Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 27-04-2017 Uruchomiony przez Dawid (administrator) IDEA-PC (27-04-2017 20:38:30) Uruchomiony z C:\Users\Dawid\Downloads Załadowane profile: Dawid (Dostępne profile: UpdatusUser & Dawid) Platform: Windows 10 Home Wersja 1703 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Windows\System32\ibtsiva.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe (Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler64.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek semiconductor) C:\Windows\RTFTrack.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe () C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe (CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser_crashreporter.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe () C:\Program Files\AVAST Software\Avast\AvastNM.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [703272 2015-09-22] (Alps Electric Co., Ltd.) HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6339656 2013-05-15] (Realtek semiconductor) HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [401896 2016-11-02] () HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-05-08] (Intel Corporation) HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo) HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15794160 2013-09-22] (Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80368 2013-09-22] (Lenovo(beijing) Limited) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-04-04] (AVAST Software) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes) HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.) HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.) HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation) HKU\S-1-5-21-1147513825-3514968562-1571062963-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-11] (Piriform Ltd) HKU\S-1-5-21-1147513825-3514968562-1571062963-1002\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe [10566352 2015-09-02] () HKU\S-1-5-21-1147513825-3514968562-1571062963-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [37376 2017-03-18] (Microsoft Corporation) IFEO\taskmgr.exe: [Debugger] ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Dawid\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll [2013-12-21] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Dawid\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll [2013-12-21] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Dawid\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll [2013-12-21] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Brak pliku ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => -> Brak pliku ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => -> Brak pliku ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => -> Brak pliku ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-04-04] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-04-04] (AVAST Software) ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Dawid\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll [2013-12-21] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Dawid\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll [2013-12-21] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Dawid\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll [2013-12-21] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Brak pliku GroupPolicy: Ograniczenia - Chrome <======= UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{c89f10c4-e1b5-4989-9403-057ea7ec4481}: [DhcpNameServer] 150.206.1.1 Tcpip\..\Interfaces\{d77dc44a-a30d-4397-9575-ca3b88893ad6}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-1147513825-3514968562-1571062963-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1147513825-3514968562-1571062963-1002 -> {4E31FA06-A5E2-4F3C-BE71-05C961498981} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-04-25] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-25] (Oracle Corporation) FireFox: ======== FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-01-31] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-01-31] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-25] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-25] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-16] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-16] (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [Brak pliku] FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-20] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-20] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://google.pl/ CHR StartupUrls: Default -> "hxxp://www.istartsurf.com/?type=hp&ts=1436956595&z=bf2afada6854750a0699ba0g9zdc1q5tdwcq8w4m6w&from=cor&uid=ST1000LM014-1EJ164_W380C4H1XXXXW380C4H1" CHR Profile: C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default [2017-04-27] CHR Extension: (Prezentacje Google) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-02] CHR Extension: (Dokumenty Google) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-02] CHR Extension: (Dysk