Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:16-10-2015 Uruchomiony przez Rafal (administrator) ADMIN (16-10-2015 21:55:58) Uruchomiony z C:\Users\Rafal\Downloads Załadowane profile: Rafal (Dostępne profile: Rafal) Platform: Windows 7 Home Premium (X64) Język: Polski (Polska) Internet Explorer Wersja 9 (Domyślna przeglądarka nie została wykryta!) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe () C:\Users\Rafal\ysmut.exe (Filefacts.net) C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe (IObit) C:\Program Files (x86)\IObit\Surfing Protection\PluginInstall.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoSweep.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoCare.exe (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (IObit) C:\Program Files (x86)\IObit\Surfing Protection\SPUpdate.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\PerformUpdate.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoUpdate.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe () G:\qowub.scr () G:\reoutim.scr (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM-x32\...\Run: [Smart File Advisor] => C:\Program Files (x86)\Smart File Advisor\sfa.exe [282384 2015-03-22] (Filefacts.net) HKLM-x32\...\Run: [SFAUpdater] => C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe [656144 2015-03-18] (Filefacts.net) HKU\S-1-5-21-1767114643-583189397-3206445415-1001\...\Run: [ysmut] => C:\Users\Rafal\ysmut.exe [52736 2015-10-16] () HKU\S-1-5-21-1767114643-583189397-3206445415-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team) HKU\S-1-5-21-1767114643-583189397-3206445415-1001\...\Run: [GoogleChromeAutoLaunch_724CBAA0EB237E6FA3B1D299AF121547] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-10-09] (Google Inc.) HKU\S-1-5-21-1767114643-583189397-3206445415-1001\...\MountPoints2: F - F:\setup.exe HKU\S-1-5-21-1767114643-583189397-3206445415-1001\...\MountPoints2: {2a592aa8-4a6f-11e5-ac35-e894f6030f47} - F:\18WoS_ET2_Setup.exe HKU\S-1-5-21-1767114643-583189397-3206445415-1001\...\MountPoints2: {4242c581-4717-11e5-a32e-806e6f6e6963} - E:\Autorun.exe HKU\S-1-5-21-1767114643-583189397-3206445415-1001\...\MountPoints2: {6b413590-5e9d-11e5-bdfc-e894f6030f47} - F:\setup.exe HKU\S-1-5-21-1767114643-583189397-3206445415-1001\...\MountPoints2: {cfdb6156-4edd-11e5-a1c0-e894f6030f47} - F:\setup.exe HKU\S-1-5-21-1767114643-583189397-3206445415-1001\...\MountPoints2: {e98aa11a-5153-11e5-a842-e894f6030f47} - G:\setup.exe IFEO\DiscSoftBusService.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe IFEO\DTAgent.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe IFEO\DTHelper.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe IFEO\DTLauncher.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe IFEO\DTLite.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe IFEO\DTLiteHelper.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe IFEO\Extractor.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe IFEO\maintenanceservice.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe IFEO\SPTDinst-x64.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Rafal\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] () ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Rafal\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] () ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Rafal\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Rafal\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Rafal\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Rafal\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () GroupPolicy: Ograniczenia - Chrome <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{C5CEA98F-B5B6-469E-8DC7-7B348EA8E8DF}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKU\S-1-5-21-1767114643-583189397-3206445415-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll => Brak pliku BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-24] (Oracle Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-24] (Oracle Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Rafal\AppData\Roaming\Mozilla\Firefox\Profiles\g0eh95sx.default FF Homepage: hxxps://www.malwarebytes.org/restorebrowser//?type=hp&ts=1443806240&z=400c8b0ff9abddbea130392gbzaz0c9bce5qbebz8g&from=cmi&uid=ST3320620AS_5QF00QS8XXXX5QF00QS8 FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-24] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-24] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.) FF user.js: detected! => C:\Users\Rafal\AppData\Roaming\Mozilla\Firefox\Profiles\g0eh95sx.default\user.js [2015-10-09] FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Rafal\AppData\Roaming\Mozilla\Firefox\Profiles\g0eh95sx.default\Extensions\iobitascsurfingprotection@iobit.com [2015-10-09] FF Extension: PSFactoryBuffer - C:\Users\Rafal\AppData\Roaming\Mozilla\Firefox\Profiles\g0eh95sx.default\Extensions\{A5E55383-E0CF-637D-5B1C-E583E83B53BF} [2015-09-07] FF Extension: Web Amplified 1.0.1 - C:\Users\Rafal\AppData\Roaming\Mozilla\Firefox\Profiles\g0eh95sx.default\Extensions\{c9a8dea6-f6cb-48e8-bea2-8d8aed3fb75e}.xpi [2015-10-02] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-16] Chrome: ======= CHR HomePage: Default -> hxxp://google.pl/ CHR StartupUrls: Default -> "hxxp://www.google.pl/","hxxp://www.mystartsearch.com/?type=hp&ts=1443806240&z=400c8b0ff9abddbea130392gbzaz0c9bce5qbebz8g&from=cmi&uid=ST3320620AS_5QF00QS8XXXX5QF00QS8" CHR Profile: C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Prezentacje Google) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-23] CHR Extension: (Dokumenty Google) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-23] CHR Extension: (Dysk Google) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-23] CHR Extension: (YouTube) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-23] CHR Extension: (Google Search) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-23] CHR Extension: (Arkusze Google) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-23] CHR Extension: (Dokumenty Google offline) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-05] CHR Extension: (EasyCalendar) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk [2015-10-16] CHR Extension: (Skype Click to Call) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-09-13] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-23] CHR Extension: (Gmail) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-23] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [814880 2015-04-03] (IObit) R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc.) S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation) S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd) S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [Brak podpisu cyfrowego] R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company) S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2904864 2015-06-02] (IObit) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3611808 2015-07-22] (INCA Internet Co., Ltd.) S3 Origin Client Service; D:\Programy\Origin\OriginClientService.exe [2078216 2015-09-30] (Electronic Arts) R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Brak podpisu cyfrowego] S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [Brak podpisu cyfrowego] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] () R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-08-24] (Disc Soft Ltd) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R3 gcdbus; C:\Windows\System32\DRIVERS\gcdbus.sys [171008 2015-08-16] (Power Software Ltd) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-10-09] (REALiX(tm)) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] () R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33448 2015-10-09] (Synaptics Incorporated) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2015-10-16] (Duplex Secure Ltd.) S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2015-08-25] (SlimWare Utilities, Inc.) U3 adk5n4ya; C:\Windows\System32\Drivers\adk5n4ya.sys [0 ] (Advanced Micro Devices) <==== UWAGA (zerobajtowy plik/folder) S3 dump_wmimmc; \??\D:\Gry\GameforgeLive\Games\POL_pol\Metin2\GameGuard\dump_wmimmc.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-10-16 21:55 - 2015-10-16 21:56 - 00015967 _____ C:\Users\Rafal\Downloads\FRST.txt 2015-10-16 21:54 - 2015-10-16 21:55 - 00000000 ____D C:\FRST 2015-10-16 21:53 - 2015-10-16 21:53 - 02196480 _____ (Farbar) C:\Users\Rafal\Downloads\FRST64.exe 2015-10-16 21:43 - 2015-10-16 21:48 - 00265052 _____ C:\Users\Rafal\Desktop\OTL.Txt 2015-10-16 21:42 - 2015-10-16 21:48 - 00265052 _____ C:\Users\Rafal\Downloads\OTL.Txt 2015-10-16 21:42 - 2015-10-16 21:42 - 00078640 _____ C:\Users\Rafal\Downloads\Extras.Txt 2015-10-16 21:38 - 2015-10-16 21:38 - 00602112 _____ (OldTimer Tools) C:\Users\Rafal\Downloads\OTL.exe 2015-10-16 21:23 - 2015-10-16 21:23 - 00000124 _____ C:\Users\Rafal\Documents\ax_files.xml 2015-10-16 21:15 - 2015-10-16 21:15 - 00001074 _____ C:\Users\Public\Desktop\Alcohol 120%.lnk 2015-10-16 21:15 - 2015-10-16 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart File Advisor 2015-10-16 21:15 - 2015-10-16 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120% 2015-10-16 21:15 - 2015-10-16 21:15 - 00000000 ____D C:\Program Files (x86)\Smart File Advisor 2015-10-16 21:15 - 2015-10-16 21:15 - 00000000 ____D C:\Program Files (x86)\Alcohol Soft 2015-10-16 21:01 - 2015-10-16 21:01 - 03060976 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Rafal\Downloads\UsbFix_2016_8.130.exe 2015-10-16 21:01 - 2015-10-16 21:01 - 00001448 _____ C:\Users\Rafal\Desktop\UsbFix.lnk 2015-10-16 21:01 - 2015-10-16 21:01 - 00000000 ____D C:\UsbFix 2015-10-16 20:58 - 2015-10-16 20:58 - 00052736 __RSH C:\Users\Rafal\ysmut.exe 2015-10-16 20:56 - 2015-10-16 20:56 - 00001091 _____ C:\Users\Public\Desktop\gBurner Virtual Drive.lnk 2015-10-16 20:56 - 2015-10-16 20:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gBurner Virtual Drive 2015-10-16 20:56 - 2015-10-16 20:56 - 00000000 ____D C:\Program Files (x86)\gBurner Virtual Drive 2015-10-16 20:52 - 2015-10-16 20:56 - 00000000 ____D C:\Users\Rafal\AppData\LocalLow\uTorrent 2015-10-16 20:47 - 2015-10-16 20:47 - 01044324 ___RH C:\Program Files (x86)\jucheck.exe 2015-10-16 