Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 14-08-2016 Uruchomiony przez admin (administrator) DESKTOP-DLR2A7G (15-08-2016 12:10:59) Uruchomiony z D:\Users\admin\Desktop\wir Załadowane profile: admin (Dostępne profile: admin) Platform: Windows 10 Home Wersja 1511 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe (Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (Andrea Vacondio) C:\Program Files\PDFsam Enhanced\creator-ws.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe (WFini LIMITED) C:\ProgramData\XwinpX\WFini.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe () C:\Program Files (x86)\WinSaber\WinSaber.exe (ANDREA VACONDIO) C:\ProgramData\ANDREA VACONDIO\PDFsam Manager\PDFsam Enhanced\PDFsam Manager.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Akamai Technologies, Inc.) C:\Users\admin\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\admin\AppData\Local\Akamai\netsession_win.exe () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe (Creative Technology Ltd.) C:\Windows\V0770Mon.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8529152 2015-10-03] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM-x32\...\Run: [V0770Mon.exe] => C:\WINDOWS\V0770Mon.exe HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9071752 2016-08-15] (AVAST Software) HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-04-08] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2013-03-22] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1944576 2013-03-07] (Brother Industries, Ltd.) HKLM-x32\...\Run: [Live! Central 3] => C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe [461312 2013-08-15] (Creative Technology Ltd) HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1136552 2015-11-12] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [522784 2015-11-17] (Autodesk Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation) HKU\S-1-5-21-4038774321-322845962-4165907321-1001\...\Run: [Spotify Web Helper] => C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2541160 2015-10-06] (Spotify Ltd) HKU\S-1-5-21-4038774321-322845962-4165907321-1001\...\Run: [Spotify] => C:\Users\admin\AppData\Roaming\Spotify\Spotify.exe [7660648 2015-10-06] (Spotify Ltd) HKU\S-1-5-21-4038774321-322845962-4165907321-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation) HKU\S-1-5-21-4038774321-322845962-4165907321-1001\...\Run: [Akamai NetSession Interface] => C:\Users\admin\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-4038774321-322845962-4165907321-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.) HKU\S-1-5-21-4038774321-322845962-4165907321-1001\...\RunOnce: [Uninstall C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64" ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-08-15] (AVAST Software) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [Uchwyt nakładania ikony podpisu cyfrowego] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2015-10-07] ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{659e648f-4856-43ed-9309-5e15ffaaaaa0}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{d447df48-f526-48ee-a3ce-f9c3c8b4d57b}: [DhcpNameServer] 87.204.204.204 194.204.152.34 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1471250121&z=e1fb4aeb0cda5c2ed0acbedgczbmfg5oaw2e8gaoew&from=wpm0616&uid=ADATAXSP550_1F3320111080 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1471250121&z=e1fb4aeb0cda5c2ed0acbedgczbmfg5oaw2e8gaoew&from=wpm0616&uid=ADATAXSP550_1F3320111080 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1469185531&z=d3e4d8aee9d024fc9ed7ee3g4zaq9t6geb5w6wcc2g&from=ihpm0722&uid=ADATAXSP550_1F3320111080&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1471250121&z=e1fb4aeb0cda5c2ed0acbedgczbmfg5oaw2e8gaoew&from=wpm0616&uid=ADATAXSP550_1F3320111080&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1471250121&z=e1fb4aeb0cda5c2ed0acbedgczbmfg5oaw2e8gaoew&from=wpm0616&uid=ADATAXSP550_1F3320111080 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1471250121&z=e1fb4aeb0cda5c2ed0acbedgczbmfg5oaw2e8gaoew&from=wpm0616&uid=ADATAXSP550_1F3320111080 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1469185531&z=d3e4d8aee9d024fc9ed7ee3g4zaq9t6geb5w6wcc2g&from=ihpm0722&uid=ADATAXSP550_1F3320111080&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1471250121&z=e1fb4aeb0cda5c2ed0acbedgczbmfg5oaw2e8gaoew&from=wpm0616&uid=ADATAXSP550_1F3320111080&q={searchTerms} HKU\S-1-5-21-4038774321-322845962-4165907321-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1471250121&z=e1fb4aeb0cda5c2ed0acbedgczbmfg5oaw2e8gaoew&from=wpm0616&uid=ADATAXSP550_1F3320111080&q={searchTerms} HKU\S-1-5-21-4038774321-322845962-4165907321-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1471250121&z=e1fb4aeb0cda5c2ed0acbedgczbmfg5oaw2e8gaoew&from=wpm0616&uid=ADATAXSP550_1F3320111080 