Google) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Google Search) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Adobe Acrobat) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-26] CHR Extension: (Avast Passwords) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2017-04-03] CHR Extension: (Arkusze Google) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-02] CHR Extension: (Dokumenty Google offline) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16] CHR Extension: (AdBlock) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-13] CHR Extension: (Avast Online Security) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-04-05] CHR Extension: (Rozszerzenie Subskrypcje RSS (od Google)) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2017-04-17] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09] CHR Extension: (Gmail) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-02] CHR Extension: (Chrome Media Router) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-25] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [emhginjpijfggbofeediiojmdlmlkoik] - C:\Program Files\AVAST Software\Avast\pam\Chrome\pam.crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [90440 2015-09-22] (Alps Electric Co., Ltd.) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7398336 2017-04-04] (AVAST Software s.r.o.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [261712 2017-04-04] (AVAST Software) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-05-08] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-16] (Intel Corporation) R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [156616 2013-06-26] (Intel Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-16] (Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes) R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [120728 2012-10-02] () R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation) S3 wlpasvc; C:\WINDOWS\System32\lpasvc.dll [1295360 2017-03-18] (Microsoft Corporation) R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X] ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [307736 2017-04-04] (AVAST Software s.r.o.) R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-04-04] (AVAST Software s.r.o.) R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334088 2017-04-04] (AVAST Software s.r.o.) R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-04-04] (AVAST Software s.r.o.) S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-04-04] (AVAST Software) R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32600 2017-04-04] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [127112 2017-04-04] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-04-04] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-04-04] (AVAST Software) R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1005048 2017-04-04] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [556784 2017-04-04] (AVAST Software) R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [164064 2017-04-04] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-04-04] (AVAST Software) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-03-22] () S3 iaLPSS2i_GPIO2_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [85504 2017-03-18] (Intel Corporation) S3 iaLPSS2i_I2C_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [168448 2017-03-18] (Intel Corporation) R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [231168 2017-01-13] (Intel Corporation) R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-04-23] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-04-27] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-04-27] (Malwarebytes) R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-04-27] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92096 2017-04-27] (Malwarebytes) R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2017-03-18] (Intel Corporation) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek ) R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8243528 2013-05-15] (Realtek Semiconductor Corp.) S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-04-27 20:38 - 2017-04-27 20:38 - 00000000 ____D C:\Users\Dawid\Downloads\FRST-OlderVersion 2017-04-26 23:48 - 2017-04-26 23:56 - 00033291 _____ C:\Users\Dawid\Downloads\Addition.txt 2017-04-26 23:47 - 2017-04-27 20:39 - 00026201 _____ C:\Users\Dawid\Downloads\FRST.txt 2017-04-26 23:47 - 2017-04-27 20:38 - 00000000 ____D C:\FRST 2017-04-26 23:06 - 2017-04-27 20:38 - 02427392 _____ (Farbar) C:\Users\Dawid\Downloads\FRST64.exe 2017-04-26 23:06 - 2017-04-26 23:06 - 00380928 _____ C:\Users\Dawid\Downloads\bfrzxmvz.exe 2017-04-26 23:06 - 2017-04-26 23:06 - 00000000 ____D C:\ProgramData\SWCUTemp 2017-04-26 22:46 - 2017-04-26 22:46 - 04102600 _____ C:\Users\Dawid\Downloads\adwcleaner_6.046.exe 2017-04-26 15:37 - 2017-04-26 15:37 - 00000000 ____D C:\Users\Dawid\Desktop\dom 2017-04-26 12:31 - 2017-04-26 12:31 - 00046081 _____ C:\Users\Dawid\Desktop\UPO_v4-0D.pdf 2017-04-26 12:23 - 2017-04-26 12:23 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2017-04-26 