Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 17-08-2016 Uruchomiony przez Oliwia (administrator) DELL (18-08-2016 15:26:24) Uruchomiony z C:\Users\Oliwia\Downloads Załadowane profile: Oliwia (Dostępne profile: Oliwia & Administrator) Platform: Windows 10 Home Wersja 1607 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: IE) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2016-03-26] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2016-03-26] (Realtek Semiconductor) HKLM\...\Run: [WavesSvc] => "C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe" HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3952824 2016-07-15] (Synaptics Incorporated) HKLM\...\Run: [SpaceSoundPro] => "C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe" HKLM\...\Run: [WINCOMS27] => "C:\Program Files (x86)\sunnyday\wincom_S27.exe" HKLM\...\Run: [WINCOMRMM] => "C:\Program Files (x86)\sunnyday\wincom_RMM.exe" HKLM\...\Run: [WINCOMJX7] => "C:\Program Files (x86)\sunnyday\wincom_JX7.exe" HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-07-16] (Microsoft Corporation) HKLM-x32\...\Run: [win_en_77] => "C:\Program Files (x86)\win_en_77\win_en_77.exe" HKLM-x32\...\Run: [DiskPower] => "C:\Program Files (x86)\DPower\DiskPower.exe" HKLM-x32\...\Run: [apphide] => C:\Program Files (x86)\sbqh\uc.exe HKU\S-1-5-21-2509345252-1380069450-1097988112-1001\...\Run: [BZK7GJSF62] => "C:\Program Files (x86)\DPower\5O14RGSMSJ.exe" HKU\S-1-5-21-2509345252-1380069450-1097988112-1001\...\Run: [svchost0] => "C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe"\UUC0789.exe HKU\S-1-5-21-2509345252-1380069450-1097988112-1001\...\Run: [Caster] => C:\Program Files (x86)\host\wizzcaster.exe HKU\S-1-5-21-2509345252-1380069450-1097988112-1001\...\Run: [M1V37EBAIM] => "C:\Program Files (x86)\DPower\CRH1T1CMJE.exe" HKU\S-1-5-21-2509345252-1380069450-1097988112-1001\...\Run: [V26DQ81B8K] => "C:\Program Files (x86)\DPower\EO1D4NMW6R.exe" ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Brak pliku BootExecute: autocheck autochk * aswBoot.exe /M:c708d5b1 /wow /dir:"C:\Program Files\AVAST Software\Avast" ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 8.8.8.8 Tcpip\..\Interfaces\{6b9f10ac-15f6-4a00-bfe5-3f8a02546aaa}: [DhcpNameServer] 192.168.1.1 8.8.8.8 Internet Explorer: ================== HKU\S-1-5-21-2509345252-1380069450-1097988112-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131158601259890229&GUID=BE0D843C-E6CA-4CA6-B5B7-076E3D09216B BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Oliwia\AppData\Roaming\Profiles\njnhwc85.default FF NewTab: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=g8czamobl7428bt,d5e6bbb7-3a2e-4f8f-a780-c4c47bea9003, FF SearchEngineOrder.3: Bing FF SelectedSearchEngine: Bing FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] () FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.) FF SearchPlugin: C:\Users\Oliwia\AppData\Roaming\Mozilla\Firefox\Profiles\74zvkhnu.default\searchplugins\bing-.xml [2015-12-25] FF SearchPlugin: C:\Users\Oliwia\AppData\Roaming\Profiles\njnhwc85.default\searchplugins\bing-.xml [2015-12-25] FF Extension: Bing Search - C:\Users\Oliwia\AppData\Roaming\Mozilla\Firefox\Profiles\74zvkhnu.default\Extensions\bingsearch.full@microsoft.com.xpi [2015-12-25] FF Extension: Adblock Plus - C:\Users\Oliwia\AppData\Roaming\Mozilla\Firefox\Profiles\74zvkhnu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28] FF Extension: Adblock Plus - C:\Users\Oliwia\AppData\Roaming\Profiles\njnhwc85.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28] FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25] Chrome: ======= CHR HKU\S-1-5-21-2509345252-1380069450-1097988112-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jlcgehabolcakkjhgmgpkagpolbjlhfa] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation) S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [337408 2016-07-16] (Microsoft Corporation) R2 CDPUserSvc_47441; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation) R2 CDPUserSvc_47441; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation) S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [241936 2016-03-27] (EasyAntiCheat Ltd) S3 FrameServer; C:\Windows\system32\FrameServer.dll [803840 2016-07-16] (Microsoft Corporation) S3 HvHost; C:\Windows\System32\hvhostsvc.dll [67584 2016-07-16] (Microsoft Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [374360 2016-05-27] (Intel Corporation) R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2016-07-02] () R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2014-10-20] (CyberLink) S3 RmSvc; C:\Windows\System32\RMapi.dll [141312 2016-07-16] (Microsoft Corporation) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2016-03-26] (Realtek