Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 21.01.2018 Uruchomiony przez Michał (administrator) MICHAŁ-KOMPUTER (24-01-2018 18:44:26) Uruchomiony z C:\Users\Michał\Desktop Załadowane profile: Michał (Dostępne profile: Michał & DefaultAppPool) Platform: Windows 10 Pro N Wersja 1709 16299.125 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AMD) C:\Windows\System32\atiesrxx.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (AMD) C:\Windows\System32\atieclxx.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Atheros) C:\Program Files (x86)\Atheros\AWiCMgr.exe (Filipe Lourenço) C:\Program Files (x86)\BatteryCare\BatteryCare.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe Brak dostępu do procesu -> audiodg.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174352 2015-11-10] (Realtek Semiconductor) HKLM\...\Run: [AWiC] => C:\Program Files (x86)\Atheros\AWiCMgr.exe [171168 2010-12-20] (Atheros) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== UWAGA HKU\S-1-5-21-4203751296-3443087910-3505805039-1000\...\Run: [BatteryCare] => C:\Program Files (x86)\BatteryCare\BatteryCare.exe [827904 2017-10-06] (Filipe Lourenço) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{01ad015b-8c5d-4ff4-9747-8a56711c09ef}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{9f2b06a0-9e8f-4458-91a8-23ebefea1d9c}: [DhcpNameServer] 10.7.1.1 212.191.78.177 Internet Explorer: ================== HKU\S-1-5-21-4203751296-3443087910-3505805039-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-04] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-04] (Oracle Corporation) BHO-x32: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> C:\Program Files (x86)\ALLPlayer\Iplex\IplexToALLPlayer.dll [2011-02-09] (ALLCinema Ltd.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies) Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) FireFox: ======== FF ProfilePath: C:\Users\Michał\AppData\Roaming\Mozilla\Firefox\Profiles\lu92atxo.default [2018-01-22] FF Homepage: Mozilla\Firefox\Profiles\lu92atxo.default -> hxxp://www.google.pl/ FF Extension: (Firefox Hotfix) - C:\Users\Michał\AppData\Roaming\Mozilla\Firefox\Profiles\lu92atxo.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-12] [Przestarzałe] FF Extension: (Avast Online Security) - C:\Users\Michał\AppData\Roaming\Mozilla\Firefox\Profiles\lu92atxo.default\Extensions\wrc@avast.com.xpi [2018-01-22] FF Extension: (Adblock Plus) - C:\Users\Michał\AppData\Roaming\Mozilla\Firefox\Profiles\lu92atxo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-27] [Przestarzałe] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-24] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-24] () FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-04] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-04] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation) FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( ) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-01-20] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-01-20] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-27] (Adobe Systems Inc.) Chrome: ======= CHR HomePage: Default -> hxxps://www.google.pl/ CHR Profile: C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default [2018-01-23] CHR Extension: (Dysk Google) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (Dokumenty Google offline) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16] CHR Extension: (Avast Online Security) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-01-22] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-14] CHR Extension: (Chrome Media Router) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2018-01-22] (AVAST Software) S3 AWiCSrvc; C:\Program Files (x86)\Atheros\AWiCSrvc.exe [50336 2010-12-20] (Atheros Communications) [Brak podpisu cyfrowego] R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-14] (Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-24] (Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-24] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [82664 2015-12-16] (Advanced Micro Devices, Inc.) S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [29696 2016-03-02] (LG Electronics Inc.) S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [30720 2016-03-02] (LG Electronics Inc.) S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [37376 2016-03-02] (LG Electronics Inc.) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [185096 2018-01-22] (AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321512 2018-01-22] (AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199448 2018-01-22] (AVAST Software) R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343768 2018-01-22] (AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57696 2018-01-22] (AVAST Software) R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [149344 2018-01-22] (AVAST Software) S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2018-01-22] (AVAST Software) R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-08] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [146648 2018-01-22] (AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110336 2018-01-22] (AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84384 2018-01-22] (AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1025176 2018-01-22] (AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [457896 2018-01-22] (AVAST Software) R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [204456 2018-01-22] (AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [358672 2018-01-22] (AVAST Software) R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111120 2016-03-01] (Advanced Micro Devices) R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2016-06-07] (REALiX(tm)) R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [15416 2009-07-20] ( ) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek ) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-24] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-24] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-24] (Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-01-24 18:44 - 2018-01-24 18:47 - 000016236 _____ C:\Users\Michał\Desktop\FRST.txt 2018-01-24 18:37 - 2018-01-24 18:37 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2018-01-24 18:28 - 2018-01-24 18:28 - 000000000 ____D C:\ProgramData\SWCUTemp 2018-01-24 00:31 - 2018-01-24 00:31 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4203751296-3443087910-3505805039-1000 2018-01-24 00:25 - 2018-01-24 00:25 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2018-01-24 00:24 - 2018-01-24 00:24 - 000000000 ____D C:\Users\Michał\AppData\Local\DBG 2018-01-24 00:13 - 2018-01-24 00:13 - 000000000 ___RD C:\Users\Michał\3D Objects 2018-01-24 00:12 - 2018-01-24 00:12 - 000000000 ____D C:\Users\Michał\AppData\Local\ConnectedDevicesPlatform 2018-01-24 00:11 - 2018-01-24 00:11 - 000000020 ___SH C:\Users\Michał\ntuser.ini 2018-01-24 00:05 - 2018-01-24 18:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-01-24 00:05 - 2018-01-24 01:14 - 000004642 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2018-01-24 00:05 - 2018-01-24 00:31 - 000004090 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1465328012 2018-01-24 00:05 - 2018-01-24 00:14 - 000004474 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2018-01-24 00:05 - 2018-01-24 00:07 - 000002188 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2018-01-24 00:05 - 2018-01-24 00:06 - 000003764 _____ C:\WINDOWS\System32\Tasks\AMD Updater 2018-01-24 00:05 - 2018-01-24 00:06 - 000003494 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2018-01-24 00:05 - 2018-01-24 00:06 - 000002280 _____ C:\WINDOWS\System32\Tasks\RTKCPL 2018-01-24 00:05 - 2018-01-24 00:05 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2018-01-24 00:05 - 2018-01-24 00:05 - 000003270 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2018-01-24 00:05 - 2018-01-24 00:05 - 000002942 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update 2018-01-24 00:05 - 2018-01-24 00:05 - 000002346 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_ListenToDevice 2018-01-24 00:05 - 2018-01-24 00:05 - 000002284 _____ C:\WINDOWS\System32\Tasks\RtHDVBg 2018-01-24 00:05 - 2018-01-24 00:05 - 000002246 _____ C:\WINDOWS\System32\Tasks\ATKOSD2 2018-01-24 00:05 - 2018-01-24 00:05 - 000000000 ____D C:\WINDOWS\System32\Tasks\WPD 2018-01-24 00:05 - 2018-01-24 00:05 - 000000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform 2018-01-24 00:05 - 2018-01-24 00:05 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software 2018-01-24 00:05 - 2018-01-24 00:05 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software 2018-01-24 00:03 - 2018-01-24 00:04 - 000011433 _____ C:\WINDOWS\diagwrn.xml 2018-01-24 00:03 - 2018-01-24 00:04 - 000011433 _____ C:\WINDOWS\diagerr.xml 2018-01-23 23:26 - 2018-01-24 07:24 - 000000000 ____D C:\Users\Michał\AppData\Local\Packages 2018-01-23 23:24 - 2018-01-24 00:13 - 000000000 ____D C:\Users\Michał 2018-01-23 23:24 - 2018-01-23 23:50 - 000000000 ____D C:\Users\DefaultAppPool 2018-01-23 23:24 - 2018-01-23 23:24 - 000000000 _SHDL C:\Users\Michał\Ustawienia lokalne 2018-01-23 23:24 - 2018-01-23 23:24 - 000000000 _SHDL C:\Users\Michał\Szablony 2018-01-23 23:24 - 2018-01-23 23:24 - 000000000 _SHDL C:\Users\Michał\Moje dokumenty 2018-01-23 23:24 - 2018-01-23 23:24 - 000000000 _SHDL C:\Users\Michał\Menu Start 2018-01-23 23:24 - 2018-01-23 23:24 - 000000000 _SHDL C:\Users\Michał\Documents\Moje wideo 2018-01-23 23:24 - 2018-01-23 23:24 - 000000000 _SHDL C:\Users\Michał\Documents\Moje obrazy 2018-01-23 23:24 - 2018-01-23 23:24 - 000000000 _SHDL C:\Users\Michał\Documents\Moja muzyka 2018-01-23 23:24 - 2018-01-23 23:24 - 000000000 _SHDL C:\Users\Michał\Dane aplikacji 2018-01-23 23:24 - 2018-01-23 23:24 - 000000000 _SHDL C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2018-01-23 23:24 - 2018-01-23 23:24 - 000000000 _SHDL C:\Users\Michał\AppData\Local\Historia 2018-01-23 23:24 - 2018-01-23 23:24 - 000000000 _SHDL C:\Users\Michał\AppData\Local\Dane aplikacji 2018-01-23 23:24 - 2018-01-23 23:24 - 000000000 _SHDL C:\Users\DefaultAppPool\Ustawienia lokalne 2018-01-23 23:24 - 2018-01-23 23:24 - 000000000 _SHDL C:\Users\DefaultAppPool\Szablony 2018-01-23 23:24 - 2018-01-23 23:24 - 000000000 _SHDL C:\Users\DefaultAppPool\Moje dokumenty 2018-01-23 23:24 - 2018-01-23 23:24 - 000000000 _SHDL C:\Users\DefaultAppPool\Menu Start 2018-01-23 23:24 - 2018-01-23 23:24 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Moje wideo 2018-01-23 23:24 - 2018-01-23 23:24 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Moje obrazy 2018-01-23 23:24 - 2018-01-23 23:24 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Moja muzyka 2018-01-23 23:24 - 2018-01-23 23:24 - 000000000 _SHDL C:\Users\DefaultAppPool\Dane aplikacji 2018-01-23 23:24 - 2018-01-23 23:24 - 000000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2018-01-23 23:24 - 2018-01-23 23:24 - 000000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Historia 2018-01-23 23:24 - 2018-01-23 23:24 - 000000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Dane aplikacji 2018-01-23 23:22 - 2018-01-23 23:22 - 000000000 ____D C:\ProgramData\USOShared 2018-01-23 23:18 - 2018-01-24 18:32 - 002198864 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-01-23 23:17 - 2018-01-23 23:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2018-01-23 23:17 - 2018-01-23 23:17 - 000000000 ____D C:\Program Files\ATI Technologies 2018-01-23 23:14 - 2017-09-29 14:40 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2018-01-23 23:09 - 2018-01-24 07:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-01-23 23:09 - 2018-01-23 23:44 - 005079936 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2018-01-23 22:59 - 2018-01-24 00:11 - 000000000 ____D C:\Windows.old 2018-01-23 22:50 - 2018-01-23 22:50 - 000000795 _____ C:\Users\Michał\Desktop\Asystent aktualizacji do systemu Windows 10.lnk 2018-01-23 22:49 - 2018-01-23 22:49 - 000000000 ____D C:\Program Files (x86)\Windows Kits 2018-01-23 00:24 - 2018-01-22 21:24 - 000457896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2018-01-23 00:24 - 2018-01-22 21:24 - 