HKU\S-1-5-21-4038774321-322845962-4165907321-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://search.avast.com/AV772/ HKU\S-1-5-21-4038774321-322845962-4165907321-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1471250121&z=e1fb4aeb0cda5c2ed0acbedgczbmfg5oaw2e8gaoew&from=wpm0616&uid=ADATAXSP550_1F3320111080 HKU\S-1-5-21-4038774321-322845962-4165907321-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1471250121&z=e1fb4aeb0cda5c2ed0acbedgczbmfg5oaw2e8gaoew&from=wpm0616&uid=ADATAXSP550_1F3320111080&q={searchTerms} SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1469185531&z=d3e4d8aee9d024fc9ed7ee3g4zaq9t6geb5w6wcc2g&from=ihpm0722&uid=ADATAXSP550_1F3320111080&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1469185531&z=d3e4d8aee9d024fc9ed7ee3g4zaq9t6geb5w6wcc2g&from=ihpm0722&uid=ADATAXSP550_1F3320111080&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1471250121&z=e1fb4aeb0cda5c2ed0acbedgczbmfg5oaw2e8gaoew&from=wpm0616&uid=ADATAXSP550_1F3320111080&q={searchTerms} SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1471250121&z=e1fb4aeb0cda5c2ed0acbedgczbmfg5oaw2e8gaoew&from=wpm0616&uid=ADATAXSP550_1F3320111080&q={searchTerms} SearchScopes: HKLM-x32 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms} SearchScopes: HKU\S-1-5-21-4038774321-322845962-4165907321-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1471250121&z=e1fb4aeb0cda5c2ed0acbedgczbmfg5oaw2e8gaoew&from=wpm0616&uid=ADATAXSP550_1F3320111080&q={searchTerms} SearchScopes: HKU\S-1-5-21-4038774321-322845962-4165907321-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1471250121&z=e1fb4aeb0cda5c2ed0acbedgczbmfg5oaw2e8gaoew&from=wpm0616&uid=ADATAXSP550_1F3320111080&q={searchTerms} SearchScopes: HKU\S-1-5-21-4038774321-322845962-4165907321-1001 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-22] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-22] (Oracle Corporation) BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nuesearch.com/?type=sc&ts=1469185531&z=d3e4d8aee9d024fc9ed7ee3g4zaq9t6geb5w6wcc2g&from=ihpm0722&uid=ADATAXSP550_1F3320111080 Edge: ====== Edge HomeButtonPage: HKU\S-1-5-21-4038774321-322845962-4165907321-1001 -> hxxp://www.nuesearch.com/?type=hp&ts=1469185531&z=d3e4d8aee9d024fc9ed7ee3g4zaq9t6geb5w6wcc2g&from=ihpm0722&uid=ADATAXSP550_1F3320111080 FireFox: ======== FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\p4lr2xwy.default FF NewTab: about:newtab FF DefaultSearchEngine: Google FF DefaultSearchUrl: hxxps://www.google.com/search?bcutc=sp-006 FF SearchEngineOrder.1: Google FF SelectedSearchEngine: Google FF Homepage: hxxps://www.google.com/?bcutc=sp-006 FF Keyword.URL: hxxps://www.google.com/search?bcutc=sp-006 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] () FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-22] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-22] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] () FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-07-28] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-07-28] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-07-28] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-07-28] (Foxit Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-07-26] (Nitro PDF) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-29] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-29] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.) FF Plugin-x32: PDFsam Enhanced -> C:\Program Files (x86)\PDFsam Enhanced\np-previewer.dll [2016-02-25] (Andrea Vacondio) FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\p4lr2xwy.default\searchplugins\avast-search.xml [2016-07-22] FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\p4lr2xwy.default\searchplugins\google-avast.xml [2016-08-14] FF Extension: Pinterest Guest - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\p4lr2xwy.default\Extensions\jid1-SWdspnBEetWxoA@jetpack.xpi [2016-08-15] FF Extension: Share Button for Pinterest - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\p4lr2xwy.default\Extensions\{677a8f98-fd64-40b0-a883-b8c95d0cbf17}.xpi [2016-08-15] FF Extension: Adblock Plus - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\p4lr2xwy.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-08-15] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-15] FF HKLM\...