Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 15-01-2017 Uruchomiony przez user (administrator) DESKTOP-9V6DKQM (15-01-2017 14:26:09) Uruchomiony z C:\Users\user\Desktop Załadowane profile: user (Dostępne profile: user) Platform: Windows 10 Pro Wersja 1607 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () C:\Program Files\Broadcom\CV\bin\UshUpgradeService.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Broadcom Corporation) C:\Program Files\Broadcom\CV\bin\HostControlService.exe (Broadcom Corporation) C:\Program Files\Broadcom\CV\bin\HostStorageService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe () C:\DELL\Sytem64Folder\DellRctlService.exe (Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Sierra Wireless, Inc.) C:\Program Files\Sierra Wireless Inc\Utils\SwiService.exe (Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe (Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe () C:\Program Files\Intel Corporation\Intel WiDi\WRU.exe () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe ( ) C:\Windows\SysWOW64\lxeacoms.exe () C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE16\CSISYNCCLIENT.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [736552 2015-05-30] (Alps Electric Co., Ltd.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8712960 2015-10-20] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407232 2015-10-20] (Realtek Semiconductor) HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [714160 2015-09-22] (Waves Audio Ltd.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-22] (Intel Corporation) HKLM\...\Run: [Intel(R) WiDi Receiver Updater] => C:\Program Files\Intel Corporation\Intel WiDi\WRU.exe [89600 2015-10-27] () HKLM\...\Run: [lxeamon.exe] => C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe [772712 2013-01-23] () HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe [150264 2013-01-23] () HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9103976 2017-01-15] (AVAST Software) HKLM\...\RunOnce: [ucdrv_repair] => C:\Program Files (x86)\UCBrowser\Security\uclauncher.exe [739728 2017-01-15] (UC Web Inc.) HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKU\S-1-5-21-4025576816-31018432-1891004371-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google) HKU\S-1-5-18\...\Run: [] => 0 ShellExecuteHooks: Brak nazwy - {5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} - C:\ProgramData\igfxDH.dll -> Brak pliku ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-01-15] (AVAST Software) ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => C:\Program Files\żěŃą\X64\KZipShell.dll [2017-01-15] () ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\..\Interfaces\{38f7f9e8-42ef-4863-a6b1-f2e048e7dd91}: [NameServer] 89.108.195.21,89.108.202.20 Tcpip\..\Interfaces\{6cb9ff6b-054a-49d3-a36d-96449ef2bfbf}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKU\S-1-5-21-4025576816-31018432-1891004371-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccYrAOqy038KKUuPkN7Jsblii8mKtbeE-Mw-MI4xTQQ0a5MNblKKsmndVX-wbZmf8S94xMm2--tymdeODLPWzkQ7B3sdQZx9HWMVDAFZA3jelIbZ9XRHW0VnVmasn2LyA0nYbB4u6pPudJ71w2SjSBh7OD3goA,,&q={searchTerms} HKU\S-1-5-21-4025576816-31018432-1891004371-1002\Software\Microsoft\Internet Explorer\Main,Start Page = HKU\S-1-5-21-4025576816-31018432-1891004371-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE SearchScopes: HKLM-x32 -> DefaultScope - brak wartości SearchScopes: HKU\S-1-5-21-4025576816-31018432-1891004371-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-01-13] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-13] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-13] (Microsoft Corporation) Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-01-13] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-01-13] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-01-13] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-01-13] (Microsoft Corporation) FireFox: ======== FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-01-15] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-01-15] FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-25] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-25] (Intel Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-01-12] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-30] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-30] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-01-12] (Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2017-01-15] CHR Extension: (Prezentacje Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-30] CHR Extension: (Dokumenty Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-30] CHR Extension: (Dysk Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-30] CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-30] CHR Extension: (Adblock Plus) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-12-30] CHR Extension: (Arkusze Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-30] CHR Extension: (Dokumenty Google offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-30] CHR Extension: (AdBlock) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-12-30] CHR Extension: (Avast Online Security) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-01-15] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-12-30] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-30] CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-30] CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-30] CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\System Profile [2017-01-15] CHR HKU\S-1-5-21-4025576816-31018432-1891004371-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [96000 2015-09-26] (Alps Electric Co., Ltd.