Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 21-12-2016 Uruchomiony przez mlik (administrator) NBS-01658 (24-12-2016 18:28:49) Uruchomiony z C:\Users\mlik\Downloads Załadowane profile: mlik (Dostępne profile: mlik & mstram & mszpond) Platform: Windows 10 Enterprise Wersja 1607 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Edge) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel Corporation) C:\Windows\System32\ibtsiva.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe (Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe () C:\Serwis\Wagi\Dibal\DFS\MySQL Server 5.0\bin\mysqld-nt.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.INSOFT2014\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe () C:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe (Apache Software Foundation) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe (Apache Software Foundation) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe (Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Google Inc.) C:\Users\mlik\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\mlik\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\mlik\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\mlik\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\mlik\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\mlik\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\mlik\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\CCM\CcmExec.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Corporation) C:\Windows\CCM\RemCtrl\CmRcService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe (Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe (Microsoft Corporation) C:\Program Files\Microsoft Policy Platform\policyHost.exe (Microsoft Corporation) C:\Windows\CCM\SCNotification.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-07-16] (Microsoft Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8474880 2015-05-27] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403800 2015-05-27] (Realtek Semiconductor) HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [745288 2015-06-25] (Alps Electric Co., Ltd.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252136 2011-05-04] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-08-14] (Intel Corporation) HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <===== UWAGA HKU\S-1-5-21-4008266025-484847678-66557402-1468\...\Run: [Google Update] => C:\Users\mlik\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-21] (Google Inc.) HKU\S-1-5-21-4008266025-484847678-66557402-1468\...\Run: [DellSystemDetect] => C:\Users\mlik\AppData\Local\Apps\2.0\LP42Y1YJ.TQL\Z7H8046X.7XA\dell..tion_6d0a76327dca4869_0007.000b_df227eeaae3cac0d\DellSystemDetect.exe [310728 2016-12-24] (Dell) HKU\S-1-5-21-4008266025-484847678-66557402-1468\...\Policies\Explorer: [ForceStartMenuLogOff] 1 GroupPolicy: Ograniczenia - Windows Defender <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.251 Tcpip\..\Interfaces\{015839c7-b756-4e63-a6a4-5d57f9cd4a70}: [DhcpNameServer] 192.168.1.251 Tcpip\..\Interfaces\{3dcede26-c4da-404d-9d0a-b08977d55912}: [DhcpNameServer] 172.23.0.40 172.20.32.13 Internet Explorer: ================== HKU\S-1-5-21-4008266025-484847678-66557402-1468\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-07-13] (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2016-11-15] (Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-07-13] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2016-12-20] (Oracle Corporation) Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation) FireFox: ======== FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll [2016-12-20] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-4008266025-484847678-66557402-1468: @tools.google.com/Google Update;version=3 -> C:\Users\mlik\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-21] (Google Inc.) FF Plugin HKU\S-1-5-21-4008266025-484847678-66557402-1468: @tools.google.com/Google Update;version=9 -> C:\Users\mlik\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-21] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-12] (Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\mlik\AppData\Local\Google\Chrome\User Data\Default [2016-12-24] CHR Extension: (Brak nazwy) - C:\Users\mlik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-20] CHR Extension: (Brak nazwy) - C:\Users\mlik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-20] CHR Extension: (uBlock Origin) - C:\Users\mlik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-12-20] CHR Extension: (Chrome Web Store Payments) - C:\Users\mlik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-20] CHR Extension: (Brak nazwy) - C:\Users\mlik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-20] CHR Extension: (Chrome Media Router) - C:\Users\mlik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-20] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [96120 2015-06-25] (Alps Electric Co., Ltd.) R2 CcmExec; C:\WINDOWS\CCM\CcmExec.exe [1783200 2016-10-26] (Microsoft Corporation) R2 CmRcService; C:\WINDOWS\CCM\RemCtrl\CmRcService.exe [699296 2016-10-26] (Microsoft Corporation) R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe [81920 2012-05-18] (Firebird Project) [Brak podpisu cyfrowego] R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe [2785280 2012-05-18] (Firebird Project) [Brak podpisu cyfrowego] R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373760 2016-10-25] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-14] (Intel Corporation) R3 lpasvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [50360 2016-09-18] (Microsoft Corporation) S3 lppsvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [50360 