - 2016-09-08 13:18 - 00057936 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys
2016-12-05 18:43 - 2016-04-05 11:03 - 00000000 ____D C:\Users\USER\Downloads\moduly prestashop
2016-12-01 20:54 - 2014-03-27 09:53 - 00000000 ____D C:\Users\USER\AppData\Roaming\Dropbox
2016-12-01 19:46 - 2012-02-14 12:34 - 00000000 ____D C:\Users\USER\Downloads\SEO copywriting
2016-12-01 19:39 - 2016-06-02 12:10 - 00000000 ____D C:\Users\USER\Downloads\raporty seo dla klientow
2016-12-01 19:20 - 2011-12-16 09:28 - 00000000 ____D C:\Users\USER\Downloads\Microsite Manager
2016-12-01 14:37 - 2012-05-02 10:18 - 00000000 ____D C:\Users\USER\Downloads\Raporty
2016-11-30 11:38 - 2015-12-21 15:02 - 00000000 ____D C:\Program Files (x86)\CLUSTERIC Link Auditor
2016-11-29 10:05 - 2015-07-27 12:10 - 00001042 _____ C:\Users\test.USER-Komputer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-11-29 10:05 - 2011-11-02 00:14 - 00001042 _____ C:\Users\Mugenos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-11-29 00:01 - 2015-06-25 11:26 - 00004126 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2555031829-1915374467-2933209100-1000UA
2016-11-29 00:01 - 2015-06-25 11:26 - 00003730 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2555031829-1915374467-2933209100-1000Core
2016-11-28 20:00 - 2014-06-20 14:15 - 00000000 ____D C:\Users\USER\AppData\Local\Adobe
2016-11-25 17:46 - 2016-01-21 11:13 - 00003898 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1409664160
2016-11-25 17:46 - 2014-09-02 14:22 - 00000000 ____D C:\Program Files (x86)\Opera
2016-11-22 14:59 - 2014-09-08 09:00 - 00000000 ____D C:\ProgramData\Isolated Storage
2016-11-22 14:26 - 2012-05-24 22:22 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZennoLab
2016-11-22 13:43 - 2012-05-24 22:17 - 00000000 ____D C:\Program Files (x86)\ZennoLab
2016-11-21 11:59 - 2016-10-26 12:28 - 00000003 _____ C:\Windows\SysWOW64\hoewmds
2016-11-18 14:09 - 2011-12-08 18:53 - 00000000 ____D C:\Program Files (x86)\Google
2016-11-15 16:19 - 2013-09-10 20:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-11-15 16:19 - 2012-04-26 10:49 - 00000000 ____D C:\Program Files (x86)\Java
2016-11-15 16:18 - 2014-10-18 11:39 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-11-15 16:16 - 2015-12-28 11:38 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-11-15 16:16 - 2014-08-14 17:00 - 00000000 ____D C:\ProgramData\Skype

==================== Pliki w katalogu głównym wybranych folderów =======

2016-05-20 12:43 - 2016-05-20 12:43 - 0000088 _____ () C:\Users\USER\AppData\Roaming\.95d691779473f3e03bc4b4e56319d74c.key
2016-06-02 09:55 - 2016-06-02 09:55 - 0000088 _____ () C:\Users\USER\AppData\Roaming\.c79792229cdae4d8fe4e261fc4d6976b.key
2016-05-20 13:41 - 2016-05-20 17:00 - 0000128 _____ () C:\Users\USER\AppData\Roaming\GWMC-I92M
2016-10-01 00:46 - 2016-10-01 00:46 - 0023950 _____ () C:\Users\USER\AppData\Roaming\ICSW_1J1F1H1E2Y2Z1P1C1B2W1L1T2ZtJ1V0A0V0A0S0T.txt
2016-05-20 12:43 - 2016-12-09 11:15 - 0000256 _____ () C:\Users\USER\AppData\Roaming\RO39-2M3Q
2013-10-19 18:57 - 2015-02-01 13:00 - 0000094 _____ () C:\Users\USER\AppData\Roaming\WB.CFG
2013-11-27 20:47 - 2015-09-01 07:50 - 0000600 _____ () C:\Users\USER\AppData\Roaming\winscp.rnd
2012-01-27 21:18 - 2012-01-27 21:18 - 0003584 _____ () C:\Users\USER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-02 17:09 - 2016-04-15 10:24 - 0000600 _____ () C:\Users\USER\AppData\Local\PUTTY.RND
2013-02-24 12:43 - 2013-02-24 12:43 - 21748128 _____ () C:\Users\USER\AppData\Local\TempFullTiltPokerEuSetup.exe
2011-10-29 06:49 - 2011-10-29 06:49 - 0017408 _____ () C:\Users\USER\AppData\Local\WebpageIcons.db
2012-08-07 10:31 - 2012-08-07 10:31 - 0004879 _____ () C:\ProgramData\fuscxfxv.mrc
2012-07-23 23:06 - 2012-07-23 23:06 - 0148736 _____ (Avanquest Software) C:\ProgramData\hpeCAD4.dll
2013-03-21 12:26 - 2013-03-21 12:26 - 0004972 _____ () C:\ProgramData\rdgngdye.vsu

Pliki do przeniesienia lub usunięcia:
====================
C:\ProgramData\hpeCAD4.dll
C:\Users\USER\FileZilla_3.7.0.1_win32-setup.exe
C:\Users\USER\FileZilla_3.7.0.2_win32-setup.exe
C:\Users\USER\FileZilla_3.7.1_win32-setup.exe
C:\Users\USER\FileZilla_3.7.3_win32-setup.exe
C:\Users\USER\FileZilla_3.7.4.1_win32-setup.exe
C:\Users\USER\FileZilla_3.8.0_win32-setup.exe


Niektóre pliki w TEMP:
====================
C:\Users\USER\AppData\Local\Temp\jre-8u111-windows-au.exe
C:\Users\USER\AppData\Local\Temp\playstv_patch.exe
C:\Users\USER\AppData\Local\Temp\raptrpatch.exe
C:\Users\USER\AppData\Local\Temp\raptr_stub.exe
C:\Users\USER\AppData\Local\Temp\setup.exe


==================== Bamital & volsnap ======================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo
C:\Windows\explorer.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\Windows\system32\services.exe => Plik podpisany cyfrowo
C:\Windows\system32\User32.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo

LastRegBack: 2016-12-04 16:06

==================== Koniec  FRST.txt ============================