\Firefox\Extensions: [pdfsam_enhanced_conv@pdfsam.com] - C:\Program Files\PDFsam Enhanced\resources\pdfsamenhancedfirefoxextension FF Extension: PDFsam Enhanced Creator - C:\Program Files\PDFsam Enhanced\resources\pdfsamenhancedfirefoxextension [2016-04-05] [Brak podpisu cyfrowego] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-15] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.nuesearch.com/?type=sc&ts=1471250121&z=e1fb4aeb0cda5c2ed0acbedgczbmfg5oaw2e8gaoew&from=wpm0616&uid=ADATAXSP550_1F3320111080 Chrome: ======= CHR HomePage: Default -> hxxp://www.nuesearch.com/?type=hp&ts=1469185531&z=d3e4d8aee9d024fc9ed7ee3g4zaq9t6geb5w6wcc2g&from=ihpm0722&uid=ADATAXSP550_1F3320111080 CHR StartupUrls: Default -> "hxxp://www.nuesearch.com/?type=hp&ts=1469185531&z=d3e4d8aee9d024fc9ed7ee3g4zaq9t6geb5w6wcc2g&from=ihpm0722&uid=ADATAXSP550_1F3320111080" CHR Session Restore: Default -> [funkcja włączona] CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Prezentacje Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-05] CHR Extension: (Dokumenty Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-18] CHR Extension: (Dysk Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-15] CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-18] CHR Extension: (Google Search) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-08-15] CHR Extension: (Avast Online Security) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2016-08-15] CHR Extension: (Avast SafePrice) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-08-15] CHR Extension: (Arkusze Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-05] CHR Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-15] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-15] CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-18] CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.nuesearch.com/?type=sc&ts=1471250121&z=e1fb4aeb0cda5c2ed0acbedgczbmfg5oaw2e8gaoew&from=wpm0616&uid=ADATAXSP550_1F3320111080 ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1139744 2015-11-17] (Autodesk Inc.) S3 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [85096 2015-10-06] (Autodesk) S3 Autodesk Network Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskNetSrv.exe [902760 2006-08-11] (Autodesk, Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197640 2016-08-15] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [224112 2016-08-15] (AVAST Software) R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1046952 2015-11-12] (AVG Technologies CZ, s.r.o.) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1648840 2016-08-05] (Foxit Software Inc.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-10-03] (Intel Corporation) R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation) R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.) S3 PDFsam Enhanced; C:\Program Files\PDFsam Enhanced\ws.exe [2320448 2016-02-25] (Andrea Vacondio) S3 PDFsam Enhanced CrashHandler; C:\Program Files\PDFsam Enhanced\crash-handler-ws.exe [921664 2016-02-25] (Andrea Vacondio) R2 PDFsam Enhanced Creator; C:\Program Files\PDFsam Enhanced\creator-ws.exe [734272 2016-02-25] (Andrea Vacondio) R2 PDFsam Manager; C:\ProgramData\ANDREA VACONDIO\PDFsam Manager\PDFsam Enhanced\PDFsam Manager.exe [1050224 2015-11-13] (ANDREA VACONDIO) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH) R2 WdMan; C:\ProgramData\XwinpX\WFini.exe [541928 2016-08-15] (WFini LIMITED) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation) R2 winsaber; C:\Program Files (x86)\WinSaber\WinSaber.exe [427256 2016-08-15] () S2 Winsere; C:\Program Files (x86)\Winsere\Winsere\Winsere.exe [316984 2016-03-23] () ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-08-15] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-08-15] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-08-15] (AVAST Software) R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [453192 2016-08-15] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-08-15] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-15] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [968536 2016-08-15] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-08-15] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-08-15] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-15] (AVAST Software) S3 AX88772; C:\Windows\System32\drivers\ax88772.sys [111616 2015-10-30] (ASIX Electronics Corp.) R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-10-30] (Microsoft Corporation) R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-10-30] (Microsoft Corporation) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2015-10-03] (Intel Corporation) R3 netr28ux; C:\Windows\system32\DRIVERS\netr28ux.sys [2241848 2015-10-07] (MediaTek Inc.