000146648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2018-01-23 00:24 - 2018-01-22 21:09 - 000457400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys.151665264790609 2018-01-23 00:24 - 2018-01-22 21:09 - 000358672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2018-01-23 00:24 - 2018-01-22 21:09 - 000204456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2018-01-23 00:24 - 2018-01-22 21:09 - 000146664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys.151665264790609 2018-01-23 00:24 - 2018-01-22 21:09 - 000110336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2018-01-23 00:24 - 2018-01-22 21:09 - 000084384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2018-01-23 00:24 - 2018-01-22 21:09 - 000046976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2018-01-23 00:24 - 2018-01-22 20:56 - 001025176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2018-01-23 00:24 - 2016-09-08 22:10 - 000037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2018-01-23 00:24 - 2016-07-04 21:09 - 000473592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.146766300843702 2018-01-23 00:21 - 2018-01-23 00:21 - 000000000 ___DL C:\Users\Public\Recorded TV (1) 2018-01-23 00:21 - 2018-01-22 21:09 - 000365680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2018-01-23 00:21 - 2016-09-08 22:11 - 000053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2018-01-23 00:20 - 2018-01-23 23:00 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2018-01-23 00:20 - 2018-01-23 00:20 - 000000000 ____D C:\Program Files\Common Files\SpeechEngines 2018-01-23 00:13 - 2018-01-23 00:19 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2018-01-23 00:07 - 2018-01-23 00:07 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2018-01-23 00:07 - 2018-01-23 00:07 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices 2018-01-23 00:07 - 2018-01-23 00:07 - 000000000 ____D C:\WINDOWS\system32\msmq 2018-01-23 00:07 - 2018-01-23 00:07 - 000000000 ____D C:\WINDOWS\system32\BestPractices 2018-01-23 00:06 - 2018-01-23 23:00 - 000000000 ____D C:\Program Files (x86)\MSBuild 2018-01-23 00:06 - 2018-01-23 00:06 - 000000000 ____D C:\Program Files\Reference Assemblies 2018-01-23 00:06 - 2018-01-23 00:06 - 000000000 ____D C:\Program Files\MSBuild 2018-01-23 00:06 - 2018-01-23 00:06 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2018-01-23 00:06 - 2018-01-23 00:06 - 000000000 ____D C:\inetpub 2018-01-22 23:58 - 2017-09-22 18:19 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2018-01-22 23:58 - 2017-09-22 18:19 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2018-01-22 23:58 - 2017-09-22 18:19 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2018-01-22 23:57 - 2017-09-28 15:50 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2018-01-22 23:57 - 2017-09-28 15:50 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2018-01-22 23:57 - 2017-09-28 15:50 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2018-01-22 23:54 - 2017-09-28 19:05 - 005739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll 2018-01-22 23:54 - 2017-09-28 19:05 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll 2018-01-22 23:54 - 2017-09-28 18:56 - 006347776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll 2018-01-22 23:54 - 2017-09-28 18:44 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll 2018-01-22 23:54 - 2017-09-28 18:38 - 005484032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll 2018-01-22 23:18 - 2018-01-22 23:18 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2018-01-22 22:16 - 2018-01-22 22:15 - 002393088 _____ (Farbar) C:\Users\Michał\Desktop\FRST64.exe 2018-01-22 21:23 - 2018-01-22 21:23 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys.151665263376502 2018-01-22 21:21 - 2018-01-22 21:09 - 000185096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys 2018-01-22 21:21 - 2018-01-22 20:34 - 000343768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys 2018-01-22 21:21 - 2018-01-22 20:34 - 000321512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys 2018-01-22 21:21 - 2018-01-22 