Semiconductor) S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [161792 2016-07-16] (Microsoft Corporation) R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [177664 2016-07-16] (Microsoft Corporation) S3 vmicrdv; C:\Windows\System32\icsvcext.dll [349696 2016-07-16] (Microsoft Corporation) S3 vmicvss; C:\Windows\System32\icsvcext.dll [349696 2016-07-16] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) S3 wisvc; C:\Windows\system32\flightsettings.dll [614912 2016-07-16] (Microsoft Corporation) S3 WpnUserService; C:\Windows\System32\WpnUserService.dll [74240 2016-07-16] (Microsoft Corporation) S3 WpnUserService_47441; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation) S3 WpnUserService_47441; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation) S3 Vosogereofgh Reports; "C:\Program Files (x86)\Mbedrerjent\Vosogereofgh\VosogereofghRprCkkitywasuk.exe" {511AFE50-C2D8-48D5-87EB-B2BCFEC5572C} [X] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [18432 2016-07-16] (Microsoft Corporation) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-22] (Advanced Micro Devices, Inc.) S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [15360 2016-07-16] (Microsoft Corporation) S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533856 2016-07-16] (QLogic Corporation) R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [168448 2016-07-16] (Microsoft Corporation) R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [37376 2016-07-16] (Microsoft Corporation) S3 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [346976 2016-07-16] (Chelsio Communications) S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [2104160 2016-07-16] (Chelsio Communications) R2 clreg; C:\Windows\System32\drivers\registry.sys [70144 2016-07-16] (Microsoft Corporation) R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.) S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [73568 2016-07-16] (Microsoft Corporation) R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-08-06] (REALiX(tm)) S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [33280 2016-07-16] (Intel(R) Corporation) S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [64512 2016-07-16] (Intel Corporation) S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [35840 2016-07-16] (Microsoft Corporation) R0 iorate; C:\Windows\System32\drivers\iorate.sys [45920 2016-07-16] (Microsoft Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation) S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58720 2016-07-16] (Avago Technologies) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [896744 2016-03-26] (Realtek ) R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Realsil Semiconductor Corporation) S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [88416 2016-07-16] (Microsoft Corporation) S3 scmdisk0101; C:\Windows\System32\drivers\scmdisk0101.sys [123904 2016-07-16] (Microsoft Corporation) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-09-06] (Synaptics Incorporated) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [51392 2016-07-15] (Synaptics Incorporated) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.) R1 UCGuard; C:\Windows\System32\DRIVERS\ucguard.sys [81792 2016-08-02] (Huorong Borui (Beijing) Technology Co., Ltd.) S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [108544 2016-07-16] (Microsoft Corporation) S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2016-07-16] (Microsoft Corporation) R0 volume; C:\Windows\System32\drivers\volume.sys [16224 2016-07-16] (Microsoft Corporation) R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [119648 2016-07-16] (Microsoft Corporation) R2 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [66560 2016-07-16] (Microsoft Corporation) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) U0 aswVmm; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation) NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation) NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-08-18 15:26 - 2016-08-18 15:27 - 00015023 _____ C:\Users\Oliwia\Downloads\FRST.txt 2016-08-18 15:24 - 2016-08-18 15:26 - 00000000 ____D C:\FRST 2016-08-18 15:23 - 2016-08-18 15:24 - 02394624 _____ (Farbar) C:\Users\Oliwia\Downloads\FRST64.exe 2016-08-18 10:04 - 2016-08-18 10:04 - 00000000 ____D C:\ProgramData\TEMP 2016-08-18 10:03 - 2016-08-18 10:03 - 00000000 ____D C:\ProgramData\Simply Super Software 2016-08-18 10:02 - 2016-08-18 10:02 - 53291984 _____ (Simply Super Software ) C:\Users\Oliwia\Downloads\Trojan Remover 6.9.4 Build 2945 [1].exe 2016-08-18 10:02 - 2016-08-18 10:02 - 00989064 _____ ( ) C:\Users\Oliwia\Downloads\Trojan Remover 6.9.4 Build 2945.exe 2016-08-18 09:52 - 2016-08-18 09:53 - 03784256 _____ C:\Users\Oliwia\Downloads\adwcleaner.pl 6.000(1).exe 2016-08-18 08:34 - 2016-08-18 08:35 - 