Anonim / 2 lata, 2 miesiące temu | Download | Plaintext | Odpowiedz |

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-12-2015
Ran by Małgorzata (administrator) on GOSIA (25-12-2015 23:17:37)
Running from C:\Users\Małgorzata\Desktop\frst
Loaded Profiles: Małgorzata (Available Profiles: Małgorzata & Administrator)
Platform: Windows 8.1 (X64) Language: Angielski (Stany Zjednoczone)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Wistron Corporation) C:\Program Files\DELLOSD\VolumeCtlSrv.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Apple Inc.) C:\Users\Małgorzata\Desktop\itunes\iTunesHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Farbar) C:\Users\Małgorzata\Desktop\frst\FRST64 (1).exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-14] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe [763520 2012-08-01] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [127616 2012-08-01] (Atheros Communications)
HKLM\...\Run: [iTunesHelper] => C:\Users\Małgorzata\Desktop\itunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-15] (AVAST Software)
HKU\S-1-5-21-214769844-2467208115-931596469-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50377336 2015-12-14] (Skype Technologies S.A.)
HKU\S-1-5-21-214769844-2467208115-931596469-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x95000000
HKU\S-1-5-21-214769844-2467208115-931596469-1001\...\MountPoints2: {bd2e7007-cbe4-11e3-be6a-806e6f6e6963} - "D:\autorun.exe" 
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-15] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{0A3EF2ED-C9C4-48A3-9205-CD483D7A7D0A}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{A7AB2A80-7E91-485B-8991-0CC2775C55DE}: [DhcpNameServer] 192.0.0.3

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-214769844-2467208115-931596469-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-12-15] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-15] (AVAST Software)

FireFox:
========
FF ProfilePath: C:\Users\Małgorzata\AppData\Roaming\Mozilla\Firefox\Profiles\b6d29jvq.default
FF DefaultSearchEngine: Bing 
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Bing 
FF Homepage: hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=pl-pl
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-15]

Chrome: 
=======
CHR Profile: C:\Users\Małgorzata\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Małgorzata\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-24]
CHR Extension: (YouTube) - C:\Users\Małgorzata\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-24]
CHR Extension: (Google Search) - C:\Users\Małgorzata\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-24]
CHR Extension: (AdBlock) - C:\Users\Małgorzata\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-24]
CHR Extension: (Avast Online Security) - C:\Users\Małgorzata\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-12-24]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Małgorzata\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-24]
CHR Extension: (Gmail) - C:\Users\Małgorzata\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-15]

Opera: 
=======
OPR Extension: (Adblock Plus) - C:\Users\Małgorzata\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-12-24]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [207488 2012-08-01] (Qualcomm Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-15] (AVAST Software)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [137968 2015-09-22] (Dell Inc.)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201560 2015-09-11] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [655744 2012-09-22] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1914728 2012-09-13] (SoftThinks SAS)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [21160 2015-09-30] (Dell Inc.)