20:34 - 000199448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys 2018-01-22 21:21 - 2018-01-22 20:34 - 000057696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys 2018-01-22 21:19 - 2018-01-24 00:10 - 000000000 ___DC C:\WINDOWS\Panther 2018-01-22 21:04 - 2018-01-22 21:19 - 000000036 _____ C:\WINDOWS\progress.ini 2018-01-22 20:35 - 2018-01-24 00:10 - 000000000 ___HD C:\$GetCurrent 2018-01-22 20:29 - 2018-01-22 20:29 - 000000000 ____D C:\Users\Michał\Desktop\Nowy folder (2) 2018-01-22 15:42 - 2018-01-22 15:42 - 000000000 ____D C:\Users\Michał\AppData\Roaming\BatteryCare 2018-01-22 15:41 - 2018-01-23 23:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BatteryCare 2018-01-22 15:41 - 2018-01-22 15:41 - 000001116 _____ C:\Users\Public\Desktop\BatteryCare.lnk 2018-01-22 15:41 - 2018-01-22 15:41 - 000000000 ____D C:\Program Files (x86)\BatteryCare 2018-01-22 15:27 - 2018-01-23 22:50 - 000000807 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asystent aktualizacji do systemu Windows 10.lnk 2018-01-22 15:26 - 2018-01-24 00:13 - 000000000 ____D C:\Windows10Upgrade 2018-01-22 15:12 - 2018-01-22 15:12 - 000326060 _____ C:\Users\Michał\Desktop\occt2.rar 2018-01-22 15:11 - 2018-01-22 15:11 - 000000000 ____D C:\Users\Michał\Desktop\occt2 2018-01-22 15:10 - 2018-01-22 15:10 - 000000000 ____D C:\Users\Michał\Desktop\Nowy folder 2018-01-21 19:58 - 2018-01-21 19:58 - 000314499 _____ C:\Users\Michał\Desktop\OCCT.rar 2018-01-21 19:57 - 2018-01-21 19:58 - 000000000 ____D C:\Users\Michał\Desktop\OCCT 2018-01-21 19:56 - 2018-01-22 15:10 - 000000000 ____D C:\Users\Michał\Documents\OCCT 2018-01-21 19:31 - 2018-01-21 19:31 - 000000000 ____D C:\Users\Michał\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me 2018-01-21 19:29 - 2018-01-23 23:41 - 000000000 ____D C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OCCT 2018-01-21 19:29 - 2018-01-21 19:29 - 000001040 _____ C:\Users\Michał\Desktop\OCCT.lnk 2018-01-21 19:29 - 2018-01-21 19:29 - 000000000 ____D C:\Program Files (x86)\OCCTPT 2018-01-21 19:24 - 2018-01-23 23:41 - 000000000 ____D C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan 2018-01-21 19:24 - 2018-01-21 19:25 - 000000000 ____D C:\Program Files (x86)\SpeedFan 2018-01-21 19:24 - 2018-01-21 19:24 - 000001080 _____ C:\Users\Michał\Desktop\SpeedFan.lnk 2018-01-21 19:24 - 2018-01-21 19:24 - 000000045 _____ C:\WINDOWS\SysWOW64\initdebug.nfo 2018-01-21 19:22 - 2018-01-23 23:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp 2018-01-21 19:22 - 2018-01-21 19:22 - 000000989 _____ C:\Users\Michał\Desktop\Core Temp.lnk 2018-01-21 19:22 - 2018-01-21 19:22 - 000000000 ____D C:\Program Files\Core Temp 2018-01-21 19:21 - 2018-01-21 19:12 - 001702731 _____ C:\Users\Michał\Desktop\www.xdrv.ru_victoria_447.zip 2018-01-21 19:21 - 2018-01-21 19:12 - 001220384 _____ ( ) C:\Users\Michał\Desktop\hwmonitor_1.34.exe 2018-01-20 22:07 - 2018-01-20 22:07 - 000000000 ____D C:\WINDOWS\UpdateAssistant 2018-01-20 22:06 - 2018-01-23 23:00 - 000000000 ____D C:\Program Files\UNP 2018-01-20 20:47 - 2018-01-20 20:47 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys 2018-01-20 20:47 - 2018-01-20 20:47 - 000000000 ____D C:\Program Files\Common Files\avast software 2018-01-20 20:40 - 2018-01-20 22:07 - 000000000 ____D C:\Program Files\rempl 2018-01-20 20:01 - 2018-01-20 20:13 - 000000000 ____D C:\Users\Michał\Desktop\CrystalDiskInfo7_5_1 2018-01-20 19:27 - 2018-01-22 20:53 - 000149344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys 2018-01-20 19:27 - 2017-11-01 15:44 - 000105128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw1759e6a083084853.tmp ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-01-24 18:44 - 2015-06-11 09:22 - 000000000 ____D C:\FRST 2018-01-24 18:38 - 2017-09-29 14:45 - 000000000 ____D C:\WINDOWS\DeliveryOptimization 2018-01-24 18:32 - 2017-09-30 15:31 - 000957324 _____ C:\WINDOWS\system32\perfh015.dat 2018-01-24 18:32 - 2017-09-30 15:31 - 000214540 _____ C:\WINDOWS\system32\perfc015.dat 2018-01-24 18:27 - 2017-09-29 14:45 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-01-24 