54287072 _____ (Microsoft Corporation) C:\Users\Oliwia\Downloads\Windows-KB890830-x64-V5.39.exe 2016-08-18 08:11 - 2016-08-18 08:11 - 02870984 _____ (ESET) C:\Users\Oliwia\Downloads\esetsmartinstaller_plk.exe 2016-08-17 22:37 - 2016-08-17 22:37 - 06253648 _____ (AVAST Software) C:\Users\Oliwia\Downloads\avast_free_antivirus_setup_online(1).exe 2016-08-17 22:36 - 2016-08-17 22:36 - 06253648 _____ (AVAST Software) C:\Users\Oliwia\Downloads\avast_free_antivirus_setup_online.exe 2016-08-17 21:53 - 2016-08-17 21:54 - 03784256 _____ C:\Users\Oliwia\Downloads\adwcleaner.pl 6.000.exe 2016-08-13 22:58 - 2016-08-13 22:58 - 03784256 _____ C:\Users\Oliwia\Downloads\adwcleaner_6.000.exe 2016-08-13 22:31 - 2016-08-02 15:42 - 00081792 _____ (Huorong Borui (Beijing) Technology Co., Ltd.) C:\WINDOWS\system32\Drivers\ucguard.sys 2016-08-13 09:07 - 2016-08-13 09:07 - 00004396 _____ C:\WINDOWS\System32\Tasks\SMW_UpdateTask_Time_34383537303032342d2d5b50342a4155456c5a236c 2016-08-13 00:57 - 2016-08-13 09:07 - 00187904 _____ C:\WINDOWS\rsrcs.dll 2016-08-13 00:36 - 2016-08-17 22:59 - 00000000 ____D C:\ProgramData\AVAST Software 2016-08-13 00:36 - 2016-08-17 00:30 - 00138240 _____ C:\Users\Oliwia\AppData\Roaming\Installer.dat 2016-08-13 00:36 - 2016-08-17 00:30 - 00011568 _____ C:\Users\Oliwia\AppData\Roaming\InstallationConfiguration.xml 2016-08-13 00:35 - 2016-08-13 00:35 - 00000000 ____D C:\Users\Oliwia\AppData\Local\Ghabuing 2016-08-13 00:34 - 2016-08-13 00:33 - 00001188 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak 2016-08-13 00:25 - 2016-08-17 00:25 - 00000165 _____ C:\WINDOWS\SysWOW64\MUpdater.exe.config 2016-08-13 00:25 - 2016-08-17 00:25 - 00000165 _____ C:\WINDOWS\SysWOW64\GameXP.exe.config 2016-08-13 00:25 - 2016-08-17 00:25 - 00000165 _____ C:\WINDOWS\SysWOW64\GameCenter.exe.config 2016-08-10 17:31 - 2016-08-02 10:48 - 22219328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-08-10 17:31 - 2016-08-02 10:44 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2016-08-10 17:31 - 2016-08-02 10:20 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-08-10 17:31 - 2016-08-02 09:55 - 03617280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-08-10 17:31 - 2016-08-02 06:51 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-08-10 17:31 - 2016-08-02 06:25 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll 2016-08-10 17:30 - 2016-08-02 10:58 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-08-10 17:30 - 2016-08-02 10:53 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-08-10 17:30 - 2016-08-02 10:52 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-08-10 17:30 - 2016-08-02 10:48 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2016-08-10 17:30 - 2016-08-02 10:44 - 00151232 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-08-10 17:30 - 2016-08-02 10:23 - 22572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-08-10 17:30 - 2016-08-02 10:21 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2016-08-10 17:30 - 2016-08-02 10:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll 2016-08-10 17:30 - 2016-08-02 10:20 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2016-08-10 17:30 - 2016-08-02 10:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2016-08-10 17:30 - 2016-08-02 10:15 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll 2016-08-10 17:30 - 2016-08-02 10:14 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll 2016-08-10 17:30 - 2016-08-02 10:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-08-10 17:30 - 2016-08-02 10:12 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2016-08-10 17:30 - 2016-08-02 10:11 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll 2016-08-10 17:30 - 2016-08-02 10:11 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-08-10 17:30 - 2016-08-02 10:10 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll 2016-08-10 17:30 - 2016-08-02 10:09 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll 2016-08-10 17:30 - 2016-08-02 10:07 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-08-10 17:30 - 2016-08-02 10:07 - 09125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-08-10 17:30 - 2016-08-02 10:03 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-08-10 17:30 - 2016-08-02 10:00 - 05511168 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll 2016-08-10 17:30 - 2016-08-02 09:59 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-08-10 17:30 - 2016-08-02 09:58 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2016-08-10 17:30 - 2016-08-02 09:57 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-08-10 17:30 - 2016-08-02 09:56 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2016-08-10 17:30 - 2016-08-02 09:56 - 01785856 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-08-10 17:30 - 2016-08-02 09:56 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2016-08-10 17:30 - 2016-08-02 09:55 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-08-10 17:30 - 2016-08-02 09:52 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll 2016-08-10 17:30 - 2016-08-02 06:56 - 02251440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-08-10 17:30 - 2016-08-02 06:47 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll 2016-08-10 17:30 - 2016-08-02 06:39 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2016-08-10 17:30 - 2016-08-02 06:37 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll 2016-08-10 17:30 - 2016-08-02 06:37 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2016-08-10 17:30 - 2016-08-02 06:36 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2016-08-10 17:30 - 2016-08-02 06:33 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll 2016-08-10 17:30 - 2016-08-02 06:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2016-08-10 17:30 - 2016-08-02 06:28 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-08-10 17:30 - 2016-08-02 06:27 - 07623168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-08-10 17:30 - 2016-08-02 06:26 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-08-10 17:30 - 2016-08-02 06:26 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2016-08-10 17:30 - 2016-08-02 06:25 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2016-08-10 17:30 - 2016-08-02 06:23 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2016-08-10 17:30 - 2016-08-02 06:16 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-08-10 17:30 - 2016-08-02 06:13 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-08-10 17:30 - 2016-08-02 06:13 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2016-08-10 17:30 - 2016-08-02 06:12 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2016-08-10 17:30 - 2016-08-02 06:09 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll 2016-08-10 15:55 - 2016-08-10 15:24 - 00000000 ___DC C:\WINDOWS\Panther 2016-08-10 15:51 - 2016-08-10 15:51 - 00000000 ____D C:\Windows.old 2016-08-10 15:50 - 2016-08-10 15:50 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-08-10 15:50 - 2016-08-10 15:50 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2016-08-10 15:50 - 2016-08-10 15:50 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2016-08-10 15:50 - 2016-08-10 15:50 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2016-08-10 15:50 - 2016-08-10 15:50 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-08-10 15:50 - 2016-08-10 15:50 - 01265424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-08-10 15:50 - 2016-08-10 15:50 - 01260384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2016-08-10 15:50 - 2016-08-10 15:50 - 00843104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2016-08-10 15:50 - 2016-08-10 15:50 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2016-08-10 15:50 - 2016-08-10 15:50 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-08-10 15:50 - 2016-08-10 15:50 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-08-10 15:50 - 2016-08-10 15:50 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll 2016-08-10 15:50 - 2016-08-10 15:50 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll 2016-08-10 15:50 - 2016-08-10 15:50 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-08-10 15:50 - 2016-08-10 15:50 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys 2016-08-10 15:49 - 2016-08-10 15:49 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2016-08-10 15:44 - 2016-08-10 15:44 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2016-08-10 15:44 - 2016-08-10 15:44 - 00000000 ____D C:\Program Files\Reference Assemblies 2016-08-10 15:44 - 2016-08-10 15:44 - 00000000 ____D C:\Program Files\MSBuild 2016-08-10 15:44 - 2016-08-10 15:44 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2016-08-10 15:44 - 2016-08-10 15:44 - 00000000 ____D C:\Program Files (x86)\MSBuild 2016-08-10 15:44 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2016-08-10 15:44 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2016-08-10 15:44 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2016-08-10 15:44 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2016-08-10 15:44 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2016-08-10 15:44 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2016-08-10 15:28 - 2016-08-10 15:28 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2016-08-10 15:25 - 2016-08-11 14:51 - 00000000 ____D C:\Users\Oliwia\AppData\Local\ConnectedDevicesPlatform 2016-08-10 15:25 - 2016-08-10 15:25 - 00000020 ___SH C:\Users\Oliwia\ntuser.ini 2016-08-10 15:24 - 2016-08-10 15:24 - 00000000 _SHDL C:\Users\Default\Ustawienia lokalne 2016-08-10 15:24 - 2016-08-10 