20:44 - 2015-10-16 20:52 - 00381608 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys 2015-10-16 18:51 - 2015-10-16 20:04 - 00002559 _____ C:\Windows\diagwrn.xml 2015-10-16 18:51 - 2015-10-16 20:04 - 00001908 _____ C:\Windows\diagerr.xml 2015-10-16 18:14 - 2015-10-16 18:14 - 01044324 ___RH C:\Program Files (x86)\mscorsvw.exe 2015-10-16 18:14 - 2015-10-16 18:14 - 01044324 ___RH C:\Program Files (x86)\lucoms.exe 2015-10-16 18:14 - 2015-10-16 18:14 - 01044324 ___RH C:\Program Files (x86)\launch.exe 2015-10-16 17:56 - 2015-10-16 18:34 - 00000000 ____D C:\Users\Rafal\AppData\Local\Apps\Windows 7 USB DVD Download Tool 2015-10-16 17:56 - 2015-10-16 17:56 - 00002515 _____ C:\Users\Rafal\Desktop\Windows 7 USB DVD Download Tool.lnk 2015-10-16 17:56 - 2015-10-16 17:56 - 00000000 ____D C:\Users\Rafal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool 2015-10-16 17:03 - 2015-10-16 18:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-10-16 16:22 - 2015-10-16 17:09 - 00010151 _____ C:\Users\Rafal\Downloads\SecureDownloadManager.log 2015-10-16 16:22 - 2015-10-16 16:22 - 00003139 _____ C:\Users\Rafal\Desktop\Shortcut to SecureDownloadManager.exe.lnk 2015-10-16 16:22 - 2015-10-16 16:22 - 00000183 _____ C:\Users\Rafal\Downloads\100421458764.sdx 2015-10-16 16:18 - 2015-10-16 16:18 - 00001451 _____ C:\Users\Rafal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-10-16 16:18 - 2015-10-16 16:18 - 00001417 _____ C:\Users\Rafal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2015-10-16 16:13 - 2015-10-16 16:13 - 17889792 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 12386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 10936832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 09751040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2015-10-16 16:13 - 2015-10-16 16:13 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2015-10-16 16:13 - 2015-10-16 16:13 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-10-16 16:13 - 2015-10-16 16:13 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-10-16 16:13 - 2015-10-16 16:13 - 02344448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 02158080 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 01804288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-10-16 16:13 - 2015-10-16 16:13 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-10-16 16:13 - 2015-10-16 16:13 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00718336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-10-16 16:13 - 2015-10-16 16:13 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00421888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-10-16 16:13 - 2015-10-16 16:13 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-10-16 16:13 - 2015-10-16 16:13 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2015-10-16 16:13 - 2015-10-16 16:13 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2015-10-16 16:13 - 2015-10-16 16:13 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2015-10-16 16:13 - 2015-10-16 16:13 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2015-10-16 16:13 - 2015-10-16 16:13 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-10-16 16:13 - 2015-10-16 16:13 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2015-10-16 16:13 - 2015-10-16 16:13 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2015-10-16 16:13 - 2015-10-16 16:13 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-10-16 16:13 - 2015-10-16 16:13 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2015-10-16 16:13 - 2015-10-16 16:13 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2015-10-16 16:13 - 2015-10-16 16:13 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2015-10-16 16:13 - 2015-10-16 16:13 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe 2015-10-16 16:13 - 2015-10-16 16:13 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2015-10-16 16:13 - 2015-10-16 16:13 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2015-10-16 16:13 - 2015-10-16 16:13 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2015-10-16 16:13 - 2015-10-16 16:13 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2015-10-16 16:13 - 2015-10-16 16:13 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2015-10-16 16:13 - 2015-10-16 16:13 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2015-10-16 16:12 - 2015-10-16 16:12 - 04068864 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2015-10-16 16:12 - 2015-10-16 16:12 - 03181568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2015-10-16 16:12 - 2015-10-16 16:12 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2015-10-16 16:12 - 2015-10-16 16:12 - 01863680 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2015-10-16 16:12 - 2015-10-16 16:12 - 01837568 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2015-10-16 16:12 - 2015-10-16 16:12 - 01619456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2015-10-16 16:12 - 2015-10-16 16:12 - 01540608 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-10-16 16:12 - 2015-10-16 16:12 - 01495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2015-10-16 16:12 - 2015-10-16 