Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 12-11-2016 Uruchomiony przez Kamil (administrator) MACPRO (16-11-2016 15:20:49) Uruchomiony z C:\Users\Administrator\Downloads Załadowane profile: Kamil (Dostępne profile: Kamil & Administrator & Gość) Platform: Windows 7 Ultimate Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe () C:\Windows\System32\AppleOSSMgr.exe (Apple Inc.) C:\Windows\System32\AppleTimeSrv.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Transaction Software, D 81737 Munich) C:\BMWgroup\ETKLokal\transbase\tbmux32.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Apple Inc.) C:\Program Files\Boot Camp\Bootcamp.exe () C:\Program Files (x86)\i-Funbox DevTeam\ifb_conn.exe ( ) C:\Program Files (x86)\ChomikBox\chomikbox.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe (Huf Tools) C:\Program Files (x86)\BMW\ISPI\TRAC\Keyreader\Keyreader.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8114720 2010-01-15] (Realtek Semiconductor) HKLM\...\Run: [Apple_KbdMgr] => C:\Program Files\Boot Camp\Bootcamp.exe [741760 2011-08-15] (Apple Inc.) HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation) HKU\S-1-5-21-1905721025-3557672246-1714588951-1000\...\Run: [iFunBoxConnector] => C:\Program Files (x86)\i-Funbox DevTeam\ifb_conn.exe [812544 2012-11-20] () HKU\S-1-5-21-1905721025-3557672246-1714588951-1000\...\Run: [ChomikBox] => C:\Program Files (x86)\ChomikBox\chomikbox.exe [3939840 2015-12-17] ( ) HKU\S-1-5-21-1905721025-3557672246-1714588951-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [884920 2016-10-01] (Adobe Systems Incorporated) HKU\S-1-5-21-1905721025-3557672246-1714588951-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27017856 2016-10-17] (Skype Technologies S.A.) SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation) SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation) ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation) ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWOW64\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BMW Group Keyreader.lnk [2016-11-13] ShortcutTarget: BMW Group Keyreader.lnk -> C:\Windows\Installer\{3828BFB9-594C-4C43-88AB-238F2E799802}\AppIcon.exe (Huf Tools) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{58B2A6E9-B01E-44C5-962A-468D8D0FF14F}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{73C96BDD-C3F7-4F09-AD7F-56F18B71D4A1}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{9D89DFB3-EB32-4F50-94AB-3B938F9884DD}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{B64974F9-FC4E-41B0-88D1-B233EC8C39AF}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{BF407D08-8F61-4685-8CB7-9CF0EE219196}: [DhcpNameServer] 217.116.100.65 79.163.127.70 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com SearchScopes: HKU\S-1-5-21-1905721025-3557672246-1714588951-1000 -> {4E56432C-5888-410E-99CC-34E0115E907D} URL = hxxps://www.google.com/search?q={searchTerms} BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-24] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-24] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) Toolbar: HKU\S-1-5-21-1905721025-3557672246-1714588951-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://qtinstall.apple.com/qtactivex/qtplugin.cab DPF: HKLM-x32 {108D3206-846A-4A93-BACB-F0572D043ED7} hxxp://multum.dyndns.org/webrec.cab DPF: HKLM-x32 {8214B72E-B0CD-466E-A44D-1D54D926038D} hxxp://192.168.1.103/AVC_AX_724.cab DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.5.0.cab DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxps://www.google.pl/?gws_rd=ssl CHR StartupUrls: Default -> "hxxp://google.pl/" CHR Plugin: (Widevine Content Decryption Module) - C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\WidevineCdm\_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.) CHR Plugin: (Shockwave Flash) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.207\pepflashplayer.dll () CHR Profile: C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default [2016-11-16] CHR Extension: (Dysk Google) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25] CHR Extension: (YouTube) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-05] CHR Extension: (Google Search) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30] CHR Extension: (Dokumenty Google offline) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-06] CHR Extension: (Gmail) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29] CHR Extension: (Chrome Media Router) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-24] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated) R2 AppleOSSMgr; C:\Windows\system32\AppleOSSMgr.exe [224640 2011-08-15] () R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2780160 2016-10-14] (ESET) S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-10-13] (NVIDIA Corporation) R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [Brak podpisu cyfrowego] R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Brak podpisu cyfrowego] R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [Brak podpisu cyfrowego] S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2012-04-16] () [Brak podpisu cyfrowego] S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) S4 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 MSSQLSERVER; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [Brak podpisu cyfrowego] S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-10-13] (NVIDIA Corporation) S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-10-13] (NVIDIA Corporation) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [Brak podpisu cyfrowego] S4 Sidis Enterprise ServiceHost; C:\Program Files (x86)\ISTA\Bin\Siemens.SidisEnterprise.BaseSystem.CommunicationManagement.Remote.NTService.exe [20480 2012-09-10] (SIEMENS AG IIA AS FA AP TD) [Brak podpisu cyfrowego] R2 Transbase; C:\BMWgroup\ETKLokal\transbase\tbmux32.exe [385024 2004-08-05] (Transaction Software, D 81737 Munich) [Brak podpisu cyfrowego] S4 VServer; c:\ec-apps\carserver\mkp-vs\vservice.exe [598016 2016-04-17] (IFS Informationstechnik GmbH) [Brak podpisu cyfrowego] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation) S3 BthKicker; C:\Windows\System32\DRIVERS\BthKicker.sys [8704 2009-10-15] (Apple Inc.) S3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [352144 2012-04-09] (EldoS Corporation) S3 CYUSB3; C:\Windows\System32\Drivers\UPAUSB.sys [63376 2013-02-05] (Cypress Semiconductor) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-01-30] (DT Soft