Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:25-10-2015 02 Uruchomiony przez Radek (administrator) RADEKPC (27-10-2015 12:55:05) Uruchomiony z C:\Users\Radek\Downloads Załadowane profile: Radek (Dostępne profile: Radek) Platform: Windows 8.1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Opera) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe () C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe () C:\Program Files (x86)\Realtek\Realtek Bluetooth\SkypePlugin.exe () D:\Programy\screenSHU\screenSHU.exe (Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\APRP\aprp.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe () C:\Program Files (x86)\ASUS\WebStorage\2.1.12.424\ASUSWSLoader.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe (Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe (Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe (Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe (Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe (Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe (Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe (Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe (Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe (Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe (Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe (Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe (Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe (Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Farbar) C:\Users\Radek\Downloads\FRST64 (1).exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2463552 2014-10-04] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [915160 2014-05-12] (Conexant Systems, Inc.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.) HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [217088 2014-04-22] (Realtek Semiconductor Corporation) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-05-15] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.12.424\ASUSWSLoader.exe [63296 2014-10-23] () HKLM-x32\...\Run: [YouCam Service6] => D:\Programy\CyberLink\YouCam6\YouCamService6.exe [504792 2014-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1284680 2014-01-17] (CANON INC.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation) HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKLM\...\Policies\Explorer: [NoFolderOptions] 0 HKU\S-1-5-21-1964063513-2035544804-3093838741-1001\...\Run: [SteelSeries Engine] => D:\Programy\SteelSeries Engine\SteelSeriesEngine.exe [87040 2014-10-09] (SteelSeries ApS) HKU\S-1-5-21-1964063513-2035544804-3093838741-1001\...\Run: [screenSHU] => D:\Programy\screenSHU\screenSHU.exe [2112000 2013-09-04] () HKU\S-1-5-21-1964063513-2035544804-3093838741-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [44272 2015-10-15] (Overwolf LTD) HKU\S-1-5-21-1964063513-2035544804-3093838741-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\Radek\AppData\Local\Akamai\netsession_win.exe" HKU\S-1-5-21-1964063513-2035544804-3093838741-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.) HKU\S-1-5-21-1964063513-2035544804-3093838741-1001\...\Run: [WTFast Tray] => D:\Gry\WTFast\WTFast.exe [4711000 2015-06-02] (AAA Internet Publishing, Inc.) HKU\S-1-5-21-1964063513-2035544804-3093838741-1001\...\Run: [{CAEE8A98-C212-4BC2-85C7-A20F792B6F76}] => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [478720 2014-10-29] (Microsoft Corporation) HKU\S-1-5-21-1964063513-2035544804-3093838741-1001\...\Policies\Explorer: [] HKU\S-1-5-21-1964063513-2035544804-3093838741-1001\...\MountPoints2: {173a0f73-6112-11e4-825e-ac9e17079e77} - "G:\setup.exe" HKU\S-1-5-21-1964063513-2035544804-3093838741-1001\...\MountPoints2: {58a0f932-6120-11e5-8291-ac9e17079e77} - "H:\_AUTORUN\AUTORUN.EXE" HKU\S-1-5-21-1964063513-2035544804-3093838741-1001\...