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2017-01-15] (AVAST Software) S3 cplspcon; C:\WINDOWS\system32\IntelCpHDCPSvc.exe [457200 2016-11-08] (Intel Corporation) R2 DellRctlService; c:\Dell\Sytem64Folder\DellRctlService.exe [32256 2015-09-04] () [Brak podpisu cyfrowego] R2 esifsvc; C:\WINDOWS\SysWoW64\esif_uf.exe [1392792 2015-10-30] (Intel Corporation) R2 hostcontrolsvc; C:\Program Files\Broadcom\CV\bin\HostControlService.exe [1056400 2016-08-12] (Broadcom Corporation) R2 hoststoragesvc; C:\Program Files\Broadcom\CV\bin\HostStorageService.exe [52872 2016-08-12] (Broadcom Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-22] (Intel Corporation) R2 ibtsiva.exe; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [135408 2015-08-25] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382448 2016-11-08] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Brak podpisu cyfrowego] S3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-09-18] (Intel Corporation) S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Brak podpisu cyfrowego] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-09-05] (Intel Corporation) S2 lxeaCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe [45736 2010-04-14] (Lexmark International, Inc.) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] () R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2015-10-20] (Realtek Semiconductor) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-16] (Microsoft Corporation) R2 SwiService; C:\Program Files\Sierra Wireless Inc\Utils\SWIService.exe [1163360 2016-01-18] (Sierra Wireless, Inc.) R2 ushupgradesvc; C:\Program Files\Broadcom\CV\bin\UshUpgradeService.exe [268432 2016-08-12] () R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [566192 2015-08-20] (Waves Audio Ltd.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2017-01-15] (AVAST Software) S1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2017-01-15] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2017-01-15] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2017-01-15] (AVAST Software) S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2017-01-15] (AVAST Software) R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2017-01-15] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2017-01-15] (AVAST Software) R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2017-01-15] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2017-01-15] (AVAST Software) R3 bcmnfcusb; C:\WINDOWS\System32\drivers\bcmnfcusb.sys [64240 2016-08-12] (Broadcom Corporation.) R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [19440 2015-05-08] (OSR Open Systems Resources, Inc.) R3 DellRctl; C:\WINDOWS\System32\drivers\DellRctl.sys [37632 2015-09-05] () R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55784 2015-10-30] (Intel Corporation) R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52200 2015-10-30] (Intel Corporation) R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [547840 2015-09-12] (Intel Corporation) R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260072 2015-10-30] (Intel Corporation) R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [113392 2015-08-25] (Intel Corporation) R3 IntcAzAudAddService; C:\WINDOWS\system32\drivers\RTDVHD64.sys [2595072 2015-10-20] (Realtek Semiconductor Corp.) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7116288 2016-07-16] (Intel Corporation) R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [777944 2016-03-21] (Realsil Semiconductor Corporation) S3 swmbbser05; C:\WINDOWS\system32\DRIVERS\swmbbser05.sys [288016 2016-01-18] (Sierra Wireless Incorporated) U1 ucdrv; C:\Program Files (x86)\UCBrowser\Security:ucdrv-x64.sys [23652 ] (UC Web Inc.) <==== UWAGA R3 wbfcvusbdrv; C:\WINDOWS\System32\Drivers\wbfcvusbdrv.sys [38128 2016-08-12] (Broadcom Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) R3 wmbclass; C:\WINDOWS\System32\drivers\wmbclass.sys [307712 2016-07-16] (Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-01-15 14:22 - 2017-01-15 14:26 - 00021890 _____ C:\Users\user\Desktop\FRST.txt 2017-01-15 14:22 - 2017-01-15 14:23 - 00038114 _____ C:\Users\user\Desktop\Addition.txt 2017-01-15 14:22 - 2017-01-15 14:14 - 02419200 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe 2017-01-15 14:15 - 2017-01-15 14:15 - 00037935 _____ C:\Users\user\Downloads\Addition.txt 2017-01-15 14:14 - 2017-01-15 14:26 - 00000000 ____D C:\FRST 2017-01-15 14:14 - 2017-01-15 14:15 - 00058303 _____ C:\Users\user\Downloads\FRST.txt 2017-01-15 14:14 - 2017-01-15 14:14 - 00380928 _____ C:\Users\user\Downloads\hrg5xufi.exe 2017-01-15 14:11 - 2017-01-15 14:14 - 02419200 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe 2017-01-15 12:14 - 2017-01-15 12:14 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2017-01-15 12:14 - 2017-01-15 12:14 - 00004088 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1484478859 2017-01-15 12:14 - 2017-01-15 12:14 - 00001090 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk 2017-01-15 