18:27 - 2016-07-20 18:31 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump 2018-01-24 18:23 - 2017-09-29 09:45 - 000262144 _____ C:\WINDOWS\system32\config\BBI 2018-01-24 18:15 - 2017-09-29 14:43 - 000000000 ____D C:\WINDOWS\INF 2018-01-24 04:31 - 2017-09-29 14:45 - 000000000 ____D C:\WINDOWS\appcompat 2018-01-24 01:43 - 2017-09-29 14:45 - 000000000 ___HD C:\Program Files\WindowsApps 2018-01-24 01:14 - 2017-09-29 14:45 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2018-01-24 01:14 - 2017-09-29 14:45 - 000000000 ____D C:\WINDOWS\system32\Macromed 2018-01-24 00:31 - 2016-06-07 20:34 - 000001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2018-01-24 00:31 - 2016-05-12 23:03 - 000002414 _____ C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-01-24 00:31 - 2016-05-12 23:03 - 000000000 ___RD C:\Users\Michał\OneDrive 2018-01-24 00:14 - 2016-05-12 22:37 - 000000000 ____D C:\Users\Michał\AppData\Local\TileDataLayer 2018-01-24 00:13 - 2016-02-13 18:48 - 000000000 __RHD C:\Users\Public\AccountPictures 2018-01-24 00:07 - 2017-09-29 14:45 - 000000000 ____D C:\Program Files\windows nt 2018-01-24 00:06 - 2017-09-29 09:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2018-01-24 00:01 - 2017-09-29 14:45 - 000000000 ____D C:\WINDOWS\Registration 2018-01-23 23:59 - 2016-05-12 22:28 - 000023140 _____ C:\WINDOWS\system32\emptyregdb.dat 2018-01-23 23:58 - 2017-09-29 14:45 - 000000000 __RSD C:\WINDOWS\media 2018-01-23 23:49 - 2015-10-21 16:48 - 000002278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-01-23 23:49 - 2015-10-21 16:48 - 000002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-01-23 23:44 - 2017-09-29 14:45 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2018-01-23 23:41 - 2016-06-04 21:07 - 000000000 ____D C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2018-01-23 23:41 - 2014-01-28 22:31 - 000000000 ____D C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2018-01-23 23:32 - 2017-09-29 14:45 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2018-01-23 23:27 - 2016-01-13 23:32 - 000000000 ____D C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winnydows 2018-01-23 23:22 - 2017-09-29 14:45 - 000000000 ____D C:\ProgramData\USOPrivate 2018-01-23 23:17 - 2016-09-28 16:27 - 002047102 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2018-01-23 23:16 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2018-01-23 23:16 - 2016-09-28 16:22 - 000000000 ____D C:\Program Files (x86)\ATI Technologies 2018-01-23 23:16 - 2016-09-28 16:21 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2018-01-23 23:15 - 2016-09-28 16:21 - 000000000 ____D C:\Program Files\Elantech 2018-01-23 23:14 - 2015-05-30 22:39 - 000000000 ____D C:\AMD 2018-01-23 23:08 - 2017-09-29 14:45 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2018-01-23 23:00 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\nn-NO 2018-01-23 23:00 - 2017-09-29 14:45 - 000000000 __SHD C:\Program Files\Windows Sidebar 2018-01-23 23:00 - 2017-09-29 14:45 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar 2018-01-23 23:00 - 2017-09-29 14:45 - 000000000 ____D C:\WINDOWS\SysWOW64\IME 2018-01-23 23:00 - 2017-09-29 14:45 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2018-01-23 23:00 - 2017-09-29 14:45 - 000000000 ____D C:\WINDOWS\system32\spool 2018-01-23 23:00 - 2017-09-29 14:45 - 000000000 ____D C:\WINDOWS\system32\NDF 2018-01-23 23:00 - 2017-09-29 14:45 - 000000000 ____D C:\WINDOWS\system32\IME 2018-01-23 23:00 - 2017-09-29 14:45 - 000000000 ____D C:\WINDOWS\schemas 2018-01-23 23:00 - 2017-09-29 14:45 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2018-01-23 23:00 - 2017-03-05 14:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2018-01-23 23:00 - 2016-09-28 16:20 - 000000000 ____D C:\Program Files\AMD 2018-01-23 23:00 - 2016-07-16 12:45 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2018-01-23 23:00 - 2016-06-08 11:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool 2018-01-23 23:00 - 2016-06-07 12:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64 2018-01-23 23:00 - 2016-06-04 21:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2018-01-23 23:00 - 2016-03-14 11:43 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2018-01-23 23:00 - 2016-02-13 18:38 - 000000000 ____D C:\WINDOWS\ShellNew 2018-01-23 23:00 - 2016-01-10 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle VideoSpin 2018-01-23 23:00 - 2015-05-16 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2018-01-23 23:00 - 2015-04-22 15:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm 2018-01-23 23:00 - 2015-02-18 13:05 - 000000000 ____D C:\WINDOWS\SysWOW64\vbox 2018-01-23 23:00 - 2015-02-18 13:05 - 000000000 ____D C:\WINDOWS\system32\vbox 2018-01-23 23:00 - 2014-11-12 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ 2018-01-23 23:00 - 2014-11-07 13:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia 2018-01-23 23:00 - 2014-07-07 14:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag 2018-01-23 23:00 - 2014-03-07 23:12 - 000000000 ____D C:\WINDOWS\pl 2018-01-23 23:00 - 2014-02-26 12:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2018-01-23 23:00 - 2013-12-03 20:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeXnicCenter 2018-01-23 23:00 - 2013-12-03 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9 2018-01-23 23:00 - 2013-11-22 11:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaInfo Lite 2018-01-23 23:00 - 2013-11-18 13:21 - 000000000 ____D C:\WINDOWS\SysWOW64\sda 2018-01-23 23:00 - 2013-11-13 18:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SubEdit-Player 2018-01-23 23:00 - 2013-11-13 17:42 - 000000000 ____D C:\WINDOWS\system32\appmgmt 2018-01-23 23:00 - 2013-11-13 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint 2018-01-23 23:00 - 2013-11-13 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2018-01-23 23:00 - 2013-10-25 11:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chomikuj.pl 2018-01-23 23:00 - 2013-10-24 23:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt 2018-01-23 23:00 - 2013-10-24 23:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer 2018-01-23 23:00 - 2013-10-24 23:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLMediaServer 2018-01-23 23:00 - 2013-10-22 19:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2018-01-23 23:00 - 2013-10-22 08:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2018-01-23 22:59 - 2017-09-29 14:47 - 000000000 ____D C:\WINDOWS\Setup 2018-01-23 22:49 - 2016-09-28 16:21 - 000000000 ____D C:\ProgramData\Package Cache 2018-01-23 00:40 - 2017-09-29 14:45 - 000000000 __RHD C:\Users\Public\Libraries 2018-01-23 00:21 - 2016-06-07 17:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits 2018-01-23 00:20 - 2016-09-28 16:23 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies 2018-01-23 00:20 - 2016-09-28 16:21 - 000000000 ____D C:\Program Files\Realtek 2018-01-23 00:20 - 2016-02-21 19:05 - 000000000 ____D C:\Program Files\Microsoft Games 2018-01-23 00:08 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-01-23 00:07 - 2017-09-29 14:45 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI 2018-01-23 00:07 - 2017-09-29 14:45 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2018-01-23 00:07 - 2017-09-29 14:45 - 000000000 ____D C:\WINDOWS\system32\MUI 2018-01-23 00:07 - 2017-09-29 14:45 - 000000000 ____D C:\WINDOWS\system32\inetsrv 2018-01-23 00:05 - 2017-12-14 00:34 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2018-01-23 00:05 - 2017-09-29 14:41 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll 2018-01-23 00:05 - 2017-09-29 14:41 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb 2018-01-23 00:05 - 2017-09-29 14:41 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb 2018-01-23 00:05 - 2017-09-29 14:41 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb 2018-01-23 00:05 - 2017-09-29 14:41 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll 2018-01-23 00:05 - 2017-09-29 14:41 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb 2018-01-23 00:05 - 2017-09-29 14:41 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe 2018-01-23 00:05 - 