16:12 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2015-10-16 16:12 - 2015-10-16 16:12 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-10-16 16:12 - 2015-10-16 16:12 - 01074176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-10-16 16:12 - 2015-10-16 16:12 - 00982912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2015-10-16 16:12 - 2015-10-16 16:12 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2015-10-16 16:12 - 2015-10-16 16:12 - 00739840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2015-10-16 16:12 - 2015-10-16 16:12 - 00662528 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2015-10-16 16:12 - 2015-10-16 16:12 - 00470016 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2015-10-16 16:12 - 2015-10-16 16:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2015-10-16 16:12 - 2015-10-16 16:12 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2015-10-16 16:12 - 2015-10-16 16:12 - 00283648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2015-10-16 16:12 - 2015-10-16 16:12 - 00265088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2015-10-16 16:12 - 2015-10-16 16:12 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll 2015-10-16 16:12 - 2015-10-16 16:12 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll 2015-10-16 16:12 - 2015-10-16 16:12 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2015-10-16 16:12 - 2015-10-16 16:12 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2015-10-16 16:12 - 2015-10-16 16:12 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2015-10-16 16:12 - 2015-10-16 16:12 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll 2015-10-16 16:12 - 2015-10-16 16:12 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2015-10-16 16:12 - 2015-10-16 16:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2015-10-16 16:12 - 2015-10-16 16:12 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll 2015-10-16 16:11 - 2015-10-16 16:16 - 00004783 _____ C:\Windows\IE9_main.log 2015-10-16 16:10 - 2015-10-16 16:11 - 36951856 _____ (Microsoft Corporation) C:\Users\Rafal\Downloads\IE9-Windows7-x64-plk.exe 2015-10-16 16:00 - 2015-10-16 16:09 - 00004006 _____ C:\Windows\IE11_main.log 2015-10-16 16:00 - 2015-10-16 16:00 - 02077392 _____ (Microsoft Corporation) C:\Users\Rafal\Downloads\IE11-Windows6.1.exe 2015-10-16 15:54 - 2015-10-16 15:54 - 00000000 ____D C:\Users\Rafal\AppData\Roaming\e-academy Inc 2015-10-16 15:54 - 2015-10-16 15:54 - 00000000 ____D C:\Users\Rafal\AppData\Local\e-academy Inc 2015-10-16 15:53 - 2015-10-16 15:53 - 00774656 _____ C:\Users\Rafal\Downloads\SDM_EN.msi 2015-10-16 09:38 - 2015-10-16 21:24 - 00001309 _____ C:\Windows\setupact.log 2015-10-16 09:38 - 2015-10-16 20:02 - 00000000 _____ C:\Windows\setuperr.log 2015-10-16 09:37 - 2015-10-16 21:24 - 00019340 _____ C:\Windows\PFRO.log 2015-10-15 16:12 - 2015-10-15 16:12 - 00275672 _____ C:\Windows\Minidump\101515-19765-01.dmp 2015-10-15 16:11 - 2015-10-15 16:11 - 367752537 _____ C:\Windows\MEMORY.DMP 2015-10-14 19:51 - 2015-10-14 19:51 - 00052736 __RSH C:\Users\Rafal\reoutim.exe 2015-10-09 16:56 - 2015-10-09 16:56 - 00000000 ____H C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf 2015-10-09 16:56 - 2015-10-09 16:56 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf 2015-10-09 16:56 - 2012-07-26 06:55 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2015-10-09 16:56 - 2012-07-26 06:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys 2015-10-09 16:56 - 2012-07-26 04:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll 2015-10-09 16:56 - 2012-06-02 16:35 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf 2015-10-09 16:55 - 2015-10-09 16:55 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll 2015-10-09 16:55 - 2015-10-09 16:55 - 00033448 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys 2015-10-09 16:55 - 2015-10-09 16:55 - 00000000 ____D C:\Windows\system32\DAX2 2015-10-09 16:55 - 2015-10-09 16:55 - 00000000 ____D C:\Program Files\Synaptics 2015-10-09 16:53 - 2015-10-09 16:53 - 35222128 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2015-10-09 16:53 - 2015-10-09 16:53 - 12996528 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 06255888 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 05714880 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 04514008 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2015-10-09 16:53 - 2015-10-09 16:53 - 03262184 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 03234520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 03195416 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 03157796 _____ C:\Windows\system32\Drivers\rtkSSTsetting.dat 2015-10-09 16:53 - 2015-10-09 16:53 - 03129672 _____ (Intel Corporation) C:\Windows\system32\IntelSSTAPO.