Problem z ładowaniem się stron

MrotekGaming · 26 Czerwca 2016

Cześć, od jakiegoś czasu borykam się z problemem wolnego ładowania stron internetowych, czasami nie ładują się wcale.. Wpisuję przykładowo mpcforum.pl i wyskakuje błąd " ta witryna nie jest osiągalna ". Antywirusy nie pomagają, dlatego zwracam się tutaj. Mam nadzieję, że ktoś pomoże.

LOGI:

FRST:

Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 26-06-2016 01

Uruchomiony przez Maciej (administrator) MACIEK (26-06-2016 17:35:33)

Uruchomiony z C:\Users\Maciej\Downloads

Załadowane profile: Maciej (Dostępne profile: Maciej)

Platform: Windows 10 Pro Wersja 1511 (X64) Język: Polski (Polska)

Internet Explorer Wersja 11 (Domyślna przeglądarka: Edge)

Tryb startu: Normal

Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(TData.com) C:\Program Files (x86)\TData\TData.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe

(Spotify Ltd) C:\Users\Maciej\AppData\Roaming\Spotify\SpotifyWebHelper.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe

() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe

() C:\Program Files\KMSpico\AutoPico.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.424_none_767fbf7a263fc7d3\TiWorker.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Farbar) C:\Users\Maciej\Downloads\FRST64 (1).exe

==================== Rejestr (filtrowane) ===========================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169744 2015-09-12] (Apple Inc.)

HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-05-18] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6570256 2016-06-09] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [bCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)

HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [75264 2016-05-11] ()

HKU\S-1-5-21-1456535354-2696374450-2110360931-1001\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [2917456 2016-06-15] (Valve Corporation)

HKU\S-1-5-21-1456535354-2696374450-2110360931-1001\...\Run: [spotify Web Helper] => C:\Users\Maciej\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-05-24] (Spotify Ltd)

HKU\S-1-5-21-1456535354-2696374450-2110360931-1001\...\Run: [spotify] => C:\Users\Maciej\AppData\Roaming\Spotify\Spotify.exe [6858864 2016-05-24] (Spotify Ltd)

Startup: C:\Users\Maciej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SHU.lnk [2016-05-10]

ShortcutTarget: SHU.lnk -> C:\Program Files (x86)\SHU\SHU.exe ()

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Tcpip\..\Interfaces\{47ac0ab0-a67b-43c0-811b-341c4cbe71dd}: [NameServer] 104.197.191.4

Tcpip\..\Interfaces\{47ac0ab0-a67b-43c0-811b-341c4cbe71dd}: [DhcpNameServer] 192.168.0.1

Tcpip\..\Interfaces\{8718928d-cbeb-45ea-a621-800a9249001d}: [NameServer] 104.197.191.4

Tcpip\..\Interfaces\{bbed3e08-0b41-11e3-8249-806e6f6e6963}: [NameServer] 104.197.191.4

Internet Explorer:

==================

HKU\S-1-5-21-1456535354-2696374450-2110360931-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-06-10] (Microsoft Corporation)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)

BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-22] (Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)

Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)

Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)

FireFox:

========

FF ProfilePath: C:\Users\Maciej\AppData\Roaming\Mozilla\Firefox\Profiles\e3211cmo.default

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] ()

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-06-10] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)

FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Maciej\AppData\Roaming\Mozilla\Firefox\Profiles\e3211cmo.default\extensions\[email protected]<script data-cfhash='f9e31' type="text/javascript">/* */</script> [2016-06-17]

Chrome:

=======

CHR HomePage: Default -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBP-OqRkK_4g5H3zXx0q1D1XXsHhKKzkrGfutJ42VIE43jdby06grJ4kewieME2p8GGmMsrWbEXC_WBLZtGHtCutbRz1fawiY4ygNCEzBl-oAM5jLvrUtUIGfNm8ra0LtEaerJwKjB0eGoP6dolfFriLa6Dx8scao0sEjMDjjTOr4c,

CHR StartupUrls: Default -> "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=F837001E8C877314&affID=119294&tsp=4960","hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=hp&from=newgdp&uid=ST3320613AS_9SZ09T02XXXX9SZ09T02&ts=1380220599","hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=hp&from=newgdp&uid=ST3320613AS_9SZ09T02XXXX9SZ09T02&ts=1380288108","hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=hp&from=newgdp&uid=ST3320613AS_9SZ09T02XXXX9SZ09T02&ts=1380295139","hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=hp&from=newgdp&uid=ST3320613AS_9SZ09T02XXXX9SZ09T02&ts=1380306791","hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=hp&from=newgdp&uid=ST3320613AS_9SZ09T02XXXX9SZ09T02&ts=1380309931","hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=hp&from=newgdp&uid=ST3320613AS_9SZ09T02XXXX9SZ09T02&ts=1380358344","hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=hp&from=newgdp&uid=ST3320613AS_9SZ09T02XXXX9SZ09T02&ts=1380365654","hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=hp&from=newgdp&uid=ST3320613AS_9SZ09T02XXXX9SZ09T02&ts=1380376767","hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=hp&from=newgdp&uid=ST3320613AS_9SZ09T02XXXX9SZ09T02&ts=1380443910","hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=hp&from=newgdp&uid=ST3320613AS_9SZ09T02XXXX9SZ09T02&ts=1380447521","hxxp://mysearch.avg.com?cid={A4ACEF1D-D83F-432B-8205-8775AF3993B9}&mid=e619d3b7808647d2a1ead157ca639ae7-14f59128680cac54cfb6b722ab1aa7fce97a516d〈=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-06 18:07:50&v=17.3.1.91&pid=safeguard&sg=&sap=hp","hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1bNV5iGB7j76kR7EOZGkeQkbUBtqSnxyncrRE33KckNPn0Vx9PzkWmR57FbPcBE43N0GJMD-7CmEopXJUZZO7-8ug_3cjZdmZczlZ9IRNxDCCksnHN2ZHk7r421m5CLmvylEmdZjS_QeQJJid556R3M5LRNDONs-X23CZc3mQJGM,","hxxp://www.sweet-page.com/?type=hp&ts=1399910256&from=wpc&uid=SAMSUNGXSP2504C_S09QJ1WL807085","hxxp://www.sweet-page.com/?type=hppp&ts=1400240706&from=wpc&uid=SAMSUNGXSP2504C_S09QJ1WL807085","hxxp://www.sweet-page.com/?type=hppp&ts=1400616588&from=wpc&uid=SAMSUNGXSP2504C_S09QJ1WL807085","hxxp://www.sweet-page.com/?type=hppp&ts=1400693095&from=wpc&uid=SAMSUNGXSP2504C_S09QJ1WL807085","hxxp://www.sweet-page.com/?type=hppp&ts=1400762138&from=wpc&uid=SAMSUNGXSP2504C_S09QJ1WL807085","hxxp://www.sweet-page.com/?type=hppp&ts=1400778667&from=wpc&uid=SAMSUNGXSP2504C_S09QJ1WL807085","hxxp://start.qone8.com/?type=hp&ts=1400740707&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1400789659&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1400824872&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1400848639&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1400868406&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1400872346&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1400910940&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1400943761&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1400962881&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1401002033&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1401041430&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1401052942&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1401136353&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1401208133&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1401286591&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1401292532&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1401373531&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1401460752&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1401475359&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1401481414&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1401526558&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1401531465&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1401572028&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1401612697&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1401632438&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1401642507&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1401717736&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1401736544&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1401743684&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1401806649&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1401811305&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1401901997&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1401912926&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1401976015&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1401979502&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1402003254&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1402060626&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1402088835&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1402125875&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1402128084&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1402161721&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1402171121&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1402227416&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1402257686&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1402294544&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1402328809&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1402330263&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1402347466&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1402413746&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1402417808&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1402432512&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1402433398&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1402507243&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1402515442&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1402600652&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://start.qone8.com/?type=hppp&ts=1402606854&from=tt4u&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://www.delta-homes.com/?type=hp&ts=1402607114&from=wpm0612&uid=HitachiXHTS543225A7A384_E2024242CEH5KDCEH5KDX","hxxp://www.mystartsearch.com/?type=hp&ts=1418068828&from=smt&uid=SAMSUNGXSP2504C_S09QJ1WL807085","hxxp://www.istartsurf.com/?type=hp&ts=1429474365&from=smt&uid=SAMSUNGXSP2504C_S09QJ1WL807085","hxxp://www.istartsurf.com/?type=hppp&ts=1429474396&from=smt&uid=SAMSUNGXSP2504C_S09QJ1WL807085","hxxp://www.hohosearch.com/?mode=nnnb&ptid=clc&uid=EFF498F67F22E488C6CDF6FEA50F02E1&v=20160415&ts=AHEqAHIlAH4qBU..","hxxp://www.hohosearch.com/?mode=nnnb&ptid=amz&uid=EFF498F67F22E488C6CDF6FEA50F02E1&v=20160421&ts=AHEqAHIlAH8kC0..","hxxp://www.hohosearch.com/?mode=nnnb&ptid=amz&uid=EFF498F67F22E488C6CDF6FEA50F02E1&v=20160425&ts=AHEqAHUqBn8sA0.."