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek ) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.) R3 V0770Vid; C:\Windows\system32\DRIVERS\V0770Vid.sys [390136 2015-12-06] (Creative Technology Ltd.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-08-15 12:09 - 2016-08-15 12:10 - 00000000 ____D C:\FRST 2016-08-15 11:54 - 2015-11-16 17:18 - 00016376 _____ (TeamViewer GmbH) C:\WINDOWS\system32\Drivers\TVMonitor.sys 2016-08-15 11:50 - 2016-08-15 11:50 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2016-08-15 11:50 - 2016-08-15 11:50 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2016-08-15 10:35 - 2016-08-15 10:35 - 00000000 ____D C:\ProgramData\XwinpX 2016-08-14 11:29 - 2016-08-14 11:29 - 00002015 _____ C:\Users\Public\Desktop\AutoCAD 2009 - Polski.lnk 2016-08-14 11:15 - 2016-08-14 11:15 - 00001467 _____ C:\Users\Public\Desktop\Foxit Reader.lnk 2016-08-14 11:15 - 2016-08-14 11:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader 2016-08-09 20:59 - 2016-08-03 13:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-08-09 20:59 - 2016-08-03 13:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-08-09 20:59 - 2016-08-03 13:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-08-09 20:59 - 2016-08-03 12:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-08-09 20:59 - 2016-08-03 12:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2016-08-09 20:59 - 2016-08-03 12:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2016-08-09 20:59 - 2016-08-03 12:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2016-08-09 20:59 - 2016-08-03 12:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2016-08-09 20:59 - 2016-08-03 12:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2016-08-09 20:59 - 2016-08-03 12:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-08-09 20:59 - 2016-08-03 12:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-08-09 20:59 - 2016-08-03 12:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2016-08-09 20:59 - 2016-08-03 12:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2016-08-09 20:59 - 2016-08-03 12:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll 2016-08-09 20:59 - 2016-08-03 12:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-08-09 20:59 - 2016-08-03 12:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-08-09 20:59 - 2016-08-03 12:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2016-08-09 20:59 - 2016-08-03 12:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2016-08-09 20:59 - 2016-08-03 12:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2016-08-09 20:59 - 2016-08-03 12:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2016-08-09 20:59 - 2016-08-03 12:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-08-09 20:59 - 2016-08-03 12:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-08-09 20:59 - 2016-08-03 12:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-08-09 20:59 - 2016-08-03 12:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-08-09 20:59 - 2016-08-03 12:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-08-09 20:59 - 2016-08-03 12:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2016-08-09 20:59 - 2016-08-03 11:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe 2016-08-09 20:59 - 2016-08-03 11:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2016-08-09 20:59 - 2016-08-03 11:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-08-09 20:59 - 2016-08-03 11:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-08-09 20:59 - 2016-08-03 11:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll 2016-08-09 20:59 - 2016-08-03 11:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2016-08-09 20:59 - 2016-08-03 11:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-08-09 20:59 - 2016-08-03 11:41 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys 2016-08-09 20:59 - 2016-08-03 11:41 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys 2016-08-09 20:59 - 2016-08-03 11:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2016-08-09 20:59 - 2016-08-03 11:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2016-08-09 20:59 - 2016-08-03 11:40 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys 2016-08-09 20:59 - 2016-08-03 11:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll 2016-08-09 20:59 - 2016-08-03 11:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll 2016-08-09 20:59 - 2016-08-03 11:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2016-08-09 20:59 - 2016-08-03 11:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2016-08-09 20:59 - 2016-08-03 11:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-08-09 20:59 - 2016-08-03 11:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll 2016-08-09 20:59 - 2016-08-03 11:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-08-09 20:59 - 2016-08-03 11:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2016-08-09 20:59 - 2016-08-03 11:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll 2016-08-09 20:59 - 2016-08-03 11:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-08-09 20:59 - 2016-08-03 11:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2016-08-09 20:59 - 2016-08-03 11:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2016-08-09 20:59 - 2016-08-03 11:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-08-09 20:59 - 2016-08-03 11:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll 2016-08-09 20:59 - 2016-08-03 11:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-08-09 20:59 - 2016-08-03 11:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2016-08-09 20:59 - 2016-08-03 11:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll 2016-08-09 20:59 - 2016-08-03 11:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2016-08-09 20:59 - 2016-08-03 11:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2016-08-09 20:59 - 2016-08-03 11:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe 2016-08-09 20:59 - 2016-08-03 11:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-08-09 20:59 - 2016-08-03 11:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-08-09 20:59 - 2016-08-03 11:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll 2016-08-09 20:59 - 2016-08-03 11:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2016-08-09 20:59 - 2016-08-03 11:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-08-09 20:59 - 2016-08-03 11:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2016-08-09 20:59 - 2016-08-03 11:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-08-09 20:59 - 2016-08-03 11:29 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2016-08-09 20:59 - 2016-08-03 11:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-08-09 20:59 - 2016-08-03 11:29 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS 2016-08-09 20:59 - 2016-08-03 11:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2016-08-09 20:59 - 2016-08-03 11:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2016-08-09 20:59 - 2016-08-03 11:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2016-08-09 20:59 - 2016-08-03 11:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2016-08-09 20:59 - 2016-08-03 11:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-08-09 20:59 - 2016-08-03 11:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2016-08-09 20:59 - 2016-08-03 11:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2016-08-09 20:59 - 2016-08-03 11:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-08-09 20:59 - 2016-08-03 11:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-08-09 20:59 - 2016-08-03 11:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-08-09 20:59 - 2016-08-03 11:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-08-09 20:59 - 2016-08-03 11:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-08-09 20:59 - 2016-08-03 11:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2016-08-09 20:59 - 2016-08-03 11:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-08-09 20:59 - 2016-08-03 11:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-08-09 20:59 - 2016-08-03 11:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-08-09 20:59 - 2016-08-03 11:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-08-09 20:59 - 2016-08-03 11:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-08-09 20:59 - 2016-08-03 11:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2016-08-09 20:59 - 2016-08-03 11:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-08-09 20:59 - 2016-08-03 11:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-08-09 20:59 - 2016-08-03 11:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2016-08-09 20:59 - 2016-08-03 11:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2016-08-09 20:59 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll 2016-08-09 20:59 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-08-09 20:59 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-08-09 20:59 