\MountPoints2: {77952e7b-4e5a-11e5-828e-54271edca7be} - "F:\AutoRun.exe" HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.12.424\ASUSWSShellExt64.dll [2014-09-03] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.12.424\ASUSWSShellExt64.dll [2014-09-03] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.12.424\ASUSWSShellExt64.dll [2014-09-03] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [Uchwyt nakładania ikony podpisu cyfrowego] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog9 01 C:\Windows\SysWOW64\WTFastDrv.dll [72296 2015-04-08] (Initex) Winsock: Catalog9 02 C:\Windows\SysWOW64\WTFastDrv.dll [72296 2015-04-08] (Initex) Winsock: Catalog9 03 C:\Windows\SysWOW64\WTFastDrv.dll [72296 2015-04-08] (Initex) Winsock: Catalog9 04 C:\Windows\SysWOW64\WTFastDrv.dll [72296 2015-04-08] (Initex) Winsock: Catalog9 16 C:\Windows\SysWOW64\WTFastDrv.dll [72296 2015-04-08] (Initex) Winsock: Catalog9-x64 01 C:\Windows\system32\WTFastDrv.dll [79464 2015-04-08] (Initex) Winsock: Catalog9-x64 02 C:\Windows\system32\WTFastDrv.dll [79464 2015-04-08] (Initex) Winsock: Catalog9-x64 03 C:\Windows\system32\WTFastDrv.dll [79464 2015-04-08] (Initex) Winsock: Catalog9-x64 04 C:\Windows\system32\WTFastDrv.dll [79464 2015-04-08] (Initex) Winsock: Catalog9-x64 16 C:\Windows\system32\WTFastDrv.dll [79464 2015-04-08] (Initex) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{2B1014FC-0713-4072-84BC-309FF3258023}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{EEC5DBDE-C9CB-4667-B55E-4C6F6C3F7107}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{EEC5DBDE-C9CB-4667-B55E-4C6F6C3F7107}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1430072474&from=cor&uid=HGSTXHTS721075A9E630_JR1A006P0LZETF0LZETFX&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1430072474&from=cor&uid=HGSTXHTS721075A9E630_JR1A006P0LZETF0LZETFX&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1430072474&from=cor&uid=HGSTXHTS721075A9E630_JR1A006P0LZETF0LZETFX HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1430072474&from=cor&uid=HGSTXHTS721075A9E630_JR1A006P0LZETF0LZETFX HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1430072474&from=cor&uid=HGSTXHTS721075A9E630_JR1A006P0LZETF0LZETFX&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1430072474&from=cor&uid=HGSTXHTS721075A9E630_JR1A006P0LZETF0LZETFX&q={searchTerms} HKU\S-1-5-21-1964063513-2035544804-3093838741-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1964063513-2035544804-3093838741-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1430072474&from=cor&uid=HGSTXHTS721075A9E630_JR1A006P0LZETF0LZETFX SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-1964063513-2035544804-3093838741-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1430072474&from=cor&uid=HGSTXHTS721075A9E630_JR1A006P0LZETF0LZETFX&q={searchTerms} BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-28] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-28] (Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-12] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-12] (Oracle Corporation) FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-16] () FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-28] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-28] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-16] () FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-12] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-12] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1964063513-2035544804-3093838741-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-12-22] () FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => nie znaleziono FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => nie znaleziono Opera: ======= OPR Extension: (Adblock Plus) - C:\Users\Radek\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-09-23] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-25] (ASUS Cloud Corporation) [Brak podpisu cyfrowego] R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [Brak podpisu