R2 VolumeCtlSrv; C:\Program Files\DELLOSD\VolumeCtlSrv.exe [221696 2012-07-20] (Wistron Corporation) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-07-23] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-15] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-15] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1055560 2015-12-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [451040 2015-12-18] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2015-12-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-15] (AVAST Software)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-01] (Qualcomm Atheros)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2012-08-05] (OSR Open Systems Resources, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 ITECIRfilter; C:\Windows\system32\DRIVERS\ITECIRfilter.sys [18064 2012-06-20] (ITE Tech. Inc. )
S3 lehidmini; C:\Windows\System32\drivers\leath_hid.sys [39704 2012-08-01] (Atheros)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 PQAWRwa; C:\Program Files\DELLOSD\PQAWDrv.sys [12384 2008-03-01] () [File not signed]
S3 qca_shb; C:\Windows\System32\drivers\qca_shb.sys [99328 2012-08-01] (Qualcomm Atheros Communications Inc.) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-25 22:58 - 2015-12-25 23:02 - 00000000 ____D C:\AdwCleaner
2015-12-25 22:52 - 2015-12-25 23:17 - 00000000 ____D C:\Users\Małgorzata\Desktop\frst
2015-12-25 22:49 - 2015-12-25 22:50 - 01743360 _____ C:\Users\Małgorzata\Downloads\adwcleaner_5.026.exe
2015-12-25 18:36 - 2015-12-25 18:36 - 00000000 ____D C:\Users\Małgorzata\Documents\Techland
2015-12-25 18:34 - 2015-12-25 18:34 - 00002092 _____ C:\Users\Public\Desktop\Uruchom Detektywi w siodłach.lnk
2015-12-25 17:15 - 2015-12-25 17:15 - 00000000 ____D C:\Users\Małgorzata\Documents\digital tainment pool
2015-12-25 17:06 - 2015-12-25 17:06 - 00002305 _____ C:\Users\Małgorzata\Desktop\Młody Doktor - Łapy i Pazury.lnk
2015-12-25 17:06 - 2015-12-25 17:06 - 00002305 _____ C:\Users\Administrator\Desktop\Młody Doktor - Łapy i Pazury.lnk
2015-12-25 17:06 - 2015-12-25 17:06 - 00000000 ____D C:\Users\Małgorzata\AppData\Local\RadonLabs
2015-12-25 17:05 - 2015-12-25 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Techland
2015-12-25 17:05 - 2015-12-25 18:34 - 00000000 ____D C:\Program Files (x86)\Techland
2015-12-24 10:59 - 2015-12-24 10:59 - 00233856 _____ C:\Users\Małgorzata\Desktop\raki dziadek.pdf
2015-12-24 10:30 - 2015-12-24 10:34 - 00000080 _____ C:\Users\Małgorzata\Desktop\7Diamentow - skrót.lnk
2015-12-24 01:34 - 2015-12-25 23:07 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-24 01:34 - 2015-12-24 10:34 - 00001110 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-24 01:34 - 2015-12-24 01:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-24 01:34 - 2015-12-24 01:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-24 01:34 - 2015-12-24 01:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-24 01:34 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-12-24 01:34 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-12-24 01:34 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-12-24 01:31 - 2015-12-24 01:32 - 22908888 _____ (Malwarebytes ) C:\Users\Małgorzata\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-24 01:27 - 2015-12-24 10:34 - 00001125 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 34.lnk
2015-12-24 01:27 - 2015-12-24 10:34 - 00001119 _____ C:\Users\Public\Desktop\Opera 34.lnk
2015-12-24 01:27 - 2015-12-24 01:27 - 00003882 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1450916867
2015-12-24 01:25 - 2015-12-24 01:25 - 00720344 _____ (Opera Software) C:\Users\Małgorzata\Downloads\Opera_NI_stable.exe
2015-12-24 01:05 - 2015-12-24 10:32 - 00000000 ____D C:\Program Files\Google
2015-12-18 00:00 - 2015-12-24 10:34 - 00002277 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-17 23:58 - 2015-12-24 10:32 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-17 23:58 - 2015-12-17 23:58 - 00927824 _____ (Google Inc.) C:\Users\Małgorzata\Downloads\ChromeSetup (1).exe
2015-12-17 23:38 - 2015-12-24 10:33 - 00000258 __RSH C:\ProgramData\ntuser.pol
2015-12-15 23:22 - 2015-12-15 23:22 - 00927824 _____ (Google Inc.) C:\Users\Małgorzata\Downloads\ChromeSetup.exe
2015-12-15 23:17 - 2015-12-24 01:27 - 00000000 ____D C:\Program Files (x86)\Opera
2015-12-15 23:16 - 2015-12-15 23:16 - 36114184 _____ (Opera Software) C:\Users\Małgorzata\Downloads\Opera_34.0.2036.25_Setup.exe
