Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:31-12-2015 Uruchomiony przez Mat (administrator) MAT-KOMPUTER (03-01-2016 18:40:05) Uruchomiony z C:\Users\Mat\Desktop Załadowane profile: Mat (Dostępne profile: Mat) Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (HP) C:\Windows\System32\HPSIsvc.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe (Visicom Media Inc.) C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe () C:\Program Files (x86)\NetMeter\NetMeter.exe (Spotify Ltd) C:\Users\Mat\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PAV3WSC.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNCSysAction.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11775592 2011-01-26] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-10-24] (NVIDIA Corporation) HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [54520 2015-10-22] (Panda Security, S.L.) HKLM-x32\...\Run: [Bonus.SSR.FR12] => C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1472312 2015-12-29] (ABBYY Production LLC.) HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe, Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1580512357-2792552414-2262919243-1000\...\Run: [C:\Program Files (x86)\NetMeter\NetMeter.exe] => C:\Program Files (x86)\NetMeter\NetMeter.exe [293888 2015-10-24] () HKU\S-1-5-21-1580512357-2792552414-2262919243-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation) HKU\S-1-5-21-1580512357-2792552414-2262919243-1000\...\Run: [Spotify Web Helper] => C:\Users\Mat\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2015-12-14] (Spotify Ltd) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177416 2015-10-24] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155976 2015-10-24] (NVIDIA Corporation) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{1AF2FA7C-EBEA-4102-9F0E-B4D6EF250F93}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKU\S-1-5-21-1580512357-2792552414-2262919243-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation) BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-10-05] () BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-03] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation) BHO-x32: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2015-10-05] () BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-03] (Oracle Corporation) Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-10-05] () Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2015-10-05] () Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Mat\AppData\Roaming\Mozilla\Firefox\Profiles\i9k56w43.default FF Homepage: hxxp://fuckinghomepage.com/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-10-24] (Tracker Software Products (Canada) Ltd.) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-10-24] (Tracker Software Products (Canada) Ltd.) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] () FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-10-24] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-03] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-03] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-10-24] (Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-1580512357-2792552414-2262919243-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-10-24] (Tracker Software Products (Canada) Ltd.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-07-31] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2015-10-24] (Tracker Software Products (Canada) Ltd.) FF Extension: HTTPS-Everywhere - C:\Users\Mat\AppData\Roaming\Mozilla\Firefox\Profiles\i9k56w43.default\extensions\https-everywhere-eff@eff.org [2015-12-17] FF Extension: Ghostery - C:\Users\Mat\AppData\Roaming\Mozilla\Firefox\Profiles\i9k56w43.default\Extensions\firefox@ghostery.com.xpi [2015-12-30] FF Extension: uBlock Origin - C:\Users\Mat\AppData\Roaming\Mozilla\Firefox\Profiles\i9k56w43.default\Extensions\uBlock0@raymondhill.net.xpi [2015-12-28] FF Extension: Adblock Plus - C:\Users\Mat\AppData\Roaming\Mozilla\Firefox\Profiles\i9k56w43.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-15] FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [Brak podpisu cyfrowego] Chrome: ======= CHR HomePage: Default -> hxxp://news.google.com/ CHR StartupUrls: Default -> "hxxp://news.google.com/" CHR Profile: C:\Users\Mat\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Prezentacje Google) - C:\Users\Mat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-24] CHR Extension: (Google Art Project) - C:\Users\Mat\AppData\Local\Google\Chrome\User Data\Default\Extensions\akimgimeeoiognljlfchpbkpfbmeapkh [2015-10-24] CHR Extension: (Dokumenty Google) - C:\Users\Mat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-24] CHR Extension: (Dysk Google) - C:\Users\Mat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24] CHR Extension: (YouTube) - C:\Users\Mat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-24] CHR