Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:18-01-2016 Uruchomiony przez MASTER (administrator) HP (23-01-2016 12:04:33) Uruchomiony z C:\Users\MASTER\Downloads Załadowane profile: MASTER (Dostępne profile: MASTER) Platform: Windows 8.1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Opera) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe () C:\ProgramData\MobileBrServ\mbbService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (pdfforge GmbH) C:\Program Files\PDF Architect 4\ws.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\Windows-KB890830-x64-V5.32.exe (Microsoft Corporation) C:\Windows\System32\MRT.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater\HPSSFUpdater.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573208 2014-04-22] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2198872 2014-03-28] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard) HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard) HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2811120 2014-03-13] (Synaptics Incorporated) HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-02-13] (Hewlett-Packard Company) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-26] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2015-11-08] (AVAST Software) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-815356041-1699837707-3089796282-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-815356041-1699837707-3089796282-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.) HKU\S-1-5-21-815356041-1699837707-3089796282-1001\...\MountPoints2: {2a437a52-3c2c-11e5-8298-142d27d525b2} - "G:\AutoRun.exe" ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-10] (AVAST Software) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-05-20] ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation) Startup: C:\Users\MASTER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Powiadomienia monitorowania tuszu - HP Deskjet 4640 series (Kopia 2).lnk [2016-01-23] ShortcutTarget: Powiadomienia monitorowania tuszu - HP Deskjet 4640 series (Kopia 2).lnk -> C:\Program Files\HP\HP Deskjet 4640 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) GroupPolicy: Ograniczenia - Chrome <======= UWAGA CHR HKU\S-1-5-21-815356041-1699837707-3089796282-1001\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{123A6058-DD18-4832-B27A-2B8B4BA2CB90}: [NameServer] 199.203.131.145,82.163.143.167 Tcpip\..\Interfaces\{1BA697C8-710D-41D1-AF91-4D4EEDCDCE73}: [NameServer] 199.203.131.145,82.163.143.167 Tcpip\..\Interfaces\{1BA697C8-710D-41D1-AF91-4D4EEDCDCE73}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{90B013FB-20F0-4AA8-A0C6-F964E51690E7}: [NameServer] 199.203.131.145,82.163.143.167 Tcpip\..\Interfaces\{90B013FB-20F0-4AA8-A0C6-F964E51690E7}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{AE0C2CF5-8BD7-4C72-8373-93973978659E}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{E525B93A-9B56-4468-B545-2478F60E245C}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-815356041-1699837707-3089796282-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.interia.pl/#utm_source=instalki1&utm_medium=installer&utm_campaign=instalki1&iwa_source=installer_instalki SearchScopes: HKLM -> {2392DA0A-DAF4-4E9F-9136-BDA7F25228BE} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> {2392DA0A-DAF4-4E9F-9136-BDA7F25228BE} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-815356041-1699837707-3089796282-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-815356041-1699837707-3089796282-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2015-10-19] (pdfforge GmbH) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-12-20] (Hewlett-Packard Company) Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2015-10-19] (pdfforge GmbH) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension FF Extension: PDF Architect 4 Creator - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2015-11-13] [Brak podpisu