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 02930904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 02918104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 02702552 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2015-10-09 16:53 - 2015-10-09 16:53 - 02585816 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 02461528 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 02393432 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 01933584 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 01749208 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 01576976 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 01374640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 01310936 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 01192368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 01145264 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 00980400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 00944984 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 00858256 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 00728392 _____ (Intel Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 00684176 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 00555664 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL 2015-10-09 16:53 - 2015-10-09 16:53 - 00435856 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 00349968 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 00349528 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 00328816 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 00298768 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll 2015-10-09 16:53 - 2015-10-09 16:53 - 00184688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2015-10-09 16:48 - 2015-10-09 16:48 - 55246848 _____ C:\Windows\system32\config\SOFTWARE.iobit 2015-10-09 16:48 - 2015-10-09 16:48 - 29192192 _____ C:\Windows\system32\config\COMPONENTS.iobit 2015-10-09 16:48 - 2015-10-09 16:48 - 00249856 _____ C:\Windows\system32\config\DEFAULT.iobit 2015-10-09 16:48 - 2015-10-09 16:48 - 00061440 _____ C:\Windows\system32\config\SAM.iobit 2015-10-09 16:48 - 2015-10-09 16:48 - 00024576 _____ C:\Windows\system32\config\SECURITY.iobit 2015-10-09 16:39 - 2015-10-09 16:39 - 00000000 ____D C:\Users\Rafal\AppData\Roaming\ProductData 2015-10-09 16:38 - 2015-10-16 21:26 - 00002868 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Rafal) 2015-10-09 16:38 - 2015-10-16 18:21 - 00000000 ____D C:\ProgramData\ProductData 2015-10-09 16:38 - 2015-10-16 16:08 - 00002898 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Rafal 2015-10-09 16:38 - 2015-10-09 16:38 - 00026528 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS 2015-10-09 16:38 - 2015-10-09 16:38 - 00003226 _____ C:\Windows\System32\Tasks\Driver Booster Scan 2015-10-09 16:38 - 2015-10-09 16:38 - 00003178 _____ C:\Windows\System32\Tasks\ASC8_PerformanceMonitor 2015-10-09 16:38 - 2015-10-09 16:38 - 00003170 _____ C:\Windows\System32\Tasks\Driver Booster Update 2015-10-09 16:38 - 2015-10-09 16:38 - 00000000 ____D C:\Users\Rafal\AppData\Roaming\Apple Computer 2015-10-09 16:38 - 2015-10-09 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2 2015-10-09 16:37 - 2015-10-16 20:47 - 00000000 ____D C:\Program Files (x86)\IObit 2015-10-09 16:37 - 2015-10-16 16:19 - 00000000 ____D C:\ProgramData\IObit 2015-10-09 16:37 - 2015-10-09 16:38 - 00000000 ____D C:\Users\Rafal\AppData\Roaming\IObit 2015-10-09 16:37 - 2015-10-09 16:38 - 00000000 ____D C:\Users\Rafal\AppData\LocalLow\IObit 2015-10-09 16:37 - 2015-10-09 16:37 - 00002866 _____ C:\Windows\System32\Tasks\ASC8_SkipUac_Rafal 2015-10-09 16:37 - 2015-10-09 16:37 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled 2015-10-09 16:37 - 2015-10-09 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8 2015-10-09 16:37 - 2015-10-09 16:37 - 00000000 ____D C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} 2015-10-09 16:34 - 2015-10-09 16:41 - 00000000 ____D C:\ProgramData\TEMP 2015-10-03 16:36 - 2015-10-03 16:36 - 00000000 ____D C:\Program Files\Common Files\INCA Shared 2015-10-03 16:36 - 2015-07-22 12:34 - 03611808 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\GameMon.des 2015-10-03 16:36 - 2004-12-30 14:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\npptNT2.sys 2015-10-03 16:36 - 2003-07-15 23:17 - 00005174 _____ C:\Windows\SysWOW64\nppt9x.vxd 2015-10-03 15:26 - 2015-10-03 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2 2015-10-03 14:22 - 2015-10-16 19:39 - 00000000 ____D C:\Users\Rafal\Downloads\Gameforge Live 2015-10-03 14:22 - 2015-10-03 14:22 - 00000666 _____ C:\Users\Public\Desktop\Gameforge Live.lnk 2015-10-03 14:22 - 2015-10-03 14:22 - 00000000 ____D C:\Users\Rafal\AppData\Local\Gameforge4d 2015-10-03 14:22 - 2015-10-03 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live 2015-10-02 19:59 - 2015-10-02 19:59 - 00000266 __RSH C:\ProgramData\ntuser.pol 2015-10-02 19:47 - 2015-10-16 18:27 - 00000000 ____D C:\Program Files (x86)\predm 2015-10-02 19:26 - 2015-10-16 21:25 - 00001022 _____ C:\Windows\Tasks\LNuM2lmNYNesJmfGfMYeN2gbX.job 2015-10-02 19:26 - 2015-10-16 21:25 - 00001012 _____ C:\Windows\Tasks\8yQR6QyEJVC21JTh1fRU.job 2015-10-02 19:26 - 2015-10-02 19:26 - 00004042 _____ C:\Windows\System32\Tasks\LNuM2lmNYNesJmfGfMYeN2gbX 2015-10-02 19:26 - 2015-10-02 19:26 - 00004032 _____ C:\Windows\System32\Tasks\8yQR6QyEJVC21JTh1fRU 2015-10-02 19:25 - 2015-10-02 19:25 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 