Extension: (TrafficLight) - C:\Users\Mat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfnpidifppmenkapgihekkeednfoenal [2015-10-24] CHR Extension: (uBlock Origin) - C:\Users\Mat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-01-02] CHR Extension: (Google Search) - C:\Users\Mat\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-03] CHR Extension: (Arkusze Google) - C:\Users\Mat\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-24] CHR Extension: (HTTPS Everywhere) - C:\Users\Mat\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2015-12-22] CHR Extension: (Dokumenty Google offline) - C:\Users\Mat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-03] CHR Extension: (Ghostery) - C:\Users\Mat\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-01-02] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Mat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-24] CHR Extension: (Gmail) - C:\Users\Mat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-24] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-10-18] (Panda Security, S.L.) R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [73464 2015-10-28] (Panda Security, S.L.) R2 panda_url_filtering; C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe [287752 2015-10-02] (Visicom Media Inc.) R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-10-22] (Panda Security, S.L.) S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-12-18] (Disc Soft Ltd) S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [46392 2015-12-18] (Disc Soft Ltd) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-03] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation) R1 networx; C:\Windows\System32\drivers\networx.sys [70120 2015-10-02] (NetFilterSDK.com) R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [94456 2015-07-09] (Panda Security, S.L.) R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [201976 2015-07-09] (Panda Security, S.L.) R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110840 2015-07-09] (Panda Security, S.L.) R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [110840 2015-07-09] (Panda Security, S.L.) R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [57648 2015-05-20] (Panda Security, S.L.) R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [103160 2015-07-09] (Panda Security, S.L.) R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [73464 2015-08-31] (Panda Security, S.L.) R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124152 2015-07-09] (Panda Security, S.L.) R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [300280 2015-07-09] (Panda Security, S.L.) R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [170232 2015-07-09] (Panda Security, S.L.) R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113400 2015-07-09] (Panda Security, S.L.) R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257784 2015-07-09] (Panda Security, S.L.) R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106232 2015-07-09] (Panda Security, S.L.) R3 panda_url_filteringd; C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc.) R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [164088 2015-07-19] (Panda Security, S.L.) R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121592 2015-07-19] (Panda Security, S.L.) R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197880 2015-07-19] (Panda Security, S.L.) R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124152 2015-07-19] (Panda Security, S.L.) R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [134392 2015-07-19] (Panda Security, S.L.) R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107768 2015-07-19] (Panda Security, S.L.) U3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-05-22] (Panda Security, S.L.) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-01-03 18:40 - 2015-05-22 09:45 - 00061712 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys 2016-01-03 18:37 - 2016-01-03 18:37 - 00001281 _____ C:\Users\Mat\Desktop\AdwCleaner[C1].txt 2016-01-03 18:33 - 2016-01-03 18:42 - 00000000 ____D C:\AdwCleaner 2016-01-03 18:32 - 2016-01-03 18:32 - 01745920 _____ C:\Users\Mat\Desktop\adwcleaner_5.027.exe 2016-01-03 18:27 - 2016-01-03 18:30 - 00005431 _____ C:\Users\Mat\Desktop\Fixlog.txt 2016-01-03 18:21 - 2016-01-03 18:21 - 00000000 ____D C:\2-click run 2016-01-03 18:06 - 2016-01-03 18:06 - 00135853 _____ C:\Users\Mat\Desktop\gmer.txt 2016-01-03 17:52 - 2016-01-03 17:52 - 00619688 _____ (Duplex Secure Ltd) C:\Users\Mat\Desktop\SPTDinst-v187-x64.exe 2016-01-03 17:51 - 2016-01-03 17:51 - 00038067 _____ C:\Users\Mat\Desktop\Shortcut.txt 2016-01-03 17:50 - 2016-01-03 18:42 - 00017777 _____ C:\Users\Mat\Desktop\FRST.txt 2016-01-03 17:50 - 2016-01-03 17:51 - 00042130 _____ C:\Users\Mat\Desktop\Addition.txt 2016-01-03 17:50 - 2016-01-03 17:50 - 00380416 _____ C:\Users\Mat\Desktop\sqswtgpi.exe 2016-01-03 17:49 - 2016-01-03 18:40 - 00000000 ____D C:\FRST 2016-01-03 17:48 - 2016-01-03 17:48 - 02370560 _____ (Farbar) C:\Users\Mat\Desktop\FRST64.exe 2016-01-03 17:40 - 2016-01-03 18:40 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-01-03 17:39 - 2016-01-03 17:39 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-01-03 17:39 - 2016-01-03 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-01-03 17:39 - 2016-01-03 17:39 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-01-03 17:39 - 2016-01-03 17:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-01-03 17:39 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-01-03 17:39 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-01-03 17:39 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-01-03 17:17 - 2016-01-03 17:17 - 00000000 _____ C:\Windows\SysWOW64\Number of results 2016-01-03 16:59 - 2016-01-03 17:42 - 00000000 ____D C:\Users\Mat\AppData\Roaming\Opera Software 2016-01-03 16:59 - 2016-01-03 17:42 - 00000000 ____D C:\Users\Mat\AppData\Local\Opera Software 2016-01-03 16:44 - 2016-01-03 17:42 - 00000000 ____D C:\Program Files (x86)\Opera 2016-01-02 14:36 - 2016-01-02 14:39 - 171850198 _____ () C:\Users\Mat\Desktop\EnduRacers_EpsilonEuskadi_v12FULL.exe 2016-01-02 13:53 - 2016-01-02 13:53 - 00000000 ____D C:\Users\Mat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FVR V8SC 2011 Patch 1.98B 2016-01-02 13:53 - 2016-01-02 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FVR V8SC 2011 Patch 1.98B 2016-01-02 13:41 - 2016-01-02 13:41 - 00000000 ____D C:\Users\Mat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FVR V8SC11 Version 1.96 2016-01-02 13:41 - 2016-01-02 13:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FVR V8SC11 Version 1.96 2016-01-02 13:40 - 2016-01-02 13:40 - 00001869 _____ C:\Users\Mat\Desktop\rFactor.lnk 2016-01-02 13:38 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2016-01-02 13:38 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll 2016-01-02 13:37 - 2016-01-02 13:37 - 00000000 ____D C:\Users\Mat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\rFactor 2016-01-02 13:37 - 2016-01-02 13:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\rFactor 2016-01-02 13:35 - 2016-01-02 14:47 - 00000000 ____D C:\Program Files (x86)\rFactor 2016-01-01 21:35 - 2016-01-01 21:35 - 00000000 ____D C:\Users\Mat\AppData\LocalLow\uTorrent 2016-01-01 21:35 - 2016-01-01 21:35 - 00000000 ____D C:\Users\Mat\AppData\Local\uTorrent 2016-01-01 20:36 - 2016-01-01 20:36 - 00186514 _____ C:\Users\Mat\Desktop\foo_out_asio.fb2k-component 2016-01-01 16:09 - 2016-01-01 16:13 - 105698032 _____ C:\Users\Mat\Desktop\CKM_01_2016.pdf 2016-01-01 13:23 - 2016-01-01 13:41 - 00000000 ____D C:\Users\Mat\AppData\Roaming\AIMP 2016-01-01 13:23 - 2016-01-01 13:23 - 00000899 _____ C:\Users\Public\Desktop\AIMP.lnk 2016-01-01 13:23 - 2016-01-01 13:23 - 00000000 ____D C:\Program Files (x86)\AIMP 2016-01-01 13:20 - 2016-01-01 13:20 - 00462174 _____ C:\Users\Mat\Desktop\ASIO4ALL_2_13_English.exe 2016-01-01 13:20 - 2016-01-01 13:20 - 00001142 _____ C:\Users\Mat\Desktop\ASIO4ALL v2 Instruction Manual.lnk 2016-01-01 13:20 - 2016-01-01 13:20 - 00000000 ____D C:\Users\Mat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2 2016-01-01 13:20 - 2016-01-01 13:20 - 00000000 ____D C:\Program Files (x86)\ASIO4ALL v2 2015-12-30 23:12 - 2015-12-30 23:12 - 00952431 _____ C:\Users\Mat\Desktop\D19981118Lj.pdf 2015-12-29 21:28 - 2015-12-29 21:28 - 00000000 ____D C:\Users\Mat\Documents\Niestandardowe szablony pakietu Office 2015-12-29 20:15 - 2015-12-29 20:15 - 23469326 _____ C:\Users\Mat\Desktop\Nowy Dokument.pdf 2015-12-29 17:29 - 2015-12-29 17:39 - 00000000 ____D C:\Users\Mat\Desktop\Nowy folder (3) 2015-12-29 17:08 - 2015-12-29 17:33 - 00000000 ____D C:\Program Files\Scan Tailor 2015-12-29 17:08 - 2015-12-29 17:08 - 06205079 _____ C:\Users\Mat\Downloads\scantailor-0.9.11.1-64bit-install.exe 2015-12-29 17:08 - 2015-12-29 17:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scan Tailor 2015-12-29 17:00 - 2015-12-29 17:00 - 00000000 ____D C:\Users\Mat\AppData\Roaming\ABBYY 2015-12-29 16:56 - 2015-12-29 16:56 - 00002911 _____ C:\Users\Public\Desktop\ABBYY FineReader 12.lnk 2015-12-29 16:56 - 2015-12-29 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 12 2015-12-29 16:50 - 2015-12-29 17:02 - 00000000 ____D C:\Users\Mat\AppData\Local\ABBYY 2015-12-29 16:50 - 2015-12-29 17:01 - 00000000 ____D C:\Program Files (x86)\ABBYY FineReader 12 2015-12-29 16:49 - 2015-12-29 16:49 - 00000000 ____D C:\ProgramData\ABBYY 2015-12-29 16:44 - 2015-12-29 16:44 - 00000000 ____D C:\temp 2015-12-29 16:31 - 2015-12-29 17:02 - 00000000 ____D C:\Users\Mat\Desktop\Nowy folder 2015-12-29 02:59 - 2015-12-29 02:59 - 00156317 _____ C:\Users\Mat\Desktop\3Gmiifk.webm 2015-12-29 00:05 - 2016-01-03 14:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-12-27 17:09 - 2015-12-27 17:09 - 00000000 ____D C:\Users\Mat\Documents\Square Enix 2015-12-27 17:09 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll 2015-12-27 17:09 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll 2015-12-27 16:22 - 2015-12-27 16:22 - 00000000 ____D C:\ProgramData\SystemRequirementsLab 2015-12-27 16:22 - 2015-12-27 16:22 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab 2015-12-27 16:20 - 2015-12-27 16:20 - 00000000 ____D C:\Windows\Sun 2015-12-27 11:56 - 2015-12-27 11:56 - 00303871 _____ C:\Users\Mat\Desktop\BICnQuW.jpeg 2015-12-27 01:01 - 2015-12-27 01:01 - 00000220 _____ C:\Users\Mat\Desktop\Just Cause 2.url 2015-12-26 22:10 - 2015-12-26 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetWorx 2015-12-26 22:10 - 2015-10-02 21:56 - 00070120 _____ (NetFilterSDK.com) C:\Windows\system32\Drivers\networx.sys 2015-12-26 22:09 - 2015-12-26 22:10 - 00000000 ____D C:\Program Files\NetWorx 2015-12-26 22:09 - 2015-12-26 22:09 - 00000000 ____D C:\ProgramData\SoftPerfect 2015-12-22 21:38 - 2015-12-22 21:41 - 260046848 _____ C:\Users\Mat\Desktop\gparted-live-0.24.0-2-i586.iso 2015-12-22 21:18 - 2015-12-22 21:19 - 00000000 ____D C:\Users\Mat\Desktop\uTorrentPortable 2015-12-22 21:14 - 2015-12-22 21:16 - 01310075 _____ (pendrivelinux.com) C:\Users\Mat\Desktop\YUMI-2.0.1.9.exe 2015-12-22 16:46 - 2015-12-22 17:14 - 00000898 _____ C:\Users\Public\Desktop\DreamMail.lnk 2015-12-22 16:46 - 2015-12-22 16:55 - 00000000 ____D C:\Program Files\DreamMail4 2015-12-22 16:46 - 2015-12-22 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DreamMail 2015-12-22 16:35 - 2015-12-22 16:38 - 00000000 ____D C:\Users\Mat\AppData\Roaming\Foxmail7 2015-12-18 15:14 - 2015-12-18 15:15 - 44679961 _____ C:\Users\Mat\Downloads\open_gapps-arm-4.4-pico-20151218.zip 2015-12-18 14:56 - 2015-12-18 14:56 - 00002969 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype dla firm 2016.lnk 2015-12-18 14:56 - 2015-12-18 14:56 - 00002927 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive dla firm.lnk 2015-12-18 14:56 - 2015-12-18 14:56 - 00002914 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk 2015-12-18 14:56 - 2015-12-18 14:56 - 00002853 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk 2015-12-18 14:56 - 2015-12-18 14:56 - 00002817 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2015-12-18 14:56 - 2015-12-18 14:56 - 00002809 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk 2015-12-18 14:56 - 2015-12-18 14:56 - 00002803 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk 2015-12-18 14:56 - 2015-12-18 14:56 - 00002797 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk 2015-12-18 14:56 - 2015-12-18 14:56 - 00002773 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk 2015-12-18 14:56 - 2015-12-18 14:56 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Narzędzia pakietu Microsoft Office 2016 2015-12-18 14:55 - 2015-12-18 14:55 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2015-12-18 14:54 - 2015-12-18 14:54 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2015-12-18 14:51 - 2015-12-18 14:51 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2015-12-18 14:51 - 2015-12-18 14:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services 2015-12-18 14:26 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll 2015-12-18 14:26 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll 2015-12-18 14:19 - 2016-01-03 18:09 - 00000000 ____D C:\Users\Mat\AppData\Roaming\DAEMON Tools Lite 2015-12-18 14:19 - 2015-12-18 14:19 - 00046392 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys 2015-12-18 14:19 - 2015-12-18 14:19 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys 2015-12-18 14:18 - 2015-12-18 14:19 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite 2015-12-18 14:17 - 2015-12-18 14:17 - 01709792 _____ (Disc Soft Ltd.) C:\Users\Mat\Downloads\DTLiteInstaller.exe 2015-12-16 19:46 - 2015-12-16 19:46 - 64864665 _____ C:\Users\Mat\Downloads\Pazdan M - Prawo prywatne międzynarodowe. wyd 13.pdf 2015-12-14 22:42 - 2015-12-14 22:43 - 00218081 _____ C:\Users\Mat\Documents\finansowanie-rolnictwa-2.pdf 2015-12-14 22:42 - 2015-12-14 22:42 - 00000000 ____D C:\Program Files (x86)\MSECache 2015-12-14 22:41 - 2015-12-14 22:41 - 00957248 _____ (Microsoft Corporation) C:\Users\Mat\Desktop\SaveAsPDFandXPS.exe 2015-12-14 00:01 - 2016-01-01 13:41 - 00000000 ____D C:\Users\Mat\AppData\Local\Spotify 2015-12-14 00:01 - 2015-12-14 00:01 - 00001757 _____ C:\Users\Mat\Desktop\Spotify.lnk 2015-12-14 00:01 - 2015-12-14 00:01 - 00001743 _____ C:\Users\Mat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2015-12-14 00:00 - 2016-01-01 13:40 - 00000000 ____D C:\Users\Mat\AppData\Roaming\Spotify 2015-12-13 20:29 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2015-12-13 20:29 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2015-12-09 