12:23 - 2017-04-26 12:23 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-04-26 12:16 - 2017-04-26 12:16 - 00001003 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-Deklaracje.lnk 2017-04-26 12:16 - 2017-04-26 12:16 - 00000991 _____ C:\Users\Public\Desktop\e-Deklaracje.lnk 2017-04-26 12:16 - 2017-04-26 12:16 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1 2017-04-26 12:16 - 2017-04-26 12:16 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\e-Deklaracje 2017-04-26 12:16 - 2017-04-26 12:16 - 00000000 ____D C:\Program Files (x86)\e-Deklaracje 2017-04-26 12:14 - 2017-04-26 12:14 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia 2017-04-26 12:14 - 2017-04-26 12:14 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia 2017-04-26 11:49 - 2017-04-26 11:49 - 00001259 _____ C:\Users\Dawid\Desktop\PIT-y 2016 z Gazetą Wyborczą.lnk 2017-04-26 11:49 - 2017-04-26 11:49 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PIT-y 2016 z Gazetą Wyborczą 2017-04-26 11:49 - 2017-04-26 11:49 - 00000000 ____D C:\Users\Dawid\AppData\Local\PIT2016 z Gazetą Wyborczą 2017-04-25 22:15 - 2017-04-25 22:15 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll 2017-04-25 22:15 - 2017-04-25 22:15 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2017-04-25 22:14 - 2017-04-25 22:14 - 00000000 ____D C:\Program Files\Java 2017-04-25 22:13 - 2017-04-25 22:17 - 00000000 ____D C:\Users\Dawid\Documents\Pobrane przez Filehippo 2017-04-25 22:12 - 2017-04-25 22:12 - 00000000 ____D C:\Program Files (x86)\FileHippo.com 2017-04-25 21:56 - 2017-04-25 21:56 - 00000016 _____ C:\ProgramData\mntemp 2017-04-23 23:37 - 2017-04-27 20:32 - 00092096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2017-04-23 23:37 - 2017-04-27 20:24 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-04-23 23:37 - 2017-04-27 20:24 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-04-23 23:37 - 2017-04-23 23:37 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys 2017-04-23 23:36 - 2017-04-23 23:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-04-23 23:36 - 2017-04-23 23:36 - 00000000 ____D C:\Program Files\Malwarebytes 2017-04-23 23:36 - 2017-03-22 11:02 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-04-23 23:29 - 2017-04-23 23:29 - 04089296 _____ C:\Users\Dawid\Downloads\adwcleaner_6.045.exe 2017-04-21 17:50 - 2017-04-25 21:55 - 00000000 ____D C:\WINDOWS\Minidump 2017-04-21 17:49 - 2017-04-25 20:48 - 00068288 _____ C:\WINDOWS\system32\Drivers\VBoxDrv.sys 2017-04-20 11:43 - 2017-04-20 11:43 - 00002365 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-04-20 11:43 - 2017-04-20 11:43 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\Google 2017-04-20 11:42 - 2017-04-20 11:48 - 00003566 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2017-04-20 11:42 - 2017-04-20 11:48 - 00003442 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2017-04-17 14:03 - 2017-04-17 14:09 - 00000000 ____D C:\Users\Dawid\AppData\LocalLow\Mozilla 2017-04-17 12:56 - 2017-04-17 13:57 - 00000000 ____D C:\ProgramData\HitmanPro 2017-04-17 12:56 - 2017-04-17 12:56 - 11583584 _____ (SurfRight B.V.) C:\Users\Dawid\Downloads\hitmanpro_x64.exe 2017-04-15 16:45 - 2017-04-26 23:41 - 00000000 ____D C:\Windows.old 2017-04-15 16:45 - 2017-04-15 16:45 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2017-04-15 16:45 - 2017-04-15 16:45 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2017-04-15 16:45 - 2017-04-15 16:45 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll 2017-04-15 16:45 - 2017-04-15 16:45 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2017-04-15 16:45 - 2017-04-15 16:45 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2017-04-15 16:45 - 2017-04-15 16:45 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll 2017-04-15 16:45 - 2017-04-15 16:45 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2017-04-15 16:45 - 2017-04-15 16:45 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll 2017-04-15 16:45 - 2017-04-15 16:45 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 23680512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 23675392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 19334144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 11869696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 08319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-04-15 16:44 - 2017-04-15 16:44 - 08247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 06756920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 06296064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-04-15 16:44 - 2017-04-15 16:44 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-04-15 16:44 - 2017-04-15 16:44 - 02444184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-04-15 16:44 - 2017-04-15 16:44 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 01411640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 01323880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-04-15 16:44 - 2017-04-15 16:44 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-04-15 16:44 - 2017-04-15 16:44 - 