CHR Profile: C:\Users\Maciej\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Dokumenty Google) - C:\Users\Maciej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-24]

CHR Extension: (Dysk Google) - C:\Users\Maciej\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-24]

CHR Extension: (YouTube) - C:\Users\Maciej\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-24]

CHR Extension: (Slither.io Skins, Mods, Hack & Guide) - C:\Users\Maciej\AppData\Local\Google\Chrome\User Data\Default\Extensions\dggomkijbihggjgcgdbnleolpleddaid [2016-04-28]

CHR Extension: (Lounge Assistant) - C:\Users\Maciej\AppData\Local\Google\Chrome\User Data\Default\Extensions\enjonnlehciedbcidabdglnnihcncbml [2016-04-24]

CHR Extension: (Arkusze Google) - C:\Users\Maciej\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-24]

CHR Extension: (LoungeDestroyer) - C:\Users\Maciej\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2016-04-27]

CHR Extension: (Dokumenty Google offline) - C:\Users\Maciej\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-24]

CHR Extension: (AdBlock) - C:\Users\Maciej\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-01]

CHR Extension: (Video download helper) - C:\Users\Maciej\AppData\Local\Google\Chrome\User Data\Default\Extensions\mngdadkapbemiekajhhalpakdpleogfn [2016-04-24]

CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Maciej\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-24]

CHR Extension: (Gmail) - C:\Users\Maciej\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-24]

==================== Usługi (filtrowane) ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)

S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [636312 2016-06-09] (AVG Technologies CZ, s.r.o.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5165824 2016-06-09] (AVG Technologies CZ, s.r.o.)

R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1080592 2016-05-18] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [705528 2016-06-09] (AVG Technologies CZ, s.r.o.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2944768 2016-06-10] (Microsoft Corporation)

R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2016-05-24] ()

S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] () [brak podpisu cyfrowego]

R2 TDataSvr; C:\Program Files (x86)\TData\TData.exe [135880 2016-06-12] (TData.com)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Sterowniki (filtrowane) ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162592 2016-02-16] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [307456 2016-05-18] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)

R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-05-02] (AVG Technologies CZ, s.r.o.)

R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [247040 2016-05-05] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [51968 2016-05-02] (AVG Technologies CZ, s.r.o.)

R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [71936 2016-05-05] (AVG Technologies CZ, s.r.o.)

R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)

S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)

S3 FairplayKD; C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [70928 2016-06-26] (Multi Theft Auto)

R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)

S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)

S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)

S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)

S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

R3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2016-05-01] (Basil Projects)

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2016-06-26 17:34 - 2016-06-26 17:34 - 02388992 _____ (Farbar) C:\Users\Maciej\Downloads\FRST64 (1).exe

2016-06-26 17:34 - 2016-06-26 17:34 - 00380928 _____ C:\Users\Maciej\Downloads\k6h9yz95.exe

2016-06-26 17:29 - 2016-06-26 17:29 - 00002193 _____ C:\Users\Public\Desktop\MTA San Andreas 1.5.lnk

2016-06-26 17:29 - 2016-06-26 17:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.5

2016-06-25 16:31 - 2016-06-25 16:33 - 00000000 ____D C:\Users\Maciej\Documents\Fax

2016-06-25 16:31 - 2016-06-25 16:31 - 00000000 ___RD C:\Users\Maciej\Documents\Scanned Documents

2016-06-25 16:25 - 2016-06-25 16:25 - 00000000 ____D C:\Users\Maciej\AppData\LocalLow\Temp

2016-06-24 16:45 - 2016-06-24 16:45 - 00001702 _____ C:\Users\Maciej\Desktop\Multi Theft Auto — skrót .lnk

2016-06-23 21:48 - 2016-06-23 21:48 - 00000000 ____D C:\Users\Maciej\AppData\Roaming\Apple Computer

2016-06-23 21:48 - 2016-06-23 21:48 - 00000000 ____D C:\Users\Maciej\AppData\Local\Apple Computer

2016-06-23 21:47 - 2016-06-23 21:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2016-06-23 21:47 - 2016-06-23 21:47 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7

2016-06-23 21:47 - 2016-06-23 21:47 - 00000000 ____D C:\ProgramData\Apple Computer

2016-06-23 21:47 - 2016-06-23 21:47 - 00000000 ____D C:\Program Files\iTunes

2016-06-23 21:47 - 2016-06-23 21:47 - 00000000 ____D C:\Program Files\iPod

2016-06-23 21:47 - 2016-06-23 21:47 - 00000000 ____D C:\Program Files (x86)\iTunes

2016-06-23 21:47 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys

2016-06-23 21:42 - 2016-06-23 21:42 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk

2016-06-23 21:42 - 2016-06-23 21:42 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple

2016-06-23 21:42 - 2016-06-23 21:42 - 00000000 ____D C:\Users\Maciej\AppData\Local\Apple

2016-06-23 21:42 - 2016-06-23 21:42 - 00000000 ____D C:\Program Files (x86)\Apple Software Update

2016-06-23 21:41 - 2016-06-23 21:47 - 00000000 ____D C:\Program Files\Common Files\Apple

2016-06-23 21:41 - 2016-06-23 21:42 - 00000000 ____D C:\ProgramData\Apple

2016-06-23 21:41 - 2016-06-23 21:41 - 00000000 ____D C:\Program Files\Bonjour

2016-06-23 21:41 - 2016-06-23 21:41 - 00000000 ____D C:\Program Files (x86)\Bonjour

2016-06-23 21:20 - 2016-06-23 21:35 - 152447768 _____ (Apple Inc.) C:\Users\Maciej\Downloads\iTunes6464Setup.exe

2016-06-21 10:14 - 2016-06-21 10:16 - 134490400 _____ C:\Users\Maciej\Downloads\f49dvoww.exe