cyfrowego] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-10] Chrome: ======= CHR dev: Chrome dev build wykryto! <======= UWAGA CHR HomePage: Default -> hxxp://google.pl/ CHR StartupUrls: Default -> "hxxp://google.pl/" CHR Session Restore: Default -> [funkcja włączona] CHR Profile: C:\Users\MASTER\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Avast SafePrice) - C:\Users\MASTER\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-06-14] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA CHR Extension: (Avast Online Security) - C:\Users\MASTER\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-14] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA CHR Extension: (Skype) - C:\Users\MASTER\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-18] CHR Extension: (Google Wallet) - C:\Users\MASTER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-14] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-07-14] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-14] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08] Opera: ======= OPR Extension: (Adblock Plus) - C:\Users\MASTER\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-08-09] OPR Extension: (Jungle Net) - C:\Users\MASTER\AppData\Roaming\Opera Software\Opera Stable\Extensions\pajlpahdaliammhacpdhhhkfnjijmmnk [2015-08-29] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-10] (AVAST Software) S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-13] (Broadcom Corporation.) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26168 2015-12-20] (Hewlett-Packard Company) R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-26] (Hewlett-Packard Development Company, L.P.) R2 Huawei E3372; C:\ProgramData\MobileBrServ\mbbservice.exe [240720 2014-03-07] () R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Brak podpisu cyfrowego] R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation) R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation) U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-03-28] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20539168 2014-03-28] (NVIDIA Corporation) R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [Brak podpisu cyfrowego] R3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2015-10-19] (pdfforge GmbH) S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2015-10-19] (pdfforge GmbH) R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2015-10-19] (pdfforge GmbH) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [190704 2014-03-13] (Synaptics Incorporated) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X] S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X] S2 wfsrvc_1.10.0.28; "C:\Program Files (x86)\WordFly_1.10.0.28\Service\wfsrvc.exe" [X] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-10] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-10] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-10] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-10] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-08] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-08] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-10] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-10] (AVAST Software) R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-13] (Broadcom Corporation.) R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7517872 2014-05-20] (Broadcom Corporation) S3 BtwSerialBus; C:\Windows\System32\drivers\BtwSerialBus.sys [150744 2013-09-09] (Broadcom Corporation.) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink) S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider) S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-02-16] (Disc Soft Ltd) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] () R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-13] () R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-13] () R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-13] () R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-28] (NVIDIA Corporation) S3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466136 2014-01-14] (Realsil Semiconductor Corporation) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-03-13] (Synaptics Incorporated) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-03-13] (Synaptics Incorporated) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) R1 wfdrvr_vw_1_10_0_28; C:\Windows\System32\drivers\wfdrvr_vw_1_10_0_28.sys [57712 2015-10-30] (WF) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-01-23 12:04 - 2016-01-23 12:05 - 00024333 _____ C:\Users\MASTER\Downloads\FRST.txt 2016-01-23 12:03 - 2016-01-23 12:04 - 00000000 ____D C:\FRST 2016-01-23 12:02 - 2016-01-23 12:02 - 02370560 _____ (Farbar) C:\Users\MASTER\Downloads\FRST64.exe 2016-01-23 12:00 - 2016-01-23 12:00 - 00371057 _____ C:\Users\MASTER\Downloads\gm.zip 2016-01-23 11:51 - 2016-01-23 11:51 - 00001213 _____ C:\Users\MASTER\Desktop\Kontynuuj instalację AdwCleaner 5.003.lnk 2016-01-21 21:43 - 2016-01-21 21:43 - 00171841 _____ C:\Users\MASTER\Documents\karta pracy.pdf 2016-01-21 10:39 - 2016-01-21 10:39 - 00023040 ___SH C:\Users\MASTER\Desktop\Thumbs.db 2016-01-19 23:20 - 2016-01-19 23:20 - 00091427 _____ C:\Users\MASTER\Desktop\WdL_k11.pdf 2016-01-19 19:17 - 2016-01-19 19:18 - 11137024 _____ C:\Users\MASTER\Downloads\seminarium_19.01.11_pop.ppt 2016-01-19 15:35 - 2016-01-19 15:35 - 24394775 _____ C:\Users\MASTER\Downloads\Brożek_Hohol_R1.pdf 2016-01-19 15:35 - 2016-01-19 15:35 - 00380649 _____ C:\Users\MASTER\Downloads\Cipora_et_al.pdf 2016-01-18 12:28 - 2016-01-18 12:28 - 06055953 _____ C:\Users\MASTER\Downloads\umowy.pdf 2016-01-18 12:25 - 2016-01-18 12:25 - 02141372 _____ C:\Users\MASTER\Downloads\Umowa Nowak.pdf 2016-01-17 14:29 - 2016-01-17 14:30 - 00383604 _____ C:\Users\MASTER\Downloads\Matura 2015- Fizyka - poziom rozszerzony[arkusze] (1) (1).pdf 2016-01-17 14:24 - 2016-01-17 14:24 - 02780911 _____ C:\Users\MASTER\Downloads\Matura2014_Fizyka_NOWA_MATURA_PR_arkuszOPERON.pdf 2016-01-17 14:24 - 2016-01-17 14:24 - 01723195 _____ C:\Users\MASTER\Downloads\matura probna z operonem listopad2015Fizyka_arkusz.pdf 2016-01-17 14:24 - 2016-01-17 14:24 - 00511179 _____ C:\Users\MASTER\Downloads\MATURA PROBNA CKE ARKUSZ GRUDZIEN 2015.pdf 2016-01-17 14:24 - 2016-01-17 14:24 - 00383604 _____ C:\Users\MASTER\Downloads\Matura 2015- Fizyka - poziom rozszerzony[arkusze] (1).pdf 2016-01-17 14:19 - 2016-01-17 14:19 - 02139131 _____ C:\Users\MASTER\Downloads\FWD-_arkusze_maturalne_z_fizyki.zip 2016-01-15 15:46 - 2016-01-15 15:46 - 00003168 _____ C:\Windows\System32\Tasks\{3231C55A-F800-4457-99F5-870460284996} 2016-01-15 15:22 - 2016-01-15 15:22 - 00000000 ____D C:\Users\MASTER\AppData\Roaming\Unigraphics Solutions 2016-01-15 15:18 - 2016-01-15 15:18 - 00003156 _____ C:\Windows\System32\Tasks\{92C1C6E9-E0FE-4EB2-81D4-7481B2627CED} 2016-01-15 15:16 - 2012-11-22 00:28 - 00000020 _____ C:\Users\MASTER\Desktop\key.txt 2016-01-15 15:14 - 2016-01-15 15:14 - 00000000 ____D C:\Program Files\Solid Edge V17 2016-01-15 15:09 - 2016-01-15 16:30 - 00000000 ____D C:\Users\MASTER\AppData\Local\ApplicationHistory 2016-01-15 15:09 - 2016-01-15 15:09 - 00000094 _____ C:\Users\MASTER\AppData\Local\fusioncache.dat 2016-01-15 15:08 - 2016-01-15 15:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solid Edge V17 2016-01-15 15:07 - 2016-01-15 15:45 - 00000000 ____D C:\Program Files (x86)\Solid Edge V17 2016-01-15 15:02 - 2016-01-15 15:02 - 00000000 ____D C:\Windows\SysWOW64\URTTEMP 2016-01-15 14:59 - 2016-01-15 14:59 - 00003224 _____ C:\Windows\System32\Tasks\{F89A535E-D949-4D59-8C81-DFFE0ED69E02} 2016-01-13 23:01 - 2016-01-13 23:06 - 00002559 _____ C:\Users\MASTER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk 2016-01-13 23:01 - 2016-01-13 23:06 - 00002512 _____ C:\Users\MASTER\Desktop\WarThunder.lnk 2016-01-13 23:01 - 2016-01-13 23:01 - 00003628 _____ C:\Windows\System32\Tasks\WarThunder24 2016-01-13 23:01 - 2016-01-13 23:01 - 00003628 _____ C:\Windows\System32\Tasks\WarThunder sun 2016-01-13 23:01 - 2016-01-13 23:01 - 