Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-02-2016 Ran by K (administrator) on WINDOWS-UC0ULIN (28-02-2016 11:48:32) Running from C:\Users\K\Downloads Loaded Profiles: K (Available Profiles: K) Platform: Windows 8.1 (X64) Language: Angielski (Stany Zjednoczone) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\WINDOWS\System32\igfxCUIService.exe (Waves Audio Ltd.) C:\Program Files\Realtek\Audio\AP\WavesSysSvc64.exe (Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\IIS\RtkI2SAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\IIS\RtI2SBgProc64.exe (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\WINDOWS\System32\igfxEM.exe (Intel Corporation) C:\WINDOWS\System32\igfxHK.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe () C:\WINDOWS\System32\igfxTray.exe (Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\AP\RtkNGui64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\AP\RtI2SBgProc64.exe (Waves Audio Ltd.) C:\Program Files\Realtek\Audio\AP\WavesSvc64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Microsoft Corporation) C:\WINDOWS\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\TiWorker.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe (Microsoft Corporation) C:\WINDOWS\System32\SettingSyncHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtkNGui] => C:\Program Files\Realtek\Audio\AP\RtkNGui64.exe [8651480 2014-12-18] (Realtek Semiconductor) HKLM\...\Run: [RtI2SBgProc] => C:\Program Files\Realtek\Audio\AP\RtI2SBgProc64.exe [2707672 2014-12-16] (Realtek Semiconductor) HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\AP\WavesSvc64.exe [562264 2014-04-10] (Waves Audio Ltd.) HKLM\...\Run: [CxAgent] => C:\Program Files\Realtek\Audio\AP\CXAPOAgent64.exe [742592 2014-09-18] (Conexant Systems, Inc.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320360 2014-06-25] (Intel Corporation) ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-02-28] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-02-28] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-02-28] (Microsoft Corporation) ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation) ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2016-01-25] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.3.1 Tcpip\..\Interfaces\{524182DF-DF0A-4C36-AAA0-D17CC223DDEF}: [DhcpNameServer] 192.168.3.1 Tcpip\..\Interfaces\{7E0D7CF4-1B8D-4713-990D-8205131C700C}: [DhcpNameServer] 10.49.34.1 10.49.34.2 Internet Explorer: ================== HKU\S-1-5-21-2914736941-381081388-1737449411-1001\Software\Microsoft\Internet Explorer\Main,Start Page = www.dell.com HKU\S-1-5-21-2914736941-381081388-1737449411-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.dell.com SearchScopes: HKU\S-1-5-21-2914736941-381081388-1737449411-1001 -> DefaultScope {1A95DC8F-4A6D-4938-B715-50B59B516306} URL = SearchScopes: HKU\S-1-5-21-2914736941-381081388-1737449411-1001 -> {1A95DC8F-4A6D-4938-B715-50B59B516306} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-02-28] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-02-28] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-02-28] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2016-02-28] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL [2016-02-28] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-28] (Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-02-28] (Microsoft Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2016-02-28] (Microsoft Corporation) FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2016-02-28] (Microsoft Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-30] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-30] (Intel Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-02-28] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2016-02-28] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-28] (Google Inc.) Chrome: ======= CHR HomePage: Default -> hxxp://www.google.pl/ CHR StartupUrls: Default -> "hxxp://www.google.pl/","hxxp://www.meteoprog.pl/pl/weather/Lubin/","hxxp://www.yoursites123.com/?type=hp&ts=1450108654&z=b5fb1acfbecafc7de1a5e2fgfz1wce1g2e6baq2wec&from=wpm07173&uid=ST1000DM003-1CH162_S1D8K4B7XXXXS1D8K4B7" CHR Profile: C:\Users\K\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Prezentacje Google) - C:\Users\K\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-28] CHR Extension: (Dokumenty Google) - C:\Users\K\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-28] CHR Extension: (Dysk Google) - C:\Users\K\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-28] CHR Extension: (YouTube) - C:\Users\K\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-28] CHR Extension: (Google Search) - C:\Users\K\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-28] CHR Extension: (Arkusze Google) - C:\Users\K\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-28] CHR Extension: (Dokumenty Google offline) - C:\Users\K\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-28] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\K\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-28] CHR Extension: (Gmail) - C:\Users\K\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-28] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2016-01-25] (Broadcom Corporation.) S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [243464 2013-08-07] (CyberLink) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-06-25] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328296 2014-11-24] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-09-30] (Intel Corporation) R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1854056 2012-12-07] (Microsoft Corporation) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink) R2 RtkI2SCodec; C:\Program Files\Realtek\Audio\IIS\RtkI2SAudioService64.exe [149720 2015-01-14] (Realtek Semiconductor) R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915408 2013-10-17] (SoftThinks SAS) R2 WavesSysSvc; C:\Program Files\Realtek\Audio\AP\WavesSysSvc64.exe [497664 2014-04-07] (Waves Audio Ltd.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2016-01-25] (Broadcom Corporation.) R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7545008 2016-01-25] (Broadcom Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink) R3 dcdbas; C:\Windows\System32\drivers\dcdbas64.sys [39480 2014-02-19] (Dell Inc.) R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [41824 2014-09-19] (Intel Corporation) R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [38720 2014-09-19] (Intel Corporation) R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [38208 2014-09-19] (Intel Corporation) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [216360 2014-09-19] (Intel Corporation) R3 HidEventFilter; C:\Windows\System32\drivers\HidEventFilter.sys [36192 2014-08-08] (Intel Corporation) S3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-07-28] (Intel Corporation) R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-07-28] (Intel Corporation) S3 iaLPSS_SPI; C:\Windows\System32\drivers\iaLPSS_SPI.sys [100856 2014-07-28] (Intel Corporation) S3 iaLPSS_UART2; C:\Windows\System32\drivers\iaLPSS_UART2.sys [143864 2014-07-28] (Intel Corporation) R3 IntcADSP; C:\Windows\system32\DRIVERS\IntcADSP.sys [725232 2015-01-07] (Intel(R) Corporation) R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79016 2014-08-26] (Intel Corporation) S3 LAN7500; C:\Windows\system32\DRIVERS\lan7500-x64-n630f.sys [96256 2013-04-05] (SMSC) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation) R3 RTKI2SAC; C:\Windows\system32\DRIVERS\RTKI2SAC.sys [216280 2015-01-14] (Realtek Semiconductor Corp.) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [552152 2014-09-09] (Realsil Semiconductor Corporation) S3 VirtualButtons; C:\Windows\System32\drivers\VirtualButtons.sys [31512 2014-08-25] (Intel Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-02-29 00:27 - 2016-02-29 00:27 - 04312976 _____ (WiseCleaner.com ) C:\Users\K\Downloads\WRCFree.exe 2016-02-29 00:27 - 2016-02-29 00:27 - 00001245 _____ C:\Users\Public\Desktop\Wise Registry Cleaner.lnk 2016-02-29 00:27 - 2016-02-29 00:27 - 00000000 ____D C:\Users\K\AppData\Roaming\Wise Registry Cleaner 2016-02-29 00:27 - 2016-02-29 00:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner 2016-02-29 00:27 - 2016-02-29 00:27 - 00000000 ____D C:\Program Files (x86)\Wise 2016-02-29 00:00 - 2016-02-29 00:00 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2016-02-28 23:59 - 2016-02-28 23:59 - 00000000 ____D C:\Program Files\Microsoft Office 2016-02-28 23:58 - 2016-02-28 23:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2016-02-28 23:57 - 2016-02-28 23:57 - 00000000 ____D C:\Program Files\Microsoft Office 15 2016-02-28 23:54 - 2016-02-28 23:55 - 00000000 ____D C:\Users\K\Documents\PROGAMOWANIE OBIEKTOWE DYDAKTYKA 2016-02-28 22:43 - 2016-02-28 22:43 - 00025794 _____ C:\Users\K\Downloads\ResetWUEng.cmd 2016-02-28 22:30 - 2016-02-28 22:30 - 00007601 _____ C:\Users\K\AppData\Local\Resmon.ResmonCfg 2016-02-28 22:27 - 2016-02-28 22:27 - 00021232 _____ C:\Users\K\Downloads\Fix WU.zip 2016-02-28 22:27 - 2016-02-28 22:27 - 00000000 ____D C:\Users\K\Downloads\Fix WU 2016-02-28 22:26 - 2016-02-28 22:26 - 00302011 _____ C:\Users\K\Downloads\WindowsUpdateDiagnostic (1).diagcab 2016-02-28 22:07 - 2016-02-28 22:07 - 00000000 ____D C:\Users\K\AppData\Local\ElevatedDiagnostics 2016-02-28 22:03 - 2016-02-28 22:03 - 00302011 _____ C:\Users\K\Downloads\WindowsUpdateDiagnostic.diagcab 2016-02-28 21:09 - 2016-02-28 21:09 - 01388304 _____ C:\Users\Public\GROUP.dat 2016-02-28 21:08 - 2016-02-28 21:08 - 00002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-28 21:08 - 2016-02-28 21:08 - 00002283 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-02-28 21:02 - 2016-02-29 00:07 - 00001070 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-02-28 21:02 - 2016-02-28 21:08 - 00000000 ____D C:\Program Files (x86)\Google 2016-02-28 21:02 - 2016-02-28 21:02 - 00004042 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-02-28 21:02 - 2016-02-28 21:02 - 00003806 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-02-28 21:02 - 2016-02-28 11:32 - 00001066 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-02-28 21:01 - 2016-02-28 22:05 - 00000000 ____D C:\Users\K\AppData\Local\Google 2016-02-28 20:49 - 2016-02-28 20:49 - 00289579 _____ C:\Users\K\Downloads\AS SSD Benchmark.zip 2016-02-28 20:49 - 2016-02-28 20:49 - 00000000 ____D C:\Users\K\Downloads\AS SSD Benchmark 2016-02-28 20:41 - 2016-02-28 20:41 - 09040640 _____ C:\Users\K\Downloads\9343_BIOS_Rev_A07.exe 2016-02-28 20:39 - 2016-02-28 21:01 - 00000000 ____D C:\Users\K\AppData\Local\Deployment 2016-02-28 20:39 - 2016-02-28 20:39 - 00000000 ____D C:\Users\K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell 2016-02-28 20:39 - 2016-02-28 20:39 - 00000000 ____D C:\Users\K\AppData\Local\Apps\2.0 2016-02-28 11:45 - 2016-02-28 11:49 - 00015355 _____ C:\Users\K\Downloads\FRST.txt 2016-02-28 11:43 - 2016-02-28 11:48 - 00000000 ____D C:\FRST 2016-02-28 11:43 - 2016-02-28 11:43 - 02371072 _____ (Farbar) C:\Users\K\Downloads\FRST64.exe 2016-02-28 03:27 - 2016-02-28 03:27 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2016-02-28 03:18 - 2016-02-28 11:39 - 00809608 _____ C:\windows\system32\perfh015.dat 2016-02-28 03:18 - 2016-02-28 11:39 - 00164434 _____ C:\windows\system32\perfc015.dat 2016-02-28 03:18 - 2016-02-28 03:18 - 00342912 _____ C:\windows\system32\perfi015.dat 2016-02-28 03:18 - 2016-02-28 03:18 - 00041236 _____ C:\windows\system32\perfd015.dat 2016-02-28 03:18 - 2016-02-28 03:18 - 00000000 ____D C:\windows\SysWOW64\XPSViewer 2016-02-28 03:18 - 2016-02-28 03:18 - 00000000 ____D C:\windows\SysWOW64\pl 2016-02-28 03:18 - 2016-02-28 03:18 - 00000000 ____D C:\windows\system32\pl 2016-02-28 03:12 - 2016-02-28 11:37 - 00003596 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2914736941-381081388-1737449411-1001 