00986592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2017-04-15 16:44 - 2017-04-15 16:44 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2017-04-15 16:44 - 2017-04-15 16:44 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2017-04-15 16:44 - 2017-04-15 16:44 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2017-04-15 16:44 - 2017-04-15 16:44 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 00205728 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2017-04-15 16:44 - 2017-04-15 16:44 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys 2017-04-15 16:44 - 2017-04-15 16:44 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin 2017-04-15 16:43 - 2017-04-15 16:43 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2017-04-15 16:43 - 2017-04-15 16:43 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2017-04-15 16:42 - 2017-04-15 16:42 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2017-04-15 16:42 - 2017-04-15 15:49 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2017-04-15 16:38 - 2017-04-15 16:38 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2017-04-15 16:38 - 2017-04-15 16:38 - 00000000 ____D C:\Program Files\Reference Assemblies 2017-04-15 16:38 - 2017-04-15 16:38 - 00000000 ____D C:\Program Files\MSBuild 2017-04-15 16:38 - 2017-04-15 16:38 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2017-04-15 16:38 - 2017-04-15 16:38 - 00000000 ____D C:\Program Files (x86)\MSBuild 2017-04-15 16:37 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2017-04-15 16:37 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2017-04-15 16:37 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2017-04-15 16:37 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2017-04-15 16:37 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2017-04-15 16:37 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2017-04-15 16:29 - 2017-04-15 16:29 - 00000020 ___SH C:\Users\Dawid\ntuser.ini 2017-04-15 16:24 - 2017-04-15 16:26 - 00011433 _____ C:\WINDOWS\diagwrn.xml 2017-04-15 16:24 - 2017-04-15 16:26 - 00011433 _____ C:\WINDOWS\diagerr.xml 2017-04-15 16:18 - 2017-04-27 20:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-04-15 16:18 - 2017-04-27 20:16 - 00004210 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5E1B3CDF-9A27-4007-AE33-763EB9D5FA41} 2017-04-15 16:18 - 2017-04-20 11:45 - 00004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update 2017-04-15 16:18 - 2017-04-15 16:18 - 00003422 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1458493367 2017-04-15 16:18 - 2017-04-15 16:18 - 00003418 _____ C:\WINDOWS\System32\Tasks\PITax reminder_28_02 2017-04-15 16:18 - 2017-04-15 16:18 - 00003416 _____ C:\WINDOWS\System32\Tasks\PITax reminder_28_01 2017-04-15 16:18 - 2017-04-15 16:18 - 00003412 _____ C:\WINDOWS\System32\Tasks\PITax reminder_28_04 2017-04-15 16:18 - 2017-04-15 16:18 - 00003412 _____ C:\WINDOWS\System32\Tasks\PITax reminder_28_03 2017-04-15 16:18 - 2017-04-15 16:18 - 00003410 _____ C:\WINDOWS\System32\Tasks\PITax reminder_10_01 2017-04-15 16:18 - 2017-04-15 16:18 - 00003162 _____ C:\WINDOWS\System32\Tasks\PITax reminder 2017-04-15 16:18 - 2017-04-15 16:18 - 00003036 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2017-04-15 16:18 - 2017-04-15 16:18 - 00002940 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1147513825-3514968562-1571062963-1002 2017-04-15 16:18 - 2017-04-15 16:18 - 00002814 _____ C:\WINDOWS\System32\Tasks\PITax rss checker 2017-04-15 16:18 - 2017-04-15 16:18 - 00002662 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon 2017-04-15 16:18 - 2017-04-15 16:18 - 00002236 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2017-04-15 16:18 - 2017-04-15 16:18 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD 2017-04-15 16:18 - 2017-04-15 16:18 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software 2017-04-15 16:07 - 2017-04-27 20:27 - 02494430 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-04-15 16:02 - 2017-04-15 16:02 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2017-04-15 16:00 - 2017-04-15 16:00 - 00000000 ____D C:\ProgramData\USOShared 2017-04-15 15:56 - 2017-04-15 16:03 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2017-04-15 15:54 - 2017-04-25 21:49 - 00000000 ____D C:\Users\UpdatusUser 2017-04-15 15:54 - 2017-04-25 21:49 - 00000000 ____D C:\Users\Dawid 2017-04-15 15:54 - 2017-04-15 15:54 - 00000000 _SHDL C:\Users\UpdatusUser\Ustawienia lokalne 2017-04-15 15:54 - 2017-04-15 15:54 - 00000000 _SHDL C:\Users\UpdatusUser\Szablony 2017-04-15 15:54 - 2017-04-15 15:54 - 00000000 _SHDL C:\Users\UpdatusUser\Moje dokumenty 2017-04-15 15:54 - 2017-04-15 15:54 - 00000000 _SHDL C:\Users\UpdatusUser\Menu Start 2017-04-15 15:54 - 2017-04-15 15:54 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Moje wideo 2017-04-15 15:54 - 2017-04-15 15:54 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Moje obrazy 2017-04-15 15:54 - 2017-04-15 15:54 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Moja muzyka 2017-04-15 15:54 - 2017-04-15 15:54 - 00000000 _SHDL C:\Users\UpdatusUser\Dane aplikacji 