00002774 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2016-01-13 23:01 - 2016-01-13 23:01 - 00000841 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-01-13 23:01 - 2016-01-13 23:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2016-01-13 23:01 - 2016-01-13 23:01 - 00000000 ____D C:\Program Files\CCleaner 2016-01-13 23:00 - 2016-01-13 23:00 - 04765152 _____ (Piriform Ltd) C:\Users\MASTER\Downloads\CCleaner_Setup.exe 2016-01-13 23:00 - 2016-01-13 23:00 - 00000000 ____D C:\Users\MASTER\AppData\Roaming\WarThunder 2016-01-13 22:57 - 2016-01-13 23:12 - 08388608 _____ C:\Users\MASTER\Downloads\CCleaner_Setup.vhdx 2016-01-13 19:01 - 2015-12-10 01:40 - 00033456 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-01-13 19:01 - 2015-11-17 22:07 - 01380864 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-01-13 19:01 - 2015-11-17 22:07 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-01-13 19:01 - 2015-11-17 22:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-01-13 16:59 - 2016-01-13 16:59 - 00660992 _____ C:\Users\MASTER\Downloads\14. Obrazy swiata II_15.ppt 2016-01-13 16:20 - 2015-12-11 05:38 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-01-13 16:20 - 2015-12-11 05:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-01-13 16:20 - 2015-12-11 04:55 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-01-13 16:20 - 2015-12-11 04:50 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-01-13 16:20 - 2015-12-11 04:45 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-01-13 16:20 - 2015-12-11 04:21 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-01-13 16:20 - 2015-12-11 04:18 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-01-13 16:20 - 2015-12-11 04:09 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2016-01-13 16:20 - 2015-12-11 04:09 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-01-13 16:20 - 2015-12-11 04:03 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-01-13 16:20 - 2015-12-11 03:59 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-01-13 16:20 - 2015-12-11 03:43 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-01-13 16:20 - 2015-12-11 03:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2016-01-13 16:20 - 2015-12-11 03:38 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-01-13 16:20 - 2015-12-11 03:37 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-01-13 16:20 - 2015-12-11 03:35 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-01-13 16:20 - 2015-12-11 03:26 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-01-13 16:20 - 2015-12-11 03:14 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-01-13 16:20 - 2015-12-11 03:12 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-01-13 16:20 - 2015-12-11 03:08 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-01-13 16:20 - 2015-12-11 03:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-01-13 16:19 - 2015-12-30 20:32 - 07453016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-01-13 16:19 - 2015-12-30 20:32 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-01-13 16:19 - 2015-12-30 20:32 - 01499912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-01-13 16:19 - 2015-12-11 01:13 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-01-13 16:19 - 2015-12-11 01:13 - 00705024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-01-13 16:19 - 2015-12-11 01:13 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-01-13 16:19 - 2015-12-11 01:13 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2016-01-13 16:19 - 2015-12-08 20:08 - 00685432 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-01-13 16:19 - 2015-12-08 20:07 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-01-13 16:19 - 2015-12-07 11:56 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2016-01-13 16:19 - 2015-12-05 06:58 - 02745184 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2016-01-13 16:19 - 2015-12-05 06:58 - 02528784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2016-01-13 16:19 - 