2016-02-28 03:10 - 2016-02-28 03:10 - 00003992 _____ C:\windows\System32\Tasks\PCDoctorBackgroundMonitorTask 2016-02-28 03:10 - 2016-02-28 03:10 - 00003440 _____ C:\windows\System32\Tasks\PCDEventLauncherTask 2016-02-28 03:10 - 2016-02-28 03:10 - 00003202 _____ C:\windows\System32\Tasks\SystemToolsDailyTest 2016-02-28 03:10 - 2016-02-28 03:10 - 00000000 ____D C:\Users\K\AppData\Roaming\Macromedia 2016-02-28 03:07 - 2016-02-28 11:32 - 00000000 ___RD C:\Users\K\SkyDrive 2016-02-28 03:07 - 2016-02-28 03:07 - 00000000 ____D C:\Users\K\AppData\Roaming\Intel Corporation 2016-02-28 03:06 - 2016-02-28 03:06 - 00000000 ____D C:\Users\K\Documents\Bluetooth Exchange Folder 2016-02-28 03:06 - 2016-02-28 03:06 - 00000000 ____D C:\Users\K\AppData\Local\Power2Go8 2016-02-28 03:06 - 2016-02-28 03:06 - 00000000 ____D C:\Users\K\AppData\Local\PackageStaging 2016-02-28 03:06 - 2016-02-28 03:06 - 00000000 ____D C:\Users\K\AppData\Local\Broadcom 2016-02-28 03:05 - 2016-02-28 03:07 - 00000000 ____D C:\Users\K 2016-02-28 03:05 - 2016-02-28 03:06 - 00000000 ____D C:\Users\K\AppData\Local\Packages 2016-02-28 03:05 - 2016-02-28 03:05 - 00001444 _____ C:\Users\K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-02-28 03:05 - 2016-02-28 03:05 - 00000118 _____ C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-02-28 03:05 - 2016-02-28 03:05 - 00000020 ___SH C:\Users\K\ntuser.ini 2016-02-28 03:05 - 2016-02-28 03:05 - 00000000 _SHDL C:\Users\K\My Documents 2016-02-28 03:05 - 2016-02-28 03:05 - 00000000 _SHDL C:\Users\K\Documents\My Videos 2016-02-28 03:05 - 2016-02-28 03:05 - 00000000 _SHDL C:\Users\K\Documents\My Pictures 2016-02-28 03:05 - 2016-02-28 03:05 - 00000000 _SHDL C:\Users\K\Documents\My Music 2016-02-28 03:05 - 2016-02-28 03:05 - 00000000 __SHD C:\Users\K\IntelGraphicsProfiles 2016-02-28 03:05 - 2016-02-28 03:05 - 00000000 ____D C:\Users\K\AppData\Roaming\Adobe 2016-02-28 03:05 - 2016-02-28 03:05 - 00000000 ____D C:\Users\K\AppData\Local\VirtualStore 2016-02-28 02:58 - 2016-02-28 03:06 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-02-28 02:50 - 2016-02-28 02:50 - 00000000 ____D C:\windows\SMINST 2016-02-28 01:21 - 2016-02-28 01:22 - 313360643 _____ C:\Users\K\Downloads\Język C . Szkoła programowania. Wydanie V. Stephen Prata.pdf ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-02-29 00:03 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-02-29 00:00 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-02-28 22:06 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-02-28 22:06 - 2013-08-22 16:36 - 00000000 ____D C:\windows\AppReadiness 2016-02-28 21:27 - 2016-01-25 03:26 - 00000000 ____D C:\ProgramData\McAfee 2016-02-28 21:26 - 2013-08-22 16:36 - 00000000 ___HD C:\windows\ELAMBKUP 2016-02-28 11:46 - 2013-08-22 16:20 - 00000000 ____D C:\windows\CbsTemp 2016-02-28 11:39 - 2016-01-25 02:42 - 01828496 _____ C:\windows\system32\PerfStringBackup.INI 2016-02-28 11:39 - 2013-08-22 14:36 - 00000000 ____D C:\windows\Inf 2016-02-28 11:35 - 2016-01-25 03:18 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery 2016-02-28 11:32 - 2013-08-22 15:45 - 00000006 ____H C:\windows\Tasks\SA.DAT 2016-02-28 03:18 - 2013-08-22 20:12 - 00000000 ____D C:\Program Files\Windows Journal 2016-02-28 03:18 - 2013-08-22 20:10 - 00000000 ____D C:\windows\SysWOW64\winrm 2016-02-28 03:18 - 2013-08-22 20:10 - 00000000 ____D C:\windows\SysWOW64\WCN 2016-02-28 03:18 - 2013-08-22 20:10 - 00000000 ____D C:\windows\SysWOW64\slmgr 2016-02-28 03:18 - 2013-08-22 20:10 - 00000000 ____D C:\windows\SysWOW64\Printing_Admin_Scripts 2016-02-28 03:18 - 2013-08-22 20:10 - 00000000 ____D C:\windows\system32\winrm 2016-02-28 03:18 - 2013-08-22 20:10 - 00000000 ____D C:\windows\system32\WCN 2016-02-28 03:18 - 2013-08-22 20:10 - 00000000 ____D C:\windows\system32\slmgr 2016-02-28 03:18 - 2013-08-22 20:10 - 00000000 ____D C:\windows\system32\Printing_Admin_Scripts 2016-02-28 03:18 - 2013-08-22 16:36 - 00000000 ___RD C:\windows\ImmersiveControlPanel 2016-02-28 03:18 - 2013-08-22 16:36 - 00000000 ____D C:\windows\WinStore 2016-02-28 03:18 - 2013-08-22 16:36 - 00000000 ____D C:\windows\SysWOW64\MUI 2016-02-28 03:18 - 2013-08-22 16:36 - 00000000 ____D C:\windows\SysWOW64\Com 2016-02-28 03:18 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\SystemResetPlatform 2016-02-28 03:18 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\MUI 2016-02-28 03:18 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\migwiz 2016-02-28 03:18 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\Com 2016-02-28 03:18 - 2013-08-22 16:36 - 00000000 ____D C:\windows\PolicyDefinitions 2016-02-28 03:18 - 2013-08-22 16:36 - 00000000 ____D C:\windows\IME 2016-02-28 03:18 - 2013-08-22 16:36 - 00000000 ____D C:\windows\Help 2016-02-28 03:18 - 2013-08-22 16:36 - 00000000 ____D C:\windows\FileManager 2016-02-28 03:18 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2016-02-28 03:18 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Defender 2016-02-28 03:18 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\System 2016-02-28 03:18 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2016-02-28 03:18 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2016-02-28 03:18 - 2013-08-22 14:36 - 00000000 ____D C:\windows\SysWOW64\oobe 2016-02-28 03:18 - 2013-08-22 14:36 - 00000000 ____D C:\windows\SysWOW64\Dism 2016-02-28 03:18 - 2013-08-22 14:36 - 00000000 ____D C:\windows\system32\Sysprep 2016-02-28 03:18 - 2013-08-22 14:36 - 00000000 ____D C:\windows\system32\oobe 2016-02-28 03:18 - 2013-08-22 14:36 - 00000000 ____D C:\windows\system32\Dism 2016-02-28 03:18 - 2013-08-22 14:36 - 00000000 ____D C:\windows\servicing 2016-02-28 03:10 - 2016-01-25 03:25 - 00000000 ____D C:\ProgramData\PCDr 2016-02-28 02:59 - 2013-08-22 14:25 - 00262144 ___SH C:\windows\system32\config\ELAM 2016-02-28 01:30 - 2013-08-22 14:25 - 00524288 ___SH C:\windows\system32\config\BBI 2016-02-28 01:17 - 2013-08-22 15:44 - 00492264 _____ C:\windows\system32\FNTCACHE.DAT ==================== Files in the root of some directories ======= 2016-02-28 22:30 - 2016-02-28 22:30 - 0007601 _____ () C:\Users\K\AppData\Local\Resmon.ResmonCfg 2016-01-25 03:17 - 2016-01-25 03:18 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log 2016-01-25 03:09 - 2016-01-25 03:10 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log 2016-01-25 03:13 - 2016-01-25 03:16 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log 2016-01-25 03:11 - 2016-01-25 03:13 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log 2016-01-25 03:16 - 2016-01-25 03:17 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log Files to move or delete: ==================== C:\Users\Public\GROUP.dat Some files in TEMP: ==================== C:\Users\K\AppData\Local\Temp\OfficeSetup.exe C:\Users\K\AppData\Local\Temp\SetupProPlusRetail.x64.en-US_ProPlusRetail_6KTFN-PQH9H-T8MMB-YG8K4-367TX_act_1_.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\windows\system32\winlogon.exe => File is digitally signed C:\windows\system32\wininit.exe => File is digitally signed C:\windows\explorer.exe => File is digitally signed C:\windows\SysWOW64\explorer.exe => File is digitally signed C:\windows\system32\svchost.exe => File is digitally signed C:\windows\SysWOW64\svchost.exe => File is digitally signed C:\windows\system32\services.exe => File is digitally signed C:\windows\system32\User32.dll => File is digitally signed C:\windows\SysWOW64\User32.dll => File is digitally signed C:\windows\system32\userinit.exe => File is digitally signed C:\windows\SysWOW64\userinit.exe => File is digitally signed C:\windows\system32\rpcss.dll => File is digitally signed C:\windows\system32\dnsapi.dll => File is digitally signed C:\windows\SysWOW64\dnsapi.dll => File is digitally signed C:\windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-01-25 04:38 ==================== End of FRST.txt ============================