Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:18-04-2016 Uruchomiony przez Arek (administrator) KOMPWKUCHNI (23-04-2016 15:44:14) Uruchomiony z C:\Users\Arek\Desktop Załadowane profile: Arek (Dostępne profile: Arek) Platform: Windows 8.1 Pro (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (GG Network S.A.) C:\Users\Arek\AppData\Local\GG\Application\gghub.exe (GG Network S.A.) C:\Users\Arek\AppData\Local\GG\Application\ggapp.exe (IDRIX) C:\Program Files\VeraCrypt\VeraCrypt.exe (Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Microsoft Corporation) C:\Windows\System32\StikyNot.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe (GG Network S.A.) C:\Users\Arek\AppData\Local\GG\Application\ggdrive\ggdrive.exe (TomTom) C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Wondershare) C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\WinStore\WSHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8849152 2016-04-12] (Realtek Semiconductor) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597016 2016-03-31] (Oracle Corporation) HKU\S-1-5-21-3554043997-3257010474-766506353-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23485208 2016-03-30] (Google) HKU\S-1-5-21-3554043997-3257010474-766506353-1001\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399736 2015-10-09] (BitTorrent, Inc.) HKU\S-1-5-21-3554043997-3257010474-766506353-1001\...\Run: [GG] => C:\Users\Arek\AppData\Local\GG\Application\gghub.exe [4078144 2015-10-09] (GG Network S.A.) HKU\S-1-5-21-3554043997-3257010474-766506353-1001\...\Run: [VeraCrypt] => C:\Program Files\VeraCrypt\VeraCrypt.exe [2024928 2015-10-09] (IDRIX) HKU\S-1-5-21-3554043997-3257010474-766506353-1001\...\Run: [Napisy24Update] => C:\Program Files (x86)\Napisy24\Napisy24Update.exe [3709896 2015-11-04] (Napisy24.pl) HKU\S-1-5-21-3554043997-3257010474-766506353-1001\...\Run: [Napisy24.pl] => C:\Program Files (x86)\Napisy24\Napisy24.exe [5588936 2016-01-15] (Napisy24.pl) HKU\S-1-5-21-3554043997-3257010474-766506353-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403304 2016-01-28] (Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-3554043997-3257010474-766506353-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation) HKU\S-1-5-21-3554043997-3257010474-766506353-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-11-21] (Microsoft Corporation) HKU\S-1-5-21-3554043997-3257010474-766506353-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50670720 2016-03-01] (Skype Technologies S.A.) HKU\S-1-5-21-3554043997-3257010474-766506353-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [912920 2016-03-11] (BlueStack Systems, Inc.) HKU\S-1-5-21-3554043997-3257010474-766506353-1001\...\Run: [TomTom MySports Connect.exe] => C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe [3828224 2016-03-14] (TomTom) HKU\S-1-5-21-3554043997-3257010474-766506353-1001\...\MountPoints2: {f219abbc-d8d8-11e5-be86-ac9e1785429d} - "K:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3554043997-3257010474-766506353-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2014-11-21] (Microsoft Corporation) HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403304 2016-01-28] (Garmin Ltd. or its subsidiaries) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-03-30] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-03-30] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-03-30] (Google) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk [2016-04-20] ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe (Wondershare) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 62.179.1.63 62.179.1.62 Tcpip\..\Interfaces\{527C76E2-3176-4C7D-91F0-23AD26BCAA2B}: [DhcpNameServer] 62.179.1.63 62.179.1.62 Internet Explorer: ================== BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\ssv.dll [2016-04-20] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-04-20] (Oracle Corporation) Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hp&ts=1425676910&from=wnf&uid=WDCXWD3200AVVS-73L2B0_WD-WCAV1373858538585","hxxp://www.hohosearch.com/?mode=nnnb&ptid=amz&uid=FF7BB33FD1ABCECA6A21802F55D6E89C&v=20160329&ts=AHEpCHMtBX0pBE..","hxxp://www.google.pl/" CHR Profile: C:\Users\Arek\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Prezentacje Google) - C:\Users\Arek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-09] CHR Extension: (Free Spider