15:24 - 00000000 _SHDL C:\Users\Default\Szablony 2016-08-10 15:24 - 2016-08-10 15:24 - 00000000 _SHDL C:\Users\Default\Moje dokumenty 2016-08-10 15:24 - 2016-08-10 15:24 - 00000000 _SHDL C:\Users\Default\Menu Start 2016-08-10 15:24 - 2016-08-10 15:24 - 00000000 _SHDL C:\Users\Default\Documents\Moje wideo 2016-08-10 15:24 - 2016-08-10 15:24 - 00000000 _SHDL C:\Users\Default\Documents\Moje obrazy 2016-08-10 15:24 - 2016-08-10 15:24 - 00000000 _SHDL C:\Users\Default\Documents\Moja muzyka 2016-08-10 15:24 - 2016-08-10 15:24 - 00000000 _SHDL C:\Users\Default\Dane aplikacji 2016-08-10 15:24 - 2016-08-10 15:24 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2016-08-10 15:24 - 2016-08-10 15:24 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historia 2016-08-10 15:24 - 2016-08-10 15:24 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dane aplikacji 2016-08-10 15:24 - 2016-08-10 15:24 - 00000000 _SHDL C:\Users\Default User\Documents\Moje wideo 2016-08-10 15:24 - 2016-08-10 15:24 - 00000000 _SHDL C:\Users\Default User\Documents\Moje obrazy 2016-08-10 15:24 - 2016-08-10 15:24 - 00000000 _SHDL C:\Users\Default User\Documents\Moja muzyka 2016-08-10 15:24 - 2016-08-10 15:24 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2016-08-10 15:24 - 2016-08-10 15:24 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historia 2016-08-10 15:24 - 2016-08-10 15:24 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dane aplikacji 2016-08-10 15:24 - 2016-08-10 15:24 - 00000000 ____D C:\ProgramData\USOShared 2016-08-10 15:22 - 2016-08-10 15:23 - 00011433 _____ C:\WINDOWS\diagwrn.xml 2016-08-10 15:22 - 2016-08-10 15:23 - 00011433 _____ C:\WINDOWS\diagerr.xml 2016-08-10 15:16 - 2016-08-18 15:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-08-10 15:16 - 2016-08-10 15:17 - 00003348 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D2ED7B0E-D057-45AC-B63A-BA2B74915F46} 2016-08-10 15:08 - 2016-08-10 15:08 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-08-10 15:06 - 2016-08-10 15:10 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2016-08-10 15:04 - 2016-08-17 22:02 - 00000000 ____D C:\Users\Oliwia 2016-08-10 15:04 - 2016-08-10 15:13 - 00000000 ____D C:\Users\Administrator 2016-08-10 15:04 - 2016-08-10 15:04 - 00000000 _SHDL C:\Users\Oliwia\Ustawienia lokalne 2016-08-10 15:04 - 2016-08-10 15:04 - 00000000 _SHDL C:\Users\Oliwia\Szablony 2016-08-10 15:04 - 2016-08-10 15:04 - 00000000 _SHDL C:\Users\Oliwia\Moje dokumenty 2016-08-10 15:04 - 2016-08-10 15:04 - 00000000 _SHDL C:\Users\Oliwia\Menu Start 2016-08-10 15:04 - 2016-08-10 15:04 - 00000000 _SHDL C:\Users\Oliwia\Documents\Moje wideo 2016-08-10 15:04 - 2016-08-10 15:04 - 00000000 _SHDL C:\Users\Oliwia\Documents\Moje obrazy 2016-08-10 15:04 - 2016-08-10 15:04 - 00000000 _SHDL C:\Users\Oliwia\Documents\Moja muzyka 2016-08-10 15:04 - 2016-08-10 15:04 - 00000000 _SHDL C:\Users\Oliwia\Dane aplikacji 2016-08-10 15:04 - 2016-08-10 15:04 - 00000000 _SHDL C:\Users\Oliwia\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2016-08-10 15:04 - 2016-08-10 15:04 - 00000000 _SHDL C:\Users\Oliwia\AppData\Local\Historia 2016-08-10 15:04 - 2016-08-10 15:04 - 00000000 _SHDL C:\Users\Oliwia\AppData\Local\Dane aplikacji 2016-08-10 15:04 - 2016-08-10 15:04 - 00000000 _SHDL C:\Users\Administrator\Ustawienia lokalne 2016-08-10 15:04 - 2016-08-10 15:04 - 00000000 _SHDL C:\Users\Administrator\Szablony 2016-08-10 15:04 - 2016-08-10 15:04 - 00000000 _SHDL C:\Users\Administrator\Moje dokumenty 2016-08-10 15:04 - 2016-08-10 15:04 - 00000000 _SHDL C:\Users\Administrator\Menu Start 2016-08-10 15:04 - 2016-08-10 15:04 - 00000000 _SHDL C:\Users\Administrator\Documents\Moje wideo 2016-08-10 15:04 - 2016-08-10 15:04 - 00000000 _SHDL C:\Users\Administrator\Documents\Moje obrazy 2016-08-10 15:04 - 2016-08-10 15:04 - 00000000 _SHDL C:\Users\Administrator\Documents\Moja muzyka 2016-08-10 15:04 - 2016-08-10 15:04 - 00000000 _SHDL C:\Users\Administrator\Dane aplikacji 2016-08-10 15:04 - 2016-08-10 15:04 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2016-08-10 15:04 - 2016-08-10 15:04 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Historia 2016-08-10 15:04 - 2016-08-10 15:04 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Dane aplikacji 2016-08-10 15:01 - 2016-08-10 15:01 - 00000000 ____D C:\WINDOWS\SysWOW64\sda 2016-08-10 15:01 - 2016-08-10 15:01 - 00000000 ____D C:\Program Files\Common Files\Atheros 2016-08-10 15:00 - 2016-08-18 15:15 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-08-10 15:00 - 2016-08-10 15:00 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2016-08-10 15:00 - 2016-08-10 15:00 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf 2016-08-10 15:00 - 2016-08-10 15:00 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf 2016-08-10 15:00 - 2016-08-10 15:00 - 00000000 ____D C:\Program Files\Synaptics 2016-08-10 15:00 - 2016-08-10 15:00 - 00000000 ____D C:\Program Files\Intel 2016-08-10 15:00 - 2016-08-10 15:00 - 00000000 ____D C:\Program Files\AMD 2016-08-10 15:00 - 2016-08-10 15:00 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin 2016-08-10 14:59 - 2016-08-10 14:59 - 01019725 _____ C:\WINDOWS\system32\Drivers\rtwavesskdy.dat 2016-08-10 14:59 - 2016-08-10 14:59 - 00188557 _____ C:\WINDOWS\system32\Drivers\rtwaves40.dat 2016-08-10 14:59 - 2016-08-10 14:59 - 00031095 _____ C:\WINDOWS\system32\Drivers\rtwavesEFX.dat 2016-08-10 14:59 - 2016-08-10 14:59 - 00017978 _____ C:\WINDOWS\system32\Drivers\rtwavesvpcap.dat 2016-08-10 14:59 - 2016-08-10 14:59 - 00010945 _____ C:\WINDOWS\system32\Drivers\rtwavesMFX.dat 2016-08-10 14:59 - 2016-08-10 14:59 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf 2016-08-10 14:59 - 2016-08-10 14:59 - 00000000 ____H C:\ProgramData\DP45977C.lfl 2016-08-10 14:59 - 2016-08-10 14:59 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2016-08-10 14:59 - 2016-08-10 14:59 - 00000000 ____D C:\WINDOWS\system32\SRSLabs 2016-08-10 14:59 - 2016-08-10 14:59 - 00000000 ____D C:\Program Files\Realtek 2016-08-10 14:59 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2016-08-10 14:56 - 2016-08-18 15:14 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2016-08-10 14:56 - 2016-08-11 14:38 - 00198568 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-08-10 14:56 - 2016-08-10 14:57 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2016-08-09 15:35 - 2016-08-09 20:05 - 00000000 ___HD C:\Program Files (x86)\f097247 2016-08-09 15:35 - 2016-08-09 15:35 - 00000000 ___HD C:\Program Files (x86)\xx873FD 2016-08-08 17:09 - 2016-08-10 15:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty - United Offensive 2016-08-08 17:09 - 2016-08-08 17:16 - 00000831 _____ C:\WINDOWS\CODUO.ini 2016-08-08 16:42 - 2016-08-08 17:19 - 00012528 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\WINDOWS\SysWOW64\Drivers\SECDRV.SYS 2016-08-08 16:42 - 2016-08-08 16:42 - 00000000 ____D C:\Users\Oliwia\AppData\Roaming\AMD 2016-08-08 16:41 - 2016-08-10 15:05 - 00000000 ____D C:\Users\Oliwia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Call of Duty 2016-08-08 16:32 - 2016-08-08 17:09 - 00000000 ____D C:\Program Files (x86)\Call of Duty 2016-08-08 16:30 - 2016-08-08 16:56 - 00000766 _____ C:\WINDOWS\CoD.INI 2016-08-07 11:59 - 2016-08-07 12:03 - 00000000 ____D C:\Users\Oliwia\AppData\Roaming\_12ibt6 2016-08-06 23:25 - 2016-08-09 20:05 - 00000000 ___HD C:\Program Files (x86)\4o4970B 2016-08-06 23:25 - 2016-08-06 23:26 - 00000000 ____D C:\Users\Oliwia\AppData\LocalLow\IObit 2016-08-06 23:25 - 2016-08-06 23:26 - 00000000 ____D C:\ProgramData\ProductData 2016-08-06 23:25 - 2016-08-06 23:25 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS 2016-08-06 23:25 - 2016-08-06 23:25 - 00000000 ____D C:\WINDOWS\IObit 2016-08-06 23:25 - 2016-08-06 23:25 - 00000000 ____D C:\Users\Oliwia\AppData\Roaming\IObit 2016-08-06 23:25 - 2016-08-06 23:25 - 00000000 ____D C:\ProgramData\IObit 2016-08-06 15:34 - 2016-08-07 19:42 - 00000000 ____D C:\Users\Oliwia\AppData\Roaming\uTorrent 2016-07-31 22:22 - 2016-07-31 22:25 - 00000000 ____D C:\Users\Oliwia\AppData\Roaming\GofinDruki 2016-07-31 22:22 - 2016-07-31 22:22 - 00000000 ____D C:\Users\Oliwia\Documents\DRUKI Gofin 2016-07-26 19:28 - 2016-07-26 19:28 - 00000000 ____D C:\Users\Oliwia\Documents\League of Legends 2016-07-26 19:16 - 2016-07-26 19:16 - 00000000 ____D C:\Users\Oliwia\AppData\Roaming\LolClient 2016-07-26 17:17 - 2016-07-26 17:17 - 00000000 ____D C:\ProgramData\Riot Games 2016-07-26 17:15 - 2016-07-26 17:15 - 00000000 ____D C:\Riot Games 2016-07-26 17:15 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll 2016-07-26 17:15 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll 2016-07-26 17:15 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll 2016-07-26 17:13 - 2016-07-26 17:15 - 00000000 ____D C:\Users\Oliwia\AppData\Roaming\Riot Games 2016-07-23 12:42 - 2016-08-10 15:10 - 00000000 ____D C:\Users\Oliwia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder 2016-07-23 12:42 - 2016-07-23 12:42 - 00000000 ____D C:\ProgramData\Gaijin 2016-07-22 16:48 - 2016-07-22 16:48 - 00000000 ____D C:\Users\Oliwia\AppData\Roaming\Wargaming.net 2016-07-22 14:58 - 2016-08-10 15:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2016-07-22 14:58 - 2016-08-09 14:43 - 00000000 ____D C:\Program Files (x86)\Steam 2016-07-22 14:58 - 2016-07-22 14:58 - 00001038 _____ C:\Users\Public\Desktop\Steam.lnk 2016-07-19 08:05 - 2016-07-19 08:05 - 00000000 ____D C:\ProgramData\GG ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-08-18 15:19 - 2016-07-17 00:05 - 00729852 _____ C:\WINDOWS\system32\perfh015.dat 2016-08-18 15:19 - 2016-07-17 00:05 - 00154996 _____ C:\WINDOWS\system32\perfc015.dat 2016-08-18 15:19 - 2015-09-12 22:49 - 01947612 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-08-18 15:15 - 2015-08-30 12:47 - 00000000 __SHD C:\Users\Oliwia\IntelGraphicsProfiles 2016-08-18 10:44 - 2015-05-02 18:01 - 00000000 ____D C:\AdwCleaner 2016-08-18 10:43 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF 2016-08-18 10:40 - 2016-06-28 17:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-08-18 08:35 - 2015-09-13 09:44 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-08-17 22:59 - 2015-12-25 18:08 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-08-17 22:59 - 2015-12-25 18:08 - 00000000 ____D C:\ProgramData\Skype 2016-08-17 22:51 - 2015-12-25 18:08 - 00000000 ____D C:\Users\Oliwia\AppData\Roaming\Skype 2016-08-17 22:49 - 2015-09-12 22:48 - 00000000 ____D C:\Users\Oliwia\AppData\Roaming\Adobe 2016-08-17 21:53 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps 2016-08-17 21:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-08-17 21:50 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-08-15 20:34 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI 2016-08-13 22:28 - 2015-09-12 22:56 - 00001422 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-08-13 22:28 - 2015-09-12 22:56 - 00001410 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-08-13 09:42 - 2016-04-23 22:36 - 00000000 ____D C:\Users\Oliwia\AppData\Local\GG 2016-08-13 01:00 - 2015-08-30 12:47 - 00000000 ___RD C:\Users\Oliwia\OneDrive 2016-08-12 16:03 - 2016-04-23 22:36 - 00000000 ____D C:\Users\Oliwia\AppData\Roaming\GG 2016-08-11 14:50 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat 2016-08-11 14:50 - 2014-05-15 07:15 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-08-10 22:41 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-08-10 22:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV 2016-08-10 22:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT 2016-08-10 22:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE 2016-08-10 22:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX 2016-08-10 22:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB 2016-08-10 22:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-08-10 22:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2016-08-10 19:38 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2016-08-10 17:35 - 2015-09-13 09:44 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-08-10 15:55 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2016-08-10 15:44 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2016-08-10 15:44 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI 2016-08-10 15:43 - 2015-09-12 22:48 - 00000000 ____D C:\Users\Oliwia\AppData\Local\Packages 2016-08-10 15:30 - 2015-09-12 22:52 - 00002416 _____ C:\Users\Oliwia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-08-10 15:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache 2016-08-10 15:24 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate 2016-08-10 15:24 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT 2016-08-10 15:23 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM 2016-08-10 15:22 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration 2016-08-10 15:21 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2016-08-10 15:21 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2016-08-10 15:17 - 2016-04-03 17:20 - 00023140 _____ C:\WINDOWS\system32\emptyregdb.dat 2016-08-10 15:16 - 2016-07-16 13:47 - 00000000 __RSD C:\WINDOWS\Media 2016-08-10 15:16 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries 2016-08-10 15:10 - 2016-07-10 21:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP140 series 2016-08-10 15:10 - 2015-09-24 17:39 - 00000000 ____D C:\Users\Oliwia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-08-10 15:10 - 2015-09-24 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-08-10 15:10 - 2015-09-15 19:54 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live 2016-08-10 15:10 - 2015-09-15 19:54 - 00000000 ____D C:\WINDOWS\pl 2016-08-10 15:08 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-08-10 15:08 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated 2016-08-10 15:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2016-08-10 15:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool 2016-08-10 15:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-08-10 15:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed 2016-08-10 15:06 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-08-10 15:06 - 2016-07-10 21:24 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information 2016-08-10 15:06 - 2015-09-15 19:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue 2016-08-10 15:03 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2016-08-10 15:01 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog 2016-08-10 15:01 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView 2016-08-09 22:51 - 2016-07-17 00:43 - 00000000 ___HD C:\$WINDOWS.