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll 2016-08-09 20:59 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-08-09 20:59 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-08-09 20:59 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-08-09 20:59 - 2016-08-03 07:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-08-09 20:59 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2016-08-09 20:59 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-08-09 20:59 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe 2016-08-09 20:59 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll 2016-08-09 20:59 - 2016-08-03 06:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-08-09 20:59 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2016-08-09 20:59 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll 2016-08-09 20:59 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll 2016-08-09 20:59 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll 2016-08-09 20:59 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-08-09 20:59 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-08-09 20:59 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2016-08-09 20:59 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2016-08-09 20:59 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe 2016-08-09 20:59 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2016-08-09 20:59 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2016-08-09 20:59 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-08-09 20:59 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-08-09 20:59 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-08-09 20:59 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2016-08-09 20:59 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-08-09 20:59 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2016-08-09 20:59 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2016-08-09 20:59 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2016-08-09 20:59 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2016-08-09 20:59 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-08-09 20:59 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-08-09 20:59 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-08-09 20:59 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2016-08-09 20:59 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-08-09 20:59 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-08-09 20:59 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-08-09 20:59 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-08-09 20:59 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-08-09 20:59 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2016-08-05 23:27 - 2016-08-05 23:32 - 00000000 ____D C:\Users\admin\AppData\Roaming\Nero 2016-08-05 23:24 - 2016-08-05 23:45 - 00000000 ____D C:\ProgramData\Nero 2016-08-03 00:16 - 2016-08-13 10:39 - 00003342 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task 2016-07-26 12:18 - 2016-07-26 12:18 - 00003540 _____ C:\WINDOWS\System32\Tasks\ChelfNotify Task 2016-07-26 12:18 - 2016-07-26 12:18 - 00000000 ____D C:\Users\admin\AppData\Roaming\Uncheckit 2016-07-26 12:18 - 2016-07-26 12:18 - 00000000 ____D C:\ProgramData\Uncheckit 2016-07-26 12:18 - 2016-07-26 12:18 - 00000000 ____D C:\ProgramData\ChelfNotify 2016-07-22 14:53 - 2016-07-22 14:53 - 00000959 _____ C:\Users\Public\Desktop\VLC media player.lnk 2016-07-22 14:46 - 2016-07-22 14:46 - 00000000 ____D C:\Users\admin\AppData\Roaming\WinZiper 2016-07-22 13:07 - 2016-08-15 10:40 - 00000000 ____D C:\Program Files (x86)\WinZipper 2016-07-22 13:07 - 2016-07-22 13:07 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_254906.html 2016-07-22 13:06 - 2016-07-22 13:06 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_229359.html 2016-07-22 13:06 - 2016-07-22 13:06 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_229187.html 2016-07-22 13:06 - 2016-07-22 13:06 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_191265.html 2016-07-22 13:06 - 2016-07-22 13:06 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_191078.html 2016-07-22 13:06 - 2016-07-22 13:06 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_189828.html 2016-07-22 13:06 - 2016-07-22 13:06 - 00000000 ____D C:\Program Files (x86)\WinSaber 2016-07-22 13:05 - 2016-07-22 13:05 - 03082528 _____ (Update) C:\WINDOWS\SysWOW64\pl4.exe 2016-07-22 13:05 - 2016-07-22 13:05 - 00000342 _____ C:\WINDOWS\SysWOW64\data.bin 2016-07-22 13:05 - 2016-07-22 13:05 - 00000003 _____ C:\WINDOWS\SysWOW64\pl_146046.html 2016-07-22 13:05 - 2016-07-22 13:05 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_159359.html 2016-07-22 13:05 - 2016-07-22 13:05 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_159171.html 2016-07-22 13:05 - 2016-07-22 13:05 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_156625.html 2016-07-22 13:05 - 2016-07-22 13:05 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_156437.html 2016-07-22 13:05 - 2016-07-22 13:05 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_155812.html 2016-07-22 13:05 - 2016-07-22 13:05 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_155640.html 2016-07-22 13:05 - 2016-07-22 13:05 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_147875.html 2016-07-22 13:05 - 2016-07-22 13:05 - 00000000 ____D C:\WINDOWS\SysWOW64\_SSpm 2016-07-17 11:41 - 2016-08-15 11:55 - 00000000 ____D C:\Users\admin\AppData\Local\CrashDumps ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-08-15 11:59 - 2015-10-30 21:19 - 00818098 _____ C:\WINDOWS\system32\perfh015.dat 2016-08-15 11:59 - 2015-10-30 21:19 - 00158300 _____ C:\WINDOWS\system32\perfc015.dat 2016-08-15 11:59 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF 2016-08-15 11:59 - 2015-10-03 17:52 - 01849016 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-08-15 11:54 - 2015-10-05 22:51 - 00000000 ____D C:\Users\admin\AppData\Roaming\Telegram Desktop 2016-08-15 11:53 - 2016-01-06 10:24 - 00004088 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1452068658 2016-08-15 11:53 - 2016-01-06 10:24 - 00001131 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2016-08-15 11:53 - 2015-10-03 13:02 - 00001084 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-08-15 11:53 - 2015-10-03 12:47 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-08-15 11:52 - 2016-03-16 09:36 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-08-15 11:52 - 2016-03-16 09:29 - 00000000 ____D C:\ProgramData\NVIDIA 2016-08-15 11:52 - 2015-10-30 08:28 - 01572864 ___SH C:\WINDOWS\system32\config\BBI 2016-08-15 11:50 - 2015-10-06 08:51 - 00968536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2016-08-15 11:50 - 2015-10-06 08:51 - 00513496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2016-08-15 11:50 - 2015-10-06 08:51 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys.147125461690604 2016-08-15 11:50 - 2015-10-06 08:51 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys.147125461610905 2016-08-15 11:50 - 2015-10-06 08:51 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys 2016-08-15 11:50 - 2015-10-06 08:51 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2016-08-15 11:50 - 2015-10-06 08:51 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2016-08-15 11:50 - 2015-10-06 08:51 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2016-08-15 11:50 - 2015-10-06 08:51 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2016-08-15 11:50 - 2015-10-06 08:51 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2016-08-15 11:50 - 2015-10-06 08:51 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2016-08-15 11:50 - 2015-10-06 08:51 - 00004004 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update 2016-08-15 11:49 - 2016-03-01 19:57 - 00453192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys 2016-08-15 11:48 - 2016-02-07 17:15 - 00000000 ____D C:\Users\admin\AppData\LocalLow\Unity 2016-08-15 11:48 - 2016-02-07 17:15 - 00000000 ____D C:\Users\admin\AppData\Local\Unity 2016-08-15 11:28 - 2015-10-03 13:02 - 00001088 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-08-15 11:25 - 2016-04-19 08:20 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-08-15 10:59 - 2016-03-16 09:28 - 04197288 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-08-15 10:35 - 2015-10-03 12:44 - 00002212 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-08-15 10:23 - 2015-10-07 20:50 - 00004224 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9A44B287-5BC8-42A8-980D-75E8D7D92872} 2016-08-14 20:54 - 2015-10-11 23:59 - 00013355 _____ C:\WINDOWS\BRRBCOM.INI 2016-08-14 13:20 - 2016-03-22 22:24 - 00000000 ____D C:\Users\admin\AppData\Roaming\Foxit Software 2016-08-14 11:29 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Help 2016-08-14 11:29 - 2015-10-21 12:39 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared 2016-08-14 11:29 - 2015-10-06 12:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 2016-08-14 11:29 - 2015-10-06 12:24 - 00000000 ____D C:\Program Files\AutoCAD 2009 2016-08-14 11:15 - 2016-07-05 19:24 - 00000000 ____D C:\ProgramData\Foxit