Ltd) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [263296 2016-10-14] (ESET) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [197288 2016-10-14] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [181416 2016-10-14] (ESET) S3 FcSerial; C:\Windows\System32\DRIVERS\FcSerial.sys [216448 2013-02-10] (Flash Card.) [Brak podpisu cyfrowego] S3 FcSerial; C:\Windows\SysWOW64\DRIVERS\FcSerial.sys [216448 2013-02-10] (Flash Card.) [Brak podpisu cyfrowego] R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2012-02-01] (Highresolution Enterprises [www.highrez.co.uk]) R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.) S2 IWPORT; C:\Windows\SysWOW64\DRIVERS\IWPORT.SYS [8152 2011-06-30] (TDi GmbH TechnoData - Interware) [Brak podpisu cyfrowego] S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [32256 2009-07-07] (hxxp://libusb-win32.sourceforge.net) [Brak podpisu cyfrowego] S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [Brak podpisu cyfrowego] S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-11-13] (Malwarebytes) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation) S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2013-07-25] (Apple Inc.) [Brak podpisu cyfrowego] S2 NSHE; C:\Windows\SysWOW64\Drivers\NSHE.SYS [97792 2008-11-23] (T0r0 2008) [Brak podpisu cyfrowego] S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-10-13] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-10-13] (NVIDIA Corporation) S3 PTLIBUSB0; C:\Windows\System32\DRIVERS\PTLIBUSB0.SYS [30720 2008-03-06] (PRUFTECHNIK AG) R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation) R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation) S3 slUsb; C:\Windows\System32\Drivers\slusb.sys [15360 2009-11-17] (Beijing Senselock Corp.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564792 2012-01-30] (Duplex Secure Ltd.) S3 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2015-09-24] (Seiko Epson Corporation) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Brak podpisu cyfrowego] S3 usbUDisc; C:\Windows\System32\DRIVERS\USBDrv_AMD64.sys [18392 2013-01-25] (Scott) R0 vidsflt58; C:\Windows\System32\DRIVERS\vsflt58.sys [142944 2012-10-08] (Acronis) S3 vpusb; C:\Windows\SysWow64\Drivers\vpusb64.sys [52736 2010-06-04] (WEILEI) S3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [266752 2012-08-26] (Jungo) R3 ZSMC301b; C:\Windows\System32\Drivers\usbVM31b.sys [432512 2006-06-06] (VM) U3 auh5vo0t; C:\Windows\System32\Drivers\auh5vo0t.sys [0 ] (Advanced Micro Devices) <==== UWAGA (zerobajtowy plik/folder) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-11-16 15:20 - 2016-11-16 15:21 - 00017825 _____ C:\Users\Administrator\Downloads\FRST.txt 2016-11-16 15:12 - 2016-11-16 15:12 - 00004403 _____ C:\Users\Administrator\Downloads\SearchReg.txt 2016-11-16 15:08 - 2016-11-16 15:08 - 00000000 ____D C:\Users\Kamil\Desktop\pliki 2016-11-15 21:05 - 2016-11-16 08:20 - 00000008 __RSH C:\Users\Kamil\ntuser.pol 2016-11-15 21:03 - 2016-11-15 21:03 - 00000640 __RSH C:\Users\Administrator\ntuser.pol 2016-11-15 21:01 - 2016-11-15 21:01 - 00000000 ____H C:\Users\Administrator\Documents\Default.rdp 2016-11-15 16:13 - 2016-11-15 16:12 - 00009473 _____ C:\Users\Kamil\Desktop\CAFD_00000794_004_124_042.ncd 2016-11-15 08:02 - 2016-11-16 07:58 - 00008567 _____ C:\Users\Kamil\Desktop\fixlist.txt 2016-11-14 21:56 - 2016-11-14 21:56 - 00005224 _____ C:\Users\Kamil\Desktop\po skanowaniu.txt 2016-11-14 19:45 - 2016-11-14 19:46 - 00002465 _____ C:\Users\Kamil\Desktop\FSS.txt 2016-11-14 19:45 - 2016-11-14 19:45 - 00011532 _____ C:\Users\Kamil\Desktop\raport po usunieciu.txt 2016-11-14 19:43 - 2016-11-14 19:43 - 00010838 _____ C:\Users\Kamil\Desktop\raport roguekiller.txt 2016-11-14 17:57 - 2016-11-14 17:57 - 00899584 _____ (Farbar) C:\Users\Kamil\Desktop\FSS.exe 2016-11-14 17:56 - 2016-11-14 17:57 - 25537096 _____ C:\Users\Kamil\Desktop\RogueKillerX64.exe 2016-11-14 13:19 - 2016-11-14 13:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BMW Standard Tools 2016-11-14 13:19 - 2016-11-14 13:19 - 00000000 ____D C:\NCSEXPER 2016-11-14 13:03 - 2016-11-14 13:03 - 00000000 ____D C:\EDIABAS 2016-11-14 03:04 - 2016-11-14 03:04 - 00000000 ____D C:\Windows\PCHEALTH 2016-11-13 22:45 - 2016-11-13 22:52 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\keyreader 2016-11-13 22:39 - 2016-11-13 22:41 - 00000000 ____D C:\Users\Public\AppData\keyreader 2016-11-13 21:34 - 2016-11-13 21:34 - 04734976 _____ C:\Users\Kamil\Downloads\Keyreader (3).msi 2016-11-13 21:23 - 2016-11-13 21:23 - 00001762 _____ C:\Users\Public\Desktop\ETK Admin.lnk 2016-11-13 21:23 - 2016-11-13 21:23 - 00001727 _____ C:\Users\Public\Desktop\ETK (Lokal).lnk 2016-11-13 21:23 - 2016-11-13 21:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ETKLokal 2016-11-13 20:54 - 2016-11-13 20:56 - 1440602112 _____ C:\Users\Kamil\Desktop\etk.iso 2016-11-13 20:49 - 2016-11-13 21:06 - 01597475 _____ C:\Users\Kamil\Desktop\etkpr1.zip 2016-11-13 20:49 - 2016-11-13 21:06 - 01058041 _____ C:\Users\Kamil\Desktop\etkpr2.zip 2016-11-13 20:39 - 2016-11-13 21:19 - 00000000 ____D C:\BMWgroup 2016-11-13 20:27 - 2016-11-13 20:27 - 469564504 _____ C:\Users\Kamil\Desktop\regbackup.reg 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\2C0A 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\0C0A 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\0C04 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\0816 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\0804 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\0424 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\041F 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\041E 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\041D 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\041B 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\0419 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\0416 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\0415 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\0414 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\0413 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\0412 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\0411 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\0410 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\040E 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\040D 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\040C 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\040B 