cyfrowego] R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-05-07] (Realtek Semiconductor Corporation) [Brak podpisu cyfrowego] R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [94720 2014-04-29] () [Brak podpisu cyfrowego] R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-10-04] (NVIDIA Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282072 2014-03-18] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-09] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-10-04] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-10-04] (NVIDIA Corporation) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1007344 2015-10-15] (Overwolf LTD) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) S2 McAfee SiteAdvisor Service; "c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe" [X] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUS Corporation) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation) R3 clwvd6; C:\Windows\system32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( ) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-10-04] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation) R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-02-11] (Windows (R) Win 7 DDK provider) R3 RtkA2dp; C:\Windows\system32\drivers\RtkA2dp.sys [176344 2013-11-05] (Realtek Semiconductor Corporation) R3 RtkAvrcp; C:\Windows\System32\drivers\RtkAvrcp.sys [58080 2013-05-08] (Realtek Semiconductor Corporation) R3 RtkAvrcpCtrlr; C:\Windows\System32\drivers\RtkAvrcpCtrlr.sys [69848 2013-06-20] (Realtek Semiconductor Corporation) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [573144 2014-04-18] (Realtek Semiconductor Corporation) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-10-18] (Realsil Semiconductor Corporation) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3421040 2014-04-30] (Realtek Semiconductor Corporation ) R3 SAlphamHid; C:\Windows\System32\drivers\SAlpham64.sys [39168 2014-10-08] (SteelSeries Corporation) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) U0 msahci; system32\drivers\msahci.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-10-27 12:54 - 2015-10-27 12:54 - 02019656 _____ (Bleeping Computer, LLC) C:\Users\Radek\Downloads\rkill.exe 2015-10-27 12:47 - 2015-10-27 12:55 - 00000000 ____D C:\FRST 2015-10-27 12:46 - 2015-10-27 12:46 - 00380416 _____ C:\Users\Radek\Downloads\rv1krwmh.exe 2015-10-27 12:45 - 2015-10-27 12:45 - 02197504 _____ (Farbar) C:\Users\Radek\Downloads\FRST64 (1).exe 2015-10-27 10:17 - 2015-10-27 10:17 - 00003064 _____ C:\Windows\System32\Tasks\{E57CA208-B52E-4415-A2E1-EE2D149650DA} 2015-10-27 09:10 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll 2015-10-27 09:10 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll 2015-10-27 09:06 - 2015-10-27 09:38 - 00696618 _____ C:\Users\Radek\Desktop\trb gibek.dwg 2015-10-27 09:06 - 2015-10-27 09:06 - 00558748 _____ C:\Users\Radek\Desktop\TRB1.dwg 2015-10-26 10:34 - 2015-10-26 10:34 - 00000000 ____D C:\Users\Radek\Desktop\MP 2015-10-25 21:16 - 2015-10-25 21:16 - 00000000 ____D C:\Users\Radek\AppData\Local\PDFCreator 2015-10-25 21:14 - 2015-10-25 21:14 - 00115592 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll 2015-10-25 21:14 - 2015-10-25 21:14 - 00000000 ____D C:\Users\Radek\AppData\Roaming\pdfforge 2015-10-25 21:10 - 2015-10-25 21:10 - 00457048 _____ (pdfforge GbR ) C:\Users\Radek\Downloads\PDFCreatorWebSetup.exe 2015-10-25 21:02 - 2015-10-25 21:02 - 00000128 _____ C:\Users\Radek\Desktop\plot.log 2015-10-25 19:59 - 2015-10-25 19:59 - 00028672 _____ C:\Users\Radek\Downloads\parametry_zlewni.xls 2015-10-25 19:34 - 2015-10-25 21:02 - 00060573 _____ C:\Users\Radek\Desktop\gibek mapaa.dwg 2015-10-25 19:34 - 2015-10-25 20:13 - 00086817 _____ C:\Users\Radek\Desktop\gibek mapaa.bak 2015-10-25 18:53 - 2015-10-25 18:55 - 00461334 _____ C:\Users\Radek\Desktop\Grzejnik giebk.dwg 2015-10-25 17:42 - 2015-10-25 17:42 - 00038078 _____ C:\Users\Radek\Downloads\Narcos [Sezon 1] [720p] [WEBRip] [x264-TASTETV] [ENG][Torrenty.org].torrent 2015-10-25 17:40 - 2015-10-25 17:40 - 00033059 _____ C:\Users\Radek\Downloads\Marvels Daredevil [Sezon 1] [720p] [WEBRip] [x264-SNEAkY] [ENG][Torrenty.org].torrent 2015-10-23 19:01 - 2015-10-26 12:29 - 00000000 ____D C:\Users\Radek\Desktop\instalacje 2015-10-22 15:50 - 2015-10-22 15:50 - 00077358 _____ C:\Users\Radek\Downloads\gibek mapa (1).dwg 2015-10-22 15:49 - 2015-10-25 21:40 - 00000000 ____D C:\Users\Radek\Desktop\hydrologia 2015-10-21 10:13 - 2015-10-21 10:13 - 00000000 ____D C:\Users\Public\Documents\Autodesk 2015-10-21 09:50 - 2015-10-21 09:50 - 00301784 _____ C:\Windows\Minidump\102115-33734-01.dmp 2015-10-20 17:49 - 2015-10-20 17:49 - 00056780 _____ C:\Users\Radek\Downloads\Magic Mike XXL 2015 [BRRip] [XviD-KiT] [Napisy PL][Torrenty.org].torrent 2015-10-20 17:45 - 2015-10-20 17:45 - 00055999 _____ C:\Users\Radek\Downloads\Pentameron - Tale of Tales 2015 [BRRip] [XviD-MiNS] [Napisy PL] [Predator][Torrenty.org].torrent 2015-10-20 17:39 - 2015-10-20 17:39 - 00020526 _____ C:\Users\Radek\Downloads\Agentka - Spy 2015 [HC 480p HDRip XviD AC3-OzW] [Napisy PL] [dabrjarek][Torrenty.org] (1).torrent 2015-10-20 17:38 - 2015-10-20 17:38 - 00020526 _____ C:\Users\Radek\Downloads\Agentka - Spy 2015 [HC 480p HDRip XviD AC3-OzW] [Napisy PL] [dabrjarek][Torrenty.org].torrent 2015-10-20 17:37 - 2015-10-20 17:37 - 00015920 _____ C:\Users\Radek\Downloads\Tiger House 2015 [480p] [BRRip] [XViD] [Ac3-MORS] [NAPISY PL] [dabrjarek][Torrenty.org].torrent 2015-10-19 13:09 - 2015-10-19 13:09 - 00071772 _____ C:\Users\Radek\Downloads\Turbo Kid 2015 [1080p Bluray x264 DTS-HD MA 5 1-RARBG] [Napisy PL][Torrenty.org].torrent 2015-10-19 11:22 - 2015-10-19 11:23 - 05675827 _____ C:\Users\Radek\Downloads\SUPER-PREZENTEJSZYN-KAPEI.pptx 2015-10-19 11:11 - 2015-10-26 11:18 - 00009167 _____ C:\Users\Radek\Desktop\kasa.xlsx 2015-10-18 15:09 - 2015-10-18 15:09 - 00000973 _____ C:\Users\Public\Desktop\Dishonored.lnk 2015-10-18 15:08 - 2015-10-18 15:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks 2015-10-16 20:51 - 2015-10-16 20:51 - 19384520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2015-10-15 10:54 - 2015-10-15 10:54 - 00020804 _____ C:\Users\Radek\Downloads\15.ods 2015-10-15 10:54 - 2015-10-15 10:54 - 00020804 _____ C:\Users\Radek\Downloads\15 (1).ods 2015-10-15 09:08 - 2015-08-27 03:43 - 22372152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-10-15 09:08 - 2015-08-27 03:42 - 19795904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-10-15 09:08 - 2015-08-06 17:47 - 04710400 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2015-10-15 09:08 - 2015-08-06 17:18 - 04068352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2015-10-15 09:07 - 2015-09-29 13:31 - 07457624 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-10-15 09:07 - 2015-09-29 13:31 - 01658536 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-10-15 09:07 - 2015-09-29 13:31 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-10-15 09:07 - 2015-09-29 13:31 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-10-15 09:07 - 2015-09-29 13:31 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2015-10-15 09:07 - 2015-09-29 13:29 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-10-15 09:07 - 2015-09-28 19:45 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-10-15 09:07 - 2015-09-28 19:26 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-10-15 09:07 - 2015-09-28 19:25 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-10-15 09:07 - 2015-09-28 19:25 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-10-15 09:07 - 2015-09-28 19:25 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-10-15 09:07 - 2015-09-28 19:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-10-15 09:07 - 2015-09-28 19:22 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-10-15 09:07 - 2015-09-28 19:22 