2016-06-17 22:46 - 2016-06-18 10:21 - 00000000 ____D C:\Program Files (x86)\{F55B3C58-1954-4500-A5CF-2A4DD4F01C53}

2016-06-17 22:45 - 2016-06-17 22:45 - 00000000 ____D C:\Program Files (x86)\qw4n0v4h

2016-06-17 20:54 - 2016-05-28 08:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2016-06-17 20:54 - 2016-05-28 08:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2016-06-17 20:54 - 2016-05-28 08:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2016-06-17 20:54 - 2016-05-28 08:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2016-06-17 20:54 - 2016-05-28 08:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2016-06-17 20:54 - 2016-05-28 08:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe

2016-06-17 20:54 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll

2016-06-17 20:54 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll

2016-06-17 20:54 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll

2016-06-17 20:54 - 2016-05-28 07:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2016-06-17 20:54 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll

2016-06-17 20:54 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll

2016-06-17 20:54 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys

2016-06-17 20:54 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys

2016-06-17 20:54 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll

2016-06-17 20:54 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll

2016-06-17 20:54 - 2016-05-28 07:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2016-06-17 20:54 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll

2016-06-17 20:54 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe

2016-06-17 20:54 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll

2016-06-17 20:54 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll

2016-06-17 20:54 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys

2016-06-17 20:54 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll

2016-06-17 20:54 - 2016-05-28 07:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2016-06-17 20:54 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2016-06-17 20:54 - 2016-05-28 07:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll

2016-06-17 20:54 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll

2016-06-17 20:54 - 2016-05-28 07:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe

2016-06-17 20:54 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe

2016-06-17 20:54 - 2016-05-28 07:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys

2016-06-17 20:54 - 2016-05-28 07:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2016-06-17 20:54 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2016-06-17 20:54 - 2016-05-28 07:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll

2016-06-17 20:54 - 2016-05-28 07:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe

2016-06-17 20:54 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe

2016-06-17 20:54 - 2016-05-28 07:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2016-06-17 20:54 - 2016-05-28 07:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2016-06-17 20:54 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll

2016-06-17 20:54 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll

2016-06-17 20:54 - 2016-05-28 07:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys

2016-06-17 20:54 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll

2016-06-17 20:54 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll

2016-06-17 20:54 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll

2016-06-17 20:54 - 2016-05-28 06:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2016-06-17 20:54 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll

2016-06-17 20:54 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll

2016-06-17 20:54 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll

2016-06-17 20:54 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll

2016-06-17 20:54 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll

2016-06-17 20:54 - 2016-05-28 06:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll

2016-06-17 20:54 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe

2016-06-17 20:54 - 2016-05-28 06:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys

2016-06-17 20:54 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe

2016-06-17 20:54 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll

2016-06-17 20:54 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll

2016-06-17 20:54 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe

2016-06-17 20:54 - 2016-05-28 06:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll

2016-06-17 20:54 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys

2016-06-17 20:54 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe

2016-06-17 20:54 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll

2016-06-17 20:54 - 2016-05-28 06:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll

2016-06-17 20:54 - 2016-05-28 06:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2016-06-17 20:54 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll

2016-06-17 20:54 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll

2016-06-17 20:54 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll

2016-06-17 20:54 - 2016-05-28 06:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe

2016-06-17 20:54 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll

2016-06-17 20:54 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll

2016-06-17 20:54 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll

2016-06-17 20:54 - 2016-05-28 06:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll

2016-06-17 20:54 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe

2016-06-17 20:54 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe

2016-06-17 20:54 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe

2016-06-17 20:54 - 2016-05-28 06:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll

2016-06-17 20:54 - 2016-05-28 06:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll

2016-06-17 20:54 - 2016-05-28 06:25 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll

2016-06-17 20:54 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

2016-06-17 20:54 - 2016-05-28 06:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll

2016-06-17 20:54 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys

2016-06-17 20:54 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll

2016-06-17 20:54 - 2016-05-28 06:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll

2016-06-17 20:54 - 2016-05-28 06:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll

2016-06-17 20:54 - 2016-05-28 06:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll

2016-06-17 20:54 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll

2016-06-17 20:54 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll

2016-06-17 20:54 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys

2016-06-17 20:54 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll

2016-06-17 20:54 - 2016-05-28 06:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll

2016-06-17 20:54 - 2016-05-28 06:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll

2016-06-17 20:54 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys

2016-06-17 20:54 - 2016-05-28 06:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll

2016-06-17 20:54 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll

2016-06-17 20:54 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe

2016-06-17 20:54 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll

2016-06-17 20:54 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll

2016-06-17 20:54 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll

2016-06-17 20:54 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll

2016-06-17 20:54 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll

2016-06-17 20:54 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll

2016-06-17 20:54 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll

2016-06-17 20:54 - 2016-05-28 06:21 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.dll

2016-06-17 20:54 - 2016-05-28 06:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll

2016-06-17 20:54 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll

2016-06-17 20:54 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll

2016-06-17 20:54 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll

2016-06-17 20:54 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll

2016-06-17 20:54 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll

2016-06-17 20:54 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll

2016-06-17 20:54 - 2016-05-28 06:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2016-06-17 20:54 - 2016-05-28 06:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll

2016-06-17 20:54 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll

2016-06-17 20:54 - 2016-05-28 06:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe

2016-06-17 20:54 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll

2016-06-17 20:54 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll

2016-06-17 20:54 - 2016-05-28 06:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2016-06-17 20:54 - 2016-05-28 06:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll

2016-06-17 20:54 - 2016-05-28 06:18 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll

2016-06-17 20:54 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll

2016-06-17 20:54 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll

2016-06-17 20:54 - 2016-05-28 06:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll

2016-06-17 20:54 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL

2016-06-17 20:54 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll

2016-06-17 20:54 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll

2016-06-17 20:54 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2016-06-17 20:54 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll

2016-06-17 20:54 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll

2016-06-17 20:54 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll

2016-06-17 20:54 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll

2016-06-17 20:54 - 2016-05-28 06:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll

2016-06-17 20:54 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll

2016-06-17 20:54 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll

2016-06-17 20:54 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2016-06-17 20:54 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys

2016-06-17 20:54 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll

2016-06-17 20:54 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll

2016-06-17 20:54 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll

2016-06-17 20:54 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys

2016-06-17 20:54 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll

2016-06-17 20:54 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll

2016-06-17 20:54 - 2016-05-28 06:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll

2016-06-17 20:54 - 2016-05-28 06:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll

2016-06-17 20:54 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll

2016-06-17 20:54 - 2016-05-28 06:15 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll

2016-06-17 20:54 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll

2016-06-17 20:54 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll

2016-06-17 20:54 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll

2016-06-17 20:54 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys

2016-06-17 20:54 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2016-06-17 20:54 - 2016-05-28 06:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll

2016-06-17 20:54 - 2016-05-28 06:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll

2016-06-17 20:54 - 2016-05-28 06:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll

2016-06-17 20:54 - 2016-05-28 06:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2016-06-17 20:54 - 2016-05-28 06:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2016-06-17 20:54 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll

2016-06-17 20:54 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll

2016-06-17 20:54 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll

2016-06-17 20:54 - 2016-05-28 06:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2016-06-17 20:54 - 2016-05-28 06:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll

2016-06-17 20:54 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll

2016-06-17 20:54 - 2016-05-28 06:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll

2016-06-17 20:54 - 2016-05-28 06:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll

2016-06-17 20:54 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll

2016-06-17 20:54 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll

2016-06-17 20:54 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll

2016-06-17 20:54 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll

2016-06-17 20:54 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll

2016-06-17 20:54 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll

2016-06-17 20:54 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll

2016-06-17 20:54 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll

2016-06-17 20:54 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll

2016-06-17 20:54 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2016-06-17 20:54 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2016-06-17 20:54 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll

2016-06-17 20:54 - 2016-05-28 06:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll

2016-06-17 20:54 - 2016-05-28 06:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2016-06-17 20:54 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll

2016-06-17 20:54 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2016-06-17 20:54 - 2016-05-28 06:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll

2016-06-17 20:54 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll

2016-06-17 20:54 - 2016-05-28 06:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll

2016-06-17 20:54 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2016-06-17 20:54 - 2016-05-28 06:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2016-06-17 20:54 - 2016-05-28 06:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll

2016-06-17 20:54 - 2016-05-28 06:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll

2016-06-17 20:54 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll

2016-06-17 20:54 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll

2016-06-17 20:54 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll

2016-06-17 20:54 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll

2016-06-17 20:54 - 2016-05-28 06:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll

2016-06-17 20:54 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll

2016-06-17 20:54 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll

2016-06-17 20:54 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll

2016-06-17 20:54 - 2016-05-28 06:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2016-06-17 20:54 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2016-06-17 20:54 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll

2016-06-17 20:54 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll

2016-06-17 20:54 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll

2016-06-17 20:54 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll

2016-06-17 20:54 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2016-06-17 20:54 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll

2016-06-17 20:54 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2016-06-17 20:54 - 2016-05-28 06:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll

2016-06-17 20:54 - 2016-05-28 06:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll

2016-06-17 20:54 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2016-06-17 20:54 - 2016-05-28 06:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2016-06-17 20:54 - 2016-05-28 06:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2016-06-17 20:54 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll

2016-06-17 20:54 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll

2016-06-17 20:54 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll

2016-06-17 20:54 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe

2016-06-17 20:54 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll

2016-06-17 20:54 - 2016-05-28 05:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2016-06-17 20:54 - 2016-05-28 05:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2016-06-17 20:54 - 2016-05-28 05:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2016-06-17 20:54 - 2016-05-28 05:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll

2016-06-17 20:54 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll

2016-06-17 20:54 - 2016-05-28 05:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2016-06-17 20:54 - 2016-05-28 05:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll

2016-06-17 20:54 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll

2016-06-17 20:34 - 2016-06-17 20:34 - 00295908 _____ C:\WINDOWS\Minidump\061716-46187-01.dmp

2016-06-17 18:54 - 2016-06-17 19:28 - 2098186240 _____ C:\Users\Maciej\Downloads\Pitbull. Nowe porządki (2016) Film PL.DVDRip.XviD.AC3-KiT.avi

2016-06-17 18:44 - 2016-06-17 18:44 - 00000000 ____D C:\Users\Maciej\AppData\Roaming\Mozilla

2016-06-17 18:44 - 2016-06-17 18:44 - 00000000 ____D C:\Users\Maciej\AppData\Local\Mozilla

2016-06-17 18:43 - 2016-06-17 18:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2016-06-17 18:43 - 2016-06-17 18:43 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2016-06-17 18:43 - 2016-06-17 18:43 - 00001220 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk

2016-06-17 18:43 - 2016-06-17 18:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2016-06-17 18:40 - 2016-06-17 18:42 - 06156546 _____ C:\Users\Maciej\Downloads\ff-12dcfb8ee520b8a802b9a7ecc8d593cd,57656fed,7153fa7_360.flv

2016-06-17 18:38 - 2016-06-17 18:39 - 10619350 _____ C:\Users\Maciej\Downloads\flash_video_downloader_youtube_hd_download_4k-13.2.2-fx+an.xpi

2016-06-17 18:38 - 2016-06-17 18:38 - 00242328 _____ C:\Users\Maciej\Downloads\Firefox Setup Stub 47.0.exe

2016-06-17 18:26 - 2016-06-17 18:28 - 05045486 _____ C:\Users\Maciej\Downloads\Pitbull Nowe porzdki (2016) - Zalukajcom (1).flv

2016-06-17 18:13 - 2016-06-17 18:13 - 00623146 _____ C:\Users\Maciej\Downloads\vShareio - Download file (2).flv

2016-06-17 18:01 - 2016-06-17 18:03 - 03947566 _____ C:\Users\Maciej\Downloads\Pitbull Nowe porzdki (2016) - Zalukajcom.flv

2016-06-17 17:49 - 2016-06-17 17:49 - 00000000 ____D C:\ProgramData\VideoDownloaderUltimateWinApp

2016-06-17 17:48 - 2016-06-17 17:48 - 00313160 _____ (Link64 GmbH) C:\Users\Maciej\Downloads\VideoDownloaderUltimate_Installer_mini.exe

2016-06-17 17:33 - 2016-06-17 17:36 - 14713820 _____ C:\Users\Maciej\Downloads\vShareio - Download file (1).flv

2016-06-17 17:27 - 2016-06-17 17:29 - 04083346 _____ C:\Users\Maciej\Downloads\vShareio - Download file.flv

2016-06-17 14:45 - 2016-06-17 20:34 - 00000000 ____D C:\Program Files (x86)\{0C080C8A-0FE0-4CA5-973B-7E7585BBEC03}

2016-06-17 14:43 - 2016-06-17 14:43 - 00000000 ____D C:\Program Files (x86)\zld5ts9y

2016-06-15 21:48 - 2016-06-15 21:48 - 02493769 _____ C:\Users\Maciej\Downloads\67982-buffalo-minimal-tuned.zip

2016-06-15 21:30 - 2016-06-15 21:30 - 04069416 _____ C:\Users\Maciej\Downloads\74769-zr-350-stance.zip

2016-06-15 21:29 - 2016-06-15 21:29 - 02196908 _____ C:\Users\Maciej\Downloads\69898-better-super-gt.zip

2016-06-15 21:27 - 2016-06-15 21:27 - 07579477 _____ C:\Users\Maciej\Downloads\74429-sadler-debbie.zip

2016-06-15 21:27 - 2016-06-15 21:27 - 07080549 _____ C:\Users\Maciej\Downloads\25633-chevrolet-impala-1964-lowrider.zip

2016-06-15 21:25 - 2016-06-15 21:25 - 02231974 _____ C:\Users\Maciej\Downloads\18537-new-tampa.zip

2016-06-15 21:24 - 2016-06-15 21:24 - 02467366 _____ C:\Users\Maciej\Downloads\64162-new-sandking.zip

2016-06-15 21:22 - 2016-06-15 21:22 - 02119889 _____ C:\Users\Maciej\Downloads\72888-sabre-boso.zip

2016-06-15 21:22 - 2016-06-15 21:22 - 01948800 _____ C:\Users\Maciej\Downloads\37562-perennial-cabriolet.zip

2016-06-15 21:18 - 2016-06-15 21:19 - 02716245 _____ C:\Users\Maciej\Downloads\73091-new-buffalo-bandit.zip

2016-06-15 21:18 - 2016-06-15 21:18 - 03433967 _____ C:\Users\Maciej\Downloads\77803-japan-elegy.zip