21:15 - 2015-12-09 21:15 - 00000000 ____D C:\Users\Mat\AppData\Roaming\NVIDIA 2015-12-09 21:13 - 2015-12-09 21:13 - 00000218 _____ C:\Users\Mat\Desktop\Counter-Strike.url 2015-12-09 21:09 - 2015-12-09 21:09 - 00000000 ____D C:\Users\Mat\AppData\Local\Steam 2015-12-09 21:09 - 2015-12-09 21:09 - 00000000 ____D C:\Users\Mat\AppData\Local\CEF 2015-12-09 21:06 - 2016-01-03 18:39 - 00000000 ____D C:\Program Files (x86)\Steam 2015-12-09 21:06 - 2015-12-09 21:06 - 01476720 _____ C:\Users\Mat\Downloads\SteamSetup.exe 2015-12-09 21:06 - 2015-12-09 21:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2015-12-08 22:34 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-12-08 22:34 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-12-08 22:34 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-12-08 22:34 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-12-08 22:34 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-12-08 22:34 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-12-08 22:34 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-12-08 22:34 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-12-08 22:34 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-12-08 22:34 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-12-08 22:34 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-12-08 22:34 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-12-08 22:34 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-12-08 22:34 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-12-08 22:34 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-12-08 22:34 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-12-08 22:34 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-12-08 22:34 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2015-12-08 22:34 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-12-08 22:34 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-12-08 22:34 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-12-08 22:34 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-12-08 22:34 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-12-08 22:34 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-12-08 22:34 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-12-08 22:34 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-12-08 22:34 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-12-08 22:34 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-12-08 22:34 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-12-08 22:34 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-12-08 22:34 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-12-08 22:34 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2015-12-08 22:34 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-12-08 22:34 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-12-08 22:34 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-12-08 22:33 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2015-12-08 22:33 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll 2015-12-08 22:33 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll 2015-12-08 22:33 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll 2015-12-08 22:33 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-12-08 22:33 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-12-08 22:33 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-12-08 22:33 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-12-08 22:33 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-12-08 22:33 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2015-12-08 22:33 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-12-08 22:33 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2015-12-08 22:33 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-12-08 22:33 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-12-08 22:33 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-12-08 22:33 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-12-08 22:33 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-12-08 22:33 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-12-08 22:33 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-12-08 22:33 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-12-08 22:33 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-12-08 22:33 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-12-08 22:33 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-12-08 22:33 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-12-08 22:33 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-12-08 22:33 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-12-08 22:33 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-12-08 22:33 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-12-08 22:33 