2015-12-05 06:58 - 02450240 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL 2016-01-13 16:19 - 2015-12-05 06:58 - 02447136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL 2016-01-13 16:19 - 2015-12-05 06:58 - 02334104 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll 2016-01-13 16:19 - 2015-12-05 06:58 - 02324744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll 2016-01-13 16:19 - 2015-12-05 06:58 - 01877504 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll 2016-01-13 16:19 - 2015-12-05 06:58 - 01798480 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll 2016-01-13 16:19 - 2015-12-05 06:58 - 01484888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll 2016-01-13 16:19 - 2015-12-05 06:58 - 01288128 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll 2016-01-13 16:19 - 2015-12-05 06:58 - 01210200 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL 2016-01-13 16:19 - 2015-12-05 06:58 - 01150232 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL 2016-01-13 16:19 - 2015-12-05 06:58 - 01115640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll 2016-01-13 16:19 - 2015-12-05 06:58 - 01037680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL 2016-01-13 16:19 - 2015-12-05 06:58 - 00914672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL 2016-01-13 16:19 - 2015-12-05 06:58 - 00850680 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll 2016-01-13 16:19 - 2015-12-05 06:58 - 00735496 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2016-01-13 16:19 - 2015-12-05 06:58 - 00700360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll 2016-01-13 16:19 - 2015-12-05 06:58 - 00629600 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL 2016-01-13 16:19 - 2015-12-05 06:58 - 00584656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2016-01-13 16:19 - 2015-12-05 06:58 - 00557856 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL 2016-01-13 16:19 - 2015-12-05 06:58 - 00498472 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll 2016-01-13 16:19 - 2015-12-05 06:58 - 00492736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL 2016-01-13 16:19 - 2015-12-05 06:58 - 00463776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL 2016-01-13 16:19 - 2015-12-05 06:58 - 00399776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll 2016-01-13 16:19 - 2015-12-05 06:58 - 00299080 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL 2016-01-13 16:19 - 2015-12-05 06:58 - 00275312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL 2016-01-13 16:19 - 2015-12-05 06:58 - 00274280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL 2016-01-13 16:19 - 2015-12-05 06:58 - 00250520 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL 2016-01-13 16:19 - 2015-12-05 06:58 - 00248432 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL 2016-01-13 16:19 - 2015-12-05 06:58 - 00246856 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL 2016-01-13 16:19 - 2015-12-05 06:58 - 00244296 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2016-01-13 16:19 - 2015-12-05 06:58 - 00229272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL 2016-01-13 16:19 - 2015-12-05 06:58 - 00203016 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL 2016-01-13 16:19 - 2015-12-05 06:58 - 00184912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL 2016-01-13 16:19 - 2015-12-05 06:58 - 00183856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL 2016-01-13 16:19 - 2015-12-05 06:58 - 00116720 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL 2016-01-13 16:19 - 2015-12-05 06:58 - 00110544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2016-01-13 16:19 - 2015-12-05 06:58 - 00099136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL 2016-01-13 16:19 - 2015-12-05 06:58 - 00090904 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll 2016-01-13 16:19 - 2015-12-05 06:58 - 00090392 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll 2016-01-13 16:19 - 2015-12-05 06:58 - 