Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 28-05-2017 Uruchomiony przez Piotr (administrator) PI (30-05-2017 22:05:05) Uruchomiony z D:\Frst Załadowane profile: Piotr (Dostępne profile: Piotr & Gry & Gość) Platform: Windows 8.1 (Update) (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Apple Inc.) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe (Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe (Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe (Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe (SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (ESET) C:\Program Files\ESET\ESET Security\egui.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (IDRIX) C:\Program Files\VeraCrypt\VeraCrypt.exe () D:\Gmer\88cg4tdv.exe () D:\Download\aProgramy\adwcleaner_6.047.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe () D:\Gmer\FRST64.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.5\bin\EpmNews.exe [2090176 2016-07-19] (CHENGDU YIWO Tech Development Co., Ltd) HKLM-x32\...\Run: [EaseUS Cleanup] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.5\bin\CleanUpUI.exe [1246400 2016-07-19] (CHENGDU Yiwo Tech Development Co., Ltd.) HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] () HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1709962814-1474008365-844802666-1001\...\Run: [Steam] => e:\Steam\steam.exe [2881824 2017-01-19] (Valve Corporation) HKU\S-1-5-21-1709962814-1474008365-844802666-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4001848 2016-12-16] (Tonec Inc.) HKU\S-1-5-21-1709962814-1474008365-844802666-1001\...\Run: [Spybot-S&D Cleaning] => D:\Download\aProgramy\SpybotPortable\App\Spybot\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.) HKU\S-1-5-21-1709962814-1474008365-844802666-1001\...\MountPoints2: {f1c93452-6c22-11e6-8275-68172915814a} - "I:\setup.exe" HKU\S-1-5-21-1709962814-1474008365-844802666-1001\...\MountPoints2: {f1c93474-6c22-11e6-8275-68172915814a} - "J:\Setup.exe" HKU\S-1-5-21-1709962814-1474008365-844802666-1001\...\MountPoints2: {ff0ea7aa-5f9c-11e6-825e-68172915814a} - "G:\setup.exe" AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [170360 2017-05-02] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148016 2017-05-02] (NVIDIA Corporation) ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.) BootExecute: autocheck autochk * Partizan ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{1ADE1B10-8FFF-4BE5-93D9-E7ADF2CE7F3B}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{DF0E1035-5DB3-4895-AA11-C5992BE4F609}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1709962814-1474008365-844802666-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1709962814-1474008365-844802666-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKU\S-1-5-21-1709962814-1474008365-844802666-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1709962814-1474008365-844802666-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-12-10] (Internet Download Manager, Tonec Inc.) BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-12-10] (Internet Download Manager, Tonec Inc.) FireFox: ======== FF DefaultProfile: aazhexal.default FF DefaultProfile: k56400cj.default FF ProfilePath: C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\aazhexal.default [2017-05-30] FF Extension: (FlashStopper) - C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\aazhexal.default\Extensions\flashstopper@byo.co.il.xpi [2017-05-20] FF Extension: (Adblock Plus) - C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\aazhexal.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-05-27] FF ProfilePath: C:\Users\Piotr\AppData\Roaming\Light\Light\Profiles\k56400cj.default [2016-12-21] FF Extension: (Firefox Hotfix) - C:\Users\Piotr\AppData\Roaming\Light\Light\Profiles\k56400cj.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-10-24] FF HKU\S-1-5-21-1709962814-1474008365-844802666-1001\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi FF Extension: (Brak nazwy) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2017-05-16] FF HKU\S-1-5-21-1709962814-1474008365-844802666-1001\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-01-26] FF HKU\S-1-5-21-1709962814-1474008365-844802666-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Piotr\AppData\Roaming\IDM\idmmzcc5 FF Extension: (IDM CC) - C:\Users\Piotr\AppData\Roaming\IDM\idmmzcc5 [2017-05-30] [Brak podpisu cyfrowego] FF HKU\S-1-5-21-1709962814-1474008365-844802666-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [Brak pliku] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [Brak pliku] Chrome: ======= CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-05-17] CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-05-17] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 Bonjour