12:14 - 2017-01-15 12:14 - 00001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2017-01-15 12:08 - 2017-01-15 12:11 - 08803648 _____ (Piriform Ltd) C:\Users\user\Downloads\ccsetup525.exe 2017-01-15 11:58 - 2017-01-15 11:58 - 00001981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk 2017-01-15 11:58 - 2017-01-15 11:58 - 00001969 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2017-01-15 11:58 - 2017-01-15 11:58 - 00000000 ____D C:\Users\user\AppData\Roaming\AVAST Software 2017-01-15 11:57 - 2017-01-15 11:58 - 00969184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys 2017-01-15 11:57 - 2017-01-15 11:58 - 00513632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys 2017-01-15 11:57 - 2017-01-15 11:58 - 00293352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys 2017-01-15 11:57 - 2017-01-15 11:57 - 00969560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.148447788051507 2017-01-15 11:57 - 2017-01-15 11:57 - 00513496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.148447788287510 2017-01-15 11:57 - 2017-01-15 11:57 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2017-01-15 11:57 - 2017-01-15 11:57 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys.148447788251512 2017-01-15 11:57 - 2017-01-15 11:57 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2017-01-15 11:57 - 2017-01-15 11:57 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2017-01-15 11:57 - 2017-01-15 11:57 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2017-01-15 11:57 - 2017-01-15 11:57 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2017-01-15 11:57 - 2017-01-15 11:57 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2017-01-15 11:57 - 2017-01-15 11:57 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2017-01-15 11:57 - 2017-01-15 11:57 - 00004004 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update 2017-01-15 11:47 - 2017-01-15 12:14 - 00000000 ____D C:\Program Files\AVAST Software 2017-01-15 11:46 - 2017-01-15 12:14 - 00000000 ____D C:\ProgramData\AVAST Software 2017-01-15 11:45 - 2017-01-15 11:46 - 06253648 _____ (AVAST Software) C:\Users\user\Downloads\avast_free_antivirus_setup_online.exe 2017-01-15 11:21 - 2017-01-15 11:24 - 00001977 _____ C:\Users\user\Desktop\RepairDNS.txt 2017-01-15 11:19 - 2017-01-15 11:33 - 00000000 ____D C:\Users\user\AppData\Roaming\KuaiZip 2017-01-15 11:18 - 2017-01-15 11:19 - 00000000 ____D C:\ProgramData\RogueKiller 2017-01-15 11:17 - 2017-01-15 11:17 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TouchPad 2017-01-15 11:14 - 2017-01-15 11:16 - 00000000 ____D C:\AdwCleaner 2017-01-15 11:10 - 2017-01-15 11:10 - 00003346 _____ C:\WINDOWS\System32\Tasks\psv_Dondincom 2017-01-15 10:56 - 2017-01-15 10:56 - 00003342 _____ C:\WINDOWS\System32\Tasks\psv_Goldentone 2017-01-15 10:52 - 2017-01-15 11:17 - 00003476 _____ C:\WINDOWS\System32\Tasks\UCBrowserSecureUpdater 2017-01-15 10:52 - 2017-01-15 10:55 - 00000486 _____ C:\WINDOWS\Tasks\UCBrowserUpdater.job 2017-01-15 10:52 - 2017-01-15 10:52 - 00003502 _____ C:\WINDOWS\System32\Tasks\UCBrowserUpdater 2017-01-15 10:52 - 2017-01-15 10:52 - 00001597 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC浏览器.lnk 2017-01-15 10:52 - 2017-01-15 10:52 - 00000000 ____D C:\Users\user\AppData\Local\UCBrowser 2017-01-15 10:52 - 2017-01-15 10:52 - 00000000 ____D C:\Users\user\AppData\Local\Chromium 2017-01-15 10:52 - 2017-01-15 10:52 - 00000000 ____D C:\Users\user\AppData\Local\CEF 2017-01-15 10:52 - 2017-01-15 10:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC浏览器 2017-01-15 10:52 - 2017-01-15 10:52 - 00000000 ____D C:\Program Files (x86)\UCBrowser 2017-01-15 10:51 - 2017-01-15 10:51 - 00092832 _____ (WinMount International Inc) C:\WINDOWS\system32\Drivers\KuaiZipDrive.sys 2017-01-15 10:51 - 2017-01-15 10:51 - 00000884 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\żěŃą.lnk 2017-01-15 10:51 - 2017-01-15 10:51 - 00000860 _____ C:\Users\user\Desktop\żěŃą.lnk 2017-01-15 10:51 - 2017-01-15 10:51 - 00000000 ____D C:\Program Files\żěŃą 2017-01-15 10:51 - 2017-01-15 10:51 - 00000000 ____D C:\Program Files (x86)\Maoha 2017-01-15 10:50 - 2017-01-15 10:50 - 07316480 _____ C:\Users\user\AppData\Roaming\agent.dat 2017-01-15 10:50 - 2017-01-15 10:50 - 01938534 _____ C:\Users\user\AppData\Roaming\Hot-Com.bin 2017-01-15 10:50 - 2017-01-15 10:50 - 01907313 _____ C:\Users\user\AppData\Roaming\Zot-Phase.tst 2017-01-15 10:50 - 2017-01-15 10:50 - 00982016 _____ C:\Users\user\AppData\Roaming\Zot-Phase.exe 2017-01-15 10:50 - 2017-01-15 10:50 - 00982016 _____ C:\Users\user\AppData\Roaming\Tonfan.exe 2017-01-15 10:50 - 2017-01-15 10:50 - 00140288 _____ C:\Users\user\AppData\Roaming\Installer.dat 2017-01-15 10:50 - 2017-01-15 10:50 - 00126464 _____ C:\Users\user\AppData\Roaming\noah.dat 2017-01-15 10:50 - 2017-01-15 10:50 - 00126464 _____ C:\Users\user\AppData\Roaming\lobby.dat 2017-01-15 10:50 - 2017-01-15 10:50 - 00072787 _____ C:\Users\user\AppData\Roaming\Tonfan.tst 2017-01-15 10:50 - 2017-01-15 10:50 - 00070752 _____ C:\Users\user\AppData\Roaming\Config.xml 2017-01-15 10:50 - 2017-01-15 10:50 - 00054272 _____ C:\Users\user\AppData\Roaming\ApplicationHosting.dat 2017-01-15 10:50 - 2017-01-15 10:50 - 00018432 _____ C:\Users\user\AppData\Roaming\Main.dat 2017-01-15 10:50 - 2017-01-15 10:50 - 00016560 _____ C:\Users\user\AppData\Roaming\InstallationConfiguration.xml 2017-01-15 