2015-12-15 14:11 - 2015-12-15 14:11 - 00386096 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-12-15 14:11 - 2015-12-15 14:11 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-12-14 23:40 - 2015-12-14 23:40 - 00057188 _____ C:\Users\Małgorzata\Downloads\WyciagZKartyKredytowej_20151214_234012.pdf
2015-12-14 23:39 - 2015-12-14 23:39 - 00057188 _____ C:\Users\Małgorzata\Downloads\WyciagZKartyKredytowej_20151214_233955.pdf
2015-12-14 19:08 - 2015-12-25 17:20 - 00003992 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{685F7D82-5316-4DBF-B4B9-88205C815D75}
2015-12-14 14:26 - 2015-12-14 14:26 - 00715215 _____ C:\Users\Małgorzata\Downloads\Biologiczna 6 osób EA CT -0,9-1,2 Tryszczyn (8).pdf
2015-12-14 14:26 - 2015-12-14 14:26 - 00715215 _____ C:\Users\Małgorzata\Downloads\Biologiczna 6 osób EA CT -0,9-1,2 Tryszczyn (7).pdf
2015-12-11 21:28 - 2015-12-11 21:30 - 00715215 _____ C:\Users\Małgorzata\Downloads\Biologiczna 6 osób EA CT -0,9-1,2 Tryszczyn (6).pdf
2015-12-11 21:26 - 2015-12-11 21:28 - 00715215 _____ C:\Users\Małgorzata\Downloads\Biologiczna 6 osób EA CT -0,9-1,2 Tryszczyn (5).pdf
2015-12-11 09:50 - 2015-12-11 09:50 - 00715215 _____ C:\Users\Małgorzata\Downloads\Biologiczna 6 osób EA CT -0,9-1,2 Tryszczyn (4).pdf
2015-12-10 19:38 - 2015-12-10 19:59 - 00018654 _____ C:\Users\Małgorzata\Downloads\karta  - nadg. B (10).xlsx
2015-12-10 19:31 - 2015-12-10 19:53 - 00018648 _____ C:\Users\Małgorzata\Downloads\karta  - nadg. B (9).xlsx
2015-12-10 19:31 - 2015-12-10 19:31 - 00018413 _____ C:\Users\Małgorzata\Downloads\karta  - nadg. B (8).xlsx
2015-12-09 23:26 - 2015-11-05 09:59 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-09 23:25 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-09 23:25 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-09 23:24 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-09 23:24 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-12-09 23:24 - 2015-11-11 16:44 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-12-09 23:24 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-12-09 23:24 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-09 23:24 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-12-09 23:24 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-09 23:24 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-12-09 23:24 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-09 23:24 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-12-09 23:24 - 2015-11-10 00:41 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-12-09 23:24 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-12-09 23:24 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-09 23:24 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-09 23:24 - 2015-11-10 00:36 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-09 23:24 - 2015-11-10 00:25 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-12-09 23:24 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-09 23:24 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-09 23:24 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-12-09 23:24 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-09 23:24 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-09 23:24 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-12-09 23:24 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-12-09 23:24 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-09 23:24 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-12-09 23:24 - 2015-11-08 22:32 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-12-09 23:24 - 2015-11-08 22:25 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-12-09 23:24 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-12-09 23:24 - 2015-11-08 22:16 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-09 23:24 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-09 23:24 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-09 23:24 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-09 23:24 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-09 23:24 - 2015-11-08 21:53 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-12-09 23:24 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-09 23:24 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-09 23:24 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-12-09 23:22 - 2015-11-22 07:59 - 07455064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-09 23:22 - 2015-11-22 07:59 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-09 23:22 - 2015-11-22 07:58 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-09 23:22 - 2015-11-21 17:59 