Service; C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2017-04-02] (Apple Inc.) R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [30080 2012-10-01] (Intel Corporation) R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [31616 2012-10-01] (Intel Corporation) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2624856 2017-03-09] (ESET) R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244448 2014-10-28] (Foxit Software Inc.) R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [7438880 2015-07-30] (SecureMix LLC) R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-04-26] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-04-26] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-02] (NVIDIA Corporation) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-01-16] (ASUS Corporation) R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.) R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-10-15] (Motorola Solutions, Inc.) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107328 2012-10-01] (Intel Corporation) R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [42816 2012-10-01] (Intel Corporation) R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [64832 2012-10-01] (Intel Corporation) S3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [96576 2012-10-01] (Intel Corporation) R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [229184 2012-10-01] (Intel Corporation) R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [363328 2012-10-01] (Intel Corporation) S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-08-11] (Disc Soft Ltd) S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-08-11] (Disc Soft Ltd) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [132848 2017-03-09] (ESET) R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107344 2017-03-09] (ESET) S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [14880 2017-03-09] (ESET) R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [178056 2017-03-09] (ESET) R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [50752 2017-03-09] (ESET) R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [78192 2017-03-09] (ESET) R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [101648 2017-03-09] (ESET) S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [23032 2016-07-14] () S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [19960 2016-07-14] () S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2016-07-11] () S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2016-07-11] () R1 gwdrv; C:\Windows\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (SecureMix LLC) S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [Brak podpisu cyfrowego] S3 imhidusb; C:\Windows\System32\drivers\imhidusb.sys [23040 2007-04-19] (Immersion Corporation) R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-04-26] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47552 2017-03-28] (NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation) S0x01000000 papycpu2; C:\Windows\SysWOW64\DRIVERS\papycpu2.sys [1984 2003-01-17] () [Brak podpisu cyfrowego] S0x01000000 papyjoy; C:\Windows\SysWOW64\DRIVERS\papyjoy.sys [1856 2003-01-17] () [Brak podpisu cyfrowego] S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) R3 stdriver; C:\Windows\system32\DRIVERS\stdriverx64.sys [34392 2016-09-20] () S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2015-04-25] (Microsoft Corporation) R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [195416 2016-08-12] (IDRIX) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation) U3 pxldapow; \??\C:\Users\Piotr\AppData\Local\Temp\pxldapow.sys [X] <==== UWAGA ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-05-25 15:24 - 2017-05-25 15:24 - 00000000 ____D C:\Users\Piotr\Desktop\Spaceboy 2017-05-22 20:20 - 2017-05-22 20:20 - 00001574 _____ C:\Users\Piotr\AppData\Local\recently-used.xbel 2017-05-20 09:29 - 2017-04-27 15:11 - 00869568 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll 2017-05-20 09:29 - 2017-04-27 15:11 - 00678592 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll 2017-05-20 09:29 - 2017-04-27 15:10 - 00875712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll 2017-05-20 09:29 - 2017-04-27 15:10 - 00536768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll 2017-05-17 15:13 - 2016-10-17 17:35 - 00223464 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys 2017-05-17 00:09 - 2017-05-17 00:11 - 00000000 ____D C:\ProgramData\RegRun 2017-05-10 06:30 - 2017-04-28 23:15 - 07444824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2017-05-10 06:30 - 2017-04-26 16:06 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2017-05-10 06:30 - 2017-04-16 12:23 - 02176584 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll 2017-05-10 06:30 - 2017-04-16 12:23 - 01662096 