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\040A 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\0409 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\0408 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\0407 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\0406 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\0405 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\0404 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Windows\system32\0401 2016-11-13 20:19 - 2016-11-13 20:19 - 00000000 ____D C:\Program Files (x86)\Renesas Electronics 2016-11-13 17:03 - 2016-11-16 15:20 - 00000000 ____D C:\FRST 2016-11-13 17:03 - 2016-11-13 17:03 - 02411520 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe 2016-11-13 16:27 - 2016-11-13 16:27 - 00030508 _____ C:\ComboFix.txt 2016-11-13 15:56 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe 2016-11-13 15:56 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe 2016-11-13 15:56 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2016-11-13 15:56 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2016-11-13 15:56 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2016-11-13 15:56 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe 2016-11-13 15:56 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe 2016-11-13 15:56 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe 2016-11-13 15:54 - 2016-11-13 15:54 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\PSpad 2016-11-13 15:48 - 2016-11-13 15:48 - 00000000 ____D C:\Users\Administrator\AppData\Local\ESET 2016-11-13 15:47 - 2016-11-13 15:48 - 05659276 ____R (Swearware) C:\Users\Administrator\Downloads\ComboFix.exe 2016-11-13 15:36 - 2016-11-13 15:36 - 00000000 ____D C:\Dell 2016-11-13 15:26 - 2016-04-09 05:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2016-11-13 15:26 - 2016-04-09 04:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2016-11-13 15:24 - 2016-06-26 01:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2016-11-13 15:24 - 2016-06-26 01:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2016-11-13 15:24 - 2016-06-26 01:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll 2016-11-13 15:24 - 2016-06-26 01:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll 2016-11-13 15:24 - 2016-06-26 01:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll 2016-11-13 15:24 - 2016-06-25 20:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2016-11-13 15:24 - 2016-06-25 20:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll 2016-11-13 15:24 - 2016-06-25 20:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe 2016-11-13 15:24 - 2016-06-25 20:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe 2016-11-13 15:24 - 2016-06-25 20:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe 2016-11-13 15:21 - 2016-05-12 18:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll 2016-11-13 15:21 - 2016-05-12 18:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll 2016-11-13 15:21 - 2016-05-12 18:14 - 00793088 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll 2016-11-13 15:21 - 2016-05-12 18:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL 2016-11-13 15:21 - 2016-05-12 18:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll 2016-11-13 15:21 - 2016-05-12 18:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll 2016-11-13 15:21 - 2016-05-12 18:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll 2016-11-13 15:21 - 2016-05-12 18:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll 2016-11-13 15:21 - 2016-05-12 16:18 - 00591872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll 2016-11-13 15:21 - 2016-05-12 16:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll 2016-11-13 15:21 - 2016-05-12 16:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll 2016-11-13 15:21 - 2016-05-12 16:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll 2016-11-13 15:21 - 2016-05-12 16:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll 2016-11-13 15:21 - 2016-05-12 16:06 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe 2016-11-13 15:21 - 2016-05-12 15:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll 2016-11-13 15:21 - 2016-05-12 15:57 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.exe 2016-11-13 15:21 - 2016-05-11 18:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll 2016-11-13 15:21 - 2016-05-11 16:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll 2016-11-13 15:19 - 2016-04-14 14:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2016-11-13 15:19 - 2016-04-14 14:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2016-11-13 15:11 - 2016-11-13 15:11 - 00000000 ____D C:\Program Files (x86)\Intel 2016-11-13 15:11 - 2011-06-13 18:37 - 00059240 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll 2016-11-13 15:10 - 2016-11-13 15:10 - 00000000 ____D C:\Intel 2016-11-13 15:10 - 2011-06-13 18:37 - 00287448 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1e6232e.sys 2016-11-13 15:10 - 2011-06-13 18:37 - 00121440 _____ (Intel Corporation) C:\Windows\system32\e1000msg.dll 2016-11-13 15:10 - 2011-06-13 18:37 - 00091840 _____ (Intel Corporation) C:\Windows\system32\NicInE6.dll 2016-11-13 15:10 - 2011-06-13 18:37 - 00036472 _____ (Intel Corporation) C:\Windows\system32\NicCo36.dll 2016-11-13 15:10 - 2011-06-13 18:37 - 00002745 _____ C:\Windows\system32\e1e6232e.din 2016-11-13 15:09 - 2016-11-13 15:09 - 00000000 ____D C:\Program Files (x86)\Motorola 2016-11-13 15:08 - 2016-11-13 15:08 - 00000000 ____D C:\Program Files\IDT 2016-11-13 15:08 - 2016-11-13 15:08 - 00000000 ____D C:\Program Files (x86)\IDT 2016-11-13 15:08 - 2011-06-13 18:37 - 04798016 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWL664.SYS 2016-11-13 15:08 - 2011-06-13 18:37 - 03906408 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll 2016-11-13 15:08 - 2011-06-13 18:37 - 03572072 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll 2016-11-13 15:08 - 2011-06-13 18:37 - 00095544 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll 2016-11-13 15:05 - 2016-11-13 15:05 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2016-11-13 15:05 - 2016-11-13 15:05 - 00000000 ____D C:\Windows\System32\Tasks\Apple 2016-11-13 15:05 - 2016-11-13 15:05 - 00000000 ____D C:\Users\Administrator\AppData\Local\Apple 2016-11-13 15:05 - 2016-11-13 15:05 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2016-11-13 15:04 - 2011-06-13 18:40 - 19128424 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2016-11-13 15:04 - 2011-06-13 18:40 - 