2017-04-15 15:54 - 2017-04-15 15:54 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2017-04-15 15:54 - 2017-04-15 15:54 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Historia 2017-04-15 15:54 - 2017-04-15 15:54 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Dane aplikacji 2017-04-15 15:54 - 2017-04-15 15:54 - 00000000 _SHDL C:\Users\Dawid\Ustawienia lokalne 2017-04-15 15:54 - 2017-04-15 15:54 - 00000000 _SHDL C:\Users\Dawid\Szablony 2017-04-15 15:54 - 2017-04-15 15:54 - 00000000 _SHDL C:\Users\Dawid\Moje dokumenty 2017-04-15 15:54 - 2017-04-15 15:54 - 00000000 _SHDL C:\Users\Dawid\Menu Start 2017-04-15 15:54 - 2017-04-15 15:54 - 00000000 _SHDL C:\Users\Dawid\Documents\Moje wideo 2017-04-15 15:54 - 2017-04-15 15:54 - 00000000 _SHDL C:\Users\Dawid\Documents\Moje obrazy 2017-04-15 15:54 - 2017-04-15 15:54 - 00000000 _SHDL C:\Users\Dawid\Documents\Moja muzyka 2017-04-15 15:54 - 2017-04-15 15:54 - 00000000 _SHDL C:\Users\Dawid\Dane aplikacji 2017-04-15 15:54 - 2017-04-15 15:54 - 00000000 _SHDL C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2017-04-15 15:54 - 2017-04-15 15:54 - 00000000 _SHDL C:\Users\Dawid\AppData\Local\Historia 2017-04-15 15:54 - 2017-04-15 15:54 - 00000000 _SHDL C:\Users\Dawid\AppData\Local\Dane aplikacji 2017-04-15 15:53 - 2016-12-29 15:16 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2017-04-15 15:53 - 2016-12-29 15:16 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2017-04-15 15:53 - 2016-12-29 15:16 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2017-04-15 15:53 - 2016-12-29 15:16 - 00546752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2017-04-15 15:53 - 2016-12-29 15:16 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2017-04-15 15:53 - 2016-12-29 15:16 - 00147000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll 2017-04-15 15:53 - 2016-12-29 15:16 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2017-04-15 15:53 - 2016-12-29 15:16 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2017-04-15 15:53 - 2016-12-22 01:59 - 07651057 _____ C:\WINDOWS\system32\nvcoproc.bin 2017-04-15 15:52 - 2017-04-27 20:24 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-04-15 15:52 - 2017-04-15 15:57 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2017-04-15 15:52 - 2017-04-15 15:57 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2017-04-15 15:52 - 2017-04-15 15:57 - 00000000 ____D C:\Program Files\Intel 2017-04-15 15:52 - 2017-04-15 15:57 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-04-15 15:52 - 2017-04-15 15:52 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2017-04-15 15:52 - 2017-04-15 15:52 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Apfiltr_01011.Wdf 2017-04-15 15:52 - 2017-04-15 15:52 - 00000000 ____D C:\Program Files\Apoint2K 2017-04-15 15:52 - 2017-04-15 15:52 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin 2017-04-15 15:52 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2017-04-15 15:52 - 2016-11-02 00:05 - 00103952 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2017-04-15 15:52 - 2016-11-02 00:05 - 00099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2017-04-15 15:51 - 2017-04-15 15:51 - 00000000 ____H C:\ProgramData\DP45977C.lfl 2017-04-15 15:51 - 2017-04-15 15:51 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2017-04-15 15:51 - 2017-04-15 15:51 - 00000000 ____D C:\Program Files\Realtek 2017-04-15 15:49 - 2017-04-26 19:47 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-04-15 15:49 - 2017-04-15 18:51 - 00482144 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-04-15 14:40 - 2017-04-15 19:06 - 00000000 ___DC C:\WINDOWS\Panther 2017-04-15 11:26 - 2017-04-15 14:38 - 00000036 _____ C:\WINDOWS\progress.ini 2017-04-15 11:08 - 2017-04-25 22:03 - 00000000 ____D C:\Windows10Upgrade 2017-04-15 11:08 - 2017-04-15 16:28 - 00000000 ___HD C:\$GetCurrent 2017-04-15 11:08 - 2017-04-15 11:08 - 00000742 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asystent uaktualnienia do systemu Windows 10.lnk 2017-04-13 22:00 - 2017-04-13 22:00 - 12167406 _____ C:\Users\Dawid\Downloads\Audyt-SEO-zrob-to-sam.pdf 2017-04-13 21:32 - 2017-04-13 21:32 - 00000000 ___HD C:\$SysReset 2017-04-13 14:13 - 2017-04-13 14:13 - 00000000 ___HD C:\$AV_ASW 2017-04-11 21:33 - 2017-03-28 07:37 - 00031232 ____N (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll 2017-04-11 21:33 - 2017-03-28 07:28 - 00261632 ____N (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2017-04-04 20:18 - 2017-04-04 20:18 - 00399944 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2017-04-02 17:53 - 2017-04-02 17:53 - 00222208 _____ C:\Users\Dawid\Desktop\DKD_grafik_plan_zadan_kwiecień_2017_v_0.xls ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-04-27 20:27 - 2017-03-20 05:59 - 01151910 _____ C:\WINDOWS\system32\perfh015.dat 2017-04-27 20:27 - 2017-03-20 05:59 - 00256464 _____ C:\WINDOWS\system32\perfc015.dat 2017-04-27 20:24 - 2016-09-26 18:37 - 00000000 ____D C:\ProgramData\NVIDIA 2017-04-27 20:24 - 2015-08-02 20:42 - 00000000 __SHD C:\Users\Dawid\IntelGraphicsProfiles 2017-04-27 20:24 - 