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2017-05-10 06:30 - 2017-04-16 12:23 - 01063464 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll 2017-05-10 06:30 - 2017-04-16 12:18 - 01135288 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2017-05-10 06:30 - 2017-04-16 12:18 - 00803192 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2017-05-10 06:30 - 2017-04-16 11:07 - 01566032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll 2017-05-10 06:30 - 2017-04-16 11:07 - 01213792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2017-05-10 06:30 - 2017-04-16 11:07 - 00548032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll 2017-05-10 06:30 - 2017-04-16 11:05 - 00612096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2017-05-10 06:30 - 2017-04-16 10:54 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2017-05-10 06:30 - 2017-04-16 10:54 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2017-05-10 06:30 - 2017-04-16 10:51 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2017-05-10 06:30 - 2017-04-16 10:37 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2017-05-10 06:30 - 2017-04-16 10:36 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2017-05-10 06:30 - 2017-04-16 10:35 - 25741312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2017-05-10 06:30 - 2017-04-16 10:18 - 05977600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2017-05-10 06:30 - 2017-04-16 10:16 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2017-05-10 06:30 - 2017-04-16 10:10 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2017-05-10 06:30 - 2017-04-16 10:03 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2017-05-10 06:30 - 2017-04-16 10:02 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2017-05-10 06:30 - 2017-04-16 10:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2017-05-10 06:30 - 2017-04-16 10:00 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2017-05-10 06:30 - 2017-04-16 10:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2017-05-10 06:30 - 2017-04-16 09:53 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2017-05-10 06:30 - 2017-04-16 09:52 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2017-05-10 06:30 - 2017-04-16 09:49 - 20278272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-05-10 06:30 - 2017-04-16 09:47 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2017-05-10 06:30 - 2017-04-16 09:43 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2017-05-10 06:30 - 2017-04-16 09:40 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2017-05-10 06:30 - 2017-04-16 09:40 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2017-05-10 06:30 - 2017-04-16 09:40 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2017-05-10 06:30 - 2017-04-16 09:37 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2017-05-10 06:30 - 2017-04-16 09:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2017-05-10 06:30 - 2017-04-16 09:24 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2017-05-10 06:30 - 2017-04-16 09:23 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2017-05-10 06:30 - 2017-04-16 09:22 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2017-05-10 06:30 - 2017-04-16 09:22 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2017-05-10 06:30 - 2017-04-16 09:17 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2017-05-10 06:30 - 2017-04-16 09:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2017-05-10 06:30 - 2017-04-16 09:10 - 15250944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2017-05-10 06:30 - 2017-04-16 09:10 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2017-05-10 06:30 - 2017-04-16 09:10 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2017-05-10 06:30 - 2017-04-16 09:08 - 04548608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2017-05-10 06:30 - 2017-04-16 09:08 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2017-05-10 06:30 - 2017-04-16 09:04 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2017-05-10 06:30 - 2017-04-16 09:02 - 00267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll 2017-05-10 06:30 - 2017-04-16 08:53 - 13661184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-05-10 06:30 - 2017-04-16 08:50 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2017-05-10 06:30 - 2017-04-16 08:40 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2017-05-10 06:30 - 2017-04-16 08:37 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-05-10 06:30 - 2017-04-16 08:34 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-05-10 06:30 - 2017-04-16 08:34 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2017-05-10 06:30 - 2017-04-10 00:00 - 01548640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2017-05-10 06:30 - 2017-04-10 00:00 - 00388448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2017-05-10 