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-10-15 09:07 - 2015-09-28 19:15 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-10-15 09:07 - 2015-09-28 19:13 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-10-15 09:07 - 2015-09-28 19:12 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-10-15 09:07 - 2015-09-24 17:42 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll 2015-10-15 09:07 - 2015-09-24 17:40 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll 2015-10-15 09:07 - 2015-09-19 04:18 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2015-10-15 09:07 - 2015-09-18 14:42 - 01290752 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-10-15 09:07 - 2015-09-18 14:42 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-10-15 09:07 - 2015-09-18 14:42 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-10-15 09:07 - 2015-09-18 14:42 - 00699904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-10-15 09:07 - 2015-09-18 14:42 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-10-15 09:07 - 2015-09-18 14:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-10-15 09:07 - 2015-09-10 19:02 - 25851392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-10-15 09:07 - 2015-09-10 18:19 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-10-15 09:07 - 2015-09-10 18:18 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-10-15 09:07 - 2015-09-10 18:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-10-15 09:07 - 2015-09-10 18:14 - 05990400 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-10-15 09:07 - 2015-09-10 18:09 - 20358144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-10-15 09:07 - 2015-09-10 18:06 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-10-15 09:07 - 2015-09-10 18:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-10-15 09:07 - 2015-09-10 17:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-10-15 09:07 - 2015-09-10 17:39 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-10-15 09:07 - 2015-09-10 17:37 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-10-15 09:07 - 2015-09-10 17:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-10-15 09:07 - 2015-09-10 17:35 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-10-15 09:07 - 2015-09-10 17:33 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-10-15 09:07 - 2015-09-10 17:28 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-10-15 09:07 - 2015-09-10 17:28 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-10-15 09:07 - 2015-09-10 17:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-10-15 09:07 - 2015-09-10 17:24 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-10-15 09:07 - 2015-09-10 17:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-10-15 09:07 - 2015-09-10 17:19 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-10-15 09:07 - 2015-09-10 17:19 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-10-15 09:07 - 2015-09-10 17:19 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-10-15 09:07 - 2015-09-10 17:17 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-10-15 09:07 - 2015-09-10 17:17 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-10-15 09:07 - 2015-09-10 17:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-10-15 09:07 - 2015-09-10 17:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-10-15 09:07 - 2015-09-10 17:02 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-10-15 09:07 - 2015-09-10 17:01 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-10-15 09:07 - 2015-09-10 17:00 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-10-15 09:07 - 2015-09-10 16:57 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-10-15 09:07 - 2015-09-10 16:57 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-10-15 09:07 - 2015-09-10 16:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-10-15 09:07 - 2015-09-10 16:55 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-10-15 09:07 - 2015-09-10 16:55 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-10-15 09:07 - 2015-09-10 16:45 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-10-15 09:07 - 2015-09-10 16:34 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-10-15 09:07 - 2015-09-10 16:31 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-10-15 09:07 - 2015-09-10 16:27 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-10-15 09:07 - 2015-09-10 16:26 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-10-15 09:07 - 2015-08-22 14:42 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2015-10-15 09:07 - 2015-08-22 14:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:35 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2015-10-15 09:07 - 2015-08-22 14:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2015-10-15 09:07 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2015-10-15 09:07 - 2015-08-07 22:40 - 01736520 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-10-15 09:07 - 2015-08-07 22:40 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-10-15 09:07 - 2015-08-07 22:40 - 01134752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-10-15 09:07 - 2015-08-07 22:40 - 00686960 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2015-10-15 09:07 - 2015-08-07 22:40 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2015-10-15 09:07 - 2015-08-07 15:13 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-10-15 09:07 - 2015-08-06 18:05 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx 2015-10-15 09:07 - 2015-08-06 17:37 - 00536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx 2015-10-15 09:07 - 2015-07-16 19:58 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\NcdAutoSetup.dll 2015-10-13 12:02 - 2015-10-13 12:02 - 03060840 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Radek\Downloads\UsbFix_2016_8.128.exe 2015-10-13 12:01 - 2015-10-27 12:55 - 00023551 _____ C:\Users\Radek\Downloads\FRST.txt 2015-10-13 11:56 - 2015-10-13 11:56 - 02196480 _____ (Farbar) C:\Users\Radek\Downloads\FRST64.exe 2015-10-12 09:36 - 2015-10-12 09:36 - 00000644 _____ C:\Users\Public\Desktop\Zeus Pan Olimpu - Złota Edycja.lnk 2015-10-12 09:35 - 2015-10-12 09:35 - 00000000 ____D C:\Users\Radek\AppData\Roaming\InstallShield 2015-10-12 09:35 - 2015-10-12 09:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vu Games 2015-10-12 09:16 - 2015-10-12 09:16 - 00014934 _____ C:\Users\Radek\Downloads\Dishonored_ 2012 _[ENG]_[SKIDROW][Torrenty.org].torrent 2015-10-11 18:09 - 2015-10-11 18:09 - 00000000 ____D C:\Users\Radek\AppData\Roaming\WildTangent 2015-10-05 11:49 - 2015-10-05 11:49 - 00301728 _____ C:\Windows\Minidump\100515-26078-01.dmp 2015-10-02 20:12 - 2015-10-02 20:13 - 00301728 _____ C:\Windows\Minidump\100215-102078-01.dmp 2015-09-30 11:35 - 2015-09-30 11:35 - 00000521 _____ C:\Users\Public\Desktop\Age of Empires II HD.lnk 2015-09-30 11:35 - 2015-09-30 11:35 - 00000521 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Empires II HD.lnk 2015-09-30 10:24 - 2015-09-30 10:24 - 00111010 _____ C:\Users\Radek\Downloads\Age_of_Empires_II_HD_Edition_[ENG]_[ iso]_[RELOADED][Torrenty.org].torrent 2015-09-29 20:19 - 2015-09-29 20:19 - 00000060 _____ C:\Users\Radek\Downloads\listen.pls 2015-09-29 14:32 - 2015-09-29 14:36 - 151480746 _____ ( ) C:\Users\Radek\Downloads\HotA_1.3_eng_setup.exe 2015-09-29 09:57 - 2015-09-29 09:57 - 00028502 _____ C:\Users\Radek\Downloads\Robin_Hood _Legenda_Sherwood_[PL]_[ nrg][Torrenty.org].torrent 2015-09-28 18:41 - 2015-10-04 18:31 - 00277547 _____ C:\Users\Radek\Desktop\ZIMA 2015-16.xlsx ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-10-27 12:55 - 2014-05-16 02:05 - 00013484 _____ C:\Windows\system32\perfh015.dat 2015-10-27 12:55 - 2014-05-16 02:05 - 00004226 _____ C:\Windows\system32\perfc015.dat 2015-10-27 12:55 - 2014-03-18 16:26 - 00338270 _____ C:\Windows\system32\PerfStringBackup.INI 2015-10-27 12:54 - 2014-10-31 16:29 - 