2017-09-29 14:41 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll 2018-01-23 00:05 - 2017-09-29 14:41 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll 2018-01-23 00:05 - 2017-09-29 14:41 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll 2018-01-23 00:05 - 2017-09-29 14:40 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys 2018-01-23 00:04 - 2017-09-29 14:42 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll 2018-01-23 00:04 - 2017-09-29 14:42 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll 2018-01-23 00:04 - 2017-09-29 14:42 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll 2018-01-23 00:04 - 2017-09-29 14:42 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe 2018-01-23 00:04 - 2017-09-29 14:42 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll 2018-01-23 00:04 - 2017-09-29 14:42 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll 2018-01-23 00:04 - 2017-09-29 14:42 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll 2018-01-23 00:04 - 2017-09-29 14:41 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll 2018-01-23 00:04 - 2017-09-29 14:41 - 000009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof 2018-01-23 00:04 - 2017-09-29 14:40 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll 2018-01-23 00:04 - 2017-09-29 14:40 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll 2018-01-23 00:04 - 2017-09-29 14:40 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll 2018-01-23 00:03 - 2017-09-29 14:42 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll 2018-01-23 00:03 - 2017-09-29 14:42 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll 2018-01-23 00:03 - 2017-09-29 14:42 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll 2018-01-23 00:03 - 2017-09-29 14:40 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll 2018-01-23 00:03 - 2017-09-29 14:40 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll 2018-01-23 00:03 - 2017-09-29 14:40 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb 2018-01-23 00:03 - 2017-09-29 14:40 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb 2018-01-23 00:03 - 2017-09-29 14:40 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb 2018-01-23 00:03 - 2017-09-29 14:40 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb 2018-01-23 00:03 - 2017-09-29 14:40 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll 2018-01-23 00:03 - 2017-09-29 14:40 - 000009096 _____ C:\WINDOWS\system32\msmqtrc.mof 2018-01-23 00:02 - 2017-09-29 14:41 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll 2018-01-23 00:02 - 2017-09-29 14:41 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll 2018-01-23 00:02 - 2017-09-29 14:40 - 001381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll 2018-01-23 00:02 - 2017-09-29 14:40 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe 2018-01-23 00:02 - 2017-09-29 14:40 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe 2018-01-22 23:54 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\OCR 2018-01-22 21:11 - 2013-11-18 14:19 - 000000000 ____D C:\ProgramData\AVAST Software 2018-01-22 00:02 - 2016-06-07 12:34 - 000000000 ____D C:\Program Files\HWiNFO64 2018-01-20 20:18 - 2015-10-21 13:24 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2018-01-20 20:07 - 2013-10-18 18:48 - 000000000 ____D C:\ProgramData\Skype 2018-01-20 19:44 - 2010-11-21 04:27 - 000545440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe ==================== Pliki w katalogu głównym wybranych folderów ======= 2016-01-13 11:46 - 2016-01-13 11:47 - 000002298 _____ () C:\Users\Michał\AppData\Roaming\ASSDraw3.cfg 2016-01-10 21:10 - 2016-01-10 21:10 - 000003584 _____ () C:\Users\Michał\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-12-05 17:07 - 2015-11-19 16:46 - 000000337 _____ () C:\Users\Michał\AppData\Local\Perfmon.PerfmonCfg 2014-08-31 09:13 - 2014-08-31 09:13 - 000000017 _____ () C:\Users\Michał\AppData\Local\resmon.resmoncfg ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2018-01-23 23:09 ==================== Koniec FRST.txt ============================