2016-06-15 21:15 - 2016-06-15 21:15 - 00000000 ____D C:\Users\Maciej\AppData\Local\MicrosoftEdge

2016-06-15 21:13 - 2016-06-15 22:27 - 00000000 ____D C:\Users\Maciej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\www.gtavicecity.ru

2016-06-15 21:13 - 2016-06-15 21:13 - 00000000 ____D C:\Users\Maciej\Documents\www.gtavicecity.ru mods

2016-06-15 21:12 - 2016-06-15 21:12 - 01331579 _____ C:\Users\Maciej\Downloads\646_GTA_Parking_SA_1.0.rar

2016-06-15 20:57 - 2016-06-15 20:58 - 05518538 _____ C:\Users\Maciej\Downloads\77870-huntley.zip

2016-06-15 20:57 - 2016-06-15 20:58 - 04175835 _____ C:\Users\Maciej\Downloads\77607-blista-crx.zip

2016-06-15 20:57 - 2016-06-15 20:58 - 03704251 _____ C:\Users\Maciej\Downloads\78247-jester-supra.zip

2016-06-15 20:57 - 2016-06-15 20:57 - 04033315 _____ C:\Users\Maciej\Downloads\78278-turismo-fulmine.zip

2016-06-15 20:57 - 2016-06-15 20:57 - 00318686 _____ C:\Users\Maciej\Downloads\gleba do vincent'a ByAmadeusz.W.rar

2016-06-15 20:57 - 2016-06-15 20:57 - 00095554 _____ C:\Users\Maciej\Downloads\gleba do clover'a ByAmadeusz.W.rar

2016-06-15 20:57 - 2016-06-15 20:57 - 00094746 _____ C:\Users\Maciej\Downloads\gleba do perek'a ByAmadeusz.W.rar

2016-06-15 20:57 - 2016-06-15 20:57 - 00088819 _____ C:\Users\Maciej\Downloads\gleba do Admiral'a ByAmadeusz.W.rar

2016-06-15 20:53 - 2016-06-15 20:53 - 06719926 _____ C:\Users\Maciej\Downloads\78545-comet-911-germanstyle.zip

2016-06-12 14:42 - 2016-06-17 22:47 - 00000000 ____D C:\Program Files (x86)\TData

2016-06-12 14:42 - 2016-06-12 14:42 - 00000000 ____D C:\Program Files (x86)\lnlpobmh

2016-06-11 18:10 - 2016-06-11 18:10 - 00004388 _____ C:\Users\Maciej\AppData\Local\recently-used.xbel

2016-06-11 17:43 - 2016-06-11 17:43 - 00002397 _____ C:\Users\Maciej\Documents\MumbleAutomaticCertificateBackup.p12

2016-06-11 17:41 - 2016-06-11 17:44 - 00000000 ____D C:\Users\Maciej\AppData\Roaming\Mumble

2016-06-11 17:25 - 2016-06-11 17:25 - 01441907 _____ C:\Users\Maciej\Downloads\revolution Gaming_#6_stable.zip

2016-06-11 17:08 - 2016-06-11 17:09 - 01237222 _____ C:\Users\Maciej\Downloads\Dark Game v1.4 - MyBB 1.8.x.zip

2016-06-11 16:44 - 2016-06-11 16:44 - 00487323 _____ C:\Users\Maciej\Downloads\Skill-Game.pl.rar

2016-06-09 22:04 - 2016-06-09 22:04 - 00000000 ____D C:\Users\Maciej\Documents\Niestandardowe szablony pakietu Office

2016-06-09 21:44 - 2016-06-09 21:44 - 01468416 _____ C:\Users\Maciej\Downloads\pn.ppt

2016-06-09 21:44 - 2016-06-09 21:44 - 00814592 _____ C:\Users\Maciej\Downloads\parki.ppt

2016-06-09 21:43 - 2016-06-09 21:43 - 00677376 _____ C:\Users\Maciej\Downloads\prezentacja_14 (2).pps

2016-06-09 21:27 - 2016-06-09 21:27 - 00002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk

2016-06-09 21:27 - 2016-06-09 21:27 - 00002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk

2016-06-09 21:27 - 2016-06-09 21:27 - 00002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk

2016-06-09 21:27 - 2016-06-09 21:27 - 00002483 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk

2016-06-09 21:27 - 2016-06-09 21:27 - 00002480 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk

2016-06-09 21:27 - 2016-06-09 21:27 - 00002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk

2016-06-09 21:27 - 2016-06-09 21:27 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk

2016-06-09 21:27 - 2016-06-09 21:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Narzędzia pakietu Microsoft Office 2016

2016-06-09 21:13 - 2016-06-09 21:13 - 00000000 ____D C:\Program Files\Microsoft Office 15

2016-06-09 21:12 - 2016-06-09 21:12 - 03482312 _____ (Microsoft Corporation) C:\Users\Maciej\Downloads\Setup.x86.pl-pl_ProfessionalRetail_NKGG6-WBPCC-HXWMY-6DQGJ-CPQVG_act_1_.exe

2016-06-09 21:11 - 2016-06-09 21:11 - 04878536 _____ (Microsoft Corporation) C:\Users\Maciej\Downloads\Setup.x64.pl-pl_ProfessionalRetail_NKGG6-WBPCC-HXWMY-6DQGJ-CPQVG_act_1_.exe

2016-06-09 21:09 - 2016-06-09 21:09 - 00679424 _____ C:\Users\Maciej\Downloads\prezentacja_14 (1).pps

2016-06-09 21:07 - 2016-06-09 21:07 - 00679424 _____ C:\Users\Maciej\Downloads\prezentacja_14.pps

2016-06-09 20:51 - 2016-06-09 21:07 - 00000000 ____D C:\Users\Maciej\Downloads\Microsoft PowerPoint 2016

2016-06-07 21:48 - 2016-06-11 18:07 - 00000000 ____D C:\Users\Maciej\AppData\Local\gtk-2.0

2016-06-07 21:47 - 2016-06-07 21:47 - 00000000 ____D C:\Users\Maciej\.thumbnails

2016-06-07 21:46 - 2016-06-11 18:10 - 00000000 ____D C:\Users\Maciej\.gimp-2.8

2016-06-07 21:46 - 2016-06-07 21:46 - 00000000 ____D C:\Users\Maciej\AppData\Local\gegl-0.2

2016-06-07 21:46 - 2016-06-07 21:46 - 00000000 ____D C:\Users\Maciej\AppData\Local\fontconfig

2016-06-07 21:45 - 2016-06-07 21:45 - 00000939 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk

2016-06-07 21:44 - 2016-06-07 21:45 - 00000000 ____D C:\Program Files\GIMP 2

2016-06-07 21:42 - 2016-06-07 21:44 - 77170096 _____ (The GIMP Team ) C:\Users\Maciej\Downloads\gimp-2.8.16-setup-4.exe

2016-06-05 16:34 - 2016-06-05 16:34 - 00012038 _____ C:\Users\Maciej\Downloads\sb_by_Tommekk80_ver0.12.ZIP

2016-06-04 16:48 - 2016-06-17 20:34 - 00000000 ____D C:\WINDOWS\Minidump

2016-06-04 09:16 - 2016-06-04 09:16 - 00000000 ___HD C:\OneDriveTemp

2016-06-03 16:56 - 2016-06-03 18:42 - 00000000 ____D C:\Program Files (x86)\VirtualDJ

2016-06-03 16:56 - 2016-06-03 16:57 - 00000000 ____D C:\Users\Maciej\Documents\VirtualDJ