00000093 _____ C:\Users\Radek\AppData\Roaming\sp_data.sys 2015-10-27 12:54 - 2014-10-31 16:29 - 00000000 ___DO C:\Users\Radek\OneDrive 2015-10-27 12:52 - 2014-11-10 20:18 - 00000000 ____D C:\Users\Radek\AppData\Local\screenSHU 2015-10-27 12:52 - 2014-10-31 16:26 - 00753371 _____ C:\Users\Radek\AppData\Local\BTServer.log 2015-10-27 12:51 - 2014-11-18 11:44 - 00000290 _____ C:\Windows\Tasks\AutoKMS.job 2015-10-27 12:51 - 2014-03-18 09:16 - 00050124 _____ C:\Windows\PFRO.log 2015-10-27 12:51 - 2013-08-22 15:46 - 00070525 _____ C:\Windows\setupact.log 2015-10-27 12:51 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-10-27 12:51 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2015-10-27 12:50 - 2014-10-15 19:53 - 01597557 _____ C:\Windows\WindowsUpdate.log 2015-10-27 12:45 - 2015-05-13 09:10 - 00003474 _____ C:\Windows\System32\Tasks\ASUS Live Update1 2015-10-27 12:45 - 2015-05-13 09:10 - 00003464 _____ C:\Windows\System32\Tasks\ASUS Live Update2 2015-10-27 12:42 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sru 2015-10-27 10:25 - 2014-10-31 16:33 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1964063513-2035544804-3093838741-1001 2015-10-27 10:17 - 2014-12-27 15:26 - 00000000 ____D C:\ProgramData\Nero 2015-10-27 10:16 - 2014-05-15 18:15 - 00000000 ____D C:\Program Files (x86)\WildTangent Games 2015-10-27 10:14 - 2015-06-28 13:26 - 00000000 ____D C:\Users\Radek\AppData\Local\FluxSoftware 2015-10-27 10:09 - 2014-11-03 19:03 - 00000000 ____D C:\Users\Radek\AppData\Local\Battle.net 2015-10-27 09:56 - 2014-11-17 19:01 - 00000000 ____D C:\Users\Radek\AppData\Roaming\vlc 2015-10-27 09:51 - 2014-10-31 21:42 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-10-27 09:49 - 2014-11-03 19:03 - 00000000 ____D C:\Program Files (x86)\Battle.net 2015-10-27 09:12 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp 2015-10-27 09:00 - 2015-06-22 15:43 - 00002118 _____ C:\Users\Public\Desktop\AutoCAD 2014 — Polski (Polish).lnk 2015-10-27 09:00 - 2015-06-22 15:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2014 — Polski (Polish) 2015-10-27 06:44 - 2015-05-18 09:52 - 00000904 _____ C:\Users\Radek\Documents\plot.log 2015-10-27 06:43 - 2014-10-31 16:30 - 00003980 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C04BEF80-5EAF-4156-817C-7CC68374F1C3} 2015-10-27 06:40 - 2014-11-12 13:16 - 00000000 ____D C:\Users\Radek\AppData\Roaming\uTorrent 2015-10-25 19:42 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\FxsTmp 2015-10-25 19:15 - 2015-05-16 18:03 - 00000000 ____D C:\Users\Radek\AppData\Local\cache 2015-10-24 12:47 - 2014-10-31 16:24 - 00000000 ____D C:\Users\Radek 2015-10-23 19:04 - 2014-11-01 10:53 - 00000000 ____D C:\Users\Radek\Desktop\Ania 2015-10-23 19:02 - 2014-11-19 16:49 - 00000000 ____D C:\Users\Radek\Desktop\Studia 2015-10-23 12:15 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF 2015-10-23 08:57 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness 2015-10-23 06:23 - 2013-08-22 15:44 - 00555216 _____ C:\Windows\system32\FNTCACHE.DAT 2015-10-22 21:57 - 2015-03-30 09:57 - 00000000 ____D C:\Program Files (x86)\Overwolf 2015-10-21 10:15 - 2015-05-16 11:07 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared 2015-10-21 09:50 - 2014-12-09 20:20 - 802577982 _____ C:\Windows\MEMORY.DMP 2015-10-21 09:50 - 2014-12-09 20:20 - 00000000 ____D C:\Windows\Minidump 2015-10-20 21:03 - 2014-11-03 19:04 - 00000000 ____D C:\Program Files (x86)\Hearthstone 2015-10-18 15:18 - 2015-09-03 20:34 - 00000000 ____D C:\Users\Radek\AppData\Local\SKIDROW 2015-10-18 15:18 - 2014-11-01 22:01 - 00000000 ____D C:\Users\Radek\Documents\My Games 2015-10-17 10:11 - 2014-10-15 20:17 - 09411590 _____ C:\Users\Public\CAFADEBUG.log 2015-10-16 20:51 - 2014-10-31 21:42 - 00003818 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-10-16 18:54 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache 2015-10-16 07:33 - 2014-10-31 22:32 - 00000000 ____D