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-09 23:22 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-09 23:22 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2015-12-09 23:22 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-09 23:22 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2015-12-09 23:22 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-09 23:22 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2015-12-09 23:22 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-09 23:22 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-09 23:22 - 2015-10-22 17:21 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-09 23:22 - 2015-10-22 17:21 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2015-12-09 23:22 - 2015-10-22 16:58 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-09 23:22 - 2015-10-22 16:58 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2015-12-09 23:22 - 2015-10-22 15:08 - 00513456 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-12-09 23:22 - 2015-10-22 15:08 - 00513456 _____ C:\WINDOWS\system32\locale.nls
2015-12-09 23:22 - 2015-10-10 18:20 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-12-09 23:21 - 2015-11-22 07:59 - 01659568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-12-09 23:21 - 2015-11-22 07:59 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-12-09 23:21 - 2015-11-22 07:59 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-12-09 23:21 - 2015-11-22 07:59 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-12-09 23:21 - 2015-11-21 19:32 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-12-09 23:21 - 2015-11-21 18:50 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-12-09 23:21 - 2015-11-21 17:49 - 01344000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-09 23:21 - 2015-11-21 17:47 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-09 23:21 - 2015-11-21 17:40 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-09 23:21 - 2015-11-09 01:41 - 01540728 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-09 23:21 - 2015-11-08 23:30 - 04176384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-12-09 23:21 - 2015-11-08 22:23 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-12-09 23:21 - 2015-11-08 22:13 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-12-09 23:21 - 2015-11-08 22:01 - 01753600 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-09 23:21 - 2015-11-08 21:52 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-12-09 23:21 - 2015-11-08 21:48 - 01376256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-09 23:21 - 2015-11-08 21:42 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-09 23:21 - 2015-10-03 20:41 - 01385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-12-09 23:21 - 2015-10-03 20:41 - 01124384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-12-09 23:19 - 2015-11-20 23:47 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-09 23:19 - 2015-11-20 19:18 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-09 23:19 - 2015-11-20 17:58 - 03706880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-09 23:19 - 2015-11-20 17:47 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-12-09 23:19 - 2015-11-20 17:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-12-09 23:19 - 2015-11-20 17:44 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-12-09 23:19 - 2015-11-20 17:44 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-12-09 23:19 - 2015-11-20 17:43 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-12-09 23:19 - 2015-11-20 17:42 - 02243584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-12-09 23:19 - 2015-11-20 17:30 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-12-09 23:19 - 2015-11-20 17:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-12-09 23:19 - 2015-11-20 17:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-12-09 23:19 - 2015-11-20 17:27 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-12-09 23:18 - 2015-10-28 16:49 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-09 23:18 - 2015-10-28 16:29 - 02462720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-09 23:18 - 2015-10-11 07:34 - 00468824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-12-09 23:18 - 2015-10-11 07:34 - 00462168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-12-09 23:18 - 2015-10-11 07:34 - 00443224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2015-12-09 23:18 - 2015-10-11 07:34 - 00092504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2015-12-09 23:18 - 2015-10-11 07:34 - 00027992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2015-12-09 23:18 - 2015-10-10 19:41 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2015-12-09 23:18 - 2015-10-10 19:41 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbohci.sys