Solitaire) - C:\Users\Arek\AppData\Local\Google\Chrome\User Data\Default\Extensions\amdeckclmogddfbaaojamljgnmdilkgf [2015-10-09] CHR Extension: (Dokumenty Google) - C:\Users\Arek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-09] CHR Extension: (Dysk Google) - C:\Users\Arek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (MEGA) - C:\Users\Arek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2016-04-23] CHR Extension: (YouTube) - C:\Users\Arek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-09] CHR Extension: (Adblock Plus) - C:\Users\Arek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-20] CHR Extension: (Google Search) - C:\Users\Arek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28] CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Arek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2016-04-20] CHR Extension: (Solitaire Games) - C:\Users\Arek\AppData\Local\Google\Chrome\User Data\Default\Extensions\eljmkmbmhmgmpmmbkagbobpmpocacdbo [2015-10-09] CHR Extension: (Arkusze Google) - C:\Users\Arek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-09] CHR Extension: (Dokumenty Google offline) - C:\Users\Arek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-20] CHR Extension: (AdBlock) - C:\Users\Arek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-15] CHR Extension: (Page Ruler) - C:\Users\Arek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlpkojjdgbllmedoapgfodplfhcbnbpn [2015-11-04] CHR Extension: (GG Plugin) - C:\Users\Arek\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmcdkdpeihijgkgmmdkbccccjnonjie [2016-03-23] CHR Extension: (The Great Suspender) - C:\Users\Arek\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2015-10-09] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Arek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03] CHR Extension: (Gmail) - C:\Users\Arek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-09] CHR HKU\S-1-5-21-3554043997-3257010474-766506353-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] () S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437784 2016-03-11] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417304 2016-03-11] (BlueStack Systems, Inc.) R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [880152 2016-03-11] (BlueStack Systems, Inc.) R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [803856 2016-01-28] (Garmin Ltd. or its subsidiaries) R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-04-20] (SurfRight B.V.) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319096 2016-03-23] (Intel Corporation) R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe [124168 2016-01-19] (Wondershare) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] () R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154680 2016-03-11] (BlueStack Systems) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-10-09] (REALiX(tm)) R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185896 2016-04-20] (Intel Corporation) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2016-02-03] (Duplex Secure Ltd.) U5 UnlockerDriver5; F:\x64\UnlockerDriver5.sys [12352 2010-07-01] () R0 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [195416 2015-10-09] (IDRIX) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) U5 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.5.6\WsAppService.exe [387072 2015-12-25] (Wondershare) [Brak podpisu cyfrowego] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-04-23 15:36 - 2016-04-23 15:36 - 00000000 ____H C:\ProgramData\cm-lock 2016-04-23 15:34 - 2016-04-23 15:34 - 00010151 _____ C:\Users\Arek\Desktop\Fixlog.txt 2016-04-23 15:20 - 2016-04-23 15:20 - 00508416 _____ C:\Users\Arek\Desktop\SpyHunterCleaner.exe 2016-04-23 15:20 - 2016-04-23 15:20 - 00310784 _____ C:\Users\Arek\Downloads\SpyHunterCleaner-reboot.exe 2016-04-23 15:08 - 2016-04-23 15:08 - 00001864 _____ C:\Users\Arek\Downloads\Banshee.S04E04.PL.720p.HDTV.X264-TVM4iN.torrent 2016-04-23 07:57 - 2016-04-23 07:57 - 00001904 _____ C:\Users\Arek\Downloads\Banshee.S04E04.720p.HDTV.x264-AVS.torrent 2016-04-23 00:57 - 2016-04-23 00:57 - 00006642 _____ C:\Users\Arek\Downloads\vikings_4x10_4x10_n24_pl_94244.zip 2016-04-23 00:41 - 2016-04-23 00:41 - 00002269 _____ C:\Users\Arek\Downloads\Vikings.S04E10.The.Last.Ship.720p.WEB-DL.DD5.1.H264-V.torrent 2016-04-22 20:24 - 2016-04-22 20:24 - 00480507 _____ C:\Users\Arek\Downloads\Dragonball.Z.Battle.of.Z.PAL.XBOX360-COMPLEX.torrent 2016-04-21 20:36 - 2016-04-21 20:36 - 00001734 _____ C:\Users\Arek\Downloads\grid-portrait-letter-4-index.pdf 2016-04-21 20:21 - 2016-04-21 20:21 - 00058983 _____ C:\Users\Arek\Desktop\Shortcut.txt 2016-04-21 20:20 - 2016-04-23 15:44 - 00015471 _____ C:\Users\Arek\Desktop\FRST.txt 2016-04-21 20:20 - 2016-04-23 15:44 - 00000000 ____D C:\FRST 2016-04-21 20:20 - 2016-04-21 20:21 - 00039733 _____ C:\Users\Arek\Desktop\Addition.txt 2016-04-21 08:49 - 2016-04-21 08:49 - 00001857 _____ C:\Users\Arek\Downloads\The.Americans.2013.S04E06.720p.HDTV.x264-AVS.torrent 2016-04-21 05:37 - 2016-04-21 05:37 - 01399572 _____ C:\Users\Arek\Downloads\CCF20160420_00005.pdf 2016-04-21 05:37 - 2016-04-21 05:37 - 01148351 _____ C:\Users\Arek\Downloads\CCF20160420_00006.pdf 2016-04-20 21:40 - 2016-04-20 21:40 - 00039438 _____ C:\Users\Arek\Downloads\Addition (1).txt 2016-04-20 14:23 - 2016-04-20 14:23 - 00380928 _____ C:\Users\Arek\Desktop\bec2kzkg.exe 2016-04-20 12:44 - 2016-04-20 13:06 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2016-04-20 12:44 - 2016-04-20 12:58 - 00000000 ____D C:\Users\Arek\Desktop\mbar 2016-04-20 12:42 - 2016-04-20 12:42 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Arek\Downloads\mbar-1.09.3.1001.exe 2016-04-20 11:01 - 2016-04-20 11:01 - 00077361 _____ C:\Users\Arek\Documents\FRST.txt 2016-04-20 10:39 - 2016-04-20 10:39 - 00002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-04-20 10:39 - 2016-04-20 10:39 - 00002281 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-04-20 10:24 - 2016-04-20 10:26 - 00000000 ____D C:\AdwCleaner 2016-04-20 10:24 - 2016-04-20 10:24 - 03683904 _____ C:\Users\Arek\Downloads\adwcleaner_5.112.exe 2016-04-20 10:20 - 2016-04-20 10:20 - 02375680 _____ (Farbar) C:\Users\Arek\Desktop\FRST64.exe 2016-04-20 10:10 - 2016-04-20 10:10 - 00185896 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys 2016-04-20 10:03 - 2016-04-20 10:03 - 00000080 _____ C:\Users\Public\Desktop\uTorrent.lnk 2016-04-20 10:02 - 2016-04-20 10:02 - 00000080 _____ C:\Users\Arek\Desktop\MonopolyPB - skrót.lnk 2016-04-20 09:53 - 2016-04-20 12:44 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-04-20 09:48 - 2016-04-20 12:44 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-04-20 09:48 - 2016-04-20 10:03 - 00001108 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-04-20 09:48 - 2016-04-20 09:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-04-20 09:48 - 2016-04-20 09:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-04-20 09:48 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-04-20 09:48 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-04-20 09:45 - 2016-04-20 09:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro.Alert 2016-04-20 09:45 - 2016-04-20 09:45 - 00848080 _____ (SurfRight B.V.) C:\WINDOWS\system32\hmpalert.dll 2016-04-20 09:45 - 2016-04-20 09:45 - 00767184 _____ (SurfRight B.V.) C:\WINDOWS\SysWOW64\hmpalert.dll 2016-04-20 09:45 - 2016-04-20 09:45 - 00177040 _____ (SurfRight B.V.) C:\WINDOWS\system32\Drivers\hmpalert.sys 2016-04-20 09:45 - 2016-04-20 09:45 - 00080424 _____ (SurfRight B.V.) C:\WINDOWS\system32\Drivers\hmpnet.sys 2016-04-20 09:45 - 2016-04-20 09:45 - 00000000 ____D C:\Program Files (x86)\HitmanPro.Alert 2016-04-20 09:41 - 2016-04-20 10:03 - 00001941 _____ C:\Users\Public\Desktop\HitmanPro.lnk 2016-04-20 09:41 - 2016-04-20 09:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro 2016-04-20 09:41 - 2016-04-20 09:41 - 00000000 ____D C:\Program Files\HitmanPro 2016-04-20 07:54 - 2016-04-20 07:54 - 00098090 _____ C:\Users\Arek\Downloads\Faktura VAT sprzedaży (FS) FS 2016-03-000108 (1).pdf 2016-04-19 23:01 - 2016-04-19 23:01 - 22851472 _____ (Malwarebytes ) C:\Users\Arek\Downloads\mbam-setup-2.2.1.1043.exe 2016-04-19 23:01 - 2016-04-19 23:01 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-04-19 21:27 - 2016-04-19 21:27 - 00000000 _____ C:\autoexec.bat 2016-04-12 10:54 - 2016-04-20 10:03 - 00002307 _____ C:\Users\Arek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Suite.lnk 2016-04-12 10:54 - 2016-04-20 10:03 - 00002022 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Suite.lnk 2016-04-12 10:54 - 2016-04-20 10:03 - 00001264 _____ C:\Users\Public\Desktop\NCH Suite.lnk 2016-04-12 10:54 - 2016-04-20 10:03 - 00001138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Switch Sound File