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-12-08 22:33 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-12-08 22:33 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-12-08 22:33 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-12-08 22:33 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-12-08 22:33 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-12-08 22:33 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-12-08 22:33 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-12-08 22:33 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-12-08 22:33 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-12-08 22:33 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-12-08 22:31 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll 2015-12-08 22:31 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll 2015-12-08 22:31 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys 2015-12-08 22:31 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2015-12-08 22:31 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2015-12-08 22:30 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll 2015-12-08 22:30 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll 2015-12-06 21:25 - 2015-12-06 21:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2015-12-06 21:25 - 2015-12-06 21:25 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard 2015-12-06 21:24 - 2012-08-31 15:10 - 00350720 _____ C:\Windows\system32\mvhlewsi.DLL 2015-12-06 21:24 - 2012-08-31 15:03 - 01696256 _____ C:\Windows\system32\HP1100SM.EXE 2015-12-06 21:24 - 2012-08-31 15:03 - 00288768 _____ C:\Windows\system32\HP1100LM.DLL 2015-12-06 21:23 - 2015-12-06 21:23 - 00000000 ____D C:\Program Files\HP 2015-12-06 21:23 - 2012-09-27 01:27 - 00126880 _____ (HP) C:\Windows\system32\HPSIsvc.exe 2015-12-06 21:22 - 2012-09-26 06:45 - 00052224 _____ C:\Windows\system32\HP1100SMs.dll 2015-12-06 21:21 - 2015-12-06 21:22 - 00000000 ____D C:\LJP1100_P1560_P1600_Full_Solution ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-01-03 18:38 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-01-03 18:37 - 2009-07-14 05:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-01-03 18:37 - 2009-07-14 05:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-01-03 18:29 - 2015-10-24 19:32 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-03 18:13 - 2015-10-24 19:45 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-01-03 18:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows 2016-01-03 18:10 - 2015-12-03 19:28 - 00000000 ____D C:\ProgramData\panda_url_filtering 2016-01-03 18:10 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\schemas 2016-01-03 18:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-01-03 18:08 - 2015-10-24 19:32 - 00000000 ____D C:\Users\Mat\AppData\Roaming\foobar2000 2016-01-03 17:33 - 2009-07-14 05:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-01-03 17:32 - 2015-10-24 13:03 - 00001425 _____ C:\Users\Mat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-01-03 17:30 - 2009-07-14 05:45 - 00483264 _____ C:\Windows\system32\FNTCACHE.DAT 2016-01-01 13:41 - 2015-10-24 19:47 - 00000000 ____D C:\Users\Mat\AppData\Roaming\vlc 2015-12-29 23:48 - 2011-04-12 14:21 - 00891564 _____ C:\Windows\system32\perfh015.dat 2015-12-29 23:48 - 2011-04-12 14:21 - 00203202 _____ C:\Windows\system32\perfc015.dat 2015-12-29 23:48 - 2009-07-14 06:13 - 01869806 _____ C:\Windows\system32\PerfStringBackup.INI 2015-12-29 21:54 - 2015-10-24 13:09 - 00112008 _____ C:\Users\Mat\AppData\Local\GDIPFONTCACHEV1.DAT 2015-12-29 21:41 - 2015-10-24 19:49 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-12-29 01:13 - 2015-10-24 19:45 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-12-29 01:13 - 2015-10-24 19:45 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-29 01:13 - 2015-10-24 19:45 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-12-27 17:06 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-12-18 14:58 - 2011-04-12 14:32 - 00000000 ____D C:\Windows\ShellNew 2015-12-18 14:58 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini 2015-12-18 14:54 - 2015-10-24 19:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2015-12-18 14:50 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2015-12-18 14:49 - 2015-10-24 19:50 - 00000000 ____D C:\Program Files\Microsoft Office 2015-12-16 23:53 - 2015-10-24 19:34 - 00002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-12-09 20:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2015-12-07 13:09 - 2015-10-24 19:46 - 00000000 ____D C:\Users\Mat\AppData\Roaming\TeraCopy 2015-12-06 20:46 - 2015-10-24 19:32 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job Niektóre pliki w TEMP: ==================== C:\Users\Mat\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2015-12-22 18:46 ==================== Koniec FRST.txt ============================