2016-06-03 16:56 - 2016-06-03 16:56 - 00001023 _____ C:\Users\Maciej\Desktop\VirtualDJ 8.lnk

2016-06-03 16:56 - 2016-06-03 16:56 - 00000000 ____D C:\Users\Maciej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ

2016-06-03 16:54 - 2016-06-03 16:55 - 57861662 _____ C:\Users\Maciej\Downloads\Virtual DJ Pro 8.0.1910.765 [FULL].zip

2016-06-03 16:42 - 2016-06-17 18:27 - 00000000 ____D C:\Program Files (x86)\qksee

2016-06-03 16:42 - 2016-06-03 16:42 - 00000000 ____D C:\Users\Maciej\AppData\Roaming\qksee

2016-06-03 16:42 - 2016-06-03 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip

2016-06-03 16:42 - 2016-06-03 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee

2016-06-03 16:42 - 2016-06-03 16:42 - 00000000 ____D C:\Program Files (x86)\TXQQBrowser

2016-06-02 15:39 - 2016-06-02 15:39 - 00000000 ____D C:\ProgramData\Gaijin

2016-06-01 21:23 - 2016-06-01 21:23 - 00000000 ____D C:\Users\Maciej\Documents\My Games

2016-05-31 17:44 - 2016-05-31 17:44 - 00749053 _____ C:\Users\Maciej\Downloads\video-1458979672.mp4

2016-05-30 14:56 - 2016-05-30 15:09 - 191984880 _____ C:\Users\Maciej\Downloads\cureit.exe

2016-05-30 14:53 - 2016-05-30 14:53 - 00000222 _____ C:\Users\Maciej\Desktop\War Thunder.url

2016-05-29 10:08 - 2016-06-26 12:26 - 00004210 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E5B148B8-D4D9-46D7-B983-4815A85917D4}

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2016-06-26 17:35 - 2016-04-28 21:21 - 00024849 _____ C:\Users\Maciej\Downloads\FRST.txt

2016-06-26 17:35 - 2016-01-03 00:59 - 00000000 ____D C:\FRST

2016-06-26 17:34 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF

2016-06-26 17:31 - 2016-05-20 18:45 - 01845594 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2016-06-26 17:31 - 2016-02-13 19:29 - 00817060 _____ C:\WINDOWS\system32\perfh015.dat

2016-06-26 17:31 - 2016-02-13 19:29 - 00157764 _____ C:\WINDOWS\system32\perfc015.dat

2016-06-26 17:29 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness

2016-06-26 17:28 - 2016-05-03 13:36 - 00000000 ____D C:\ProgramData\MTA San Andreas All

2016-06-26 17:28 - 2016-05-03 13:36 - 00000000 ____D C:\Program Files (x86)\MTA San Andreas 1.5

2016-06-26 17:26 - 2016-05-24 21:15 - 00000000 ____D C:\Users\Maciej\AppData\Local\Spotify

2016-06-26 17:26 - 2016-05-24 21:06 - 00000000 ____D C:\Users\Maciej\AppData\Roaming\Spotify

2016-06-26 17:26 - 2016-04-24 18:26 - 00000000 ____D C:\Program Files (x86)\Steam

2016-06-26 17:25 - 2016-05-20 18:33 - 00000000 ____D C:\Users\Maciej

2016-06-26 17:25 - 2016-04-24 18:15 - 00001066 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2016-06-26 17:25 - 2016-02-13 19:48 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2016-06-26 12:28 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports

2016-06-26 12:25 - 2016-04-24 18:15 - 00001070 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2016-06-26 12:21 - 2016-04-24 19:00 - 00000000 ____D C:\ProgramData\MFAData

2016-06-26 00:20 - 2016-04-24 20:41 - 00000000 ____D C:\Users\Maciej\AppData\Roaming\TS3Client

2016-06-25 19:17 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps

2016-06-25 16:33 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp

2016-06-23 16:03 - 2016-04-29 11:03 - 00000000 ____D C:\Users\Maciej\AppData\Local\Game Dev Tycoon

2016-06-22 11:09 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2016-06-22 11:07 - 2016-05-12 13:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Office

2016-06-21 11:24 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache

2016-06-21 10:41 - 2016-04-28 20:26 - 00000000 ____D C:\Users\Maciej\Doctor Web

2016-06-19 15:29 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM

2016-06-19 10:31 - 2016-02-13 19:51 - 00000000 __RHD C:\Users\Public\AccountPictures

2016-06-19 10:24 - 2016-02-13 10:46 - 00352040 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2016-06-19 10:23 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI

2016-06-19 10:22 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs

2016-06-19 10:22 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform

2016-06-19 10:22 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr

2016-06-18 11:22 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp

2016-06-18 11:19 - 2016-04-26 12:42 - 00000000 ____D C:\WINDOWS\system32\MRT

2016-06-18 11:12 - 2016-04-26 12:42 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2016-06-17 22:46 - 2016-05-03 10:41 - 00009518 _____ C:\WINDOWS\System32\Tasks\Browser Updater Task(Core)

2016-06-17 20:34 - 2016-04-28 22:26 - 665624260 _____ C:\WINDOWS\MEMORY.DMP

2016-06-17 18:28 - 2016-05-03 10:43 - 00000000 ____D C:\Program Files (x86)\WinZipper

2016-06-16 21:26 - 2016-04-24 18:16 - 00002278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2016-06-15 21:12 - 2016-04-24 18:07 - 00000000 ____D C:\Users\Maciej\AppData\Local\VirtualStore

2016-06-15 15:38 - 2016-04-24 19:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2016-06-14 20:33 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2016-06-14 20:33 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2016-06-13 19:57 - 2016-04-28 20:16 - 00000000 ____D C:\Program Files (x86)\hohobnd

2016-06-11 18:53 - 2016-04-26 18:03 - 00000000 ____D C:\Users\Maciej\AppData\Roaming\FileZilla

2016-06-09 22:06 - 2016-04-24 18:07 - 00000000 ____D C:\Users\Maciej\AppData\Local\Packages

2016-06-09 21:13 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared

2016-06-09 21:07 - 2016-04-24 18:34 - 00000000 ____D C:\Users\Maciej\AppData\Roaming\uTorrent

2016-06-09 21:06 - 2016-05-03 10:43 - 00000000 ____D C:\Users\Maciej\AppData\Roaming\eCyber

2016-06-04 09:16 - 2016-04-24 18:12 - 00000000 __RDO C:\Users\Maciej\SkyDrive

2016-06-02 21:40 - 2016-05-24 21:13 - 00183112 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe

2016-05-28 07:55 - 2016-02-13 19:48 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

==================== Pliki w katalogu głównym wybranych folderów =======

2016-04-28 20:10 - 2016-04-28 20:10 - 21434586 _____ ( ) C:\Users\Maciej\AppData\Roaming\Windows.exe

2016-04-26 18:17 - 2016-05-01 21:39 - 0000600 _____ () C:\Users\Maciej\AppData\Local\PUTTY.RND

2016-06-11 18:10 - 2016-06-11 18:10 - 0004388 _____ () C:\Users\Maciej\AppData\Local\recently-used.xbel

Niektóre pliki w TEMP:

====================

C:\Users\Maciej\AppData\Local\Temp\avguirn_081467825908.exe

C:\Users\Maciej\AppData\Local\Temp\drm_dyndata_7380012.dll

==================== Bamital & volsnap =================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo

C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo

C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo

C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo

C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo

C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo

C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo

C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo

C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo

C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo

C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo

C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo

C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo

C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo

C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo

LastRegBack: 2016-06-21 17:47

==================== Koniec FRST.txt ============================

GMER:

GMER 2.2.19882 - http://www.gmer.net

Rootkit scan 2016-06-26 17:58:41

Windows 6.2.9200 x64 \Device\Harddisk1\DR1 -> \Device\00000024 WDC_WD50 rev.12.0 465,76GB

Running: k6h9yz95.exe; Driver: C:\Users\Maciej\AppData\Local\Temp\ufldypog.sys

---- User code sections - GMER 2.2 ----

? C:\WINDOWS\SYSTEM32\iertutil.dll [2696] entry point in ".rdata" section 000000007351d380

.text C:\WINDOWS\system32\taskhostw.exe[4328] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlQueryEnvironmentVariable 00007ff8045deb50 5 bytes JMP 00007ff7846705f0

.text C:\WINDOWS\system32\taskhostw.exe[4328] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlDecompressBuffer 00007ff804639c20 5 bytes JMP 00007ff784670568

.text C:\WINDOWS\system32\taskhostw.exe[4328] C:\WINDOWS\SYSTEM32\ntdll.dll!NtQueryInformationProcess 00007ff8046553f0 5 bytes JMP 00007ff784670678

.text C:\WINDOWS\system32\taskhostw.exe[4328] C:\WINDOWS\SYSTEM32\ntdll.dll!NtMapViewOfSection 00007ff8046555d0 5 bytes JMP 00007ff7846700a0

.text C:\WINDOWS\system32\taskhostw.exe[4328] C:\WINDOWS\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00007ff804655810 5 bytes JMP 00007ff784670018

.text C:\WINDOWS\system32\taskhostw.exe[4328] C:\WINDOWS\SYSTEM32\ntdll.dll!NtOpenEvent 00007ff8046558d0 5 bytes JMP 00007ff7846703d0

.text C:\WINDOWS\system32\taskhostw.exe[4328] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateEvent 00007ff8046559d0 5 bytes JMP 00007ff7846701b0

.text C:\WINDOWS\system32\taskhostw.exe[4328] C:\WINDOWS\SYSTEM32\ntdll.dll!NtResumeThread 00007ff804655b10 5 bytes JMP 00007ff784670128

.text C:\WINDOWS\system32\taskhostw.exe[4328] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateMutant 00007ff8046565c0 5 bytes JMP 00007ff784670238

.text C:\WINDOWS\system32\taskhostw.exe[4328] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateSemaphore 00007ff804656700 5 bytes JMP 00007ff7846702c0

.text C:\WINDOWS\system32\taskhostw.exe[4328] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateUserProcess 00007ff804656820 5 bytes JMP 00007ff784670348

.text C:\WINDOWS\system32\taskhostw.exe[4328] C:\WINDOWS\SYSTEM32\ntdll.dll!NtOpenMutant 00007ff804657320 5 bytes JMP 00007ff784670458

.text C:\WINDOWS\system32\taskhostw.exe[4328] C:\WINDOWS\SYSTEM32\ntdll.dll!NtOpenSemaphore 00007ff8046573e0 5 bytes JMP 00007ff7846704e0

.text C:\Program Files\iTunes\iTunesHelper.exe[1332] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlQueryEnvironmentVariable 00007ff8045deb50 5 bytes JMP 00007ff7846705f0

.text C:\Program Files\iTunes\iTunesHelper.exe[1332] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlDecompressBuffer 00007ff804639c20 5 bytes JMP 00007ff784670568

.text C:\Program Files\iTunes\iTunesHelper.exe[1332] C:\WINDOWS\SYSTEM32\ntdll.dll!NtQueryInformationProcess 00007ff8046553f0 5 bytes JMP 00007ff784670678

.text C:\Program Files\iTunes\iTunesHelper.exe[1332] C:\WINDOWS\SYSTEM32\ntdll.dll!NtMapViewOfSection 00007ff8046555d0 5 bytes JMP 00007ff7846700a0

.text C:\Program Files\iTunes\iTunesHelper.exe[1332] C:\WINDOWS\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00007ff804655810 5 bytes JMP 00007ff784670018

.text C:\Program Files\iTunes\iTunesHelper.exe[1332] C:\WINDOWS\SYSTEM32\ntdll.dll!NtOpenEvent 00007ff8046558d0 5 bytes JMP 00007ff7846703d0

.text C:\Program Files\iTunes\iTunesHelper.exe[1332] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateEvent 00007ff8046559d0 5 bytes JMP 00007ff7846701b0

.text C:\Program Files\iTunes\iTunesHelper.exe[1332] C:\WINDOWS\SYSTEM32\ntdll.dll!NtResumeThread 00007ff804655b10 5 bytes JMP 00007ff784670128

.text C:\Program Files\iTunes\iTunesHelper.exe[1332] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateMutant 00007ff8046565c0 5 bytes JMP 00007ff784670238

.text C:\Program Files\iTunes\iTunesHelper.exe[1332] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateSemaphore 00007ff804656700 5 bytes JMP 00007ff7846702c0

.text C:\Program Files\iTunes\iTunesHelper.exe[1332] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateUserProcess 00007ff804656820 5 bytes JMP 00007ff784670348

.text C:\Program Files\iTunes\iTunesHelper.exe[1332] C:\WINDOWS\SYSTEM32\ntdll.dll!NtOpenMutant 00007ff804657320 5 bytes JMP 00007ff784670458

.text C:\Program Files\iTunes\iTunesHelper.exe[1332] C:\WINDOWS\SYSTEM32\ntdll.dll!NtOpenSemaphore 00007ff8046573e0 5 bytes JMP 00007ff7846704e0

.text C:\Program Files\iPod\bin\iPodService.exe[6104] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlQueryEnvironmentVariable 00007ff8045deb50 5 bytes JMP 00007ff7846705f0

.text C:\Program Files\iPod\bin\iPodService.exe[6104] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlDecompressBuffer 00007ff804639c20 5 bytes JMP 00007ff784670568

.text C:\Program Files\iPod\bin\iPodService.exe[6104] C:\WINDOWS\SYSTEM32\ntdll.dll!NtQueryInformationProcess 00007ff8046553f0 5 bytes JMP 00007ff784670678

.text C:\Program Files\iPod\bin\iPodService.exe[6104] C:\WINDOWS\SYSTEM32\ntdll.dll!NtMapViewOfSection 00007ff8046555d0 5 bytes JMP 00007ff7846700a0

.text C:\Program Files\iPod\bin\iPodService.exe[6104] C:\WINDOWS\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00007ff804655810 5 bytes JMP 00007ff784670018

.text C:\Program Files\iPod\bin\iPodService.exe[6104] C:\WINDOWS\SYSTEM32\ntdll.dll!NtOpenEvent 00007ff8046558d0 5 bytes JMP 00007ff7846703d0

.text C:\Program Files\iPod\bin\iPodService.exe[6104] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateEvent 00007ff8046559d0 5 bytes JMP 00007ff7846701b0

.text C:\Program Files\iPod\bin\iPodService.exe[6104] C:\WINDOWS\SYSTEM32\ntdll.dll!NtResumeThread 00007ff804655b10 5 bytes JMP 00007ff784670128

.text C:\Program Files\iPod\bin\iPodService.exe[6104] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateMutant 00007ff8046565c0 5 bytes JMP 00007ff784670238

.text C:\Program Files\iPod\bin\iPodService.exe[6104] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateSemaphore 00007ff804656700 5 bytes JMP 00007ff7846702c0