2016-09-18] (Microsoft Corporation) R2 MSSQL$INSOFT2014; C:\Program Files\Microsoft SQL Server\MSSQL12.INSOFT2014\MSSQL\Binn\sqlservr.exe [372416 2015-04-20] (Microsoft Corporation) R2 MySQL_Dibal; C:\Serwis\Wagi\Dibal\DFS\MySQL Server 5.0\bin\mysqld-nt.exe [3977216 2014-06-06] () [Brak podpisu cyfrowego] R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2016-06-15] (HP Inc.) [Brak podpisu cyfrowego] R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2016-06-15] (HP Inc.) [Brak podpisu cyfrowego] R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [299776 2015-05-27] (Realtek Semiconductor) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-16] (Microsoft Corporation) S3 smstsmgr; C:\WINDOWS\CCM\TSManager.exe [332704 2016-10-26] (Microsoft Corporation) S4 SQLAgent$INSOFT2014; C:\Program Files\Microsoft SQL Server\MSSQL12.INSOFT2014\MSSQL\Binn\SQLAGENT.EXE [613056 2015-04-20] (Microsoft Corporation) R2 wampapache64; c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [24576 2014-05-01] (Apache Software Foundation) [Brak podpisu cyfrowego] R2 wampmysqld64; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [12942848 2014-05-01] () [Brak podpisu cyfrowego] R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X] ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32464 2016-06-23] (Dell Computer Corporation) S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [24240 2016-06-23] (Dell Computer Corporation) R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [19440 2015-05-08] (OSR Open Systems Resources, Inc.) R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [547840 2015-09-12] (Intel Corporation) R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2016-12-24] (REALiX(tm)) R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [341256 2016-03-18] (Intel Corporation) R3 IntcAzAudAddService; C:\WINDOWS\system32\drivers\RTDVHD64.sys [2540800 2015-05-27] (Realtek Semiconductor Corp.) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2016-07-16] (Intel Corporation) R3 prepdrvr; C:\WINDOWS\system32\DRIVERS\prepdrv.sys [26984 2016-06-22] (Microsoft Corporation) S4 RsFx0310; C:\WINDOWS\System32\DRIVERS\RsFx0310.sys [249024 2015-04-20] (Microsoft Corporation) S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] () R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [146512 2015-07-02] (STMicroelectronics) S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-12-24 18:28 - 2016-12-24 18:29 - 00015703 _____ C:\Users\mlik\Downloads\FRST.txt 2016-12-24 18:27 - 2016-12-24 18:28 - 00000000 ____D C:\FRST 2016-12-24 18:27 - 2016-12-24 18:27 - 02420736 _____ (Farbar) C:\Users\mlik\Downloads\FRST64.exe 2016-12-24 18:13 - 2016-12-24 18:13 - 00000000 ____D C:\Users\mlik\Desktop\Analiza 2016-12-24 18:09 - 2016-12-24 18:09 - 00000000 ____D C:\Users\mlik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TouchPad 2016-12-24 16:42 - 2016-12-24 16:44 - 00000000 ____D C:\Users\mlik\AppData\Local\Windows Performance Analyzer 2016-12-24 16:42 - 2016-12-24 16:42 - 00000000 ____D C:\Users\mlik\Documents\WPA Files 2016-12-24 16:42 - 2016-12-24 16:42 - 00000000 ____D C:\SymCache 2016-12-24 15:59 - 2016-12-24 15:59 - 00000000 ____D C:\Users\mlik\AppData\Roaming\Macromedia 2016-12-24 14:43 - 2016-12-24 16:42 - 00000000 ____D C:\xperf 2016-12-24 14:40 - 2016-12-24 14:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits 2016-12-24 14:40 - 2016-12-24 14:40 - 00000000 ____D C:\Program Files (x86)\Windows Kits 2016-12-24 14:38 - 2016-12-24 14:38 - 01735400 _____ (Microsoft Corporation) C:\Users\mlik\Downloads\adksetup.exe 2016-12-24 14:10 - 2016-12-24 14:10 - 00002426 _____ C:\WINDOWS\system32\default_error_stack-000000-000000.txt 2016-12-24 14:09 - 2016-12-24 14:13 - 00000000 ____D C:\Users\mlik\AppData\Roaming\Intel 2016-12-24 14:09 - 2016-12-24 14:09 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles 2016-12-24 14:06 - 2016-12-24 14:06 - 09927544 _____ (Intel) C:\Users\mlik\Downloads\Intel Driver Update Utility Installer (1).exe 2016-12-24 08:29 - 2016-12-24 08:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2016-12-24 08:27 - 2016-12-24 08:27 - 00000000 ____D C:\Users\mlik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell 2016-12-24 08:25 - 2016-12-24 08:25 - 00000000 ____D C:\ProgramData\IntelDLM 2016-12-24 08:24 - 2016-12-24 08:24 - 00000000 ____D C:\Users\mlik\Downloads\Intel Components 2016-12-24 08:23 - 2016-12-24 08:23 - 00000000 ____D C:\Users\mlik\AppData\Local\Intel 2016-12-24 08:23 - 2016-10-18 17:14 - 00021984 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys 2016-12-24 08:22 - 2016-12-24 08:23 - 09927544 _____ (Intel) C:\Users\mlik\Downloads\Intel Driver Update Utility Installer.exe 2016-12-24 08:17 - 2016-12-24 08:17 - 01198768 _____ (ALCPU ) C:\Users\mlik\Downloads\Core-Temp-setup.exe 2016-12-24 08:13 - 2016-12-24 08:23 - 00000000 ____D C:\Program Files\HWiNFO64 2016-12-24 08:13 - 2016-12-24 08:13 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\system32\Drivers\HWiNFO64A.SYS 2016-12-24 08:12 - 2016-12-24 08:13 - 03778320 _____ (Martin Malík - REALiX ) C:\Users\mlik\Downloads\hw64_542.exe 2016-12-24 08:12 - 2016-12-24 08:13 - 03642656 _____ (Martin Malík - REALiX ) C:\Users\mlik\Downloads\hw32_542.exe 2016-12-23 12:28 - 2016-12-23 12:28 - 00027872 _____ C:\Users\mlik\Downloads\Addition.txt 2016-12-23 11:44 - 2016-12-23 11:44 - 00000000 ____D C:\Users\mlik\Intel 2016-12-23 11:44 - 2016-12-23 11:44 - 00000000 ____D C:\Users\mlik\AppData\LocalLow\Intel 2016-12-22 18:17 - 2016-12-22 18:17 - 02488128 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2016-12-22 18:17 - 2016-12-22 18:17 - 00000000 ____D C:\Users\mlik\AppData\Roaming\Intel Corporation 2016-12-22 18:16 - 2016-12-24 14:13 - 00000000 ____D C:\ProgramData\Intel 2016-12-22 18:16 - 2016-12-22 18:16 - 00000000 ____D C:\ProgramData\dell 2016-12-22 18:13 - 2016-12-24 08:28 - 00000000 ____D C:\Users\mlik\Documents\Dell Downloads 2016-12-22 18:00 - 2016-12-22 18:00 - 00000000 ____D C:\Users\mlik\AppData\Roaming\HD Tune Pro 2016-12-22 17:59 - 2016-12-22 17:59 - 02239373 _____ (EFD Software ) C:\Users\mlik\Downloads\hdtunepro_560_trial.exe 2016-12-22 17:44 - 2016-12-24 08:19 - 00007602 _____ C:\Users\mlik\AppData\Local\resmon.resmoncfg 2016-12-22 13:50 - 2016-12-22 13:50 - 00000000 ____D C:\Users\mlik\AppData\LocalLow\Temp 2016-12-22 13:46 - 2016-12-22 13:46 - 00000000 ____D C:\Program Files\Code Industry 2016-12-22 13:46 - 2016-05-19 10:39 - 00027648 _____ (Copyright (c) Code Industry Ltd ) C:\WINDOWS\system32\mpelocalmon.dll 2016-12-22 13:46 - 2016-05-19 10:39 - 00017920 _____ (Copyright (c) Code Industry Ltd ) C:\WINDOWS\system32\mpelocalui.dll 2016-12-22 13:45 - 2016-12-22 13:46 - 37531512 _____ (Code Industry Ltd. ) C:\Users\mlik\Downloads\MasterPDFEditor-setup.exe 2016-12-22 13:41 - 2016-12-22 13:41 - 00000000 ____D C:\Users\mlik\Documents\Niestandardowe szablony pakietu Office 2016-12-22 13:27 - 2016-12-22 13:27 - 00000000 ____D C:\Users\mlik\.aladdin 2016-12-21 17:39 - 2016-12-21 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WampServer 2016-12-21 17:37 - 2016-12-21 17:39 - 00000000 ____D C:\wamp 2016-12-21 17:18 - 2016-12-21 17:18 - 00085504 _____ C:\Users\mlik\Downloads\ixed.5.6ts.win 2016-12-21 17:15 - 2016-12-24 13:43 - 00004204 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{33F94F48-4F52-4079-BFE8-A9752CF15F12} 2016-12-21 14:54 - 2016-12-21 14:56 - 219506793 _____ (Dominique Ottello aka Otomatic ) C:\Users\mlik\Downloads\wampserver3.0.6_x64_apache2.4.23_mysql5.7.14_php5.6.25-7.0.10.exe 2016-12-21 14:53 - 2016-12-21 14:53 - 07186992 _____ (Microsoft Corporation) C:\Users\mlik\Downloads\vcredist_x64.exe 2016-12-21 14:44 - 2016-12-22 17:55 - 00000000 ____D C:\WINDOWS\system32\appmgmt 2016-12-21 14:44 - 2016-12-21 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL Connector Net 1.0.7 2016-12-21 14:44 - 2016-12-21 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL 2016-12-21 14:43 - 2016-12-21 14:43 - 00000000 ____D C:\WINDOWS\A7D132991F9443AD834DFE7A76904C1A.TMP 2016-12-21 14:31 - 2016-12-21 14:31 - 00000000 ____D C:\ProgramData\YakudoPlus 2016-12-21 13:57 - 2016-12-22 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell 2016-12-21 13:57 - 2016-12-21 13:57 - 00000000 ____D C:\Users\mlik\AppData\LocalLow\PCDr 2016-12-21 13:57 - 2016-12-21 13:57 - 00000000 ____D C:\ProgramData\PCDr 2016-12-21 13:56 - 2016-12-22 17:55 - 00000000 ____D C:\Program Files\Dell 2016-12-21 13:55 - 2016-12-21 14:17 - 00000000 ____D C:\Users\mlik\AppData\Roaming\PCDr 2016-12-21 08:04 - 2016-12-21 08:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Balance 2016-12-21 08:03 - 2016-12-21 08:03 - 09716605 _____ ( ) C:\Users\mlik\Downloads\balance-open (1).exe 2016-12-21 07:58 - 2016-12-21 08:07 - 00013030 _____ C:\PDOXUSRS.NET 2016-12-21 07:56 - 2016-12-21 07:57 - 09716605 _____ ( ) C:\Users\mlik\Downloads\balance-open.exe 2016-12-21 07:49 - 2016-12-21 07:49 - 00000913 _____ C:\Users\mlik\Desktop\Opteam.lnk 2016-12-20 20:16 - 2016-12-20 20:16 - 00000000 ____D C:\Users\mlik\Documents\Bluetooth 2016-12-20 20:05 - 2016-12-24 08:28 - 00000000 ____D C:\Users\mlik\AppData\Local\Deployment 2016-12-20 20:05 - 2016-12-24 08:27 - 00013560 _____ C:\Users\mlik\Downloads\DellSystemDetectLauncher.Application 2016-12-20 20:05 - 2016-12-20 20:05 - 00000000 ____D C:\Users\mlik\AppData\Local\Apps\2.0 2016-12-20 18:32 - 2016-12-20 18:32 - 00544656 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\deployJava1.dll 2016-12-20 18:32 - 2016-12-20 18:32 - 00214408 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe 2016-12-20 18:32 - 2016-12-20 18:32 - 00173960 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe 2016-12-20 18:32 - 2016-12-20 18:32 - 00173960 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe 2016-12-20 18:32 - 2016-12-20 18:32 - 00002259 _____ C:\Users\Public\Desktop\PC-POS 7.lnk 2016-12-20 18:32 - 2016-12-20 18:32 - 00000000 ____D C:\Users\mlik\AppData\LocalLow\Sun 2016-12-20 18:32 - 2016-12-20 18:32 - 00000000 ____D C:\ProgramData\Sun 2016-12-20 18:32 - 2016-12-20 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC-POS 7 2016-12-20 18:32 - 2016-12-20 18:32 - 00000000 ____D C:\Program Files (x86)\Java 2016-12-20 18:23 - 2016-12-20 18:23 - 00000964 _____ C:\Users\mlik\Desktop\DFS.lnk 2016-12-20 18:22 - 2016-12-20 18:22 - 00001285 _____ C:\Users\mlik\Desktop\LBS.lnk 2016-12-20 18:22 - 2016-12-20 18:22 - 00000000 ____D C:\Users\mlik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LBS (Load BackUp System) 2016-12-20 18:22 - 1998-10-23 08:44 - 00085504 _____ (Software Solution) C:\WINDOWS\SysWOW64\AXBUTTON.OCX 2016-12-20 18:22 - 1998-07-28 01:00 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CmCtlES.dll 2016-12-20 18:22 - 1998-07-28 01:00 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlxGdES.dll 2016-12-20 18:22 - 1998-07-28 01:00 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Rchtxes.DLL 2016-12-20 18:22 - 1998-07-28 01:00 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CmDlgES.dll 2016-12-20 18:22 - 1998-07-28 01:00 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CmCt2ES.dll 2016-12-20 18:22 - 1998-07-28 01:00 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TabCtES.dll 2016-12-20 18:22 - 1998-07-28 01:00 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMskES.dll 2016-12-20 18:22 - 1998-06-24 01:00 - 00609584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMCTL32.OCX 