10:50 - 2017-01-15 10:50 - 00005568 _____ C:\Users\user\AppData\Roaming\md.xml 2017-01-15 10:50 - 2017-01-15 10:50 - 00003346 _____ C:\WINDOWS\System32\Tasks\psv_RunTojob 2017-01-15 10:50 - 2017-01-15 10:50 - 00003338 _____ C:\WINDOWS\System32\Tasks\psv_Dongron 2017-01-15 10:50 - 2017-01-15 10:50 - 00003326 _____ C:\WINDOWS\System32\Tasks\psv_Canity 2017-01-15 10:50 - 2017-01-15 10:50 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics 2017-01-15 10:50 - 2017-01-15 10:50 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics 2017-01-15 10:46 - 2017-01-15 10:46 - 00197413 _____ C:\Users\user\Desktop\wizytówka.bcw 2017-01-14 06:40 - 2017-01-14 06:40 - 00000000 ___HD C:\OneDriveTemp 2017-01-14 06:39 - 2017-01-14 06:39 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2017-01-14 06:38 - 2017-01-14 06:38 - 00000000 ____D C:\ProgramData\USOShared 2017-01-14 06:37 - 2017-01-15 10:57 - 00000000 ____D C:\Users\user\AppData\Local\ConnectedDevicesPlatform 2017-01-14 06:37 - 2017-01-14 06:37 - 00000020 ___SH C:\Users\user\ntuser.ini 2017-01-14 03:46 - 2017-01-14 03:46 - 00007623 _____ C:\WINDOWS\diagwrn.xml 2017-01-14 03:46 - 2017-01-14 03:46 - 00007623 _____ C:\WINDOWS\diagerr.xml 2017-01-14 03:46 - 2017-01-14 03:46 - 00000000 _SHDL C:\Users\Public\Documents\Moje wideo 2017-01-14 03:46 - 2017-01-14 03:46 - 00000000 _SHDL C:\Users\Public\Documents\Moje obrazy 2017-01-14 03:46 - 2017-01-14 03:46 - 00000000 _SHDL C:\Users\Public\Documents\Moja muzyka 2017-01-14 03:46 - 2017-01-14 03:46 - 00000000 _SHDL C:\Users\Default\Ustawienia lokalne 2017-01-14 03:46 - 2017-01-14 03:46 - 00000000 _SHDL C:\Users\Default\Szablony 2017-01-14 03:46 - 2017-01-14 03:46 - 00000000 _SHDL C:\Users\Default\Moje dokumenty 2017-01-14 03:46 - 2017-01-14 03:46 - 00000000 _SHDL C:\Users\Default\Menu Start 2017-01-14 03:46 - 2017-01-14 03:46 - 00000000 _SHDL C:\Users\Default\Documents\Moje wideo 2017-01-14 03:46 - 2017-01-14 03:46 - 00000000 _SHDL C:\Users\Default\Documents\Moje obrazy 2017-01-14 03:46 - 2017-01-14 03:46 - 00000000 _SHDL C:\Users\Default\Documents\Moja muzyka 2017-01-14 03:46 - 2017-01-14 03:46 - 00000000 _SHDL C:\Users\Default\Dane aplikacji 2017-01-14 03:46 - 2017-01-14 03:46 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2017-01-14 03:46 - 2017-01-14 03:46 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historia 2017-01-14 03:46 - 2017-01-14 03:46 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dane aplikacji 2017-01-14 03:46 - 2017-01-14 03:46 - 00000000 _SHDL C:\Users\Default User\Documents\Moje wideo 2017-01-14 03:46 - 2017-01-14 03:46 - 00000000 _SHDL C:\Users\Default User\Documents\Moje obrazy 2017-01-14 03:46 - 2017-01-14 03:46 - 00000000 _SHDL C:\Users\Default User\Documents\Moja muzyka 2017-01-14 03:46 - 2017-01-14 03:46 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2017-01-14 03:46 - 2017-01-14 03:46 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historia 2017-01-14 03:46 - 2017-01-14 03:46 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dane aplikacji 2017-01-14 03:46 - 2017-01-14 03:46 - 00000000 _SHDL C:\ProgramData\Szablony 2017-01-14 03:46 - 2017-01-14 03:46 - 00000000 _SHDL C:\ProgramData\Pulpit 2017-01-14 03:46 - 2017-01-14 03:46 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy 2017-01-14 03:46 - 2017-01-14 03:46 - 00000000 _SHDL C:\ProgramData\Menu Start 2017-01-14 03:46 - 2017-01-14 03:46 - 00000000 _SHDL C:\ProgramData\Dokumenty 2017-01-14 03:46 - 2017-01-14 03:46 - 00000000 _SHDL C:\ProgramData\Dane aplikacji 2017-01-14 03:45 - 2017-01-15 11:17 - 00003808 _____ C:\WINDOWS\System32\Tasks\AutoKMS 2017-01-14 03:45 - 2017-01-15 11:17 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-01-14 03:45 - 2017-01-14 03:45 - 00023044 _____ C:\WINDOWS\system32\emptyregdb.dat 2017-01-14 03:45 - 2017-01-14 03:45 - 00003494 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2017-01-14 03:45 - 2017-01-14 03:45 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2017-01-14 03:45 - 2017-01-14 03:45 - 00003270 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2017-01-14 03:45 - 2017-01-14 03:45 - 00003042 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2017-01-14 03:45 - 2017-01-14 03:45 - 00003040 _____ C:\WINDOWS\System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec 2017-01-14 03:45 - 2017-01-14 03:45 - 00002768 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2017-01-14 03:45 - 2017-01-14 03:45 - 00002674 _____ C:\WINDOWS\System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon 2017-01-14 03:45 - 2017-01-14 03:45 - 00002304 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_PushButton 2017-01-14 03:45 - 2017-01-14 03:45 - 00000000 ____D C:\WINDOWS\System32\Tasks\Intel 2017-01-14 03:43 - 2017-01-14 03:43 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2017-01-14 03:42 - 2017-01-14 03:44 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2017-01-14 03:41 - 2017-01-15 11:17 - 00001812 _____ C:\WINDOWS\system32\CVFirmwareUpgradeLog.txt 2017-01-14 03:41 - 2017-01-14 03:41 - 00000000 _SHDL C:\Users\user\Ustawienia lokalne 2017-01-14 03:41 - 2017-01-14 03:41 - 00000000 _SHDL C:\Users\user\Szablony 2017-01-14 03:41 - 2017-01-14 03:41 - 00000000 _SHDL C:\Users\user\Moje dokumenty 2017-01-14 03:41 - 2017-01-14 03:41 - 00000000 _SHDL C:\Users\user\Menu Start 2017-01-14 03:41 - 2017-01-14 03:41 - 00000000 _SHDL