.text C:\Program Files\iPod\bin\iPodService.exe[6104] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateUserProcess 00007ff804656820 5 bytes JMP 00007ff784670348

.text C:\Program Files\iPod\bin\iPodService.exe[6104] C:\WINDOWS\SYSTEM32\ntdll.dll!NtOpenMutant 00007ff804657320 5 bytes JMP 00007ff784670458

.text C:\Program Files\iPod\bin\iPodService.exe[6104] C:\WINDOWS\SYSTEM32\ntdll.dll!NtOpenSemaphore 00007ff8046573e0 5 bytes JMP 00007ff7846704e0

? C:\WINDOWS\SYSTEM32\iertutil.dll [5984] entry point in ".rdata" section 000000007351d380

? C:\WINDOWS\system32\apphelp.dll [6196] entry point in ".rdata" section 0000000073be0380

? C:\WINDOWS\SYSTEM32\iertutil.dll [6196] entry point in ".rdata" section 000000007351d380

? C:\WINDOWS\system32\apphelp.dll [2528] entry point in ".rdata" section 0000000073be0380

? C:\WINDOWS\system32\mssprxy.dll [2528] entry point in ".rdata" section 000000007052a4e0

? C:\Windows\SYSTEM32\iertutil.dll [2528] entry point in ".rdata" section 000000007351d380

? C:\WINDOWS\system32\apphelp.dll [6084] entry point in ".rdata" section 0000000073be0380

? C:\WINDOWS\system32\apphelp.dll [3428] entry point in ".rdata" section 0000000073be0380

? C:\WINDOWS\system32\apphelp.dll [4996] entry point in ".rdata" section 0000000073be0380

? C:\WINDOWS\system32\apphelp.dll [4892] entry point in ".rdata" section 0000000073be0380

? C:\WINDOWS\system32\apphelp.dll [6832] entry point in ".rdata" section 0000000073be0380

? C:\WINDOWS\system32\apphelp.dll [4380] entry point in ".rdata" section 0000000073be0380

? C:\WINDOWS\system32\apphelp.dll [7024] entry point in ".rdata" section 0000000073be0380

? C:\WINDOWS\system32\apphelp.dll [7604] entry point in ".rdata" section 0000000073be0380

? C:\WINDOWS\system32\apphelp.dll [7412] entry point in ".rdata" section 0000000073be0380

? C:\WINDOWS\system32\apphelp.dll [5788] entry point in ".rdata" section 0000000073be0380

---- Threads - GMER 2.2 ----

Thread C:\WINDOWS\system32\csrss.exe [552:2140] fffff96089d84030

Thread C:\WINDOWS\system32\csrss.exe [552:6316] fffff96089d84030

Thread C:\Program Files\KMSpico\AutoPico.exe [7800:7516] 00007fffdb9cb284

Thread C:\Program Files\KMSpico\AutoPico.exe [7800:7468] 00007fffdb8d59cc

Thread C:\Program Files\KMSpico\AutoPico.exe [7800:5244] 00007fffdb8d59cc

Thread C:\Program Files\KMSpico\AutoPico.exe [7800:7584] 00007fffdb8d59cc

Thread C:\Program Files\KMSpico\AutoPico.exe [7800:7528] 00007fffdb95a8f4

---- Registry - GMER 2.2 ----

Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\[email protected] 0xC6 0xFD 0x35 0xDB ...

Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\[email protected] 0xCE 0xC6 0x08 0x68 ...

Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\[email protected] 0xC6 0xFD 0x35 0xDB ...

Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\[email protected] 0xCE 0xC6 0x08 0x68 ...

Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData\[email protected] 43

Reg HKLM\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\Configuration\NOEDID_10DE_0CA3_00000002_00000000_200100+ACR010ELJE0W1174303_32_[email protected] 0xE6 0x8A 0xC9 0x9D ...

Reg HKLM\SYSTEM\CurrentControlSet\Control\[email protected] 1044

Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\[email protected] 821963153

Reg HKLM\SYSTEM\CurrentControlSet\Control\Terminal [email protected] 1360448e-64c2-4ff9-a10d-1a8369c

Reg HKLM\SYSTEM\CurrentControlSet\Control\WDI\[email protected] \BaseNamedObjects\WDI_{485e2790-fe4a-4ec8-ad3f-8b78c2884f8a}

Reg HKLM\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\Probe\[email protected] 1466943420

Reg HKLM\SYSTEM\CurrentControlSet\Services\MessagingService_5be74\Security

Reg HKLM\SYSTEM\CurrentControlSet\Services\MessagingService_5be74\[email protected] 0x01 0x00 0x14 0x80 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\MessagingService_5be74\TriggerInfo

Reg HKLM\SYSTEM\CurrentControlSet\Services\MessagingService_5be74\TriggerInfo\0

Reg HKLM\SYSTEM\CurrentControlSet\Services\MessagingService_5be74\TriggerInfo\[email protected] 7

Reg HKLM\SYSTEM\CurrentControlSet\Services\MessagingService_5be74\TriggerInfo\[email protected] 1

Reg HKLM\SYSTEM\CurrentControlSet\Services\MessagingService_5be74\TriggerInfo\[email protected] 0x16 0x28 0x7A 0x2D ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\MessagingService_5be74\TriggerInfo\[email protected] 0x75 0x18 0xBC 0xA3 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\MessagingService_5be74\TriggerInfo\[email protected] 1

Reg HKLM\SYSTEM\CurrentControlSet\Services\monitor\Parameters\[email protected] 0x19 0x46 0xEB 0x68 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\OneSyncSvc_5be74\Security

Reg HKLM\SYSTEM\CurrentControlSet\Services\OneSyncSvc_5be74\[email protected] 0x01 0x00 0x04 0x80 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\PimIndexMaintenanceSvc_5be74\Security

Reg HKLM\SYSTEM\CurrentControlSet\Services\PimIndexMaintenanceSvc_5be74\[email protected] 0x01 0x00 0x04 0x80 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\rdyboost\[email protected] 1

Reg HKLM\SYSTEM\CurrentControlSet\Services\rdyboost\[email protected] ?niedz.?, ?cze ?26 ?16, 12:18:44???????????????????????????????

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\[email protected] 2989

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\[email protected] 163

Reg HKLM\SYSTEM\CurrentControlSet\Services\srvnet\[email protected] 42

Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\[email protected] 1466936216

Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\[email protected] 1466939816

Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\[email protected] 1466942516

Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\[email protected] 1466943416

Reg HKLM\SYSTEM\CurrentControlSet\Services\UnistoreSvc_5be74\Security

Reg HKLM\SYSTEM\CurrentControlSet\Services\UnistoreSvc_5be74\[email protected] 0x01 0x00 0x04 0x80 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\UserDataSvc_5be74\Security

Reg HKLM\SYSTEM\CurrentControlSet\Services\UserDataSvc_5be74\[email protected] 0x01 0x00 0x04 0x80 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\[email protected] 0x70 0x73 0xF1 0x23 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\[email protected] 0x70 0xDB 0xB5 0x85 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\[email protected] 0x70 0x0B 0x2D 0xC2 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\[email protected] 0x33 0xAF 0x1C 0x00 ...

Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Live\Roaming\[email protected] 0x03 0x2B 0x3F 0x66 ...

---- EOF - GMER 2.2 ----

Zaloguj się

👋 Witaj na MPCForum!

Problem z ładowaniem się stron

Pytanie

MrotekGaming

MrotekGaming

0 odpowiedzi na to pytanie

Rekomendowane odpowiedzi

Zarchiwizowany