2014-09-23 13:43 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-04-27 20:23 - 2017-03-18 13:40 - 01048576 _____ C:\WINDOWS\system32\config\BBI 2017-04-27 20:18 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps 2017-04-27 20:18 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-04-26 22:51 - 2015-03-13 22:45 - 00000000 ____D C:\AdwCleaner 2017-04-26 22:45 - 2015-06-19 21:13 - 00000000 ____D C:\Users\Dawid\Desktop\programy naprawiające 2017-04-26 12:33 - 2015-02-25 16:02 - 00000000 ____D C:\Users\Dawid\Desktop\blog 2017-04-26 12:23 - 2013-12-30 20:07 - 00000000 ____D C:\Users\Dawid\AppData\Local\Adobe 2017-04-26 12:22 - 2016-02-02 23:05 - 00000000 ____D C:\Program Files (x86)\Adobe 2017-04-26 12:14 - 2013-12-30 20:08 - 00000000 ____D C:\ProgramData\Adobe 2017-04-26 12:14 - 2013-12-16 18:20 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\Adobe 2017-04-25 22:27 - 2015-02-24 23:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-04-25 22:20 - 2015-03-08 11:02 - 00000950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk 2017-04-25 22:17 - 2016-10-25 09:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2017-04-25 22:17 - 2015-02-24 23:07 - 00001293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2017-04-25 22:17 - 2014-03-16 19:47 - 00000000 ____D C:\Program Files\WinRAR 2017-04-25 22:15 - 2015-05-18 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-04-25 22:02 - 2015-03-27 11:24 - 00000000 ____D C:\ProgramData\Skype 2017-04-25 21:50 - 2017-02-17 14:22 - 00000000 ____D C:\Program Files (x86)\ScreenShot 2017-04-25 20:54 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM 2017-04-25 20:54 - 2014-05-18 18:49 - 00532136 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2017-04-25 20:52 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF 2017-04-24 08:51 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2017-04-23 23:36 - 2014-09-23 13:43 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-04-20 11:42 - 2013-12-16 23:42 - 00000000 ____D C:\Program Files (x86)\Google 2017-04-20 11:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF 2017-04-19 19:51 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache 2017-04-19 18:38 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat 2017-04-18 21:59 - 2013-12-16 18:19 - 00000000 ____D C:\Users\Dawid\AppData\Local\Packages 2017-04-18 21:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2017-04-18 21:58 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-04-18 21:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-04-18 21:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed 2017-04-15 19:06 - 2017-03-18 16:06 - 00000000 ____D C:\Users\Dawid\AppData\Local\CrashDumps 2017-04-15 18:52 - 2015-08-02 21:17 - 00000266 __RSH C:\ProgramData\ntuser.pol 2017-04-15 18:48 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration 2017-04-15 16:49 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2017-04-15 16:45 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup 2017-04-15 16:38 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2017-04-15 16:38 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI 2017-04-15 16:30 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-04-15 16:30 - 2016-09-26 20:30 - 00000000 ____D C:\Users\Dawid\AppData\Local\ConnectedDevicesPlatform 2017-04-15 16:30 - 2013-12-17 00:13 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-04-15 16:27 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT 2017-04-15 16:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2017-04-15 16:23 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2017-04-15 16:19 - 2017-03-20 06:01 - 00000000 ____D C:\WINDOWS\HoloShell 2017-04-15 16:18 - 2013-12-25 15:00 - 00023140 _____ C:\WINDOWS\system32\emptyregdb.dat 2017-04-15 16:17 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries 2017-04-15 16:07 - 2013-09-22 07:50 - 01894794 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2017-04-15 16:03 - 2017-02-23 12:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.3 2017-04-15 16:03 - 2016-01-19 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2017-04-15 16:03 - 2015-03-14 23:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 2017-04-15 16:03 - 2015-03-12 08:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ORPALIS PDF Reducer Free Edition 2017-04-15 16:03 - 2015-02-15 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Studio V5 2017-04-15 16:03 - 2014-09-22 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2017-04-15 16:03 - 2013-09-22 08:16 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneKey Recovery 2017-04-15 16:03 - 2013-09-22 08:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp(SM) center 2017-04-15 16:03 - 2013-09-22 08:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo 2017-04-15 16:03 - 2013-09-22 07:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby 2017-04-15 16:03 - 2013-09-22 07:49 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2017-04-15 16:03 - 2013-09-22 07:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2017-04-15 16:00 