Software 2016-08-14 11:15 - 2016-01-07 01:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-08-14 10:37 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-08-14 09:57 - 2015-10-03 13:46 - 00000000 ____D C:\Users\admin\AppData\Local\ElevatedDiagnostics 2016-08-13 17:30 - 2015-10-06 10:48 - 00000000 ____D C:\Users\admin\AppData\Roaming\vlc 2016-08-13 15:58 - 2015-10-03 13:23 - 00000000 ____D C:\Users\admin\AppData\Roaming\Skype 2016-08-13 10:39 - 2015-10-03 12:24 - 00002452 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-08-13 10:39 - 2015-10-03 12:24 - 00000000 ___RD C:\Users\admin\OneDrive 2016-08-12 14:39 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache 2016-08-12 14:23 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-08-10 07:28 - 2015-10-03 18:22 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-08-09 22:19 - 2015-10-30 21:23 - 00000000 ____D C:\Program Files\Windows Journal 2016-08-09 22:19 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-08-09 22:19 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-08-09 21:20 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2016-08-09 21:20 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-08-09 21:20 - 2015-10-03 13:02 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-08-09 21:18 - 2015-10-03 13:02 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-08-09 20:17 - 2015-10-13 14:20 - 00000000 ____D C:\Users\admin\AppData\Local\Microsoft Help 2016-08-04 11:48 - 2015-10-03 13:08 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-08-04 08:28 - 2015-10-03 13:03 - 00002593 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-07-31 20:29 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-07-28 22:23 - 2015-10-03 13:02 - 00004146 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-07-28 22:23 - 2015-10-03 13:02 - 00003914 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-07-27 19:44 - 2015-10-03 13:05 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-07-27 08:33 - 2016-03-24 20:22 - 00000000 ____D C:\Users\admin\AppData\Roaming\eCyber 2016-07-26 12:18 - 2016-05-31 10:18 - 00000000 ____D C:\ProgramData\uckt 2016-07-26 12:18 - 2016-01-26 11:11 - 00000000 ____D C:\Program Files (x86)\SearchesToYesbnd 2016-07-23 14:02 - 2015-10-03 13:47 - 00000000 ____D C:\Users\admin\AppData\Local\NVIDIA Corporation 2016-07-23 14:02 - 2015-10-03 13:23 - 00000000 ____D C:\Users\admin\AppData\Local\NVIDIA 2016-07-23 14:00 - 2016-03-16 09:29 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-07-23 14:00 - 2016-03-16 09:29 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-07-23 14:00 - 2016-03-16 09:29 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2016-07-23 14:00 - 2015-10-03 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-07-22 14:52 - 2016-04-05 10:26 - 00000000 ____D C:\Users\admin\.oracle_jre_usage 2016-07-22 14:52 - 2016-04-05 10:25 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2016-07-22 14:52 - 2016-04-05 10:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-07-22 14:52 - 2016-04-05 10:25 - 00000000 ____D C:\Program Files\Java 2016-07-22 13:05 - 2016-01-06 10:24 - 00001438 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk 2016-07-16 11:07 - 2015-10-03 13:08 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-12-06 23:34 - 2016-03-26 21:29 - 0013312 _____ () C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-11-21 22:27 - 2015-11-21 22:27 - 0000017 _____ () C:\Users\admin\AppData\Local\resmon.resmoncfg 2016-03-16 09:29 - 2016-03-16 09:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Niektóre pliki w TEMP: ==================== C:\Users\admin\AppData\Local\Temp\0f0af211-5427-49bb-95cb-412e61154d10.exe C:\Users\admin\AppData\Local\Temp\11375002-67de-40df-a06f-4f94d240e7d8.exe C:\Users\admin\AppData\Local\Temp\34be866b-da94-4c7d-bcd1-530c7726c6af.exe C:\Users\admin\AppData\Local\Temp\AcDeltree.exe C:\Users\admin\AppData\Local\Temp\c450daff-894c-4304-bc9f-a52b53338b18.exe C:\Users\admin\AppData\Local\Temp\e4ae67f3-e0a0-4123-8b6b-b69cbe66c87d.exe C:\Users\admin\AppData\Local\Temp\FNP_ACT_InstallerCA.dll C:\Users\admin\AppData\Local\Temp\FoxitUpdater.exe C:\Users\admin\AppData\Local\Temp\ICReinstall_uTorrent-13270-dp.exe C:\Users\admin\AppData\Local\Temp\kernel32.dll C:\Users\admin\AppData\Local\Temp\nvSCPAPI.dll C:\Users\admin\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\admin\AppData\Local\Temp\nvStInst.exe C:\Users\admin\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-08-11 09:48 ==================== Koniec FRST.txt ============================