2015-10-02 19:25 - 2015-10-02 19:25 - 00000000 ____D C:\Users\Rafal\AppData\Local\globalUpdate 2015-10-02 19:22 - 2015-10-02 19:22 - 00000000 ____D C:\Windows\SysWOW64\Flash 2015-10-02 19:17 - 2015-10-02 19:43 - 00000102 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat 2015-10-02 19:04 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak 2015-10-02 15:30 - 2015-10-02 15:30 - 00000000 ____D C:\Users\Rafal\AppData\Local\ali213GameLauncher 2015-10-01 11:16 - 2015-10-01 11:16 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\44AA5DF5.sys 2015-09-30 10:28 - 2015-09-30 10:28 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\7DE86B1D.sys 2015-09-24 18:41 - 2015-10-16 20:47 - 00000000 ____D C:\Program Files (x86)\Java 2015-09-24 18:41 - 2015-09-24 18:41 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-09-24 18:41 - 2015-09-24 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-09-24 18:33 - 2015-09-24 18:33 - 00000000 ____D C:\Users\Public\Documents\Rsupport 2015-09-24 18:28 - 2015-09-24 18:40 - 00000000 ____D C:\Users\Rafal\AppData\Roaming\Rsupport 2015-09-24 18:28 - 2015-09-24 18:28 - 00000000 ____D C:\Users\Rafal\Documents\Mobizen 2015-09-24 18:27 - 2015-09-24 18:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RSUPPORT 2015-09-24 16:57 - 2015-09-24 17:14 - 00000000 ____D C:\ProgramData\BlueStacksSetup 2015-09-23 09:41 - 2015-09-23 09:41 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\3AED24A4.sys 2015-09-20 17:51 - 2015-09-20 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 14 2015-09-18 19:35 - 2015-10-02 20:02 - 00000080 _____ C:\Users\Rafal\AppData\Roaming\Microsoft\Windows\Start Menu\uTorrent.lnk 2015-09-18 19:22 - 2015-10-16 21:05 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-09-18 19:22 - 2015-10-16 20:47 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-09-18 19:22 - 2015-09-18 19:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-09-18 19:22 - 2015-09-18 19:22 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-09-18 19:22 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-09-18 19:22 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-09-18 19:22 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-09-18 18:50 - 2015-09-18 18:50 - 00000020 ___SH C:\Users\Rafal\ntuser.ini 2015-09-18 13:58 - 2015-09-24 19:36 - 00064216 _____ C:\Users\Rafal\AppData\Local\GDIPFONTCACHEV1.DAT 2015-09-18 13:56 - 2015-09-18 13:59 - 00000416 ___SH C:\Users\Rafal\GkFOYS6PTjZ6ngRqviKdH7sqEzXG0QsD9akpS0DB9ro=.xtbl 2015-09-16 14:25 - 2015-09-18 13:50 - 00000000 ____D C:\Users\Rafal\.android 2015-09-16 14:21 - 2015-09-16 14:32 - 00000000 ____D C:\Users\Rafal\.flashTool 2015-09-16 14:21 - 2015-09-16 14:21 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf 2015-09-16 14:21 - 2015-09-16 14:21 - 00000000 ____D C:\Users\Rafal\.swt 2015-09-16 14:20 - 2015-09-16 14:20 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll 2015-09-16 14:20 - 2015-09-16 14:20 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll 2015-09-16 14:15 - 2015-09-16 14:15 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2015-09-16 14:11 - 2015-09-16 14:11 - 00000000 ____D C:\Users\Rafal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flashtool 2015-09-16 14:10 - 2015-10-16 18:27 - 00000000 ____D C:\Flashtool ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-10-16 21:54 - 2015-08-23 16:35 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-10-16 21:29 - 2009-07-14 19:55 - 00739694 _____ C:\Windows\system32\perfh015.dat 2015-10-16 21:29 - 2009-07-14 19:55 - 00155268 _____ C:\Windows\system32\perfc015.dat 2015-10-16 21:29 - 2009-07-14 07:13 - 01668226 _____ C:\Windows\system32\PerfStringBackup.INI 2015-10-16 21:28 - 2015-08-20 10:44 - 00619340 _____ C:\Windows\WindowsUpdate.log 2015-10-16 21:25 - 2015-08-26 10:49 - 00000366 _____ C:\Windows\Tasks\PGAWM1.job 2015-10-16 21:25 - 2015-08-23 16:35 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-10-16 21:24 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-10-16 21:23 - 2009-07-14 06:45 - 00009776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-10-16 21:23 - 2009-07-14 06:45 - 00009776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-10-16 21:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Vss 2015-10-16 21:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Speech 2015-10-16 20:58 - 2015-08-20 10:47 - 00000000 ____D C:\Users\Rafal 2015-10-16 20:52 - 2015-08-24 12:12 - 00000000 ____D C:\Users\Rafal\AppData\Roaming\uTorrent 2015-10-16 20:51 - 2015-09-03 16:05 - 00000000 ____D C:\Windows\pss 2015-10-16 20:48 - 2015-08-21 09:30 - 00000000 ____D C:\Program Files (x86)\AMD APP 2015-10-16 20:47 - 2015-09-09 12:05 - 00000000 ____D C:\Program Files (x86)\Microsoft ActiveSync 2015-10-16 20:47 - 2015-08-26 10:52 - 00000000 ____D C:\Program Files (x86)\ASUS 2015-10-16 20:47 - 2015-08-26 10:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-10-16 20:47 - 2015-08-25 20:22 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs 2015-10-16 20:47 - 2015-08-25 20:22 - 00000000 ____D C:\Program Files (x86)\Application Verifier 2015-10-16 20:47 - 