14513768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2016-11-13 15:04 - 2011-06-13 18:40 - 14513768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2016-11-13 15:04 - 2011-06-13 18:40 - 14105192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2016-11-13 15:04 - 2011-06-13 18:40 - 12525160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2016-11-13 15:04 - 2011-06-13 18:40 - 12487784 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2016-11-13 15:04 - 2011-06-13 18:40 - 09833064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2016-11-13 15:04 - 2011-06-13 18:40 - 06120040 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2016-11-13 15:04 - 2011-06-13 18:40 - 04556392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2016-11-13 15:04 - 2011-06-13 18:40 - 03089512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2016-11-13 15:04 - 2011-06-13 18:40 - 02893928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2016-11-13 15:04 - 2011-06-13 18:40 - 02761832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2016-11-13 15:04 - 2011-06-13 18:40 - 02506856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2016-11-13 15:04 - 2011-06-13 18:40 - 01633384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2016-11-13 15:04 - 2011-06-13 18:40 - 00383080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdecodemft.dll 2016-11-13 15:04 - 2011-06-13 18:40 - 00314984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvdecodemft.dll 2016-11-13 15:04 - 2011-06-13 18:40 - 00265832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcod1927.dll 2016-11-13 15:04 - 2011-06-13 18:40 - 00265832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcod.dll 2016-11-13 15:04 - 2011-06-13 18:40 - 00065128 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2016-11-13 15:04 - 2011-06-13 18:40 - 00056936 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2016-11-13 15:04 - 2011-06-13 18:40 - 00011240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvBridge.kmd 2016-11-13 15:03 - 2016-11-13 15:03 - 00000000 ____D C:\Users\Administrator\Desktop\bootcamp4 2016-11-13 15:02 - 2016-11-13 15:02 - 00000000 ____D C:\Users\Administrator\Desktopbotcamp4.0 2016-11-13 14:46 - 2016-11-13 14:46 - 00000000 ____D C:\Users\Administrator\Desktop\bootcamp 2016-11-13 14:45 - 2016-11-13 14:45 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\WinRAR 2016-11-13 14:36 - 2016-11-13 14:36 - 00000000 ____D C:\Windows\pss 2016-11-10 13:22 - 2016-11-10 13:28 - 43308688 _____ (Hewlett-Packard Company ) C:\Users\Kamil\Downloads\sp37791.exe 2016-11-10 12:13 - 2016-11-10 12:13 - 2111373312 _____ C:\Users\Kamil\Downloads\7LIGHT.iso 2016-11-10 11:53 - 2016-11-10 13:11 - 00000000 ____D C:\Users\Kamil\Downloads\Windows 7 SP1 Wrzesien 2016 64-bit PL 2016-11-10 10:52 - 2016-11-10 13:29 - 00000000 ____D C:\swsetup 2016-11-10 10:51 - 2016-11-10 10:52 - 06595152 _____ (HP Development Company, L.P. ) C:\Users\Kamil\Downloads\sp73582.exe 2016-11-08 16:05 - 2016-11-08 16:05 - 00067888 _____ C:\Users\Kamil\Desktop\Faktura F 0043 2016.pdf 2016-11-08 16:02 - 2016-11-08 16:02 - 00075143 _____ C:\Users\Kamil\Desktop\Korekta K 0001 2016.pdf 2016-11-07 19:35 - 2016-11-07 19:36 - 00935016 _____ C:\Users\Kamil\Downloads\F20 F21 F30 F31 Alpine Stereo Retrofit.pdf 2016-11-04 15:41 - 2016-11-04 15:41 - 00000000 _____ C:\Users\Kamil\Desktop\Nowy dokument tekstowy (5).txt 2016-11-04 15:05 - 2016-11-04 18:01 - 00000000 ____D C:\Users\Kamil\Downloads\BMW ISPI ETK 11 2016 2016-11-04 14:54 - 2016-11-04 14:54 - 00067260 _____ C:\Users\Kamil\Downloads\A864548.zip 2016-11-04 14:54 - 2016-11-04 14:54 - 00067260 _____ C:\Users\Kamil\Desktop\A864548.zip 2016-11-04 11:52 - 2016-11-04 11:52 - 00000000 ____D C:\Users\Kamil\Desktop\m4evo 2016-11-04 09:53 - 2016-11-04 11:51 - 00000110 _____ C:\Users\Kamil\Desktop\mcartur.txt 2016-11-04 09:52 - 2016-11-04 10:09 - 00000000 ____D C:\Program Files (x86)\Professional EGR Remover 2016-11-04 09:52 - 2016-11-04 09:52 - 00001171 _____ C:\Users\Public\Desktop\Professional EGR Remover.lnk 2016-11-04 09:52 - 2016-11-04 09:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Professional EGR Remover 2016-11-04 09:51 - 2016-11-04 10:09 - 00000000 ____D C:\Program Files (x86)\Professional DPF Remover 2016-11-04 09:51 - 2016-11-04 09:51 - 00001171 _____ C:\Users\Public\Desktop\Professional DPF Remover.lnk 2016-11-04 09:51 - 2016-11-04 09:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Professional DPF Remover 2016-11-04 09:46 - 2016-11-04 10:30 - 00000000 ____D C:\Users\Kamil\Downloads\DPF+EGR 2016-11-04 09:41 - 2016-11-04 09:41 - 00248946 _____ C:\Users\Kamil\Downloads\Install JDownloader.rar 2016-11-03 17:26 - 2016-11-03 17:26 - 00073450 _____ C:\Users\Kamil\Downloads\K336851.zip 2016-11-03 12:41 - 2016-11-03 12:41 - 02772731 _____ C:\Users\Kamil\Downloads\BOA MANHATTAN AUTO SALES,LLC (1).pdf 2016-11-03 12:39 - 2016-11-03 12:40 - 02772731 _____ C:\Users\Kamil\Downloads\BOA MANHATTAN AUTO SALES,LLC.pdf 2016-11-03 09:15 - 2016-11-03 09:15 - 06457283 _____ C:\Users\Kamil\Downloads\Airbag_MAC7241_BMW_F_Series.pdf 2016-11-03 09:14 - 2016-11-03 09:14 - 00717674 _____ C:\Users\Kamil\Downloads\CAS4_5M48H_V2.pdf 2016-11-03 09:14 - 2016-11-03 09:14 - 00511219 _____ C:\Users\Kamil\Downloads\VW_Golf7_2014_SPC560P50.pdf 2016-11-03 09:13 - 2016-11-03 09:13 - 00552432 _____ C:\Users\Kamil\Downloads\volvo_ccm.pdf 2016-11-03 09:13 - 2016-11-03 09:13 - 00027239 _____ C:\Users\Kamil\Downloads\xprog_sch.pdf 2016-11-02 20:52 - 2016-11-02 20:53 - 00069893 _____ C:\Users\Kamil\Downloads\A215250 (1).zip 2016-11-02 15:57 - 2016-11-16 08:11 - 00000921 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk 2016-11-02 15:57 - 2016-11-02 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID 2016-11-02 15:57 - 2016-11-02 15:57 - 00000000 ____D C:\Program Files\CPUID 2016-11-02 15:56 - 2016-11-02 15:56 - 01718016 _____ ( ) C:\Users\Kamil\Downloads\cpu-z_1.77-en.exe 2016-11-02 10:01 - 2016-05-13 23:15 - 00382184 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2016-11-02 10:01 - 2016-05-13 23:09 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2016-11-02 10:01 - 2016-05-13 23:09 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2016-11-02 10:01 - 2016-05-13 23:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2016-11-02 10:01 - 2016-05-13 23:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2016-11-02 10:01 - 2016-05-13 22:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2016-11-02 10:01 - 2016-05-13 22:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2016-11-02 10:01 - 2016-05-13 22:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2016-11-02 10:01 - 2016-05-13 22:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2016-11-02 10:01 - 2016-05-13 22:27 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2016-10-31 13:53 - 2016-10-31 13:53 - 00000000 ____D C:\Users\Kamil\Desktop\LION 2016-10-31 13:36 - 2016-10-31 13:36 - 03862600 _____ (Power Software Ltd) C:\Users\Kamil\Downloads\PowerISO6-x64.exe 2016-10-31 12:47 - 2016-10-31 12:47 - 00037196 _____ C:\Users\Kamil\Downloads\mac os x 10.7 Lion.torrent.zip 2016-10-31 11:47 - 2016-10-31 11:47 - 00365431 _____ C:\Users\Kamil\Downloads\MacOS Sierra.torrent.zip 2016-10-31 11:38 - 2016-10-31 11:38 - 00000098 _____ C:\Users\Kamil\Downloads\stream (7).m3u 2016-10-31 11:37 - 2016-10-31 11:37 - 00000098 _____ C:\Users\Kamil\Downloads\stream (6).m3u 2016-10-31 11:35 - 2016-10-31 11:35 - 00000097 _____ C:\Users\Kamil\Downloads\stream (5).m3u 2016-10-31 11:33 - 2016-10-31 11:33 - 00000097 _____ C:\Users\Kamil\Downloads\stream (4).m3u 2016-10-31 11:26 - 2016-10-31 11:26 - 04734976 _____ C:\Users\Kamil\Downloads\Keyreader (2).msi 2016-10-31 08:42 - 2016-10-31 08:42 - 00000097 _____ C:\Users\Kamil\Downloads\stream (3).m3u 2016-10-30 22:47 - 2016-11-13 20:10 - 00000000 ____D C:\Program Files (x86)\Stellar Phoenix Macintosh 2016-10-30 22:46 - 2016-10-30 22:46 - 00000000 ____D C:\Users\Administrator\Downloads\StellarPhoenixMacDataRecovery.dmg 2016-10-30 22:40 - 2016-11-13 14:19 - 00061288 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT 2016-10-30 18:42 - 2016-10-30 18:42 - 00000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA Corporation 2016-10-30 18:41 - 2016-11-15 21:03 - 00000000 ____D C:\Users\Administrator 2016-10-30 18:41 - 2016-10-30 18:56 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google 2016-10-30 18:41 - 2016-10-30 18:51 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe 2016-10-30 18:41 - 2016-10-30 18:51 - 00000000 ____D C:\Users\Administrator\AppData\Local\Adobe 2016-10-30 18:41 - 2016-10-30 18:43 - 00002229 _____ C:\Users\Administrator\Desktop\Google Chrome.lnk 2016-10-30 18:41 - 2016-10-30 18:41 - 00001429 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-10-30 18:41 - 2016-10-30 18:41 - 00000020 ___SH C:\Users\Administrator\ntuser.ini 2016-10-30 18:41 - 2016-10-30 18:41 - 00000000 _SHDL C:\Users\Administrator\Ustawienia lokalne 2016-10-30 18:41 - 2016-10-30 18:41 - 00000000 _SHDL C:\Users\Administrator\Szablony 2016-10-30 18:41 - 2016-10-30 18:41 - 00000000 _SHDL C:\Users\Administrator\Moje dokumenty 2016-10-30 18:41 - 2016-10-30 18:41 - 00000000 _SHDL C:\Users\Administrator\Menu Start 2016-10-30 18:41 - 2016-10-30 18:41 - 00000000 _SHDL C:\Users\Administrator\Documents\Moje wideo 2016-10-30 18:41 - 2016-10-30 18:41 - 00000000 _SHDL C:\Users\Administrator\Documents\Moje obrazy 2016-10-30 18:41 - 2016-10-30 18:41 - 00000000 _SHDL C:\Users\Administrator\Documents\Moja muzyka 2016-10-30 18:41 - 2016-10-30 18:41 - 00000000 _SHDL C:\Users\Administrator\Dane aplikacji 2016-10-30 18:41 - 2016-10-30 18:41 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2016-10-30 18:41 - 2016-10-30 18:41 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Historia 2016-10-30 18:41 - 2016-10-30 18:41 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Dane aplikacji 2016-10-30 18:41 - 2016-10-30 18:41 - 00000000 ___RD C:\Users\Administrator\Virtual Machines 2016-10-30 18:41 - 2016-10-30 18:41 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Thunderbird 2016-10-30 18:41 - 2016-10-30 18:41 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Mozilla 2016-10-30 18:41 - 2016-10-30 18:41 - 00000000 ____D C:\Users\Administrator\AppData\Local\Thunderbird 2016-10-30 18:41 - 2016-10-30 18:41 - 00000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA 2016-10-30 18:41 - 2013-03-28 09:13 - 00000000 ____D C:\Users\Administrator\AppData\Local\SIEMENS_AG_IIA_AS_FA_AP_T 2016-10-30 18:41 - 2013-02-16 14:48 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia 2016-10-30 18:41 - 2012-04-17 02:01 - 00000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help 2016-10-30 18:41 - 2010-11-21 08:16 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Media Center Programs 2016-10-30 18:31 - 2016-10-30 18:31 - 22851472 _____ (Malwarebytes ) C:\Users\Kamil\Downloads\mbam-setup-2.2.1.1043 (1).exe 2016-10-27 10:53 - 2016-10-27 10:53 - 00066926 _____ C:\Users\Kamil\Desktop\LX06101.zip 2016-10-27 10:53 - 2016-10-27 10:53 - 00000000 ____D C:\Users\Kamil\Desktop\LX06101 2016-10-26 22:44 - 2016-10-26 22:47 - 402653184 _____ C:\Users\Kamil\Downloads\cichdd_full_b1_s1_v1.7z.002 2016-10-26 21:25 - 2016-10-26 21:25 - 01786703 _____ C:\Users\Kamil\Desktop\____________ _____ 80Gb __ CIC _ _______ WInHex 16.pdf 2016-10-26 19:51 - 2016-10-26 19:51 - 00000000 ____D C:\Users\Kamil\AppData\Local\BMW_Group 2016-10-26 19:46 - 2016-10-26 19:47 - 93806593 _____ C:\Users\Kamil\Downloads\Loader V6.1F.7z 2016-10-25 10:45 - 2016-10-25 10:45 - 00000374 _____ C:\Users\Kamil\Desktop\fix.reg 2016-10-25 10:42 - 2016-10-30 18:26 - 00006676 _____ C:\Users\Kamil\Downloads\SystemLook.txt 2016-10-25 10:41 - 2016-10-25 10:42 - 00165376 _____ C:\Users\Kamil\Downloads\SystemLook_x64.exe 2016-10-25 08:42 - 2016-10-25 08:48 - 00000080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\uTorrent.lnk 2016-10-25 08:41 - 2016-10-25 08:48 - 00000080 _____ C:\Users\Kamil\Desktop\NcdCafdTool.exe - skrót.lnk 2016-10-25 08:41 - 2016-10-25 08:48 - 00000080 _____ C:\Users\Kamil\Desktop\ISTAGUI.exe - skrót.lnk 2016-10-25 08:41 - 2016-10-25 08:48 - 00000080 _____ C:\Users\Kamil\Desktop\ecc.exe - skrót.lnk 2016-10-25 08:41 - 2016-10-25 08:48 - 00000080 _____ C:\Users\Kamil\Desktop\ADBCD.exe - skrót.lnk 2016-10-25 08:41 - 2016-10-25 08:48 - 00000080 _____ C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\uTorrent.lnk 2016-10-24 22:32 - 2016-11-13 14:15 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-10-24 22:31 - 2016-10-30 18:32 - 00001074 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-10-24 22:31 - 2016-10-30 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-10-24 22:31 - 2016-10-30 18:32 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-10-24 22:31 - 2016-10-24 22:31 - 22851472 _____ (Malwarebytes ) C:\Users\Kamil\Downloads\mbam-setup-2.2.1.1043.exe 2016-10-24 22:31 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-10-24 22:31 