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate 2017-04-15 15:59 - 2017-03-20 05:59 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm 2017-04-15 15:59 - 2017-03-20 05:59 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN 2017-04-15 15:59 - 2017-03-20 05:59 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr 2017-04-15 15:59 - 2017-03-20 05:59 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2017-04-15 15:59 - 2017-03-20 05:59 - 00000000 ____D C:\WINDOWS\system32\winrm 2017-04-15 15:59 - 2017-03-20 05:59 - 00000000 ____D C:\WINDOWS\system32\WCN 2017-04-15 15:59 - 2017-03-20 05:59 - 00000000 ____D C:\WINDOWS\system32\slmgr 2017-04-15 15:59 - 2017-03-20 05:59 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2017-04-15 15:59 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME 2017-04-15 15:59 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2017-04-15 15:59 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool 2017-04-15 15:59 - 2013-09-22 08:00 - 00000000 ____D C:\WINDOWS\SysWOW64\sda 2017-04-15 15:59 - 2013-09-22 07:56 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles 2017-04-15 15:59 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared 2017-04-15 15:59 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared 2017-04-15 15:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe 2017-04-15 15:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\InputMethod 2017-04-15 15:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\IME 2017-04-15 15:58 - 2013-12-17 00:52 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-04-15 15:57 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\InputMethod 2017-04-15 15:57 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2017-04-15 15:57 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2017-04-15 15:57 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-04-15 15:57 - 2014-03-09 06:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\INTERIA.PL 2017-04-15 15:56 - 2013-09-22 08:10 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo 2017-04-15 15:56 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy 2017-04-15 15:55 - 2013-12-16 18:19 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo 2017-04-15 15:54 - 2016-09-26 18:49 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo 2017-04-15 15:54 - 2016-09-26 18:49 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo 2017-04-15 15:53 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help 2017-04-15 15:53 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2017-04-15 15:53 - 2014-01-27 23:32 - 00000000 ____D C:\Temp 2017-04-13 14:12 - 2017-02-17 14:22 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\ScreenShot 2017-04-12 18:32 - 2014-09-22 23:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2017-04-12 18:32 - 2014-09-22 23:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2017-04-11 21:58 - 2013-12-17 00:52 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-04-11 20:51 - 2016-03-20 19:02 - 00001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2017-04-05 22:03 - 2017-01-11 22:13 - 00011153 _____ C:\Users\Dawid\Desktop\Nowy OpenDocument Dokument tekstowy (3).odt 2017-04-04 20:18 - 2017-03-04 11:06 - 00334088 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys 2017-04-04 20:18 - 2017-03-04 11:06 - 00307736 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys 2017-04-04 20:18 - 2017-03-04 11:06 - 00189768 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys 2017-04-04 20:18 - 2017-03-04 11:06 - 00048528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys 2017-04-04 20:18 - 2016-03-20 19:02 - 00032600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2017-04-04 20:18 - 2014-05-18 18:44 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2017-04-04 20:18 - 2014-02-15 20:56 - 01005048 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2017-04-04 20:18 - 2014-02-15 20:56 - 00556784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2017-04-04 20:18 - 2014-02-15 20:56 - 00339696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2017-04-04 20:18 - 2014-02-15 20:56 - 00164064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2017-04-04 20:18 - 2014-02-15 20:56 - 00127112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2017-04-04 20:18 - 2014-02-15 20:56 - 00101152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2017-04-04 20:18 - 2014-02-15 20:56 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2017-04-03 18:56 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-04-03 18:56 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl ==================== Pliki w katalogu głównym wybranych folderów ======= 2017-01-20 17:51 - 2017-01-20 17:51 - 0000835 _____ () C:\Users\Dawid\AppData\Local\recently-used.xbel 2017-04-15 15:51 - 2017-04-15 15:51 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2017-04-25 21:56 - 2017-04-25 21:56 - 0000016 _____ () C:\ProgramData\mntemp ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-04-26 10:10 ==================== Koniec FRST.txt ============================