2015-08-25 17:26 - 00000000 ____D C:\Program Files (x86)\HP 2015-10-16 20:47 - 2015-08-25 17:18 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard 2015-10-16 20:47 - 2015-08-24 17:05 - 00000000 ____D C:\Program Files (x86)\Disc Soft 2015-10-16 20:47 - 2015-08-21 12:49 - 00000000 ____D C:\Program Files (x86)\Intel 2015-10-16 20:47 - 2015-08-21 09:30 - 00000000 ____D C:\Program Files (x86)\AMD AVT 2015-10-16 20:47 - 2015-08-21 09:29 - 00000000 ____D C:\Program Files (x86)\ATI Technologies 2015-10-16 20:47 - 2015-08-20 10:51 - 00000000 ____D C:\Program Files (x86)\Google 2015-10-16 20:20 - 2015-09-09 15:38 - 00000000 ____D C:\Program Files\DAEMON Tools Lite 2015-10-16 20:19 - 2015-08-24 17:02 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite 2015-10-16 18:27 - 2015-09-13 17:06 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-10-16 18:27 - 2015-09-05 19:28 - 00000000 ____D C:\Program Files (x86)\Rockstar Games 2015-10-16 18:27 - 2015-08-25 20:20 - 00000000 ____D C:\Program Files (x86)\Windows Kits 2015-10-16 18:27 - 2015-08-24 12:11 - 00000000 ____D C:\Program Files (x86)\Opera 2015-10-16 18:27 - 2015-08-23 14:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-10-16 18:27 - 2015-08-21 09:28 - 00000000 ____D C:\AMD 2015-10-16 18:27 - 2015-08-20 11:11 - 00000000 ____D C:\Program Files (x86)\Realtek 2015-10-16 18:27 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2015-10-16 18:27 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2015-10-16 18:27 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild 2015-10-16 18:14 - 2015-08-21 18:14 - 00000366 _____ C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Rafal).job 2015-10-16 17:50 - 2015-08-21 20:31 - 00000000 ____D C:\Users\Rafal\Documents\FIFA 14 2015-10-16 16:24 - 2015-08-21 19:52 - 00000000 ____D C:\ProgramData\Origin 2015-10-16 16:17 - 2015-08-20 11:40 - 00000000 ____D C:\Windows\Panther 2015-10-16 16:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-10-15 16:12 - 2015-09-01 12:23 - 00000000 ____D C:\Windows\Minidump 2015-10-12 13:02 - 2015-08-24 21:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GRID Autosport 2015-10-11 21:40 - 2015-08-20 10:58 - 00000000 ____D C:\Users\Rafal\Desktop\GRY 2015-10-10 17:39 - 2015-08-21 20:22 - 00000000 ____D C:\Users\Rafal\AppData\Roaming\.minecraft 2015-10-10 16:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports 2015-10-09 17:02 - 2015-08-21 19:52 - 00000000 ____D C:\Users\Rafal\Desktop\PROGRAMY 2015-10-09 16:55 - 2015-08-21 12:56 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2015-10-09 16:37 - 2015-08-28 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories 2015-10-09 16:37 - 2015-08-24 17:04 - 00000000 ____D C:\Users\Rafal\AppData\Roaming\DAEMON Tools Lite 2015-10-09 16:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Cursors 2015-10-09 08:55 - 2009-07-14 07:08 - 00032592 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-10-06 19:22 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD 2015-10-06 16:48 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-10-02 20:02 - 2015-09-05 18:43 - 00000517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto V.lnk 2015-10-02 20:02 - 2015-08-23 14:06 - 00001147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-10-02 20:02 - 2009-07-14 07:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk 2015-10-02 20:02 - 2009-07-14 06:57 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk 2015-10-02 20:02 - 2009-07-14 06:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk 2015-10-02 20:02 - 2009-07-14 06:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk 2015-10-02 20:02 - 2009-07-14 06:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk 2015-10-02 19:59 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2015-10-02 19:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy 2015-10-02 19:39 - 2009-07-14 04:34 - 00000601 _____ C:\Windows\win.ini 2015-10-02 15:42 - 2015-08-24 21:54 - 00000000 ____D C:\Windows\SysWOW64\directx 2015-10-02 15:29 - 2015-08-24 21:55 - 00000000 ____D C:\Users\Rafal\Documents\My Games 2015-09-27 18:54 - 2015-09-13 17:06 - 00000000 ____D C:\Users\Rafal\AppData\Roaming\Skype 2015-09-25 09:49 - 2009-07-14 06:45 - 00291160 _____ C:\Windows\system32\FNTCACHE.DAT 2015-09-24 18:44 - 2015-02-26 22:29 - 00000000 ____D C:\Users\Rafal\Desktop\ppsspp 2015-09-24 18:21 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries 2015-09-21 16:18 - 2015-08-21 19:59 - 00000000 ____D C:\Users\Rafal\AppData\Roaming\Origin 2015-09-20 18:20 - 2015-08-21 19:52 - 00000000 ____D C:\ProgramData\Electronic Arts 2015-09-20 17:51 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-09-19 10:44 - 2015-09-05 19:28 - 00000000 ____D C:\Program Files\Rockstar Games 2015-09-18 19:38 - 2015-09-07 17:36 - 00000000 ____D C:\Users\Rafal\AppData\Local\Amvworks 2015-09-18 19:38 - 2015-09-07 17:13 - 00000000 __SHD C:\ProgramData\Windows 2015-09-18 19:38 - 2015-08-26 10:49 - 00000000 ____D C:\ProgramData\Application Hosting 2015-09-18 18:52 - 2015-08-24 13:12 - 00000000 ____D C:\ProgramData\update 2015-09-18 13:53 - 2015-09-10 19:49 - 00000000 ____D