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-10-24 22:31 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-10-24 22:26 - 2016-10-24 22:26 - 00000000 ____D C:\Users\Gość\AppData\Local\NVIDIA Corporation 2016-10-24 22:25 - 2016-11-02 09:59 - 00000000 ____D C:\Users\Gość\AppData\Roaming\Adobe 2016-10-24 22:25 - 2016-11-02 09:59 - 00000000 ____D C:\Users\Gość\AppData\Local\Adobe 2016-10-24 22:25 - 2016-11-02 09:56 - 00000000 ____D C:\Users\Gość\AppData\Local\Google 2016-10-24 22:25 - 2016-10-24 22:25 - 00002229 _____ C:\Users\Gość\Desktop\Google Chrome.lnk 2016-10-24 22:25 - 2016-10-24 22:25 - 00001429 _____ C:\Users\Gość\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-10-24 22:25 - 2016-10-24 22:25 - 00000000 ____D C:\Users\Gość\AppData\Local\NVIDIA 2016-10-24 22:24 - 2016-10-24 22:25 - 00000000 ___RD C:\Users\Gość\Virtual Machines 2016-10-24 22:24 - 2016-10-24 22:24 - 00000020 ___SH C:\Users\Gość\ntuser.ini 2016-10-24 22:24 - 2016-10-24 22:24 - 00000000 _SHDL C:\Users\Gość\Ustawienia lokalne 2016-10-24 22:24 - 2016-10-24 22:24 - 00000000 _SHDL C:\Users\Gość\Szablony 2016-10-24 22:24 - 2016-10-24 22:24 - 00000000 _SHDL C:\Users\Gość\Moje dokumenty 2016-10-24 22:24 - 2016-10-24 22:24 - 00000000 _SHDL C:\Users\Gość\Menu Start 2016-10-24 22:24 - 2016-10-24 22:24 - 00000000 _SHDL C:\Users\Gość\Documents\Moje wideo 2016-10-24 22:24 - 2016-10-24 22:24 - 00000000 _SHDL C:\Users\Gość\Documents\Moje obrazy 2016-10-24 22:24 - 2016-10-24 22:24 - 00000000 _SHDL C:\Users\Gość\Documents\Moja muzyka 2016-10-24 22:24 - 2016-10-24 22:24 - 00000000 _SHDL C:\Users\Gość\Dane aplikacji 2016-10-24 22:24 - 2016-10-24 22:24 - 00000000 _SHDL C:\Users\Gość\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2016-10-24 22:24 - 2016-10-24 22:24 - 00000000 _SHDL C:\Users\Gość\AppData\Local\Historia 2016-10-24 22:24 - 2016-10-24 22:24 - 00000000 _SHDL C:\Users\Gość\AppData\Local\Dane aplikacji 2016-10-24 22:24 - 2016-10-24 22:24 - 00000000 ____D C:\Users\Gość\AppData\Roaming\Thunderbird 2016-10-24 22:24 - 2016-10-24 22:24 - 00000000 ____D C:\Users\Gość\AppData\Roaming\Mozilla 2016-10-24 22:24 - 2016-10-24 22:24 - 00000000 ____D C:\Users\Gość\AppData\Local\Thunderbird 2016-10-24 22:24 - 2016-10-24 22:24 - 00000000 ____D C:\Users\Gość 2016-10-24 22:24 - 2013-03-28 09:13 - 00000000 ____D C:\Users\Gość\AppData\Local\SIEMENS_AG_IIA_AS_FA_AP_T 2016-10-24 22:24 - 2013-02-16 14:48 - 00000000 ____D C:\Users\Gość\AppData\Roaming\Macromedia 2016-10-24 22:24 - 2012-04-17 02:01 - 00000000 ____D C:\Users\Gość\AppData\Local\Microsoft Help 2016-10-24 22:24 - 2010-11-21 08:16 - 00000000 ____D C:\Users\Gość\AppData\Roaming\Media Center Programs 2016-10-23 10:35 - 2016-10-23 10:35 - 00010821 _____ C:\Users\Kamil\Downloads\Europe-MOVE-2017-1.torrent 2016-10-22 13:15 - 2016-10-22 13:15 - 13045277 _____ C:\Users\Kamil\Desktop\e24_83.pdf 2016-10-22 13:15 - 2016-10-22 13:15 - 08443524 _____ C:\Users\Kamil\Desktop\e24_83.zip 2016-10-21 14:30 - 2016-10-21 14:30 - 00000000 _____ C:\Users\Kamil\Desktop\Nowy dokument tekstowy (4).txt 2016-10-20 14:00 - 2016-10-20 14:01 - 41896256 _____ (Apple Inc.) C:\Users\Kamil\Downloads\QuickTimeInstaller.exe 2016-10-19 13:50 - 2016-10-19 13:50 - 05757120 _____ C:\Users\Kamil\Downloads\BMW_5er_Preisliste.pdf 2016-10-19 13:44 - 2016-10-19 13:44 - 00000856 _____ C:\Users\Kamil\Downloads\epc (9).jnlp 2016-10-19 13:28 - 2016-10-19 13:29 - 00832308 _____ C:\Users\Kamil\Downloads\17817088_20161019636124589405841904.ZIP 2016-10-18 11:08 - 2016-10-18 11:20 - 00000000 ____D C:\Program Files (x86)\rheingold 2016-10-17 17:17 - 2016-10-17 17:17 - 254674610 _____ C:\Users\Kamil\Desktop\Rheingold_Standalone_4.01.36-2.7z 2016-10-17 17:09 - 2016-10-17 17:09 - 00001840 _____ C:\Users\Kamil\Desktop\ISTA.lnk 2016-10-17 17:07 - 2016-10-17 17:07 - 00467642 _____ C:\Users\Kamil\Downloads\RheingoldSessionController.NoFasta.4.01.36.7z 2016-10-17 17:07 - 2016-10-13 18:58 - 00467456 _____ (BMW Group) C:\Users\Kamil\Desktop\RheingoldSessionController.NoFasta.dll ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-11-16 15:19 - 2011-08-03 22:47 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\Skype 2016-11-16 15:14 - 2009-07-14 05:45 - 00021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-11-16 15:14 - 2009-07-14 05:45 - 00021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-11-16 15:09 - 2015-08-31 12:45 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e3e291787d1b.job 2016-11-16 15:06 - 2014-11-04 14:59 - 00000000 ____D C:\Users\Kamil\.gstreamer-0.10 2016-11-16 15:05 - 2015-12-02 17:59 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d12d22c822346c.job 2016-11-16 15:05 - 2015-09-17 04:04 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0f0f5a0b9cacd.job 2016-11-16 15:05 - 2015-08-31 12:45 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e3e290af1289.job 2016-11-16 15:05 - 2015-07-15 21:59 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bf41249f3884.job 2016-11-16 15:05 - 2015-05-17 23:59 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d090f516ad2643.job 2016-11-16 15:05 - 2015-02-05 18:53 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0416c9f1e01fa.job 2016-11-16 15:05 - 2014-06-16 06:36 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8924ed9a9d27.job 2016-11-16 15:05 - 2011-08-03 00:21 - 00000000 ____D C:\ProgramData\NVIDIA 2016-11-16 15:05 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-11-16 15:02 - 2015-09-17 04:04 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0f0f5a143e3a5.job 2016-11-16 15:02 - 2009-07-14 04:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2016-11-16 14:58 - 2014-06-16 06:36 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8924ee85c3e8.job 2016-11-16 14:50 - 2015-07-15 21:59 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bf41252cfba8.job 2016-11-16 14:36 - 2012-04-06 19:36 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-11-16 14:04 - 2015-05-17 23:59 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d090f5172f778b.job 2016-11-16 14:04 - 2015-02-05 18:53 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0416c9fc519dc.job 2016-11-16 08:20 - 2011-08-02 21:44 - 00000000 ____D C:\Users\Kamil 2016-11-16 08:11 - 2015-11-12 20:19 - 00001046 _____ C:\Users\Kamil\Desktop\ecc.exe — skrót.lnk 2016-11-16 04:28 - 2014-06-11 16:44 - 00003976 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{295628A2-FCC7-43EB-9308-D4BB537D31D3} 2016-11-15 21:04 - 2009-07-14 04:20 - 00000000 ___HD C:\Windows\system32\GroupPolicyUsers 2016-11-15 09:38 - 2011-02-04 18:55 - 00789396 _____ C:\Windows\system32\perfh015.dat 2016-11-15 09:38 - 2011-02-04 18:55 - 00174530 _____ C:\Windows\system32\perfc015.dat 2016-11-15 09:38 - 2009-07-14 06:13 - 01803838 _____ C:\Windows\system32\PerfStringBackup.INI 2016-11-15 09:38 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-11-15 08:05 - 2011-08-28 09:50 - 00000000 ____D C:\Users\Kamil\AppData\LocalLow\Temp 2016-11-14 22:51 - 2013-03-30 17:42 - 00002169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-11-14 19:44 - 2014-06-06 12:55 - 00000000 ____D C:\Program Files (x86)\PSPad editor 2016-11-14 13:19 - 2015-09-23 13:40 - 00001648 _____ C:\Users\Public\Desktop\INPA.lnk 2016-11-14 13:19 - 2015-09-23 13:40 - 00001628 _____ C:\Users\Public\Desktop\WinKFP.lnk 2016-11-14 13:19 - 2015-09-23 13:40 - 00001550 _____ C:\Users\Public\Desktop\NCS-Expert tool.lnk 2016-11-14 13:19 - 2015-09-23 13:40 - 00001523 _____ C:\Users\Public\Desktop\Tool32.lnk 2016-11-14 13:19 - 2015-09-23 13:39 - 00722718 _____ C:\Windows\unins000.exe 2016-11-14 13:19 - 2015-09-23 13:39 - 00585471 _____ C:\Windows\unins000.dat 2016-11-14 13:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system 2016-11-14 03:35 - 2016-07-22 08:52 - 00243088 _____ C:\Windows\system32\FNTCACHE.DAT 2016-11-14 03:35 - 2013-03-14 03:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-11-14 03:35 - 2013-03-14 03:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-11-14 03:33 - 2010-11-21 08:16 - 00000000 ____D C:\Windows\ShellNew 2016-11-14 03:18 - 2013-08-11 20:25 - 00000000 ____D C:\Windows\system32\MRT 2016-11-14 03:11 - 2011-08-06 15:03 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-11-14 03:10 - 2011-08-06 15:01 - 01778906 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2016-11-14 03:07 - 2013-03-14 03:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-11-13 23:07 - 2015-12-04 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BMW Group ISPI Next 2016-11-13 23:07 - 2015-01-20 13:32 - 00002511 _____ C:\Users\Public\Desktop\BMW Group Keyreader.lnk 2016-11-13 23:07 - 2015-01-20 13:32 - 00000000 ____D C:\Users\Public\keyreader 2016-11-13 21:20 - 2011-08-03 02:15 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-11-13 21:11 - 2016-07-15 09:19 - 00061024 _____ C:\Users\Kamil\AppData\Local\GDIPFONTCACHEV1.DAT 2016-11-13 20:46 - 2011-09-26 18:46 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\DAEMON Tools Lite 2016-11-13 20:16 - 2015-05-05 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetSurveillance 2016-11-13 20:04 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2016-11-13 20:02 - 2011-09-05 18:08 - 00000000 ____D C:\Users\Kamil\AppData\Local\Google 2016-11-13 20:02 - 2011-09-05 18:08 - 00000000 ____D C:\Program Files (x86)\Google 2016-11-13 18:24 - 2015-11-05 18:38 - 00000000 ____D C:\Users\Kamil\.oracle_jre_usage 2016-11-13 16:27 - 2013-09-10 20:43 - 00000000 ____D C:\Users\Serwis2 2016-11-13 16:20 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini 2016-11-13 16:15 - 2009-07-14 03:34 - 30670848 _____ C:\Windows\system32\config\SYSTEM.bak 2016-11-13 16:15 - 2009-07-14 03:34 - 124256256 _____ C:\Windows\system32\config\SOFTWARE.bak 2016-11-13 16:15 - 2009-07-14 03:34 - 00786432 _____ C:\Windows\system32\config\DEFAULT.bak 2016-11-13 16:15 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak 2016-11-13 16:15 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak 2016-11-13 16:14 - 2009-07-14 03:34 - 48496640 _____ C:\Windows\system32\config\COMPONENTS.bak 2016-11-13 15:09 - 2011-08-03 02:15 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2016-11-13 15:06 - 2013-01-28 09:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-11-13 15:06 - 2011-08-06 15:02 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2016-11-13 15:06 - 2011-08-06 15:01 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-11-13 14:13 - 2016-10-13 20:06 - 00000000 ____D C:\Users\Public\Documents\AdobeGC 2016-11-12 11:46 - 2016-03-17 19:17 - 00000000 ____D C:\Program Files (x86)\EVE-TECH CMS 2016-11-10 11:28 - 2016-04-12 19:22 - 00000000 ____D C:\Users\Kamil\Desktop\-Windows-7-Loader-v2.2.2-By-DAZ 2016-11-08 17:36 - 2012-04-06 19:36 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-11-08 17:36 - 2012-04-06 19:36 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-11-08 17:36 - 2011-12-14 09:57 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-11-08 17:36 - 2011-12-14 09:57 - 00000000 ____D C:\Windows\system32\Macromed 2016-11-08 17:36 - 2011-08-02 23:52 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2016-11-08 13:22 - 2015-05-05 16:18 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2016-11-08 12:56 - 2010-11-21 08:16 - 00000000 ____D C:\Windows\CSC 2016-11-08 10:33 - 2011-12-03 18:50 - 00000000 ____D C:\Users\Kamil\AppData\Local\Deployment 2016-11-05 22:42 - 2015-05-05 16:16 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2016-11-04 16:03 - 2014-12-03 21:25 - 00000000 ____D C:\ProgramData\Package Cache 2016-11-04 16:03 - 2013-07-16 11:19 - 00000000 ____D C:\ProgramData\GARMIN 2016-11-04 16:02 - 2016-09-29 19:51 - 00000000 ____D C:\Program Files (x86)\TokenMaster 2016-11-04 15:34 - 2011-10-10 17:54 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\TeamViewer 2016-11-04 15:34 - 2011-09-20 20:26 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-11-04 09:58 - 2012-02-03 20:22 - 00000000 ___RD C:\Users\Kamil\Virtual Machines 2016-11-02 12:04 - 2015-10-26 11:42 - 00000000 ____D C:\Users\Kamil\Documents\fakturka 2016-10-31 13:47 - 2011-08-02 23:53 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\uTorrent 2016-10-31 12:47 - 2016-09-23 10:08 - 00000000 ____D C:\Users\Kamil\Desktop\download ista 2016-10-30 18:41 - 2016-10-03 21:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2016-10-30 18:41 - 2009-07-14 05:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-10-30 18:14 - 2012-09-23 15:45 - 00000000 ____D C:\Users\Awaryjne 2016-10-30 07:15 - 2016-09-14 08:24 - 00000000 ____D C:\Users\Kamil\AppData\Local\ElevatedDiagnostics 2016-10-27 17:52 - 2011-08-03 22:47 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-10-27 17:52 - 2011-08-03 22:47 - 00000000 ____D C:\ProgramData\Skype 2016-10-27 13:21 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2016-10-27 08:16 - 2014-11-04 14:59 - 00000000 ____D C:\Users\Kamil\AppData\Local\ChomikBox 2016-10-26 20:16 - 2011-08-05 10:26 - 00000000 ____D C:\EC-apps 2016-10-26 19:49 - 2016-04-12 16:27 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\BMW