Converter.lnk 2016-04-12 10:54 - 2016-04-20 10:03 - 00001132 _____ C:\Users\Public\Desktop\Switch Sound File Converter.lnk 2016-04-12 10:54 - 2016-04-19 10:54 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software 2016-04-12 10:54 - 2016-04-12 10:54 - 00000000 ____D C:\Users\Arek\AppData\Roaming\NCH Software 2016-04-12 10:54 - 2016-04-12 10:54 - 00000000 ____D C:\ProgramData\NCH Software 2016-04-12 10:54 - 2016-04-12 10:54 - 00000000 ____D C:\Program Files (x86)\NCH Software 2016-04-12 10:53 - 2016-04-12 10:53 - 00639224 _____ (NCH Software) C:\Users\Arek\Downloads\switchsetup.exe 2016-04-12 10:52 - 2016-04-20 10:03 - 00001151 _____ C:\Users\Public\Desktop\Free MP4 MP3 Converter.lnk 2016-04-12 10:52 - 2016-04-12 10:52 - 06243904 _____ C:\Users\Arek\Downloads\free-mp4-mp3-converter-setup.exe 2016-04-12 10:52 - 2016-04-12 10:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free MP4 MP3 Converter 2016-04-12 10:52 - 2016-04-12 10:52 - 00000000 ____D C:\Program Files (x86)\free-mp4-mp3-converter 2016-04-12 10:47 - 2016-04-12 10:47 - 01800973 _____ C:\Users\Arek\Documents\okejlinia.wma 2016-04-12 09:31 - 2016-04-12 09:31 - 01841383 _____ C:\Users\Arek\Documents\okej.wma 2016-04-12 09:05 - 2016-04-12 09:05 - 01787503 _____ C:\Users\Arek\Documents\omniesie nie martw.wma 2016-04-12 08:46 - 2016-04-12 08:46 - 72203792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat 2016-04-12 08:46 - 2016-04-12 08:46 - 07172920 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 06343320 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV3apo.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 05777704 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 05576400 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT 2016-04-12 08:46 - 2016-04-12 08:46 - 05289952 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 04803840 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys 2016-04-12 08:46 - 2016-04-12 08:46 - 03299832 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 03283248 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 03198720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 03081808 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 02894976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl 2016-04-12 08:46 - 2016-04-12 08:46 - 02714568 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 02190992 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 02110600 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 02049664 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 01943624 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 01435152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 01382240 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 01356512 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 01330072 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 01022872 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 01003864 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00965032 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00927424 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00888480 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaeapo64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00873472 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00716104 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00596120 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosasfapo64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00589080 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.DLL 2016-04-12 08:46 - 2016-04-12 08:46 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00467168 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00450128 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00381416 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00341160 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00341160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00258504 _____ (TODO: ) C:\WINDOWS\system32\slprp64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00231920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00224264 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaemaxapo64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00221976 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00214840 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00192992 