C:\Program Files\CCleaner 2015-09-18 13:53 - 2015-08-28 20:51 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories 2015-09-18 13:53 - 2015-08-25 20:22 - 00000000 ____D C:\ProgramData\Windows App Certification Kit 2015-09-18 13:53 - 2015-08-25 20:22 - 00000000 ____D C:\Program Files\Application Verifier 2015-09-18 13:53 - 2015-08-25 17:26 - 00000448 _____ C:\ProgramData\D6JALPPUFk4vKOkPhoXE4YLVwihRQAYmZAo-zPRcoLk=.xtbl 2015-09-18 13:53 - 2015-08-24 13:12 - 00000512 _____ C:\ProgramData\haFbatdjviNbKPned4i2BcpfkRyKPR2eCDDErt-69GMEpKXnsMmmQetdOuir7UeaKX1iw9JqrthwBfM0quEq06bHNs+5WHonXlww4n8KO6ICYTI3R3hgD+B0Y9zp9Qus.xtbl 2015-09-18 13:53 - 2015-08-21 09:28 - 00000000 ____D C:\Program Files\ATI Technologies 2015-09-18 13:53 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-09-18 13:52 - 2015-09-07 17:31 - 00000416 ___SH C:\Users\Rafal\FcgjRMDdOKIUAbXBm85P-LEhzNEWLrAkFxhDylB+NUE=.xtbl 2015-09-18 13:52 - 2009-07-14 19:51 - 00001408 ____H C:\Users\Default\7FdeC4C01Dr94HLPjld3gH5iaq-hX3g5KUYoaC9Sdag=.xtbl 2015-09-18 13:52 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default 2015-09-18 13:52 - 2009-07-14 05:20 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-09-18 13:52 - 2009-07-14 05:20 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-09-18 13:52 - 2009-07-14 05:20 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-09-18 13:52 - 2009-07-14 05:20 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-09-18 13:52 - 2009-07-14 04:34 - 00262528 ___SH C:\Users\Default\WbE6ncuUIAf8upc99uhStNZiX2Xa-ubo9fTqAz-Tpc0=.xtbl 2015-09-18 13:50 - 2015-09-07 17:30 - 02478224 ____H C:\Users\Rafal\AppData\Local\M4VLYL-g23IBtM63t4t-g3Xo7WFkmdwahuMPoORW9lA=.xtbl 2015-09-18 13:50 - 2015-09-07 17:24 - 00064608 _____ C:\Users\Rafal\AppData\Local\cA1FAmylASdWz+yaGcb9QqSZ-e69vB9qpDjCP2Q9-ZBr5BM9XFxffF05T0arbZIX.xtbl 2015-09-16 14:21 - 2015-08-21 20:26 - 00000000 ____D C:\Users\Rafal\.oracle_jre_usage 2015-09-16 14:03 - 2015-08-21 12:44 - 00000000 ____D C:\Intel ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-10-16 20:47 - 2015-10-16 20:47 - 1044324 ___RH () C:\Program Files (x86)\jucheck.exe 2015-10-16 18:14 - 2015-10-16 18:14 - 1044324 ___RH () C:\Program Files (x86)\launch.exe 2015-10-16 18:14 - 2015-10-16 18:14 - 1044324 ___RH () C:\Program Files (x86)\lucoms.exe 2015-10-16 18:14 - 2015-10-16 18:14 - 1044324 ___RH () C:\Program Files (x86)\mscorsvw.exe 2015-09-07 17:23 - 2015-09-07 17:23 - 3148854 _____ () C:\Users\Rafal\AppData\Roaming\404C9F2C404C9F2C.bmp 2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Rafal\AppData\Roaming\8yQR6QyEJVC21JTh1fRU 2015-09-01 10:34 - 2015-09-01 10:34 - 0371216 _____ () C:\Users\Rafal\AppData\Roaming\data13.dat 2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Rafal\AppData\Roaming\LNuM2lmNYNesJmfGfMYeN2gbX 2015-09-01 10:34 - 2015-09-01 10:34 - 0371200 _____ () C:\Users\Rafal\AppData\Roaming\ssleas.exe 2015-09-07 17:27 - 2015-09-07 17:27 - 0007680 ___SH () C:\Users\Rafal\AppData\Roaming\Thumbs.db 2015-09-10 20:36 - 2015-09-10 20:36 - 0000038 ___SH () C:\Users\Rafal\AppData\Local\69ff07055291669bb2b218.72821112 2015-09-10 20:43 - 2015-09-10 20:43 - 0000037 ___SH () C:\Users\Rafal\AppData\Local\70149b02515b3bb20dd492.47983420 2015-09-07 17:24 - 2015-09-18 13:50 - 0064608 _____ () C:\Users\Rafal\AppData\Local\cA1FAmylASdWz+yaGcb9QqSZ-e69vB9qpDjCP2Q9-ZBr5BM9XFxffF05T0arbZIX.xtbl 2015-08-24 17:09 - 2015-08-24 20:44 - 0005120 _____ () C:\Users\Rafal\AppData\Local\file__0.localstorage 2015-09-07 17:30 - 2015-09-18 13:50 - 2478224 ____H () C:\Users\Rafal\AppData\Local\M4VLYL-g23IBtM63t4t-g3Xo7WFkmdwahuMPoORW9lA=.xtbl 2015-08-20 10:51 - 2015-09-07 17:22 - 0059072 _____ () C:\Users\Rafal\AppData\Local\p64NmXyE6znaN7KLZqjmtDgnFyNhrS1nzpkLlQYYCCdctXg9nTiRgJUw3zmzqMWX.xtbl 2015-08-20 13:38 - 2015-09-07 17:22 - 3691344 ____H () C:\Users\Rafal\AppData\Local\q5N5mRKiuJ68wRYR4Xi-ex9g1trHzMjjx2-+LmHExIQ=.xtbl 2015-08-25 17:26 - 2015-09-18 13:53 - 0000448 _____ () C:\ProgramData\D6JALPPUFk4vKOkPhoXE4YLVwihRQAYmZAo-zPRcoLk=.xtbl 2015-08-21 12:56 - 2015-08-21 12:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2015-08-24 13:12 - 2015-09-18 13:53 - 0000512 _____ () C:\ProgramData\haFbatdjviNbKPned4i2BcpfkRyKPR2eCDDErt-69GMEpKXnsMmmQetdOuir7UeaKX1iw9JqrthwBfM0quEq06bHNs+5WHonXlww4n8KO6ICYTI3R3hgD+B0Y9zp9Qus.xtbl 2015-08-24 13:12 - 2015-09-07 17:23 - 0000512 _____ () C:\ProgramData\sQHnryMKUu7e-VOHDaibbNaEdACppnHYy1njN0tFcYLzsHXJQv3N9arGOKwOgZvA9sClZ11-+-2Iuw8UPP2xu2inV4MSl4rAjZGrambizLQPG7zpHbmYp0XgnVtxyLSN.xtbl 2015-08-25 17:26 - 2015-09-07 17:23 - 0000448 _____ () C:\ProgramData\zTD+mRzI32g0C1uh3RxbmzQxwNdu0mmeEWNJjsmiHas=.xtbl 2015-10-02 19:17 - 2015-10-02 19:43 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Pliki do przeniesienia lub usunięcia: ==================== C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat C:\Users\Rafal\reoutim.exe C:\Users\Rafal\ysmut.exe Niektóre pliki w TEMP: ==================== C:\Users\Rafal\AppData\Local\Temp\AxSFADownloader.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2015-10-01 20:28 ==================== Koniec FRST.txt ============================