06:30 - 2017-04-08 01:20 - 01375960 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2017-05-10 06:30 - 2017-04-07 15:56 - 01094656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2017-05-10 06:30 - 2017-04-02 18:41 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2017-05-10 06:30 - 2017-04-02 18:41 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2017-05-10 06:30 - 2017-04-01 01:16 - 01968408 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2017-05-10 06:30 - 2017-03-31 23:59 - 01612504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2017-05-09 22:58 - 2017-05-09 22:58 - 00000000 ____D C:\Users\Piotr\AppData\Local\ESET 2017-05-09 22:53 - 2017-05-09 22:53 - 00002001 _____ C:\Users\Public\Desktop\Ochrona bankowości internetowej.lnk 2017-05-09 22:53 - 2017-05-09 22:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2017-05-09 22:53 - 2017-05-09 22:53 - 00000000 ____D C:\ProgramData\ESET 2017-05-09 22:53 - 2017-05-09 22:53 - 00000000 ____D C:\Program Files\ESET 2017-05-09 22:17 - 2017-05-09 22:43 - 00000000 ____D C:\Program Files\Common Files\AV 2017-05-09 22:11 - 2017-05-09 22:29 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files 2017-05-09 21:49 - 2017-05-09 21:50 - 00286840 _____ C:\Windows\ntbtlog.txt 2017-05-09 19:20 - 2017-03-13 18:38 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\wmitomi.dll 2017-05-09 19:20 - 2017-03-13 18:29 - 02609664 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2017-05-09 19:20 - 2017-03-13 18:25 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2017-05-09 19:20 - 2017-03-13 18:13 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmitomi.dll 2017-05-09 19:20 - 2017-03-13 18:07 - 02170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll 2017-05-09 19:20 - 2017-03-13 18:06 - 00236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll 2017-05-09 19:20 - 2017-03-11 21:34 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2017-05-09 19:20 - 2017-03-11 21:32 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2017-05-09 19:20 - 2017-03-11 21:32 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2017-05-09 19:20 - 2017-03-11 20:49 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2017-05-09 19:20 - 2017-03-11 19:58 - 01437696 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2017-05-09 19:20 - 2017-03-11 19:54 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2017-05-09 19:20 - 2017-03-11 01:38 - 02017624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2017-05-09 19:20 - 2017-03-11 01:38 - 00275800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2017-05-09 19:20 - 2017-03-09 22:52 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll 2017-05-09 19:20 - 2017-03-09 21:17 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll 2017-05-09 19:20 - 2017-03-08 04:44 - 00448285 _____ C:\Windows\system32\ApnDatabase.xml 2017-05-09 19:14 - 2017-05-09 19:14 - 00463933 _____ C:\Windows\system32\werconcpl.rar 2017-05-06 13:56 - 2017-05-06 13:56 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-05-06 13:55 - 2017-05-06 14:21 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2017-05-06 13:55 - 2017-05-06 13:55 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-05-06 13:55 - 2017-05-06 13:55 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2017-05-06 13:13 - 2017-05-30 22:05 - 00000000 ____D C:\FRST 2017-05-06 13:11 - 2017-05-06 13:11 - 00000618 _____ C:\Users\Piotr\Desktop\LTO — skrót.lnk 2017-05-06 12:49 - 2017-05-06 12:52 - 00241040 _____ C:\TDSSKiller.3.1.0.12_06.05.2017_12.49.06_log.txt 2017-05-05 15:17 - 2017-05-08 06:11 - 00000000 ____D C:\Windows\SysWOW64\NV 2017-05-05 15:17 - 2017-05-08 06:11 - 00000000 ____D C:\Windows\system32\NV 2017-05-05 15:16 - 2017-05-05 15:16 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2017-05-05 15:16 - 2017-03-10 23:17 - 00536864 _____ C:\Windows\system32\vulkan-1.dll 2017-05-05 15:16 - 2017-03-10 23:17 - 00525600 _____ C:\Windows\SysWOW64\vulkan-1.dll 2017-05-05 15:16 - 2017-03-10 23:17 - 00254240 _____ C:\Windows\system32\vulkaninfo.exe 2017-05-05 15:16 - 2017-03-10 23:17 - 00233760 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2017-05-05 15:12 - 2017-05-02 00:32 - 40201848 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 35348600 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 35281528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 28592760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 20063696 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 17423240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 16434624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 14270072 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2017-05-05 15:12 - 2017-05-02 00:32 - 13401256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 11056456 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 11024384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 10547624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 09245560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 09014792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 08805416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 03432896 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 03012032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 01988032 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438205.