C:\Users\user\Documents\Moje wideo 2017-01-14 03:41 - 2017-01-14 03:41 - 00000000 _SHDL C:\Users\user\Documents\Moje obrazy 2017-01-14 03:41 - 2017-01-14 03:41 - 00000000 _SHDL C:\Users\user\Documents\Moja muzyka 2017-01-14 03:41 - 2017-01-14 03:41 - 00000000 _SHDL C:\Users\user\Dane aplikacji 2017-01-14 03:41 - 2017-01-14 03:41 - 00000000 _SHDL C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2017-01-14 03:41 - 2017-01-14 03:41 - 00000000 _SHDL C:\Users\user\AppData\Local\Historia 2017-01-14 03:41 - 2017-01-14 03:41 - 00000000 _SHDL C:\Users\user\AppData\Local\Dane aplikacji 2017-01-14 03:41 - 2017-01-14 03:41 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WUDFUsbccidDriver_01_11_00.Wdf 2017-01-14 03:41 - 2017-01-14 03:41 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ushwbfdrv_01_09_00.Wdf 2017-01-14 03:41 - 2017-01-14 03:41 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_wbfcvusbdrv_01009.Wdf 2017-01-14 03:41 - 2017-01-14 03:41 - 00000000 ____D C:\ProgramData\Broadcom 2017-01-14 03:41 - 2017-01-14 03:41 - 00000000 ____D C:\Program Files\Broadcom 2017-01-14 03:41 - 2017-01-14 03:41 - 00000000 ____D C:\Program Files (x86)\Realtek 2017-01-14 03:40 - 2017-01-15 14:06 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-01-14 03:40 - 2017-01-15 11:17 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-01-14 03:40 - 2017-01-15 10:55 - 00337680 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-01-14 03:40 - 2017-01-14 03:42 - 00000000 ____D C:\Program Files\Intel 2017-01-14 03:40 - 2017-01-14 03:42 - 00000000 ____D C:\Program Files (x86)\Intel 2017-01-14 03:40 - 2017-01-14 03:40 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2017-01-14 03:40 - 2017-01-14 03:40 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf 2017-01-14 03:40 - 2017-01-14 03:40 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Apfiltr_01009.Wdf 2017-01-14 03:40 - 2017-01-14 03:40 - 00000000 ____D C:\WINDOWS\SysWOW64\sda 2017-01-14 03:40 - 2017-01-14 03:40 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2017-01-14 03:40 - 2017-01-14 03:40 - 00000000 ____D C:\Program Files\Realtek 2017-01-14 03:40 - 2017-01-14 03:40 - 00000000 ____D C:\Program Files\DellTPad 2017-01-14 03:40 - 2017-01-14 03:40 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin 2017-01-14 03:40 - 2016-11-08 01:56 - 00108552 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2017-01-14 03:40 - 2016-07-16 12:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2017-01-14 03:39 - 2017-01-14 03:46 - 00000000 ___DC C:\WINDOWS\Panther 2017-01-14 03:38 - 2017-01-14 03:40 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2017-01-14 03:38 - 2017-01-14 03:38 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2017-01-14 03:38 - 2017-01-14 03:38 - 00000000 ____D C:\Windows.old 2017-01-14 03:37 - 2017-01-14 03:37 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll 2017-01-14 03:37 - 2017-01-14 03:37 - 01349128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2017-01-14 03:37 - 2017-01-14 03:37 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2017-01-14 03:37 - 2017-01-14 03:37 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2017-01-14 03:37 - 2017-01-14 03:37 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2017-01-14 03:37 - 2017-01-14 03:37 - 00885832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2017-01-14 03:37 - 2017-01-14 03:37 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2017-01-14 03:37 - 2017-01-14 03:37 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys 2017-01-14 03:37 - 2017-01-14 03:37 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2017-01-14 03:37 - 2017-01-14 03:37 - 00000000 ____D C:\Program Files\Reference Assemblies 2017-01-14 03:37 - 2017-01-14 03:37 - 00000000 ____D C:\Program Files\MSBuild 2017-01-14 03:37 - 2017-01-14 03:37 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2017-01-14 03:37 - 2017-01-14 03:37 - 00000000 ____D C:\Program Files (x86)\MSBuild 2017-01-14 03:37 - 2016-05-25 14:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2017-01-14 03:37 - 2016-05-25 14:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2017-01-14 03:37 - 2016-05-25 14:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2017-01-14 03:37 - 2016-05-25 11:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2017-01-14 03:37 - 2016-05-25 11:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2017-01-14 03:37 - 2016-05-25 11:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2017-01-13 15:22 - 2017-01-13 15:22 - 00014193 ____H C:\Users\user\Desktop\~WRL1136.tmp 2017-01-13 14:44 - 2017-01-13 14:44 - 00099784 _____ C:\Users\user\Desktop\1-10.pdf 2017-01-13 13:32 - 2017-01-13 15:22 - 00012149 _____ C:\Users\user\Desktop\Nowy dokument tekstowy.txt 2017-01-13 11:54 - 2017-01-13 11:54 - 00000000 ____D C:\Users\user\Documents\Niestandardowe szablony pakietu Office 2017-01-12 15:36 - 2017-01-12 15:36 - 00055514 _____ C:\Users\user\Desktop\wiztytówka podgląd.PDF 2017-01-11 15:03 - 2017-01-14 03:42 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices 2017-01-11 15:03 - 2017-01-14 03:42 - 00000000 ____D C:\WINDOWS\system32\BestPractices 2017-01-10 17:46 - 2017-01-10 17:47 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-01-10 17:46 - 2017-01-10 17:46 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-01-10 17:40 - 2016-07-01 04:40 