00081032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll 2016-01-13 16:19 - 2015-12-05 06:58 - 00076936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll 2016-01-13 16:19 - 2015-12-04 16:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2016-01-13 16:19 - 2015-12-03 20:42 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2016-01-13 16:19 - 2015-12-03 20:42 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2016-01-13 16:19 - 2015-12-03 20:42 - 00137968 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-01-13 16:19 - 2015-12-03 20:42 - 00106960 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll 2016-01-13 16:19 - 2015-12-03 20:41 - 00177488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-01-13 16:19 - 2015-12-03 19:52 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll 2016-01-13 16:19 - 2015-12-03 19:52 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-01-13 16:19 - 2015-12-03 19:52 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll 2016-01-13 16:19 - 2015-12-03 19:28 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-01-13 16:19 - 2015-12-03 19:28 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-01-13 16:19 - 2015-12-03 19:07 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2016-01-13 16:19 - 2015-12-03 19:07 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax 2016-01-13 16:19 - 2015-12-03 19:05 - 00644608 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL 2016-01-13 16:19 - 2015-12-03 19:02 - 01664000 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL 2016-01-13 16:19 - 2015-12-03 19:00 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL 2016-01-13 16:19 - 2015-12-03 18:58 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll 2016-01-13 16:19 - 2015-12-03 18:51 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2016-01-13 16:19 - 2015-12-03 18:36 - 01697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2016-01-13 16:19 - 2015-12-03 18:30 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL 2016-01-13 16:19 - 2015-12-03 18:28 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2016-01-13 16:19 - 2015-12-03 18:28 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax 2016-01-13 16:19 - 2015-12-03 18:27 - 00736256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL 2016-01-13 16:19 - 2015-12-03 18:24 - 01411584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL 2016-01-13 16:19 - 2015-12-03 18:23 - 00402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL 2016-01-13 16:19 - 2015-12-03 18:16 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2016-01-13 16:19 - 2015-12-03 18:13 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-01-13 16:19 - 2015-12-03 18:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-01-13 16:19 - 2015-12-03 18:06 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2016-01-13 16:19 - 2015-12-03 18:01 - 00743936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL 2016-01-13 16:19 - 2015-12-03 17:45 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-01-13 16:19 - 2015-12-03 17:40 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL 2016-01-13 16:19 - 2015-12-03 17:29 - 00887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL 2016-01-13 16:19 - 2015-12-02 16:04 - 00670208 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2016-01-13 16:19 - 2015-12-02 16:01 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2016-01-13 16:10 - 2016-01-13 16:10 - 18885347 _____ C:\Users\MASTER\Downloads\Modele umysłu - Z. Chlewiński.pdf 2016-01-12 21:09 - 2016-01-12 21:09 - 10561944 _____ C:\Users\MASTER\Downloads\Trojan_R4.pdf 2016-01-12 21:08 - 2016-01-12 21:08 - 18394661 _____ C:\Users\MASTER\Downloads\Trojan_R3.pdf 2016-01-12 20:52 - 2016-01-12 20:52 - 00081073 _____ C:\Users\MASTER\Downloads\Plan_2015-2016_tablica (1).xlsx 2016-01-12 20:50 - 2016-01-12 20:50 - 00081073 _____ C:\Users\MASTER\Downloads\Plan_2015-2016_tablica.xlsx 2016-01-12 20:50 - 2016-01-12 20:50 - 00000085 ____H C:\Users\MASTER\Downloads\.