Group 2016-10-26 17:29 - 2010-11-21 04:27 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2016-10-26 14:23 - 2016-03-17 07:43 - 00000147 _____ C:\EDIABAS.INI 2016-10-25 08:49 - 2016-07-15 12:03 - 00002409 _____ C:\Users\Public\Desktop\BMW Group ISTA-P.lnk 2016-10-25 08:49 - 2016-06-11 20:08 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-10-25 08:49 - 2016-06-04 10:48 - 00000919 _____ C:\Users\Public\Desktop\CANHacker.lnk 2016-10-25 08:49 - 2016-02-26 21:03 - 00001040 _____ C:\Users\Public\Desktop\Vegas Pro 12.0 (64-bit).lnk 2016-10-25 08:49 - 2015-11-04 12:00 - 00002172 _____ C:\Users\Public\Desktop\E-Sys Launcher PRO.lnk 2016-10-25 08:49 - 2015-09-24 09:41 - 00001830 _____ C:\Users\Public\Desktop\WF-Fakturka.lnk 2016-10-25 08:49 - 2015-05-05 16:16 - 00002005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk 2016-10-25 08:49 - 2013-02-16 14:48 - 00001011 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk 2016-10-25 08:49 - 2013-01-27 18:09 - 00001139 _____ C:\Users\Public\Desktop\EasyConnect.lnk 2016-10-25 08:49 - 2013-01-27 16:15 - 00000868 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-10-25 08:49 - 2012-05-31 19:58 - 00001047 _____ C:\Users\Public\Desktop\R270.lnk 2016-10-25 08:49 - 2011-09-21 14:30 - 00001849 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk 2016-10-25 08:49 - 2011-09-21 14:30 - 00001831 _____ C:\Users\Public\Desktop\ImgBurn.lnk 2016-10-25 08:49 - 2011-08-09 21:20 - 00002593 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Excel Viewer.lnk 2016-10-25 08:49 - 2011-08-03 02:22 - 00002110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2016-10-25 08:49 - 2011-08-02 21:39 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2016-10-25 08:49 - 2011-08-02 21:39 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2016-10-25 08:49 - 2009-07-14 05:57 - 00001330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk 2016-10-25 08:49 - 2009-07-14 05:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk 2016-10-25 08:49 - 2009-07-14 05:54 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk 2016-10-25 08:48 - 2016-06-18 19:13 - 00001063 _____ C:\Users\Kamil\Desktop\HDD Raw Copy Tool.lnk 2016-10-25 08:48 - 2016-06-10 17:26 - 00000617 _____ C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\UP-818P.lnk 2016-10-25 08:48 - 2016-06-09 20:49 - 00000617 _____ C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\UP-828P.lnk 2016-10-25 08:48 - 2016-04-18 17:15 - 00000976 _____ C:\Users\Kamil\Desktop\EVE-TECH CMS.lnk 2016-10-25 08:48 - 2016-04-17 23:08 - 00001010 _____ C:\Users\Kamil\Desktop\Flash Magic.lnk 2016-10-25 08:48 - 2016-04-12 16:27 - 00001694 _____ C:\Users\Kamil\Desktop\BMW ISTA-P.lnk 2016-10-25 08:48 - 2016-01-04 13:47 - 00000654 _____ C:\Users\Kamil\Desktop\Total Commander 64 bit.lnk 2016-10-25 08:48 - 2014-09-25 10:08 - 00001035 _____ C:\Users\Kamil\Desktop\Reworker Station.lnk 2016-10-25 08:48 - 2013-12-06 15:03 - 00001640 _____ C:\Users\Kamil\Desktop\E-Sys.lnk 2016-10-25 08:48 - 2013-04-07 15:34 - 00002293 _____ C:\Users\Kamil\Desktop\IToolRadar.lnk 2016-10-25 08:48 - 2011-08-04 11:32 - 00001395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Centrum obsługi HP.lnk 2016-10-25 08:48 - 2011-08-02 21:44 - 00001049 _____ C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-10-25 08:48 - 2009-07-14 06:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk 2016-10-25 08:48 - 2009-07-14 05:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk 2016-10-24 22:31 - 2012-07-31 14:55 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-10-24 22:30 - 2012-07-31 14:55 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\Malwarebytes 2016-10-24 15:47 - 2015-11-05 18:37 - 00000000 ____D C:\ProgramData\Oracle 2016-10-24 12:25 - 2015-11-05 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-10-24 12:24 - 2015-11-05 18:38 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2016-10-24 12:24 - 2011-08-05 10:29 - 00000000 ____D C:\Program Files (x86)\Java 2016-10-22 14:13 - 2011-12-16 18:48 - 00000000 ____D C:\Users\Kamil\AppData\Local\CutePDF Writer 2016-10-21 14:19 - 2016-06-18 20:45 - 00000058 _____ C:\Users\Kamil\AppData\Local\RawCopy.sourcedisk.filepath 2016-10-21 14:19 - 2016-06-18 20:44 - 00000039 _____ C:\Users\Kamil\AppData\Local\RawCopy.opendialog.dir 2016-10-21 14:19 - 2016-06-18 20:44 - 00000001 _____ C:\Users\Kamil\AppData\Local\RawCopy.opendialog.filterindex 2016-10-21 14:19 - 2016-06-18 19:13 - 00000001 _____ C:\Users\Kamil\AppData\Local\RawCopy.sourcedisk.index 2016-10-20 14:00 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\Downloaded Program Files 2016-10-19 13:45 - 2013-10-19 09:15 - 00000000 ____D C:\Users\Kamil\XFER 2016-10-19 13:44 - 2013-09-10 20:43 - 00000123 _____ C:\Users\Kamil\.ewanapi_cookie ==================== Pliki w katalogu głównym wybranych folderów ======= 2016-09-23 10:14 - 2016-09-23 10:11 - 192004685 ____R () C:\Program Files (x86)\ISTA-D 4.01.21.7z 2013-04-04 12:12 - 2014-06-15 16:45 - 0000002 _____ () C:\Program Files (x86)\mshexc.bmp 2016-06-04 11:03 - 2016-06-04 11:03 - 0019996 _____ () C:\Users\Kamil\AppData\Roaming\nuvotonICP.lua 2011-08-28 18:31 - 2014-01-29 22:22 - 0000600 _____ () C:\Users\Kamil\AppData\Local\PUTTY.RND 2016-06-18 19:13 - 2016-06-18 19:13 - 0000001 _____ () C:\Users\Kamil\AppData\Local\RawCopy.1.10.agreement 2016-06-18 20:44 - 2016-10-21 14:19 - 0000039 _____ () C:\Users\Kamil\AppData\Local\RawCopy.opendialog.dir 2016-06-18 20:44 - 2016-10-21 14:19 - 0000001 _____ () C:\Users\Kamil\AppData\Local\RawCopy.opendialog.filterindex 2016-06-18 19:14 - 2016-07-18 20:31 - 0000022 _____ () C:\Users\Kamil\AppData\Local\RawCopy.savedialog.dir 2016-06-18 19:14 - 2016-07-18 20:31 - 0000001 _____ () C:\Users\Kamil\AppData\Local\RawCopy.savedialog.filterindex 2016-06-18 20:45 - 2016-10-21 14:19 - 0000058 _____ () C:\Users\Kamil\AppData\Local\RawCopy.sourcedisk.filepath 2016-06-18 19:13 - 2016-10-21 14:19 - 0000001 _____ () C:\Users\Kamil\AppData\Local\RawCopy.sourcedisk.index 2011-10-30 12:35 - 2012-01-10 19:50 - 0000041 ___SH () C:\ProgramData\.zreglib 2011-08-04 11:30 - 2013-01-27 15:42 - 0010782 _____ () C:\ProgramData\hpzinstall.log Pliki do przeniesienia lub usunięcia: ==================== C:\Users\Kamil\nusb33e.exe Niektóre pliki w TEMP: ==================== C:\Users\Kamil\AppData\Local\temp\proxy_vole7576163679893167408.dll ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-10-26 11:23 ==================== Koniec FRST.txt ============================