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00172584 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\toseaeapo64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00158704 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00151792 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00134208 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00090920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00088328 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00084624 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00075544 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll 2016-04-12 08:46 - 2016-04-12 08:46 - 00023704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll 2016-04-12 08:45 - 2016-04-12 08:46 - 00923752 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 14057256 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 13120760 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 12986528 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 10521552 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSSTAPO.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 07096192 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 06264640 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 05338936 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 03282032 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 02823280 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 02437144 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 02050184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 01965816 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 01959608 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 01780624 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 01601952 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 01591064 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 01508936 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 01421104 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 01334384 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 01211840 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 01186168 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSstCApoPropPage.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 01164336 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 01060504 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00998032 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00931624 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00743968 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00727440 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00708320 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00678192 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00677680 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00618192 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00514528 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00504312 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00500560 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00471336 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00445408 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00441272 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00428232 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00416512 _____ (Harman) C:\WINDOWS\system32\HMUI.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00370840 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00366128 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00362056 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00360352 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00330568 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00327464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00310424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00272720 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00253904 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00253872 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00252880 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00203848 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00190944 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00190944 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00179608 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00122328 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00118600 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00105312 _____ C:\WINDOWS\system32\audioLibVc.dll 2016-04-12 08:45 - 2016-04-12 08:45 - 00065792 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll 2016-04-12 08:27 - 2016-04-20 10:03 - 00001019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk 2016-04-12 08:27 - 2016-04-20 10:03 - 00001013 _____ C:\Users\Public\Desktop\Audacity.lnk 2016-04-12 08:27 - 2016-04-12 08:31 - 00000000 ____D C:\Users\Arek\AppData\Roaming\Audacity 2016-04-12 08:26 - 2016-04-12 08:27 - 00000000 ____D C:\Program Files (x86)\Audacity 2016-04-11 19:19 - 2016-04-11 19:23 - 24210616 _____ (Audacity Team ) C:\Users\Arek\Downloads\audacity-win-2.1.0.exe 2016-04-11 19:10 - 2016-04-11 19:10 - 25145940 _____ C:\Users\Arek\Downloads\MARGARET - O MNIE SI- NIE MARTW.wav 2016-04-11 19:09 - 2016-04-11 19:09 - 01378561 _____ C:\Users\Arek\Downloads\Wavosaur.1.1.0.0-x64(en).zip 2016-04-09 17:31 - 2016-04-09 17:31 - 00000000 ____D C:\Users\Arek\.thumbnails 2016-04-09 17:20 - 2016-04-09 17:20 - 83722580 _____ C:\Users\Arek\Downloads\blender-2.77a-windows64.msi 2016-04-09 17:00 - 2016-04-20 10:03 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-04-09 17:00 - 2016-04-20 10:03 - 00002061 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2016-04-09 17:00 - 2016-04-09 17:01 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2016-04-09 17:00 - 2016-04-09 17:00 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-04-09 16:54 - 2016-04-09 16:54 - 00987728 _____ (Google Inc.) C:\Users\Arek\Downloads\googledrivesync (1).exe 2016-04-07 21:31 - 2016-04-07 21:31 - 24479842 _____ C:\Users\Arek\Downloads\lvl2 pc (2).avi 2016-04-04 15:24 - 2016-04-04 15:24 - 00020884 _____ C:\Users\Arek\Downloads\konkurs tanca.odt 2016-04-03 22:58 - 2016-04-20 10:03 - 00002045 _____ C:\Users\Public\Desktop\Action!.lnk 2016-04-03 22:58 - 2016-04-03 22:58 - 00000000 ____D C:\Users\Arek\AppData\Roaming\Mirillis 2016-04-03 22:58 - 2016-04-03 22:58 - 00000000 ____D C:\Users\Arek\AppData\Local\Mirillis 2016-04-03 22:58 - 2016-04-03 22:58 - 00000000 ____D C:\ProgramData\Mirillis 2016-04-03 22:58 - 2016-04-03 22:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis 2016-04-03 22:58 - 2016-04-03 22:58 - 00000000 ____D C:\Action! 2016-04-03 22:57 - 2016-04-03 22:57 - 00000000 ____D C:\Program Files (x86)\Mirillis 2016-04-03 22:18 - 2016-04-03 22:18 - 54879416 _____ C:\Users\Arek\Downloads\TomTomMySportsConnectInstaller (2).exe 2016-04-03 22:11 - 2016-04-03 22:11 - 54879416 _____ C:\Users\Arek\Downloads\TomTomMySportsConnectInstaller (1).exe 2016-04-03 20:54 - 2016-04-03 20:54 - 00113964 _____ C:\Users\Arek\Downloads\unlocker1.9.0-portable.zip 2016-04-03 20:44 - 2016-04-19 20:49 - 00019784 _____ C:\WINDOWS\system32\.crusader 2016-04-03 18:10 - 2016-04-03 22:22 - 00000000 ____D C:\Users\Arek\TomTom MySports 2016-04-03 18:10 - 2016-04-03 22:18 - 00000000 ____D C:\Program Files (x86)\TomTom 2016-04-03 18:10 - 2016-04-03 18:10 - 54879416 _____ C:\Users\Arek\Downloads\TomTomMySportsConnectInstaller.exe 2016-04-03 18:10 - 2016-04-03 18:10 - 00000000 ____D C:\Users\Arek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TomTom 2016-04-03 18:10 - 2016-04-03 18:10 - 00000000 ____D C:\Users\Arek\AppData\Local\TomTom 2016-04-03 18:10 - 2016-04-03 18:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom 2016-04-03 18:10 - 2016-04-03 18:10 - 00000000 ____D C:\Program Files (x86)\TomTom International B.V 2016-04-03 17:36 - 2016-04-20 10:03 - 00001096 _____ C:\Users\Public\Desktop\ReMouse Standard.lnk 2016-04-03 17:36 - 2016-04-03 17:36 - 00000000 ____D C:\Users\Arek\Documents\AutomaticSolution Software 2016-04-03 17:36 - 2016-04-03 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReMouse Standard 2016-04-03 17:36 - 2016-04-03 17:36 - 00000000 ____D C:\Program Files (x86)\ReMouse Standard 2016-04-03 17:05 - 2016-04-03 17:05 - 00716515 _____ C:\Users\Arek\Downloads\ReMouse Standard V3 Downloader.zip 2016-04-03 17:04 - 2016-04-03 17:04 - 01162728 _____ (AutomaticSolution Software ) C:\Users\Arek\Downloads\ReMouseStandard-Setup.exe 2016-03-30 22:06 - 2016-03-30 22:06 - 00054543 _____ C:\Users\Arek\Downloads\2016-03-30-272041.pdf 2016-03-30 12:48 - 2016-04-12 08:47 - 00000000 ____D C:\WINDOWS\LastGood 2016-03-30 11:18 - 2016-03-30 11:18 - 00084032 _____ C:\Users\Arek\Downloads\Faktura_nr_0086_16.pdf 2016-03-30 09:44 - 2016-03-30 