2016-12-20 18:22 - 1998-06-24 01:00 - 00244024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFLXGRD.OCX 2016-12-20 18:22 - 1998-06-24 01:00 - 00209192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTL32.OCX 2016-12-20 18:22 - 1998-06-24 01:00 - 00203576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RICHTX32.OCX 2016-12-20 18:22 - 1998-06-24 01:00 - 00166200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMASK32.OCX 2016-12-20 18:22 - 1998-06-24 01:00 - 00164144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMCT232.OCX 2016-12-20 18:22 - 1998-06-24 01:00 - 00140096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMDLG32.OCX 2016-12-20 18:22 - 1996-05-03 23:05 - 00028672 _____ () C:\WINDOWS\SysWOW64\MSGHOO32.OCX 2016-12-20 18:21 - 1998-07-28 01:00 - 00119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6ES.dll 2016-12-20 18:21 - 1998-07-28 01:00 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6StKit.dll 2016-12-20 18:21 - 1997-02-20 01:00 - 00094992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB5ES.dll 2016-12-20 18:21 - 1997-02-20 01:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB5StKit.dll 2016-12-20 18:16 - 2016-12-20 18:22 - 00000000 ____D C:\Users\mlik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Inicio 2016-12-20 18:16 - 2002-04-03 14:00 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSRD2x35.dll 2016-12-20 18:16 - 2002-04-03 14:00 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ODBCTL32.dll 2016-12-20 18:16 - 1998-07-08 00:00 - 00146192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJInt35.dll 2016-12-20 18:16 - 1998-06-18 00:00 - 00030992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\temp.000 2016-12-20 18:16 - 1998-04-25 00:00 - 01045776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJet35.dll 2016-12-20 18:16 - 1998-04-25 00:00 - 00407312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsRepl35.dll 2016-12-20 18:16 - 1998-04-25 00:00 - 00024848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJtEr35.dll 2016-12-20 18:16 - 1997-11-17 08:35 - 01347344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVBVM50.dll 2016-12-20 18:16 - 1997-02-20 01:00 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\ST5UNST.EXE 2016-12-20 18:09 - 2016-12-20 18:09 - 00000000 ____D C:\Program Files (x86)\PL2303 2016-12-20 18:09 - 2015-06-05 14:54 - 00188416 _____ (Prolific Technology Inc.) C:\WINDOWS\system32\Drivers\ser2pl64.sys 2016-12-20 18:09 - 2005-08-03 16:05 - 00035892 _____ (Prolific Technology Inc.) C:\WINDOWS\SysWOW64\SER9PL.sys 2016-12-20 18:09 - 2005-08-03 16:04 - 00026719 _____ C:\WINDOWS\SysWOW64\SERSPL.VXD 2016-12-20 18:06 - 2016-05-17 08:04 - 00001307 _____ C:\Users\mlik\Desktop\ZGL.lnk 2016-12-20 18:03 - 2016-12-20 18:03 - 00000000 ____D C:\Users\mlik\AppData\Roaming\TeamViewer 2016-12-20 17:52 - 2016-12-21 14:51 - 00051148 _____ C:\decrypt.txt 2016-12-20 17:28 - 2016-12-20 17:28 - 00000000 ____D C:\Users\Public\Documents\CAS 2016-12-20 17:27 - 2016-12-20 17:28 - 00000000 ____D C:\Users\mlik\AppData\Roaming\GHISLER 2016-12-20 17:27 - 2016-12-20 17:27 - 00000000 ____D C:\Users\mlik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander 2016-12-20 17:27 - 2016-12-20 17:27 - 00000000 ____D C:\Users\mlik\AppData\Local\GHISLER 2016-12-20 17:27 - 2016-12-20 17:27 - 00000000 ____D C:\Program Files\totalcmd 2016-12-20 17:25 - 2016-12-20 17:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DFS Applications 2016-12-20 17:24 - 2016-12-20 17:25 - 00000000 ____D C:\WINDOWS\SysWOW64\DevExpress_10_1 2016-12-20 17:24 - 2016-12-20 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metrologic SoftWedge 2016-12-20 17:24 - 2016-12-20 17:24 - 00000000 ____D C:\Program Files (x86)\Metrologic Instruments 2016-12-20 17:23 - 2016-12-20 17:23 - 00000000 ____D C:\Program Files (x86)\MSECache 2016-12-20 17:23 - 2009-11-03 16:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Microsoft.VC80.MFC 2016-12-20 17:23 - 2009-11-03 16:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Microsoft.VC80.CRT 2016-12-20 17:23 - 2008-01-02 11:21 - 02723264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcredist_x86_SP1.exe 2016-12-20 17:23 - 2007-08-28 12:00 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr80.dll 2016-12-20 17:23 - 2006-12-01 23:25 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc80.dll 2016-12-20 17:23 - 2006-12-01 21:54 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp80.dll 2016-12-20 17:23 - 2006-12-01 21:54 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcm80.dll 2016-12-20 17:23 - 2004-08-20 13:00 - 00999936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msgina.dll 2016-12-20 17:23 - 2004-08-20 13:00 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprui.dll 2016-12-20 17:23 - 2003-03-19 06:19 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71.dll 2016-12-20 17:23 - 2003-03-19 05:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll 2016-12-20 17:23 - 2003-02-21 13:42 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll 2016-12-20 17:22 - 2016-12-20 17:22 - 00000000 ____D C:\Users\mlik\AppData\LocalLow\Adobe 2016-12-20 17:22 - 2016-12-20 17:22 - 00000000 ____D C:\Users\mlik\AppData\Local\Adobe 2016-12-20 17:21 - 2016-12-20 18:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-12-20 17:21 - 2016-12-20 17:21 - 00001975 _____ C:\Users\Public\Desktop\LP-Works.lnk 2016-12-20 17:21 - 2016-12-20 17:21 - 00000910 _____ C:\Users\Public\Desktop\CL-Works.lnk 2016-12-20 17:21 - 2016-12-20 17:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CAS Scale 2016-12-20 17:21 - 2016-12-20 17:21 - 00000000 ____D C:\Program Files (x86)\CAS 2016-12-20 17:02 - 2016-12-20 17:02 - 00000000 ____D C:\Users\mlik\AppData\Roaming\NPS 2016-12-20 17:02 - 2010-09-22 14:57 - 08314880 _____ (POSNET POLSKA S.A.) C:\Users\mlik\Desktop\ZPS.exe 2016-12-20 16:57 - 2016-12-20 16:57 - 00000000 ____D C:\Users\mlik\Documents\Konfiguracja 2016-12-20 16:54 - 2016-12-20 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74 2016-12-20 16:54 - 2016-12-20 16:54 - 00000000 ____D C:\Program Files (x86)\DOSBox-0.74 2016-12-20 16:53 - 2016-12-20 16:53 - 00000000 ____D C:\Users\mlik\Documents\Licencje 2016-12-20 16:53 - 2016-12-20 16:53 - 00000000 ____D C:\Users\mlik\Documents\Legalizacja wag 2016-12-20 16:53 - 2016-12-20 16:53 - 00000000 ____D C:\Users\mlik\Documents\Fiskalizacja 2016-12-20 16:52 - 2016-12-20 16:52 - 00000000 ____D C:\Users\mlik\Documents\Delegacje 2016-12-20 15:55 - 2016-12-20 15:55 - 00000000 ____D C:\Users\mlik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Datalogic 2016-12-20 15:55 - 2016-12-07 12:30 - 13005742 _____ (fish's dotNET) C:\Users\mlik\Desktop\Database4.exe 2016-12-20 15:54 - 2016-12-20 15:54 - 00000000 ____D C:\Program Files (x86)\Datalogic 2016-12-20 15:50 - 2016-12-20 18:10 - 00000000 ____D C:\Users\mlik\AppData\Roaming\Database 2016-12-20 15:44 - 2016-10-29 03:09 - 00485032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2016-12-20 15:42 - 2016-12-20 17:08 - 00000000 ___RD C:\Users\mlik\Desktop\Posnet Serwis Thermal old 2016-12-20 15:42 - 2016-12-20 17:08 - 00000000 ___RD C:\Users\mlik\Desktop\NPS 2016-12-20 15:42 - 2016-12-20 17:07 - 00000000 ___RD C:\Users\mlik\Desktop\DOS BOX 2016-12-20 15:33 - 2016-12-20 15:33 - 00000000 ____D C:\ProgramData\Hewlett-Packard 2016-12-20 15:33 - 2016-12-20 15:33 - 00000000 _____ C:\WINDOWS\HPMProp.INI 2016-12-20 15:33 - 2016-08-26 09:42 - 00604584 _____ (HP Inc.) C:\WINDOWS\SysWOW64\hpcdmc32.dll 2016-12-20 15:33 - 2016-08-26 09:42 - 00484776 _____ (HP Inc.) C:\WINDOWS\system32\hpcpn190.dll 2016-12-20 15:33 - 2016-08-26 09:42 - 00453544 _____ (HP Inc.) C:\WINDOWS\SysWOW64\hpcc3190.dll 2016-12-20 15:33 - 2016-08-26 09:42 - 00310512 _____ (HP Inc.) C:\WINDOWS\system32\hpmlm190.dll 2016-12-20 15:33 - 2016-08-26 09:42 - 00264944 _____ (HP Inc.) C:\WINDOWS\system32\hpmml190.dll 2016-12-20 15:33 - 2016-08-26 09:42 - 00241904 _____ (HP Inc.) C:\WINDOWS\system32\hpmja190.dll 2016-12-20 15:33 - 2016-08-26 09:42 - 00229800 _____ (HP Inc.) C:\WINDOWS\system32\hpmpm081.dll 2016-12-20 15:33 - 2016-08-26 09:42 - 00204200 _____ (HP Inc.) C:\WINDOWS\system32\hpmtp190.dll 2016-12-20 15:33 - 2016-08-26 09:42 - 00195496 _____ (Hewlett-Packard) C:\WINDOWS\system32\hppdcompio.dll 2016-12-20 15:33 - 2016-08-26 09:42 - 00178088 _____ (HP Inc.) C:\WINDOWS\system32\hpcjpm.dll 2016-12-20 15:33 - 2016-08-26 09:42 - 00169384 _____ (Hewlett-Packard) C:\WINDOWS\SysWOW64\hppccompio.dll 2016-12-20 15:33 - 2016-08-26 09:42 - 00127912 _____ (HP Inc.) C:\WINDOWS\system32\hpmpw081.dll 2016-12-20 15:33 - 2016-08-26 09:42 - 00061168 _____ (Hewlett-Packard) C:\WINDOWS\system32\FxCompChannel_x64.dll 2016-12-20 15:32 - 2016-11-22 21:34 - 08446976 _____ (Insoft sp. z o.o.) C:\Users\mlik\Desktop\AdminSQL.exe 2016-12-20 15:25 - 2016-12-20 15:25 - 00002222 _____ C:\Users\mlik\Desktop\CDN.rdp 2016-12-20 15:24 - 2016-12-20 15:24 - 00000000 ____H C:\Users\mlik\Documents\Default.rdp 2016-12-20 15:23 - 2016-12-20 15:24 - 00000000 ____D C:\Users\mlik\AppData\Roaming\GofinDruki 2016-12-20 15:23 - 2016-12-20 15:23 - 00001178 _____ C:\Users\Public\Desktop\DRUKI Gofin.lnk 2016-12-20 15:23 - 2016-12-20 15:23 - 00000000 ____D C:\Users\mlik\Documents\DRUKI Gofin 2016-12-20 15:23 - 2016-12-20 15:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOFIN 2016-12-20 15:23 - 2016-12-20 15:23 - 00000000 ____D C:\Program Files (x86)\GOFIN 2016-12-20 15:17 - 2016-12-20 17:01 - 00000000 ____D C:\Users\mlik\Documents\Opteam 2016-12-20 15:13 - 2016-12-20 15:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2016-12-20 15:04 - 2016-12-20 15:04 - 00001687 _____ C:\Users\Public\Desktop\PC-Market 7.lnk 2016-12-20 15:04 - 2016-12-20 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC-Market 7 2016-12-20 15:04 - 2010-10-14 11:52 - 01138176 _____ (NOVITUS SA) C:\WINDOWS\SysWOW64\OICDataPacketLib.dll 2016-12-20 15:04 - 2010-10-14 11:52 - 01133056 _____ (NOVITUS SA) C:\WINDOWS\SysWOW64\OICECRLib.ocx 2016-12-20 15:04 - 2010-10-13 07:42 - 00157196 _____ C:\WINDOWS\SysWOW64\tango.pkd 2016-12-20 15:02 - 2016-12-20 18:30 - 00000000 ____D C:\Insoft 2016-12-20 15:02 - 2016-12-20 15:02 - 00000000 ____D C:\Users\mlik\AppData\Local\PeerDistRepub 2016-12-20 15:01 - 2014-02-21 06:27 - 00081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fssres.dll 2016-12-20 15:01 - 2014-02-21 06:20 - 00103104 _____ (Microsoft Corporation) C:\WINDOWS\system32\perf-MSSQL$INSOFT2014-sqlctr12.1.4100.1.dll 2016-12-20 15:01 - 2014-02-21 06:20 - 00088768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perf-MSSQL$INSOFT2014-sqlctr12.1.4100.1.dll 2016-12-20 15:01 - 2014-02-21 06:20 - 00056000 _____ (Microsoft Corporation) C:\WINDOWS\system32\perf-MSSQL12.INSOFT2014-sqlagtctr.dll 2016-12-20 15:01 - 2014-02-21 06:20 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perf-MSSQL12.INSOFT2014-sqlagtctr.dll 2016-12-20 15:00 - 2016-12-20 18:30 - 00000000 ____D C:\WINDOWS\SysWOW64\1033 2016-12-20 15:00 - 2016-12-20 18:30 - 00000000 ____D C:\WINDOWS\system32\1033 2016-12-20 15:00 - 2016-12-20 15:00 - 00000000 ____D C:\WINDOWS\system32\RsFx 2016-12-20 15:00 - 2016-12-20 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2014 2016-12-20 15:00 - 2016-12-20 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 2016-12-20 15:00 - 2016-12-20 15:00 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 10.0 2016-12-20 15:00 - 2014-02-21 06:27 - 00172224 _____ (Microsoft Corporation) C:\WINDOWS\system32\hadrres.dll 2016-12-20 14:57 - 2016-12-20 15:00 - 00000000 ____D C:\Program Files\Microsoft SQL Server 2016-12-20 14:54 - 2016-12-20 14:54 - 00000000 ____D C:\Program Files (x86)\Insoft 2016-12-20 14:48 - 2016-12-20 14:48 - 00001840 _____ C:\Users\Public\Desktop\SOHO.lnk 2016-12-20 14:48 - 2016-12-20 14:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOHO 2016-12-20 14:47 - 2016-12-20 14:48 - 00000000 ____D C:\Program Files\Novitus 2016-12-20 14:47 - 2016-12-20 14:47 - 00001873 _____ C:\Users\Public\Desktop\Magazyn.lnk 2016-12-20 14:47 - 2016-12-20 14:47 - 00001873 _____ C:\Users\Public\Desktop\Konfiguracja.lnk 2016-12-20 14:47 - 2016-12-20 14:47 - 00001850 _____ C:\Users\Public\Desktop\SOGA.lnk 2016-12-20 14:47 - 2016-12-20 14:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOGA 2016-12-20 14:47 - 2016-12-20 14:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firebird 2.1 (Win32) 2016-12-20 14:47 - 2016-12-20 14:47 - 00000000 ____D C:\Program Files (x86)\Firebird 2016-12-20 14:47 - 2012-05-18 11:26 - 00462848 _____ (IBPhoenix) C:\WINDOWS\SysWOW64\Firebird2Control.cpl 2016-12-20 14:47 - 2012-05-18 11:24 - 00450560 _____ (Firebird Project) C:\WINDOWS\SysWOW64\GDS32.DLL 2016-12-20 14:41 - 2016-03-17 12:24 - 00943616 _____ C:\Users\mlik\Desktop\OmegaSW.exe 2016-12-20 14:40 - 2016-12-20 17:08 - 00000000 ___RD C:\Users\mlik\Desktop\Elzab ecrserw 2016-12-20 14:38 - 2016-12-20 14:38 - 00001277 _____ C:\Users\Public\Desktop\NSerwis - kasy.lnk 2016-12-20 14:38 - 2016-12-20 14:38 - 00001189 _____ C:\Users\mlik\Desktop\Tango 98 v.4.21.lnk 2016-12-20 14:38 - 2016-12-20 14:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Novitus 2016-12-20 14:38 - 2016-12-20 14:38 - 00000000 ____D C:\Program Files (x86)\Novitus 2016-12-20 14:38 - 1999-11-12 05:11 - 00183808 _____ C:\WINDOWS\SysWOW64\BDEADMIN.CPL 2016-12-20 14:38 - 1999-01-20 05:01 - 00210032 _____ C:\WINDOWS\SysWOW64\DBCLIENT.DLL 2016-12-20 14:37 - 2016-02-22 15:34 - 02996736 _____ (NOVITUS SA) C:\Users\mlik\Desktop\WikingPlx.exe 2016-12-20 14:33 - 2016-12-20 18:12 - 00000000 ____D C:\Serwis 2016-12-20 14:33 - 2016-12-20 14:33 - 00001250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk 2016-12-20 14:33 - 2016-12-20 14:33 - 00001238 _____ C:\Users\Public\Desktop\TeamViewer 7.lnk 2016-12-20 14:33 - 2016-12-20 14:33 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-12-20 14:22 - 2016-12-21 14:37 - 00003816 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4008266025-484847678-66557402-1468UA 2016-12-20 14:22 - 2016-12-21 14:37 - 00003548 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4008266025-484847678-66557402-1468Core 2016-12-20 14:22 - 2016-12-20 17:00 - 00000000 ____D C:\Users\mlik\AppData\Local\Google 2016-12-20 14:22 - 2016-12-20 14:23 - 00002487 _____ C:\Users\mlik\Desktop\Google Chrome.lnk 2016-12-20 14:22 - 2016-12-20 14:22 - 00002473 _____ C:\Users\mlik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-12-20 14:21 - 2016-12-20 14:21 - 00000000 ____D C:\Users\mlik\AppData\Local\MicrosoftEdge 2016-12-20 14:18 - 2016-12-20 14:18 - 00000000 ____D C:\Users\mlik\AppData\Local\GroupPolicy 2016-12-20 14:13 - 2016-12-20 14:13 - 00000000 ____D C:\Users\mlik\AppData\Local\Comms 2016-12-20 14:12 - 2016-12-20 14:12 - 00000000 ____D C:\Users\mlik\AppData\Local\NetworkTiles 2016-12-20 14:11 - 2016-12-20 14:11 - 00000000 ____D C:\Users\mlik\AppData\Roaming\Skype 2016-12-20 14:10 - 2016-12-23 11:50 - 00000000 ___RD C:\Users\mlik\OneDrive 2016-12-20 14:10 - 2016-12-20 14:10 - 00000000 ____D C:\Users\mlik\AppData\Local\Publishers 2016-12-20 14:09 - 2016-12-24 18:25 - 00000000 __SHD C:\Users\mlik\IntelGraphicsProfiles 2016-12-20 14:09 - 2016-12-24 14:09 - 00000000 ____D C:\Users\mlik 2016-12-20 14:09 - 2016-12-20 17:22 - 00000000 ____D C:\Users\mlik\AppData\Roaming\Adobe 2016-12-20 14:09 - 2016-12-20 15:10 - 00000000 ____D C:\Users\mlik\AppData\Local\Packages 2016-12-20 14:09 - 2016-12-20 14:41 - 00000000 ____D C:\Users\mlik\AppData\Local\VirtualStore 2016-12-20 14:09 - 2016-12-20 14:20 - 00000000 ____D C:\Users\mlik\AppData\Local\ConnectedDevicesPlatform 2016-12-20 14:09 - 2016-12-20 14:18 - 00004598 __RSH C:\Users\mlik\ntuser.pol 2016-12-20 14:09 - 2016-12-20 14:09 - 00000020 ___SH C:\Users\mlik\ntuser.ini 2016-12-20 14:09 - 2016-12-20 14:09 - 00000000 _SHDL C:\Users\mlik\Ustawienia lokalne 2016-12-20 14:09 - 2016-12-20 14:09 - 00000000 _SHDL C:\Users\mlik\Szablony 2016-12-20 14:09 - 2016-12-20 14:09 - 00000000 _SHDL C:\Users\mlik\Moje dokumenty 2016-12-20 14:09 - 2016-12-20 14:09 - 00000000 _SHDL C:\Users\mlik\Menu Start 2016-12-20 14:09 - 2016-12-20 14:09 - 00000000 _SHDL C:\Users\mlik\Documents\Moje wideo 2016-12-20 14:09 - 2016-12-20 14:09 - 00000000 _SHDL C:\Users\mlik\Documents\Moje obrazy 2016-12-20 14:09 - 2016-12-20 14:09 - 00000000 _SHDL C:\Users\mlik\Documents\Moja muzyka 2016-12-20 14:09 - 2016-12-20 14:09 - 00000000 _SHDL C:\Users\mlik\Dane aplikacji 2016-12-20 14:09 - 2016-12-20 14:09 - 00000000 _SHDL C:\Users\mlik\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2016-12-20 14:09 - 2016-12-20 14:09 - 00000000 _SHDL C:\Users\mlik\AppData\Local\Historia 2016-12-20 14:09 - 2016-12-20 14:09 - 00000000 _SHDL C:\Users\mlik\AppData\Local\Dane aplikacji 2016-12-20 14:09 - 2016-12-20 14:09 - 00000000 ____D C:\Users\mlik\AppData\Local\TileDataLayer 2016-12-20 14:09 - 2016-08-24 09:48 - 00000000 ____D C:\Users\mlik\AppData\Local\Microsoft Help 2016-12-20 08:00 - 2016-12-20 08:01 - 00002413 _____ C:\Users\mstram\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-12-20 08:00 - 2016-12-20 08:01 - 00000000 ___RD C:\Users\mstram\OneDrive 2016-12-20 08:00 - 2016-12-20 08:00 - 00000000 ____D C:\Users\mstram\AppData\Roaming\Skype 2016-12-20 07:59 - 2016-12-24 14:09 - 00000000 ____D C:\Users\mstram 2016-12-20 07:59 - 2016-12-20 08:01 - 00000000 ____D C:\Users\mstram\AppData\Local\Packages 2016-12-20 07:59 - 2016-12-20 07:59 - 00004598 __RSH C:\Users\mstram\ntuser.pol 2016-12-20 07:59 - 2016-12-20 07:59 - 00000020 ___SH C:\Users\mstram\ntuser.ini 2016-12-20 07:59 - 2016-12-20 07:59 - 00000000 _SHDL C:\Users\mstram\Ustawienia lokalne 2016-12-20 07:59 - 2016-12-20 07:59 - 00000000 _SHDL C:\Users\mstram\Szablony 2016-12-20 07:59 - 2016-12-20 07:59 - 00000000 _SHDL C:\Users\mstram\Moje dokumenty 2016-12-20 07:59 - 2016-12-20 07:59 - 00000000 _SHDL C:\Users\mstram\Menu Start 2016-12-20 07:59 - 2016-12-20 07:59 - 00000000 _SHDL C:\Users\mstram\Documents\Moje wideo 2016-12-20 07:59 - 2016-12-20 07:59 - 00000000 _SHDL C:\Users\mstram\Documents\Moje obrazy 2016-12-20 07:59 - 2016-12-20 07:59 - 00000000 _SHDL C:\Users\mstram\Documents\Moja muzyka 2016-12-20 07:59 - 2016-12-20 07:59 - 00000000 _SHDL C:\Users\mstram\Dane aplikacji 2016-12-20 07:59 - 2016-12-20 07:59 - 00000000 _SHDL C:\Users\mstram\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2016-12-20 07:59 - 2016-12-20 07:59 - 00000000 _SHDL C:\Users\mstram\AppData\Local\Historia 2016-12-20 07:59 - 2016-12-20 07:59 - 00000000 _SHDL C:\Users\mstram\AppData\Local\Dane aplikacji 2016-12-20 07:59 - 2016-12-20 07:59 - 00000000 __SHD C:\Users\mstram\IntelGraphicsProfiles 2016-12-20 07:59 - 2016-12-20 07:59 - 00000000 ____D C:\Users\mstram\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TouchPad 2016-12-20 07:59 - 2016-12-20 07:59 - 00000000 ____D C:\Users\mstram\AppData\Roaming\Adobe 2016-12-20 07:59 - 2016-12-20 07:59 - 00000000 ____D C:\Users\mstram\AppData\Local\VirtualStore 2016-12-20 07:59 - 2016-12-20 07:59 - 00000000 ____D C:\Users\mstram\AppData\Local\TileDataLayer 2016-12-20 07:59 - 2016-12-20 07:59 - 00000000 ____D C:\Users\mstram\AppData\Local\Publishers 2016-12-20 07:59 - 2016-12-20 07:59 - 00000000 ____D C:\Users\mstram\AppData\Local\ConnectedDevicesPlatform 2016-12-20 07:59 - 2016-08-24 09:48 - 00000000 ____D C:\Users\mstram\AppData\Local\Microsoft Help 2016-12-19 10:12 - 2016-12-19 10:12 - 00000000 ____D C:\Users\mszpond\AppData\Local\Comms 2016-12-19 09:59 - 2016-12-19 09:59 - 00003280 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2016-12-19 09:58 - 2016-12-19 09:59 - 00002416 _____ C:\Users\mszpond\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-12-19 09:58 - 2016-12-19 09:59 - 00000000 ___RD C:\Users\mszpond\OneDrive 2016-12-19 09:58 - 2016-12-19 09:58 - 00000000 ____D C:\Users\mszpond\AppData\Roaming\Skype 2016-12-19 09:58 - 2016-12-19 09:58 - 00000000 ____D C:\Users\mszpond\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TouchPad 2016-12-19 09:58 - 2016-12-19 09:58 - 00000000 ____D C:\Users\mszpond\AppData\Local\NetworkTiles 2016-12-19 09:58 - 2016-12-19 09:58 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2016-12-19 09:56 - 2016-12-24 14:09 - 00000000 ____D C:\Users\mszpond 2016-12-19 09:56 - 2016-12-20 14:09 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-12-19 09:56 - 2016-12-19 10:57 - 00000000 ____D C:\Users\mszpond\AppData\Local\Packages 2016-12-19 09:56 - 2016-12-19 10:38 - 00000000 ____D C:\Users\mszpond\AppData\Local\ConnectedDevicesPlatform 2016-12-19 09:56 - 2016-12-19 09:56 - 00004598 __RSH C:\Users\mszpond\ntuser.pol 2016-12-19 09:56 - 2016-12-19 09:56 - 00000020 ___SH C:\Users\mszpond\ntuser.ini 2016-12-19 09:56 - 2016-12-19 09:56 - 00000000 _SHDL C:\Users\mszpond\Ustawienia lokalne 2016-12-19 09:56 - 2016-12-19 09:56 - 00000000 _SHDL C:\Users\mszpond\Szablony 2016-12-19 09:56 - 2016-12-19 09:56 - 00000000 _SHDL C:\Users\mszpond\Moje dokumenty 2016-12-19 09:56 - 2016-12-19 09:56 - 00000000 _SHDL C:\Users\mszpond\Menu Start 2016-12-19 09:56 - 2016-12-19 09:56 - 00000000 _SHDL C:\Users\mszpond\Documents\Moje wideo 2016-12-19 09:56 - 2016-12-19 09:56 - 00000000 _SHDL C:\Users\mszpond\Documents\Moje obrazy 2016-12-19 09:56 - 2016-12-19 09:56 - 00000000 _SHDL C:\Users\mszpond\Documents\Moja muzyka 2016-12-19 09:56 - 2016-12-19 09:56 - 00000000 _SHDL C:\Users\mszpond\Dane aplikacji 2016-12-19 09:56 - 2016-12-19 09:56 - 00000000 _SHDL C:\Users\mszpond\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2016-12-19 09:56 - 2016-12-19 09:56 - 00000000 _SHDL C:\Users\mszpond\AppData\Local\Historia 2016-12-19 09:56 - 2016-12-19 09:56 - 00000000 _SHDL C:\Users\mszpond\AppData\Local\Dane aplikacji 2016-12-19 09:56 - 2016-12-19 09:56 - 00000000 __SHD C:\Users\mszpond\IntelGraphicsProfiles 2016-12-19 09:56 - 2016-12-19 09:56 - 00000000 ____D C:\Users\mszpond\AppData\Roaming\Adobe 2016-12-19 09:56 - 2016-12-19 09:56 - 00000000 ____D C:\Users\mszpond\AppData\Local\VirtualStore 2016-12-19 09:56 - 2016-12-19 09:56 - 00000000 ____D C:\Users\mszpond\AppData\Local\TileDataLayer 2016-12-19 09:56 - 2016-12-19 09:56 - 00000000 ____D C:\Users\mszpond\AppData\Local\Publishers 2016-12-19 09:56 - 2016-08-24 09:48 - 00000000 ____D C:\Users\mszpond\AppData\Local\Microsoft Help 2016-12-19 09:52 - 2016-12-19 09:52 - 00001912 _____ C:\WINDOWS\epplauncher.mif 2016-12-19 09:52 - 2016-12-19 09:52 - 00000000 ____D C:\Program Files\Windows Firewall Configuration Provider 2016-12-19 09:52 - 2016-12-19 09:52 - 00000000 ____D C:\Program Files\LAPS 2016-12-19 09:51 - 2016-12-19 09:52 - 00000000 ____D C:\Program Files\Managed Defender 2016-12-19 09:51 - 2016-12-19 09:51 - 00000000 ____D C:\Program Files (x86)\Managed Defender 2016-12-19 09:32 - 2016-12-24 18:25 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-12-19 09:32 - 2016-12-24 14:13 - 00000000 ____D C:\Program Files\Intel 2016-12-19 09:32 - 2016-12-24 14:13 - 