~BT 2016-08-08 17:10 - 2015-09-15 19:27 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-08-08 16:42 - 2015-09-12 22:48 - 00000000 ____D C:\Users\Oliwia\AppData\Local\VirtualStore 2016-08-06 23:30 - 2015-06-07 13:27 - 00000000 ____D C:\Gry 2016-08-04 20:23 - 2015-09-14 16:43 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-07-31 23:24 - 2015-09-15 19:23 - 00000000 ____D C:\ProgramData\Package Cache 2016-07-27 21:25 - 2015-09-13 09:46 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2016-07-22 05:51 - 2016-04-25 00:35 - 00164992 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys ==================== Pliki w katalogu głównym wybranych folderów ======= 2016-08-13 00:36 - 2016-08-17 00:30 - 0011568 _____ () C:\Users\Oliwia\AppData\Roaming\InstallationConfiguration.xml 2016-08-13 00:36 - 2016-08-17 00:30 - 0138240 _____ () C:\Users\Oliwia\AppData\Roaming\Installer.dat 2016-08-10 14:59 - 2016-08-10 14:59 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2015-09-15 16:47 - 2015-09-15 16:47 - 0000016 _____ () C:\ProgramData\mntemp 2015-09-15 16:47 - 2015-09-15 16:47 - 0004105 _____ () C:\ProgramData\wmzddnmb.cix Niektóre pliki w TEMP: ==================== C:\Users\Oliwia\AppData\Local\Temp\0A90K7DXFX.exe C:\Users\Oliwia\AppData\Local\Temp\0HPZKM08VC.exe C:\Users\Oliwia\AppData\Local\Temp\0WQK1PE89F.exe C:\Users\Oliwia\AppData\Local\Temp\222.exe C:\Users\Oliwia\AppData\Local\Temp\2873.tmp.exe C:\Users\Oliwia\AppData\Local\Temp\360net.dll C:\Users\Oliwia\AppData\Local\Temp\360NetBase.dll C:\Users\Oliwia\AppData\Local\Temp\360NetBase64.dll C:\Users\Oliwia\AppData\Local\Temp\360NetUL.dll C:\Users\Oliwia\AppData\Local\Temp\5T1AWWAN5H.exe C:\Users\Oliwia\AppData\Local\Temp\5XM9NF9O8C.exe C:\Users\Oliwia\AppData\Local\Temp\65OHM7W1PN.exe C:\Users\Oliwia\AppData\Local\Temp\83C2.tmp.exe C:\Users\Oliwia\AppData\Local\Temp\918.tmp.exe C:\Users\Oliwia\AppData\Local\Temp\amisetup3190__10235_il5.exe C:\Users\Oliwia\AppData\Local\Temp\amisetup3216__10235_il5.exe C:\Users\Oliwia\AppData\Local\Temp\amisetup3465__16582_il5.exe C:\Users\Oliwia\AppData\Local\Temp\amisetup3481__16582_il5.exe C:\Users\Oliwia\AppData\Local\Temp\amisetup6949__19900_il5.exe C:\Users\Oliwia\AppData\Local\Temp\B3.exe C:\Users\Oliwia\AppData\Local\Temp\BEY7N4GV40.exe C:\Users\Oliwia\AppData\Local\Temp\BOFSYWURF8.exe C:\Users\Oliwia\AppData\Local\Temp\Browser_V5.6.14087.902_f_4713_(Build1608021049).exe C:\Users\Oliwia\AppData\Local\Temp\ContentPushSetup.exe C:\Users\Oliwia\AppData\Local\Temp\D5DC.tmp.exe C:\Users\Oliwia\AppData\Local\Temp\DBUpdater.exe C:\Users\Oliwia\AppData\Local\Temp\EB7C.tmp.exe C:\Users\Oliwia\AppData\Local\Temp\fsdAFB9.exe C:\Users\Oliwia\AppData\Local\Temp\GZUNVD8BUY.exe C:\Users\Oliwia\AppData\Local\Temp\ICReinstall_D5DC.tmp.exe C:\Users\Oliwia\AppData\Local\Temp\IQB30G96HD.exe C:\Users\Oliwia\AppData\Local\Temp\JLT2ZVL1NQ.exe C:\Users\Oliwia\AppData\Local\Temp\JMNV4CAA76.exe C:\Users\Oliwia\AppData\Local\Temp\KZG1FZ38UT.exe C:\Users\Oliwia\AppData\Local\Temp\libeay32.dll C:\Users\Oliwia\AppData\Local\Temp\linker.exe C:\Users\Oliwia\AppData\Local\Temp\msvcr120.dll C:\Users\Oliwia\AppData\Local\Temp\N9AECAOYXC.exe C:\Users\Oliwia\AppData\Local\Temp\NO8T53CAPW.exe C:\Users\Oliwia\AppData\Local\Temp\nsd133B.tmp.exe C:\Users\Oliwia\AppData\Local\Temp\nsf141F.tmp.exe C:\Users\Oliwia\AppData\Local\Temp\nsf2F1B.tmp.exe C:\Users\Oliwia\AppData\Local\Temp\nst75E1.tmp.exe C:\Users\Oliwia\AppData\Local\Temp\prepreinstaller_win.exe C:\Users\Oliwia\AppData\Local\Temp\QN1YIIKQ7R.exe C:\Users\Oliwia\AppData\Local\Temp\QPR3LRQAAS.exe C:\Users\Oliwia\AppData\Local\Temp\RBQVXMII8K.exe C:\Users\Oliwia\AppData\Local\Temp\S8FUFF3N8G.exe C:\Users\Oliwia\AppData\Local\Temp\sdf23CE.exe C:\Users\Oliwia\AppData\Local\Temp\sdf31B.exe C:\Users\Oliwia\AppData\Local\Temp\sdfB69A.exe C:\Users\Oliwia\AppData\Local\Temp\sdfC169.exe C:\Users\Oliwia\AppData\Local\Temp\sdfC9.exe C:\Users\Oliwia\AppData\Local\Temp\sdfC91B.exe C:\Users\Oliwia\AppData\Local\Temp\setup.exe C:\Users\Oliwia\AppData\Local\Temp\SpotifyUninstall.exe C:\Users\Oliwia\AppData\Local\Temp\sqlite3.dll C:\Users\Oliwia\AppData\Local\Temp\VMOK28E92S.exe C:\Users\Oliwia\AppData\Local\Temp\WindowsUpdateKB12695__7428_il10295.exe C:\Users\Oliwia\AppData\Local\Temp\X165TDU6DF.exe C:\Users\Oliwia\AppData\Local\Temp\YQDOWTE3B2.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-08-10 14:56 ==================== Koniec FRST.txt ============================