09:44 - 00018503 _____ C:\Users\Arek\Downloads\the_good_wife_7x17_7x17_n24_pl_93660.zip 2016-03-28 10:53 - 2016-03-28 10:53 - 03757491 _____ (Napisy24.pl ) C:\Users\Arek\Downloads\Napisy24 (2).exe 2016-03-26 16:39 - 2016-03-26 16:39 - 00097801 _____ C:\Users\Arek\Downloads\gg.jpeg 2016-03-24 11:34 - 2016-03-24 11:34 - 00287112 _____ C:\WINDOWS\Minidump\032416-6625-01.dmp ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-04-23 15:44 - 2015-10-09 10:58 - 00000000 ____D C:\Users\Arek\AppData\Roaming\uTorrent 2016-04-23 15:42 - 2015-10-09 10:04 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3554043997-3257010474-766506353-1001 2016-04-23 15:42 - 2014-11-21 06:46 - 01849980 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-04-23 15:42 - 2014-11-21 06:07 - 00818158 _____ C:\WINDOWS\system32\perfh015.dat 2016-04-23 15:42 - 2014-11-21 06:07 - 00167290 _____ C:\WINDOWS\system32\perfc015.dat 2016-04-23 15:42 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf 2016-04-23 15:41 - 2015-10-09 10:57 - 00000000 ____D C:\ProgramData\BlueStacksSetup 2016-04-23 15:40 - 2015-10-09 10:48 - 00003246 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler 2016-04-23 15:40 - 2015-10-09 10:48 - 00002878 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Arek) 2016-04-23 15:37 - 2015-10-09 12:40 - 00000000 ____D C:\Users\Arek\AppData\Roaming\Skype 2016-04-23 15:36 - 2015-12-09 10:24 - 00000008 __RSH C:\ProgramData\ntuser.pol 2016-04-23 15:36 - 2015-11-01 21:35 - 00000000 ____D C:\Program Files (x86)\Steam 2016-04-23 15:36 - 2015-10-09 12:02 - 00000000 __SHD C:\Users\Arek\IntelGraphicsProfiles 2016-04-23 15:36 - 2015-10-09 09:54 - 00000000 ___RD C:\Users\Arek\Dysk Google 2016-04-23 15:36 - 2015-10-09 09:52 - 00001076 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-04-23 15:36 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-04-23 15:34 - 2013-08-22 17:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2016-04-23 15:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2016-04-23 15:33 - 2015-10-09 10:59 - 00000000 ____D C:\Users\Arek\AppData\Roaming\GG 2016-04-23 15:33 - 2015-10-09 10:59 - 00000000 ____D C:\Users\Arek\AppData\Local\GG 2016-04-23 15:22 - 2015-10-15 22:45 - 00000000 ____D C:\ProgramData\Napisy24 2016-04-23 15:10 - 2015-10-09 09:52 - 00001080 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-04-23 15:08 - 2015-10-14 09:41 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-04-22 20:44 - 2015-10-09 15:58 - 00000000 ____D C:\Users\Arek\Documents\Bandicam 2016-04-21 06:12 - 2015-10-20 10:17 - 00000000 ____D C:\Users\Arek\AppData\Roaming\abgx360 2016-04-20 10:39 - 2015-10-09 09:52 - 00000000 ____D C:\Program Files (x86)\Google 2016-04-20 10:26 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-04-20 10:11 - 2015-11-24 11:46 - 00000000 ____D C:\Users\Arek\.oracle_jre_usage 2016-04-20 10:11 - 2015-10-09 10:48 - 00002178 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk 2016-04-20 10:10 - 2015-11-24 11:46 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-04-20 10:10 - 2015-11-24 11:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-04-20 10:10 - 2015-11-24 11:46 - 00000000 ____D C:\Program Files (x86)\Java 2016-04-20 10:07 - 2015-10-09 10:50 - 00000000 ____D C:\ProgramData\ProductData 2016-04-20 10:03 - 2016-03-20 18:49 - 00001653 _____ C:\Users\Public\Desktop\BlueStacks.lnk 2016-04-20 10:03 - 2016-01-25 00:54 - 00001169 _____ C:\Users\Public\Desktop\Wondershare MobileGo.lnk 2016-04-20 10:03 - 2016-01-15 10:32 - 00001103 _____ C:\Users\Public\Desktop\Spybot Anti-Beacon.lnk 2016-04-20 10:03 - 2016-01-11 21:03 - 00001084 _____ C:\Users\Public\Desktop\GWX Control Panel.lnk 2016-04-20 10:03 - 2015-12-27 20:59 - 00001275 _____ C:\Users\Public\Desktop\Monopoly by Parker Brothers.lnk 2016-04-20 10:03 - 2015-11-11 16:37 - 00001988 _____ C:\Users\Public\Desktop\SeaMonkey.lnk 2016-04-20 10:03 - 2015-11-06 17:19 - 00001013 _____ C:\Users\Public\Desktop\Fakturka.lnk 2016-04-20 10:03 - 2015-11-03 21:24 - 00001013 _____ C:\Users\Public\Desktop\UltraISO.lnk 2016-04-20 10:03 - 2015-11-01 21:35 - 00000969 _____ C:\Users\Public\Desktop\Steam.lnk 2016-04-20 10:03 - 2015-10-22 10:39 - 00001900 _____ C:\Users\Public\Desktop\Garmin Express.lnk 2016-04-20 10:03 - 2015-10-15 22:45 - 00001013 _____ C:\Users\Public\Desktop\Napisy24.pl.lnk 2016-04-20 10:03 - 2015-10-15 11:22 - 00001116 _____ C:\Users\Public\Desktop\Picasa 3.lnk 2016-04-20 10:03 - 2015-10-11 23:39 - 00000985 _____ C:\Users\Public\Desktop\Winamp.lnk 2016-04-20 10:03 - 2015-10-10 11:27 - 00001083 _____ C:\Users\Public\Desktop\EaseUS Data Recovery Wizard 9.5.lnk 2016-04-20 10:03 - 2015-10-10 10:23 - 00001189 _____ C:\Users\Public\Desktop\iCare data Recovery Software Professional.lnk 2016-04-20 10:03 - 2015-10-09 13:22 - 00001450 _____ C:\Users\Arek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-04-20 10:03 - 2015-10-09 13:17 - 00001535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-04-20 10:03 - 2015-10-09 13:16 - 00000469 _____ C:\Users\Arek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2016-04-20 10:03 - 2015-10-09 13:16 - 00000467 _____ C:\Users\Arek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2016-04-20 10:03 - 2015-10-09 12:40 - 00002709 _____ C:\Users\Public\Desktop\Skype.lnk 2016-04-20 10:03 - 2015-10-09 10:59 - 00001145 _____ C:\Users\Arek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk 2016-04-20 10:03 - 2015-10-09 10:46 - 00001865 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk 2016-04-20 10:03 - 2015-10-09 10:46 - 00001859 _____ C:\Users\Public\Desktop\ImgBurn.lnk 2016-04-20 10:03 - 2015-10-09 09:57 - 00000885 _____ C:\Users\Public\Desktop\VeraCrypt.lnk 2016-04-20 10:03 - 2015-10-09 09:54 - 00002052 _____ C:\Users\Public\Desktop\Google Slides.lnk 2016-04-20 10:03 - 2015-10-09 09:54 - 00002050 _____ C:\Users\Public\Desktop\Google Sheets.lnk 2016-04-20 10:03 - 2015-10-09 09:54 - 00002040 _____ C:\Users\Public\Desktop\Google Docs.lnk 2016-04-20 10:02 - 2015-10-10 10:39 - 00001252 _____ C:\Users\Arek\Desktop\Recover My Files v5.lnk 2016-04-20 10:02 - 2015-10-10 00:59 - 00000982 _____ C:\Users\Arek\Desktop\NapiProjekt.lnk 2016-04-20 10:02 - 2015-10-09 15:58 - 00001000 _____ C:\Users\Arek\Desktop\Bandicam.lnk 2016-04-20 10:02 - 2015-10-09 11:06 - 00001007 _____ C:\Users\Arek\Desktop\SpeedFan.lnk 2016-04-20 10:02 - 2015-10-09 11:01 - 00001699 _____ C:\Users\Arek\Desktop\GG dysk.lnk 2016-04-20 10:02 - 2015-10-09 10:59 - 00001137 _____ C:\Users\Arek\Desktop\GG.lnk 2016-04-20 10:02 - 2015-10-09 10:56 - 00001033 _____ C:\Users\Arek\Desktop\HD Tune Pro.lnk 2016-04-20 10:02 - 2015-10-09 10:42 - 00001005 _____ C:\Users\Arek\Desktop\Total Commander 64 bit.lnk 2016-04-20 10:02 - 2015-10-09 09:54 - 00001916 _____ C:\Users\Arek\Desktop\Dysk Google.lnk 2016-04-20 10:02 - 2013-08-22 16:45 - 00000000 ____D C:\WINDOWS\Setup 2016-04-20 09:43 - 2015-12-12 12:01 - 00000000 ____D C:\WINDOWS\system32\appmgmt 2016-04-19 21:26 - 2015-10-09 13:16 - 00000000 ____D C:\Users\Arek 2016-04-14 01:45 - 2015-10-09 10:57 - 00453280 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2016-04-13 10:44 - 2015-10-09 09:51 - 00000000 ____D C:\Users\Arek\AppData\Local\VirtualStore 2016-04-12 09:09 - 2015-10-09 11:01 - 00000000 ____D C:\ProgramData\Adobe 2016-04-12 08:47 - 2015-10-09 13:14 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2016-04-12 08:47 - 2015-10-09 13:14 - 00000000 ____D C:\WINDOWS\system32\DAX2 2016-04-12 08:27 - 2016-03-14 22:06 - 00000000 ____D C:\Users\Arek\Downloads\a 2016-04-12 08:27 - 2015-10-31 15:17 - 01117184 ___SH C:\Users\Arek\Downloads\Thumbs.db 2016-04-09 17:00 - 2015-10-09 11:02 - 00000000 ____D C:\Users\Arek\AppData\Local\Adobe 2016-04-09 16:59 - 2015-10-09 12:40 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-04-09 16:59 - 2015-10-09 12:40 - 00000000 ____D C:\ProgramData\Skype 2016-04-09 16:55 - 2015-10-09 09:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2016-04-08 18:08 - 2015-10-14 09:41 - 00003818 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2016-04-03 20:46 - 2013-08-22 16:44 - 00381704 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-03-28 10:53 - 2015-10-15 22:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Napisy24 2016-03-28 10:53 - 2015-10-15 22:45 - 00000000 ____D C:\Program Files (x86)\Napisy24 2016-03-24 11:34 - 2016-02-04 11:37 - 00000000 ____D C:\WINDOWS\Minidump 2016-03-24 11:34 - 2015-10-09 12:02 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat ==================== Pliki w katalogu głównym wybranych folderów ======= 2016-04-23 15:36 - 2016-04-23 15:36 - 0000000 ____H () C:\ProgramData\cm-lock 2015-10-09 13:14 - 2015-10-09 13:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-04-23 03:14 ==================== Koniec FRST.txt ============================