00000000 ____D C:\Program Files (x86)\Intel 2016-12-19 09:32 - 2016-12-19 09:56 - 00000000 ____D C:\Intel 2016-12-19 09:32 - 2016-12-19 09:32 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2016-12-19 09:32 - 2016-12-19 09:32 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin 2016-12-19 09:32 - 2016-10-25 01:08 - 00099856 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2016-12-19 09:31 - 2016-12-19 09:31 - 00561160 _____ C:\WINDOWS\system32\Drivers\rtwavesskdy.dat 2016-12-19 09:31 - 2016-12-19 09:31 - 00113715 _____ C:\WINDOWS\system32\Drivers\rtwavesvp.dat 2016-12-19 09:31 - 2016-12-19 09:31 - 00031095 _____ C:\WINDOWS\system32\Drivers\rtwavesEFX.dat 2016-12-19 09:31 - 2016-12-19 09:31 - 00020671 _____ C:\WINDOWS\system32\Drivers\rtwavesvpcap.dat 2016-12-19 09:31 - 2016-12-19 09:31 - 00010945 _____ C:\WINDOWS\system32\Drivers\rtwavesMFX.dat 2016-12-19 09:31 - 2016-12-19 09:31 - 00003218 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_PushButton 2016-12-19 09:31 - 2016-12-19 09:31 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ST_Accel_01011.Wdf 2016-12-19 09:31 - 2016-12-19 09:31 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Apfiltr_01009.Wdf 2016-12-19 09:31 - 2016-12-19 09:31 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2016-12-19 09:31 - 2016-12-19 09:31 - 00000000 ____D C:\Program Files\STMicroelectronics 2016-12-19 09:31 - 2016-12-19 09:31 - 00000000 ____D C:\Program Files\Realtek 2016-12-19 09:31 - 2016-12-19 09:31 - 00000000 ____D C:\Program Files\DIFX 2016-12-19 09:31 - 2016-12-19 09:31 - 00000000 ____D C:\Program Files\DellTPad 2016-12-19 09:31 - 2016-12-19 09:31 - 00000000 ____D C:\Program Files (x86)\Realtek 2016-12-19 09:31 - 2015-01-09 10:25 - 00023216 _____ (ST Microelectronics) C:\WINDOWS\system32\Drivers\stdcfltn.sys 2016-12-19 09:30 - 2016-12-19 09:30 - 00009620 _____ C:\WINDOWS\system32\CcmFramework.ini 2016-12-19 09:30 - 2016-12-19 09:30 - 00001764 _____ C:\WINDOWS\SMSAdvancedClient.CLP1045.mif 2016-12-19 09:30 - 2016-12-19 09:30 - 00000621 _____ C:\WINDOWS\system32\CcmFramework.h 2016-12-19 09:30 - 2016-12-19 09:30 - 00000000 ____D C:\WINDOWS\system32\{3DA228BE-34DA-49f4-A081-66465B077429} 2016-12-19 09:30 - 2016-12-19 09:30 - 00000000 ____D C:\WINDOWS\ms 2016-12-19 09:28 - 2016-12-24 18:26 - 00000504 _____ C:\WINDOWS\system32\config\netlogon.ftl 2016-12-19 09:28 - 2016-12-19 09:28 - 00000000 ____D C:\WINDOWS\SysWOW64\%LOCALAPPDATA% 2016-12-19 09:28 - 2016-12-19 09:28 - 00000000 ____D C:\WINDOWS\CSC ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-12-24 18:28 - 2016-08-24 09:39 - 03322688 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-12-24 18:28 - 2016-07-16 23:06 - 01389818 _____ C:\WINDOWS\system32\perfh015.dat 2016-12-24 18:28 - 2016-07-16 23:06 - 00362988 _____ C:\WINDOWS\system32\perfc015.dat 2016-12-24 18:26 - 2016-08-24 09:36 - 00000600 _____ C:\WINDOWS\SMSCFG.INI 2016-12-24 18:24 - 2016-08-24 09:31 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-12-24 18:24 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI 2016-12-24 17:12 - 2016-08-24 09:53 - 00093076 __RSH C:\ProgramData\ntuser.pol 2016-12-24 16:40 - 2016-08-24 09:31 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2016-12-24 14:40 - 2016-08-24 09:37 - 00000000 ____D C:\ProgramData\Package Cache 2016-12-24 14:13 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF 2016-12-24 07:51 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Registration 2016-12-24 07:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-12-23 10:02 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache 2016-12-21 15:14 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps 2016-12-21 14:00 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2016-12-20 18:48 - 2016-08-24 09:38 - 00000000 ____D C:\WINDOWS\ccmcache 2016-12-20 17:35 - 2016-08-24 09:37 - 00000000 ____D C:\WINDOWS\ccmsetup 2016-12-20 17:23 - 2016-08-24 09:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-12-20 16:54 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\appcompat 2016-12-20 15:25 - 2016-07-16 12:47 - 00000167 _____ C:\WINDOWS\win.ini 2016-12-20 15:00 - 2016-08-24 09:50 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2016-12-20 15:00 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-12-20 14:27 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2016-12-20 14:26 - 2016-08-24 09:44 - 00000000 ____D C:\Program Files\7-Zip 2016-12-20 07:57 - 2016-08-24 09:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-12-19 09:56 - 2016-08-24 09:38 - 00000000 ____D C:\WINDOWS\CCM 2016-12-19 09:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\spool 2016-12-19 09:49 - 2016-07-16 12:47 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2016-12-19 09:30 - 2016-08-24 09:39 - 00004789 _____ C:\WINDOWS\system32\InstallUtil.InstallLog 2016-12-19 09:30 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2016-12-19 09:29 - 2016-08-24 09:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-12-19 09:29 - 2016-08-24 09:37 - 00000000 ____D C:\Program Files\Microsoft Policy Platform 2016-12-19 09:29 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-12-19 09:28 - 2016-08-24 09:29 - 00000000 ____D C:\WINDOWS\panther 2016-12-19 09:24 - 2016-07-16 12:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template ==================== Pliki w katalogu głównym wybranych folderów ======= 2016-12-22 17:44 - 2016-12-24 08:19 - 0007602 _____ () C:\Users\mlik\AppData\Local\resmon.resmoncfg Niektóre pliki w TEMP: ==================== C:\Users\mlik\AppData\Local\Temp\shutdown1482242718.exe ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-08-24 09:31 ==================== Koniec FRST.txt ============================