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438205.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 01053816 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 00991168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 00960960 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 00911992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 00688968 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 00609728 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 00577728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 00507504 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 00499136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 00426128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 00153368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 00131720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2017-05-05 15:12 - 2017-05-02 00:32 - 00038336 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys 2017-05-05 15:12 - 2017-05-02 00:32 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json 2017-05-05 15:12 - 2017-05-02 00:32 - 00000669 _____ C:\Windows\system32\nv-vk64.json 2017-05-03 19:54 - 2017-05-03 19:54 - 00001227 _____ C:\Users\Piotr\Desktop\Zrzuty ekranu — skrót.lnk 2017-05-03 19:01 - 2017-05-03 19:08 - 00000109 _____ C:\Users\Piotr\Desktop\pl.txt 2017-05-02 20:18 - 2017-05-02 20:18 - 00000767 _____ C:\Users\Public\Desktop\Fallout 1.5 - Resurrection.lnk 2017-05-02 20:18 - 2017-05-02 20:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout 1.5 - Resurrection 2017-05-02 20:05 - 2017-05-02 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout 2 2017-05-02 17:12 - 2017-05-02 17:12 - 00000764 _____ C:\Users\Piotr\Desktop\WoT Tweaker Plus.lnk 2017-05-02 17:12 - 2017-05-02 17:12 - 00000633 _____ C:\Users\Piotr\Desktop\Aslains WoT Logs Archiver.lnk ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-05-30 22:03 - 2016-08-09 17:29 - 00000000 ____D C:\AdwCleaner 2017-05-30 20:08 - 2016-08-12 11:32 - 00000000 ____D C:\Users\Piotr\Desktop\Foty 2017-05-30 16:47 - 2016-11-25 16:11 - 00000000 ____D C:\Users\Piotr\AppData\LocalLow\Mozilla 2017-05-30 15:08 - 2016-08-21 12:16 - 00000000 ____D C:\Users\Piotr\AppData\Roaming\uTorrent 2017-05-30 14:52 - 2016-08-09 09:00 - 00000000 ____D C:\ProgramData\NVIDIA 2017-05-30 14:45 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-05-30 14:44 - 2017-04-25 06:59 - 00000250 _____ C:\Windows\SysWOW64\PARTIZAN.TXT 2017-05-30 06:50 - 2016-08-19 18:22 - 00000000 ____D C:\Users\Piotr\AppData\Roaming\DMCache 2017-05-29 18:38 - 2016-08-21 12:16 - 00000000 ____D C:\Program Files\PeerBlock 2017-05-28 23:13 - 2016-08-09 01:00 - 00000000 ____D C:\Users\Piotr 2017-05-28 18:09 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf 2017-05-26 16:38 - 2016-12-09 17:13 - 00018150 _____ C:\Users\Piotr\Desktop\bzdety.odt 2017-05-25 22:41 - 2014-09-24 17:08 - 01825074 _____ C:\Windows\system32\PerfStringBackup.INI 2017-05-25 22:41 - 2014-09-24 16:35 - 00813218 _____ C:\Windows\system32\perfh015.dat 2017-05-25 22:41 - 2014-09-24 16:35 - 00166028 _____ C:\Windows\system32\perfc015.dat 2017-05-25 09:39 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2017-05-25 00:38 - 2016-08-19 18:22 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager 2017-05-25 00:36 - 2016-08-19 18:22 - 00000000 ____D C:\Users\Piotr\AppData\Roaming\IDM 2017-05-24 21:13 - 2016-11-25 16:01 - 00000000 ____D C:\Program Files\Mozilla Firefox 2017-05-24 21:13 - 2016-10-24 19:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-05-24 02:25 - 2016-09-05 14:21 - 00000000 ____D C:\Users\Piotr\AppData\Roaming\Skype 2017-05-24 01:25 - 2017-04-01 17:44 - 00000000 ___RD C:\Program Files (x86)\Skype 2017-05-23 14:29 - 2016-08-09 06:20 - 00000000 ____D C:\Windows\system32\MRT 2017-05-23 14:26 - 2016-08-09 06:20 - 132223576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-05-22 20:48 - 2016-08-13 12:23 - 00000000 ____D C:\Users\Piotr\.gimp-2.8 2017-05-22 20:20 - 2016-08-13 12:28 - 00000000 ____D C:\Users\Piotr\AppData\Local\gtk-2.0 2017-05-20 09:29 - 2016-09-14 01:57 - 00000000 ____D C:\Windows\CbsTemp 2017-05-12 19:12 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache 2017-05-11 05:32 - 2013-08-22 16:44 - 00426752 _____ C:\Windows\system32\FNTCACHE.DAT 2017-05-10 23:31 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions 2017-05-09 23:28 - 2016-08-09 01:06 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1709962814-1474008365-844802666-1001 2017-05-09 22:55 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\ELAMBKUP 2017-05-09 22:43 - 2016-08-09 02:01 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2017-05-09 22:43 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM 2017-05-09 19:23 - 2017-03-18 10:52 - 00000000 ____D C:\Windows\system32\DAX3 2017-05-09 19:23 - 2017-01-15 18:20 - 00003168 _____ C:\Windows\System32\Tasks\RTKCPL 2017-05-09 19:23 - 2017-01-15 18:19 - 00000000 ____D C:\Windows\system32\DAX2 2017-05-09 19:22 - 2017-01-15 18:19 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2017-05-07 08:33 - 2016-08-10 16:55 - 00000000 ____D C:\Users\Piotr\AppData\Local\CrashDumps 2017-05-06 14:42 - 2017-01-07 20:45 - 00018239 _____ C:\Users\Piotr\Desktop\Psychiatra.odt 2017-05-05 15:14 - 2016-08-09 03:59 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2017-05-05 14:56 - 2016-09-10 09:49 - 00003852 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-05-05 14:56 - 2016-09-10 09:49 - 00001428 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2017-05-05 14:56 - 2016-08-09 04:00 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2017-05-05 14:55 - 2017-01-29 12:51 - 00004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-05-05 14:55 - 2016-09-26 11:22 - 00003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-05-05 14:55 - 2016-09-10 09:48 - 00003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-05-05 14:55 - 2016-09-10 09:48 - 00003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-05-05 14:55 - 2016-09-10 09:48 - 00003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-05-05 14:55 - 2016-09-10 09:48 - 00003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-05-05 14:55 - 2016-08-09 03:59 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-05-02 19:39 - 2016-08-11 13:29 - 00000000 ____D C:\Users\Piotr\AppData\Roaming\DAEMON Tools Lite 2017-05-02 00:32 - 2017-01-29 12:51 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat 2017-05-02 00:32 - 2016-08-09 09:18 - 04075936 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2017-05-02 00:32 - 2016-08-09 09:18 - 03592312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2017-05-02 00:32 - 2016-04-21 19:06 - 00491024 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2017-05-02 00:32 - 2016-04-21 19:06 - 00406736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2017-05-02 00:32 - 2016-04-21 19:04 - 00170360 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2017-05-02 00:32 - 2016-04-21 19:04 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2017-05-02 00:32 - 2016-04-21 17:53 - 00042897 _____ C:\Windows\system32\nvinfo.pb 2017-05-01 22:52 - 2016-09-10 09:48 - 00001951 _____ C:\Windows\NvContainerRecovery.bat 2017-05-01 22:51 - 2016-08-09 04:00 - 06437312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2017-05-01 22:51 - 2016-08-09 04:00 - 02479552 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2017-05-01 22:51 - 2016-08-09 04:00 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2017-05-01 22:51 - 2016-08-09 04:00 - 00548800 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2017-05-01 22:51 - 2016-08-09 04:00 - 00392312 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2017-05-01 22:51 - 2016-08-09 04:00 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2017-05-01 22:51 - 2016-08-09 04:00 - 00069752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2017-05-01 02:35 - 2017-04-27 09:12 - 00000000 ____D C:\Users\Piotr\AppData\Local\FSDART ==================== Pliki w katalogu głównym wybranych folderów ======= 2016-09-20 15:24 - 2016-09-20 15:24 - 0001167 _____ () C:\Users\Piotr\AppData\Roaming\trace_FilterInstaller.txt 2016-09-20 15:24 - 2016-09-20 15:24 - 0000000 _____ () C:\Users\Piotr\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt 2017-05-22 20:20 - 2017-05-22 20:20 - 0001574 _____ () C:\Users\Piotr\AppData\Local\recently-used.xbel 2017-01-29 16:11 - 2017-01-29 16:11 - 0007638 _____ () C:\Users\Piotr\AppData\Local\Resmon.ResmonCfg 2016-10-09 09:20 - 2016-10-09 09:20 - 25397336 _____ (One Click Root) C:\Users\Piotr\AppData\Local\TempOneClickRoot.exe 2016-10-08 10:51 - 2016-10-08 23:37 - 0000185 _____ () C:\Users\Piotr\AppData\Local\uts.ini 2017-01-15 18:19 - 2017-01-15 18:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Niektóre pliki w TEMP: ==================== 2017-05-06 10:16 - 2017-05-06 07:51 - 0389765 _____ () C:\Users\Piotr\AppData\Local\Temp\IDM Patch Uninstaller.exe ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-05-27 06:09 ==================== Koniec FRST.txt ============================