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll 2017-01-10 17:38 - 2016-07-01 04:57 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe 2017-01-10 15:02 - 2017-01-10 15:02 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_cvusbdrv_01009.Wdf 2017-01-10 14:43 - 2017-01-10 14:43 - 00000000 ____D C:\ProgramData\Ezprint 2017-01-10 14:41 - 2010-04-14 15:45 - 00295592 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\LXEAwupd.exe 2017-01-10 14:41 - 2010-02-22 05:09 - 00510464 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\LXEAwupd.dll 2017-01-10 14:40 - 2017-01-14 03:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 2017-01-10 14:40 - 2017-01-10 14:41 - 00000000 ____D C:\Program Files (x86)\Lexmark S300-S400 Series 2017-01-10 14:40 - 2017-01-10 14:40 - 00000000 ____D C:\Program Files (x86)\Lexmark Toolbar 2017-01-10 14:40 - 2017-01-10 14:40 - 00000000 _____ C:\ProgramData\UpdaterLog.txt 2017-01-10 14:40 - 2010-04-14 15:45 - 00598696 _____ ( ) C:\WINDOWS\SysWOW64\lxeacoms.exe 2017-01-10 14:40 - 2010-04-14 15:45 - 00373416 _____ ( ) C:\WINDOWS\SysWOW64\lxeacfg.exe 2017-01-10 14:40 - 2010-04-14 15:45 - 00324264 _____ ( ) C:\WINDOWS\SysWOW64\lxeaih.exe 2017-01-10 14:40 - 2010-04-14 13:33 - 00002106 _____ C:\WINDOWS\SysWOW64\lxea.loc 2017-01-10 14:40 - 2010-03-09 03:58 - 00344064 _____ () C:\WINDOWS\SysWOW64\lxeacomx.dll 2017-01-10 14:40 - 2009-12-09 15:24 - 00579584 _____ ( ) C:\WINDOWS\system32\lxeacomm.dll 2017-01-10 14:40 - 2009-12-09 15:23 - 00495616 _____ C:\WINDOWS\system32\LXEAinst.dll 2017-01-10 14:40 - 2009-12-09 14:47 - 00643072 _____ ( ) C:\WINDOWS\SysWOW64\lxeapmui.dll 2017-01-10 14:40 - 2009-12-09 14:43 - 01048576 _____ ( ) C:\WINDOWS\SysWOW64\lxeaserv.dll 2017-01-10 14:40 - 2009-12-09 14:41 - 00688128 _____ ( ) C:\WINDOWS\SysWOW64\lxeahbn3.dll 2017-01-10 14:40 - 2009-12-09 14:40 - 00847872 _____ ( ) C:\WINDOWS\SysWOW64\lxeausb1.dll 2017-01-10 14:40 - 2009-12-09 14:36 - 00577536 _____ ( ) C:\WINDOWS\SysWOW64\lxealmpm.dll 2017-01-10 14:40 - 2009-12-09 14:36 - 00372736 _____ ( ) C:\WINDOWS\SysWOW64\lxeacomm.dll 2017-01-10 14:40 - 2009-12-09 14:35 - 00802816 _____ ( ) C:\WINDOWS\SysWOW64\lxeacomc.dll 2017-01-10 14:40 - 2009-12-09 14:35 - 00364544 _____ ( ) C:\WINDOWS\SysWOW64\lxeainpa.dll 2017-01-10 14:40 - 2009-12-09 14:35 - 00344064 _____ ( ) C:\WINDOWS\SysWOW64\lxeaiesc.dll 2017-01-10 14:40 - 2009-12-09 14:34 - 00331776 _____ C:\WINDOWS\SysWOW64\LXEAinst.dll 2017-01-10 14:40 - 2009-11-26 03:52 - 00086186 _____ (Lexmark International) C:\WINDOWS\SysWOW64\LXEAcfg.dll 2017-01-10 14:40 - 2009-11-09 03:06 - 00262144 _____ () C:\WINDOWS\SysWOW64\lxeainsb.dll 2017-01-10 14:40 - 2009-11-09 03:06 - 00253952 _____ () C:\WINDOWS\SysWOW64\lxeacu.dll 2017-01-10 14:40 - 2009-11-09 03:06 - 00090112 _____ () C:\WINDOWS\SysWOW64\lxeacub.dll 2017-01-10 14:40 - 2009-11-09 03:05 - 00323584 _____ () C:\WINDOWS\SysWOW64\lxeains.dll 2017-01-10 14:40 - 2009-06-07 19:44 - 00110592 _____ C:\WINDOWS\SysWOW64\lxeainsr.dll 2017-01-10 14:40 - 2009-06-07 19:44 - 00036864 _____ () C:\WINDOWS\SysWOW64\lxeacur.dll 2017-01-10 14:40 - 2009-06-07 19:43 - 00057344 _____ C:\WINDOWS\SysWOW64\lxeajswr.dll 2017-01-10 14:40 - 2006-12-06 22:28 - 00126976 _____ (Lexmark International Inc.) C:\WINDOWS\SysWOW64\lxealnks.dll 2017-01-10 14:35 - 2017-01-10 14:35 - 00000000 ____D C:\Lexmark 2017-01-10 14:30 - 2016-10-28 02:22 - 00485032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2017-01-10 14:16 - 2017-01-14 03:44 - 00000000 ____D C:\Program Files\Lexmark S300-S400 Series 2017-01-10 14:16 - 2017-01-10 15:22 - 00000000 ____D C:\ProgramData\lx_Cats 2017-01-10 14:16 - 2017-01-10 14:41 - 00214701 _____ C:\WINDOWS\system32\LexFiles.ulf 2017-01-10 14:15 - 2017-01-14 03:42 - 00000000 ____D C:\Program Files\Lexmark 2017-01-10 12:37 - 2017-01-10 12:47 - 00000000 ____D C:\WINDOWS\AutoKMS 2017-01-10 12:28 - 2017-01-10 12:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-01-10 12:27 - 2017-01-14 03:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Narzędzia pakietu Microsoft Office 2016 2017-01-10 12:27 - 2017-01-10 12:27 - 00002729 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk 2017-01-10 12:27 - 2017-01-10 12:27 - 00002662 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive dla firm.lnk 2017-01-10 12:27 - 2017-01-10 12:27 - 00002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk 2017-01-10 12:27 - 2017-01-10 12:27 - 00002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype dla firm 2016.lnk 2017-01-10 12:27 - 2017-01-10 12:27 - 00002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk 2017-01-10 12:27 - 2017-01-10 12:27 - 00002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2017-01-10 12:27 - 2017-01-10 12:27 - 00002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk 2017-01-10 12:27 - 2017-01-10 12:27 - 00002642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk 2017-01-10 12:27 - 2017-01-10 12:27 - 00002628 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk 2017-01-10 12:26 - 2017-01-10 12:26 - 00000000 ____D C:\Program Files\Microsoft SQL Server 2017-01-10 12:26 - 2017-01-10 12:26 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2017-01-10 12:26 - 2017-01-10 12:26 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2017-01-10 12:25 - 2017-01-10 12:25 - 00000000 ____D C:\Program Files\Microsoft Analysis Services 2017-01-10 12:25 - 2017-01-10 12:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2017-01-10 12:25 - 2017-01-10 12:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services 2017-01-10 12:16 - 2017-01-10 12:16 - 00000024 _____ C:\ScrubRetValFile.txt 2017-01-04 20:58 - 2017-01-13 12:41 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2017-01-04 20:58 - 2017-01-04 20:59 - 00000000 ____D C:\ProgramData\Adobe 2017-01-04 20:58 - 2017-01-04 20:58 - 00000000 ____D C:\Users\user\AppData\LocalLow\Adobe 2017-01-04 20:58 - 2017-01-04 20:58 - 00000000 ____D C:\Program Files (x86)\Adobe 2017-01-04 20:56 - 2017-01-04 20:58 - 00000000 ____D C:\Users\user\AppData\Local\Adobe 2017-01-04 20:52 - 2017-01-04 20:52 - 00000000 ____D C:\Users\user\AppData\LocalLow\Temp 2017-01-04 20:44 - 2017-01-04 20:44 - 00000000 ____D C:\ProgramData\Microsoft Toolkit 2017-01-04 20:18 - 2017-01-10 12:26 - 00000000 ____D C:\Program Files\Microsoft Office 2017-01-04 20:18 - 2017-01-04 20:18 - 00000000 __RHD C:\MSOCache 2017-01-04 20:18 - 2017-01-04 20:18 - 00000000 ____D C:\Users\user\AppData\Local\Microsoft Help 2017-01-04 17:38 - 2017-01-04 17:38 - 00000000 ____D C:\Users\user\AppData\Roaming\WinRAR 2017-01-04 17:37 - 2017-01-14 03:44 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-01-04 17:37 - 2017-01-14 03:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-01-04 17:37 - 2017-01-04 17:37 - 00000000 ____D C:\Program Files\WinRAR 2016-12-30 13:05 - 2016-12-30 13:05 - 00000000 ____D C:\Users\user\AppData\Local\PeerDistRepub 2016-12-30 12:42 - 2016-12-30 12:42 - 00000000 ____D C:\Users\user\AppData\Roaming\Skype 2016-12-30 12:41 - 2017-01-10 12:49 - 00000220 _____ C:\WINDOWS\SysWOW64\wsmand.log 2016-12-30 12:41 - 2016-12-30 12:41 - 00000000 _____ C:\WINDOWS\SysWOW64\wsmand.log.lock 2016-12-30 11:39 - 2017-01-15 10:50 - 00000000 ____D C:\Users\user\AppData\Roaming\Mozilla 2016-12-30 11:39 - 2017-01-01 04:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2016-12-30 11:39 - 2017-01-01 04:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-12-30 11:39 - 2016-12-30 11:47 - 00000000 ____D C:\Users\user\AppData\Local\Thunderbird 2016-12-30 11:39 - 2016-12-30 11:39 - 00001280 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2016-12-30 11:39 - 2016-12-30 11:39 - 00000000 ____D C:\Users\user\AppData\Roaming\Thunderbird 2016-12-30 11:34 - 2017-01-15 11:17 - 00000000 ___RD C:\Users\user\Dysk Google 2016-12-30 11:34 - 2016-12-30 11:37 - 00001809 _____ C:\Users\user\Desktop\FIRMA.lnk 2016-12-30 11:29 - 2017-01-14 03:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2016-12-30 11:17 - 2016-12-30 11:17 - 00000000 ____D C:\Users\user\AppData\Local\NetworkTiles 2016-12-30 11:05 - 2017-01-15 11:15 - 00001383 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-12-30 10:58 - 2016-12-30 11:29 - 00000000 ____D C:\Program Files (x86)\Google 2016-12-30 10:57 - 2016-12-30 12:27 - 00000000 ____D C:\Users\user\AppData\Local\Google 2016-12-30 10:55 - 2016-12-30 10:56 - 00000000 ____D C:\Users\user\AppData\Local\MicrosoftEdge 2016-12-30 10:55 - 2016-12-30 10:55 - 00000000 ___SD C:\Users\user\AppData\LocalLow\Microsoft ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-01-15 11:57 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-01-15 11:57 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF 2017-01-15 11:46 - 2016-08-08 11:58 - 00000000 ____D C:\Users\user\AppData\Local\Packages 2017-01-15 11:22 - 2016-07-16 23:05 - 00514806 _____ C:\WINDOWS\system32\perfh015.dat 2017-01-15 11:22 - 2016-07-16 23:05 - 00091444 _____ C:\WINDOWS\system32\perfc015.dat 2017-01-15 11:22 - 2016-04-25 20:58 - 01534526 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-01-15 11:17 - 2016-08-08 12:00 - 00000000 ___RD C:\Users\user\OneDrive 2017-01-15 11:17 - 2016-08-08 11:58 - 00000000 __SHD C:\Users\user\IntelGraphicsProfiles 2017-01-15 11:16 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI 2017-01-15 10:20 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-01-15 09:45 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-01-15 07:57 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\appcompat 2017-01-14 06:40 - 2016-08-08 12:00 - 00002406 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-01-14 06:38 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\USOPrivate 2017-01-14 06:37 - 2016-04-25 21:36 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-01-14 03:46 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Registration 2017-01-14 03:46 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows NT 2017-01-14 03:46 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM 2017-01-14 03:45 - 2016-07-16 12:47 - 00000000 __RHD C:\Users\Public\Libraries 2017-01-14 03:45 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2017-01-14 03:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2017-01-14 03:44 - 2016-07-19 15:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation 2017-01-14 03:44 - 2016-07-19 15:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell 2017-01-14 03:44 - 2016-07-19 15:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless 2017-01-14 03:44 - 2016-07-19 15:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2017-01-14 03:44 - 2016-07-19 15:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Audio 2017-01-14 03:44 - 2015-10-30 10:05 - 00000000 ____D C:\WINDOWS\ShellNew 2017-01-14 03:43 