~lock.Plan_2015-2016_tablica.xlsx# 2016-01-10 20:45 - 2016-01-10 20:45 - 00002250 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk 2016-01-08 18:09 - 2016-01-08 18:09 - 02071426 _____ C:\Users\MASTER\Downloads\m_44_2014_08_01.pdf 2016-01-08 18:09 - 2016-01-08 18:09 - 01957599 _____ C:\Users\MASTER\Downloads\m_44_2014_01_X.pdf 2016-01-08 18:09 - 2016-01-08 18:09 - 01915848 _____ C:\Users\MASTER\Downloads\m_44_2014_01_01.pdf 2016-01-08 18:09 - 2016-01-08 18:09 - 00069626 _____ C:\Users\MASTER\Downloads\m_44_2014_01_X_k.pdf 2016-01-08 18:08 - 2016-01-08 18:08 - 06992325 _____ C:\Users\MASTER\Downloads\m_44_2015_01_X.pdf 2016-01-08 18:08 - 2016-01-08 18:08 - 03696595 _____ C:\Users\MASTER\Downloads\m_44_2014_08_X.pdf 2016-01-08 18:08 - 2016-01-08 18:08 - 01377458 _____ C:\Users\MASTER\Downloads\m_44_2013_10_X.pdf 2016-01-08 18:08 - 2016-01-08 18:08 - 01105850 _____ C:\Users\MASTER\Downloads\m_44_2013_10_01.pdf 2016-01-08 18:08 - 2016-01-08 18:08 - 00391874 _____ C:\Users\MASTER\Downloads\m_44_2014_05_X.pdf 2016-01-08 18:08 - 2016-01-08 18:08 - 00126526 _____ C:\Users\MASTER\Downloads\m_44_2015_01_X_k.pdf 2016-01-08 18:08 - 2016-01-08 18:08 - 00100011 _____ C:\Users\MASTER\Downloads\m_44_2014_05_X_k.pdf 2016-01-08 18:08 - 2016-01-08 18:08 - 00100004 _____ C:\Users\MASTER\Downloads\m_44_2014_08_X_k.pdf 2016-01-08 18:08 - 2016-01-08 18:08 - 00069627 _____ C:\Users\MASTER\Downloads\m_44_2013_10_X_k.pdf 2016-01-08 18:07 - 2016-01-08 18:08 - 03100567 _____ C:\Users\MASTER\Downloads\m_44_2015_01_01.pdf 2016-01-06 20:45 - 2016-01-06 20:45 - 00620120 _____ C:\Users\MASTER\Downloads\WDPP Egzamin zagadnienia i opracowanie.rar 2016-01-06 20:42 - 2016-01-06 20:42 - 00348394 _____ C:\Users\MASTER\Downloads\2016_pytania_filozofia.pdf 2016-01-02 20:00 - 2016-01-02 20:01 - 06299799 _____ C:\Users\MASTER\Downloads\Zagadnienia egzaminacyjne MPK.rar 2015-12-28 19:17 - 2015-12-28 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-01-23 12:03 - 2013-08-22 14:36 - 00000000 ____D C:\Windows 2016-01-23 12:02 - 2015-08-29 22:38 - 00000000 ____D C:\Users\MASTER\AppData\Roaming\Skype 2016-01-23 11:53 - 2015-07-14 13:12 - 00000992 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job 2016-01-23 11:47 - 2014-12-17 16:07 - 00003964 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{DFBDF8BB-FF8A-4CB5-B812-6DEB0CE3E009} 2016-01-23 11:45 - 2014-12-16 22:56 - 00000000 ____D C:\Users\MASTER\Documents\Youcam 2016-01-23 11:44 - 2015-05-15 16:18 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08f225b361215.job 2016-01-22 23:41 - 2015-07-14 13:12 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-01-22 23:25 - 2014-12-17 16:08 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-815356041-1699837707-3089796282-1001 2016-01-22 23:23 - 2015-05-15 16:18 - 00001062 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08f225b65a510.job 2016-01-22 23:23 - 2015-02-07 18:19 - 00001062 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d042fa3bb54630.job 2016-01-21 18:49 - 2015-08-27 16:07 - 00003876 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1440688029 2016-01-21 18:49 - 2015-08-27 16:07 - 00001070 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2016-01-21 18:49 - 2015-06-13 15:29 - 00000000 ____D C:\Program Files (x86)\Opera 2016-01-21 10:23 - 2015-10-04 19:30 - 00000000 ____D C:\Users\MASTER\Desktop\kognitywistyka 2016-01-20 16:41 - 2015-07-14 13:12 - 00003946 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2016-01-20 16:41 - 2015-07-14 13:12 - 00003818 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-01-19 23:20 - 2015-09-08 17:33 - 00857600 ___SH C:\Users\MASTER\Downloads\Thumbs.db 2016-01-19 23:20 - 2014-12-18 16:00 - 00000000 ____D C:\Users\MASTER\AppData\Local\CrashDumps 2016-01-19 18:41 - 2014-12-20 21:51 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-01-19 18:41 - 2014-12-20 21:51 - 00000000 ____D C:\Windows\system32\MRT 2016-01-19 15:14 - 2015-08-29 22:37 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-01-18 13:32 - 2015-09-25 11:32 - 00000000 ___RD C:\Users\MASTER\Desktop\uam 2016-01-18 13:31 - 2015-08-25 15:19 - 00000000 ___RD C:\Users\MASTER\Desktop\inne 2016-01-18 13:31 - 2014-12-20 17:39 - 00000000 ___RD C:\Users\MASTER\Desktop\zdjecia 2016-01-17 16:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache 2016-01-16 17:39 - 2015-02-19 15:45 - 00000000 ____D C:\Users\MASTER\Documents\Euro Truck Simulator 2 2016-01-15 15:03 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\Registration 2016-01-15 15:02 - 2014-05-12 23:07 - 00850104 _____ C:\Windows\system32\perfh015.dat 2016-01-15 15:02 - 2014-05-12 23:07 - 00185674 _____ C:\Windows\system32\perfc015.dat 2016-01-15 15:02 - 2014-04-02 10:52 - 01998432 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2016-01-15 15:02 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf 2016-01-14 17:34 - 2014-03-18 10:53 - 01971452 _____ C:\Windows\system32\PerfStringBackup.INI 2016-01-14 17:25 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-01-14 17:25 - 2013-08-22 15:44 - 00561904 _____ C:\Windows\system32\FNTCACHE.DAT 2016-01-13 23:13 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2016-01-13 23:12 - 2014-12-20 21:55 - 00000000 ___SD C:\Windows\system32\CompatTel 2016-01-13 23:12 - 2014-12-20 21:55 - 00000000 ____D C:\Windows\system32\appraiser 2016-01-13 23:06 - 2015-02-16 14:42 - 00000000 ____D C:\Users\MASTER\AppData\Roaming\DAEMON Tools Lite 2016-01-13 23:06 - 2014-04-02 11:25 - 00000000 ____D C:\Windows\Panther 2016-01-13 19:06 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp 2016-01-10 20:51 - 2014-05-12 14:01 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard 2016-01-10 20:50 - 2014-05-12 14:01 - 00000000 ____D C:\ProgramData\Hewlett-Packard 2016-01-10 20:45 - 2014-05-12 14:01 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support 2016-01-10 20:45 - 2014-05-12 13:49 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-01-10 20:45 - 2014-05-12 13:46 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard 2016-01-10 20:39 - 2014-12-17 16:06 - 00000000 ____D C:\Users\MASTER\AppData\Roaming\hpqlog 2016-01-10 20:38 - 2014-04-01 02:07 - 00000000 ____D C:\SWSetup 2016-01-09 15:58 - 2015-10-16 19:37 - 00013312 ___SH C:\Users\MASTER\Documents\Thumbs.db 2016-01-08 18:36 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF 2016-01-08 11:19 - 2014-12-16 22:55 - 00000000 ____D C:\Users\MASTER 2016-01-07 19:23 - 2014-12-21 20:17 - 00000000 ____D C:\Users\MASTER\AppData\Local\Microsoft Help 2016-01-05 21:04 - 2014-12-19 22:06 - 00826872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-01-05 21:04 - 2014-12-19 22:06 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-28 19:17 - 2015-08-29 22:38 - 00000000 ____D C:\Users\MASTER\AppData\Local\Skype 2015-12-28 19:17 - 2015-08-29 22:37 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk 2015-12-28 19:17 - 2015-08-29 22:37 - 00000000 ____D C:\ProgramData\Skype ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-07-10 16:04 - 2015-08-08 15:35 - 0000020 _____ () C:\Users\MASTER\AppData\Roaming\appdataFr2.bin 2015-07-03 21:04 - 2015-08-12 13:41 - 0000024 _____ () C:\Users\MASTER\AppData\Roaming\appdataFr25.bin 2015-01-25 17:12 - 2015-07-22 16:47 - 0000365 _____ () C:\Users\MASTER\AppData\Roaming\XDSUPF 2016-01-15 15:09 - 2016-01-15 15:09 - 0000094 _____ () C:\Users\MASTER\AppData\Local\fusioncache.dat 2015-10-19 13:21 - 2015-10-19 13:21 - 0016938 _____ () C:\Users\MASTER\AppData\Local\recently-used.xbel 2015-08-27 12:47 - 2015-08-27 12:47 - 0000057 _____ () C:\ProgramData\Ament.ini 2015-08-29 22:29 - 2015-08-29 22:29 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Pliki do przeniesienia lub usunięcia: ==================== C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Niektóre pliki w TEMP: ==================== C:\Users\MASTER\AppData\Local\Temp\ICReinstall_AdwCleaner_5.exe C:\Users\MASTER\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-01-13 19:05 ==================== Koniec FRST.txt ============================