C:\Users\Radek\Documents\YouCam 2015-10-16 07:32 - 2015-03-30 09:54 - 00000000 ____D C:\Users\Radek\AppData\Local\Overwolf 2015-10-16 05:51 - 2015-08-27 10:02 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-10-16 05:51 - 2015-08-27 10:02 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-10-15 12:34 - 2015-01-03 22:48 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-10-15 12:34 - 2014-12-16 20:51 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-10-15 12:19 - 2015-04-19 20:08 - 00000000 ____D C:\Windows\system32\appraiser 2015-10-15 12:19 - 2015-03-06 12:47 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-10-15 12:19 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData 2015-10-15 09:26 - 2014-11-18 10:50 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-10-15 09:26 - 2013-08-22 14:25 - 00000199 _____ C:\Windows\win.ini 2015-10-15 09:21 - 2014-10-31 18:54 - 00000000 ____D C:\Windows\system32\MRT 2015-10-15 09:17 - 2014-10-31 18:54 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-10-12 09:35 - 2014-10-15 19:58 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-10-11 18:19 - 2014-10-31 22:28 - 00000000 ____D C:\Users\Radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-10-11 18:12 - 2015-03-16 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live 2015-10-11 18:11 - 2014-12-22 16:36 - 00000000 ____D C:\Users\Radek\Documents\Might & Magic Heroes VI 2015-10-11 18:11 - 2014-12-22 15:59 - 00000000 ____D C:\Program Files (x86)\Ubisoft 2015-10-11 18:09 - 2014-12-02 17:35 - 00000000 ___HD C:\Program Files (x86)\InstallJammer Registry 2015-10-11 18:09 - 2014-05-15 18:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-10-11 18:09 - 2014-05-15 18:15 - 00000000 ____D C:\ProgramData\WildTangent 2015-10-09 10:39 - 2014-11-01 11:55 - 00000000 ____D C:\Users\Radek\AppData\Roaming\Skype 2015-10-07 19:55 - 2015-04-05 20:16 - 00000000 ___SD C:\Windows\system32\GWX 2015-10-07 10:48 - 2015-04-05 20:16 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2015-10-06 14:46 - 2014-10-31 21:51 - 00000000 ____D C:\Users\Radek\AppData\Roaming\LolClient 2015-10-02 20:13 - 2014-10-15 20:21 - 00000000 ____D C:\ProgramData\McAfee 2015-09-30 15:47 - 2014-10-31 16:43 - 00003870 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1414770204 2015-09-30 15:47 - 2014-10-31 16:43 - 00001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2015-09-30 15:47 - 2014-10-31 16:43 - 00000000 ____D C:\Program Files (x86)\Opera 2015-09-30 11:49 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP 2015-09-30 11:49 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM 2015-09-30 11:48 - 2015-07-02 09:31 - 00000000 ____D C:\Windows\System32\Tasks\McAfee 2015-09-30 11:47 - 2015-02-07 14:57 - 00000000 ____D C:\ProgramData\Steam 2015-09-28 17:54 - 2015-09-20 11:14 - 00000000 ____D C:\Users\Radek\AppData\Local\PokerStars.EU ==================== Pliki w katalogu głównym wybranych folderów ======= 2014-10-31 16:29 - 2015-10-27 12:54 - 0000093 _____ () C:\Users\Radek\AppData\Roaming\sp_data.sys 2014-10-31 16:26 - 2015-10-27 12:52 - 0753371 _____ () C:\Users\Radek\AppData\Local\BTServer.log 2014-05-15 18:14 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd 2014-05-15 18:14 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe 2014-05-15 18:14 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS Pliki do przeniesienia lub usunięcia: ==================== C:\ProgramData\SetStretch.VBS Niektóre pliki w TEMP: ==================== C:\Users\Radek\AppData\Local\Temp\AcDeltree.exe C:\Users\Radek\AppData\Local\Temp\FNP_ACT_InstallerCA.dll C:\Users\Radek\AppData\Local\Temp\MSVCR100.dll C:\Users\Radek\AppData\Local\Temp\ntdll.dll C:\Users\Radek\AppData\Local\Temp\QtCore_Ad_SyncNs_4.dll C:\Users\Radek\AppData\Local\Temp\SettingMonitor.dll ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2015-10-26 05:29 ==================== Koniec FRST.txt ============================