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-01-14 03:43 - 2015-10-30 07:28 - 00000000 ____D C:\Users\Default.migrated 2017-01-14 03:42 - 2016-07-19 15:39 - 00000000 ____D C:\Program Files\Intel Corporation 2017-01-14 03:42 - 2016-07-19 15:37 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles 2017-01-14 03:42 - 2016-07-16 23:05 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm 2017-01-14 03:42 - 2016-07-16 23:05 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN 2017-01-14 03:42 - 2016-07-16 23:05 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr 2017-01-14 03:42 - 2016-07-16 23:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2017-01-14 03:42 - 2016-07-16 23:05 - 00000000 ____D C:\WINDOWS\system32\winrm 2017-01-14 03:42 - 2016-07-16 23:05 - 00000000 ____D C:\WINDOWS\system32\WCN 2017-01-14 03:42 - 2016-07-16 23:05 - 00000000 ____D C:\WINDOWS\system32\slmgr 2017-01-14 03:42 - 2016-07-16 23:05 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2017-01-14 03:42 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2017-01-14 03:42 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2017-01-14 03:42 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\F12 2017-01-14 03:42 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs 2017-01-14 03:42 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2017-01-14 03:42 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\spool 2017-01-14 03:42 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe 2017-01-14 03:42 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF 2017-01-14 03:42 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2017-01-14 03:42 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Common Files\System 2017-01-14 03:42 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2017-01-14 03:42 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-01-14 03:41 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\PrintDialog 2017-01-14 03:41 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\MiracastView 2017-01-14 03:41 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-01-14 03:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2017-01-14 03:41 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2017-01-14 03:39 - 2016-07-16 12:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2017-01-14 03:37 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2017-01-14 03:37 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\MUI 2017-01-14 03:32 - 2016-07-16 23:43 - 00000000 ___HD C:\$WINDOWS.~BT 2017-01-10 17:07 - 2015-10-30 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll 2017-01-10 17:07 - 2015-10-30 08:19 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll 2017-01-10 12:25 - 2015-10-30 08:24 - 00000167 _____ C:\WINDOWS\win.ini 2017-01-04 20:58 - 2016-08-08 11:58 - 00000000 ____D C:\Users\user\AppData\Roaming\Adobe 2016-12-30 11:07 - 2016-09-16 12:19 - 00000000 ____D C:\Users\user\AppData\Local\Comms 2016-12-30 11:00 - 2016-07-19 15:27 - 00000000 __SHD C:\System Volume Information ==================== Pliki w katalogu głównym wybranych folderów ======= 2017-01-15 10:50 - 2017-01-15 10:50 - 7316480 _____ () C:\Users\user\AppData\Roaming\agent.dat 2017-01-15 10:50 - 2017-01-15 10:50 - 0054272 _____ () C:\Users\user\AppData\Roaming\ApplicationHosting.dat 2017-01-15 10:50 - 2017-01-15 10:50 - 0070752 _____ () C:\Users\user\AppData\Roaming\Config.xml 2017-01-15 10:50 - 2017-01-15 10:50 - 1938534 _____ () C:\Users\user\AppData\Roaming\Hot-Com.bin 2017-01-15 10:50 - 2017-01-15 10:50 - 0016560 _____ () C:\Users\user\AppData\Roaming\InstallationConfiguration.xml 2017-01-15 10:50 - 2017-01-15 10:50 - 0140288 _____ () C:\Users\user\AppData\Roaming\Installer.dat 2017-01-15 10:50 - 2017-01-15 10:50 - 0126464 _____ () C:\Users\user\AppData\Roaming\lobby.dat 2017-01-15 10:50 - 2017-01-15 10:50 - 0018432 _____ () C:\Users\user\AppData\Roaming\Main.dat 2017-01-15 10:50 - 2017-01-15 10:50 - 0005568 _____ () C:\Users\user\AppData\Roaming\md.xml 2017-01-15 10:50 - 2017-01-15 10:50 - 0126464 _____ () C:\Users\user\AppData\Roaming\noah.dat 2017-01-15 10:50 - 2017-01-15 10:50 - 0982016 _____ () C:\Users\user\AppData\Roaming\Tonfan.exe 2017-01-15 10:50 - 2017-01-15 10:50 - 0072787 _____ () C:\Users\user\AppData\Roaming\Tonfan.tst 2017-01-15 10:50 - 2017-01-15 10:50 - 0032038 _____ () C:\Users\user\AppData\Roaming\uninstall_temp.ico 2017-01-15 10:50 - 2017-01-15 10:50 - 0982016 _____ () C:\Users\user\AppData\Roaming\Zot-Phase.exe 2017-01-15 10:50 - 2017-01-15 10:50 - 1907313 _____ () C:\Users\user\AppData\Roaming\Zot-Phase.tst 2017-01-10 14:16 - 2017-01-14 03:32 - 0004704 _____ () C:\ProgramData\Coinstaller.log 2017-01-10 14:43 - 2017-01-10 14:43 - 0000252 _____ () C:\ProgramData\FastPics.log 2017-01-14 06:39 - 2017-01-15 11:17 - 0000342 _____ () C:\ProgramData\lxea.log 2017-01-10 14:19 - 2017-01-10 15:22 - 0001840 _____ () C:\ProgramData\lxeaJSW.log 2017-01-10 14:15 - 2017-01-15 11:17 - 0005336 _____ () C:\ProgramData\lxeascan.log 2017-01-10 14:40 - 2017-01-10 14:40 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt Niektóre pliki w TEMP: ==================== C:\Users\user\AppData\Local\Temp\dllnt_dump.dll C:\Users\user\AppData\Local\Temp\mininewsrepair.exe ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-01-14 03:40 ==================== Koniec FRST.txt ============================