2015-12-09 23:18 - 2015-10-08 17:11 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2015-12-09 23:18 - 2015-10-08 16:50 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2015-12-09 23:18 - 2015-10-05 19:28 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-12-09 23:18 - 2015-10-05 19:25 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-12-07 19:47 - 2015-12-07 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-07 19:41 - 2015-12-07 19:41 - 01504384 _____ (Skype Technologies S.A.) C:\Users\Małgorzata\Downloads\SkypeSetup.exe
2015-12-07 19:41 - 2015-12-07 19:41 - 01504384 _____ (Skype Technologies S.A.) C:\Users\Małgorzata\Downloads\SkypeSetup (1).exe
2015-12-03 18:16 - 2015-12-03 18:16 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2015-12-03 18:16 - 2015-12-03 18:16 - 00000000 ____D C:\Program Files\Common Files\AV
2015-11-29 10:42 - 2015-11-29 10:43 - 00000000 ___HD C:\$WINDOWS.~BT

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-25 23:17 - 2015-02-09 21:12 - 00000000 ____D C:\FRST
2015-12-25 23:17 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2015-12-25 23:11 - 2012-11-08 23:53 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2015-12-25 23:06 - 2015-05-31 19:03 - 00000000 ____D C:\Users\Małgorzata\OneDrive
2015-12-25 23:05 - 2014-06-04 21:42 - 00001064 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-25 23:03 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-25 23:02 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-12-25 20:03 - 2014-06-04 21:42 - 00001068 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-25 19:29 - 2014-09-04 21:11 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-25 19:08 - 2014-06-04 21:35 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-214769844-2467208115-931596469-1001
2015-12-25 17:06 - 2012-11-08 23:38 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-25 03:45 - 2014-09-07 20:01 - 00000000 ____D C:\Users\Małgorzata\AppData\Roaming\Skype
2015-12-24 10:34 - 2015-11-09 22:57 - 00000973 _____ C:\Users\Public\Desktop\WinRAR.lnk
2015-12-24 10:34 - 2015-11-01 13:29 - 00001994 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-12-24 10:34 - 2015-10-29 21:57 - 00001978 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-12-24 10:34 - 2015-09-06 12:17 - 00001664 _____ C:\Users\Public\Desktop\Francuska Czarownica.lnk
2015-12-24 10:34 - 2015-05-31 18:55 - 00001428 _____ C:\Users\Małgorzata\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-24 10:34 - 2015-05-31 17:13 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-24 10:34 - 2015-05-31 17:09 - 00000445 _____ C:\Users\Małgorzata\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-12-24 10:34 - 2015-05-31 17:09 - 00000443 _____ C:\Users\Małgorzata\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-12-24 10:34 - 2015-04-30 14:07 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-12-24 10:34 - 2015-04-30 14:07 - 00002043 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-12-24 10:34 - 2015-03-28 15:29 - 00002523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-12-24 10:34 - 2015-01-30 21:48 - 00000913 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-Deklaracje.lnk
2015-12-24 10:34 - 2015-01-30 21:48 - 00000907 _____ C:\Users\Public\Desktop\e-Deklaracje.lnk
2015-12-24 10:34 - 2015-01-27 18:37 - 00001586 _____ C:\Users\Małgorzata\Desktop\Skarb Boruty.lnk
2015-12-24 10:34 - 2015-01-08 18:15 - 00001378 _____ C:\Users\Małgorzata\Desktop\Nr 3 Tajemnicza Wyspa.lnk
2015-12-24 10:34 - 2014-12-20 12:28 - 00001568 _____ C:\Users\Małgorzata\Desktop\Bazyliszek.lnk
2015-12-24 10:34 - 2014-12-07 13:50 - 00001652 _____ C:\Users\Public\Desktop\Angielska Czarownica.lnk
2015-12-24 10:34 - 2014-11-30 13:11 - 00001658 _____ C:\Users\Małgorzata\Desktop\W Krainie Dinozaurów.lnk
2015-12-24 10:34 - 2014-11-22 13:03 - 00000760 _____ C:\Users\Public\Desktop\Detektywi z Tęczowej Polanki.lnk
2015-12-24 10:34 - 2014-11-21 13:14 - 00001595 _____ C:\Users\Małgorzata\Desktop\Smok Wawelski.lnk
2015-12-24 10:34 - 2014-11-17 14:42 - 00001631 _____ C:\Users\Małgorzata\Desktop\Tajemnice Mamroka.lnk
2015-12-24 10:34 - 2014-11-11 08:37 - 00001613 _____ C:\Users\Małgorzata\Desktop\Trzy Czarownice.lnk
2015-12-24 10:34 - 2014-11-09 11:58 - 00001667 _____ C:\Users\Małgorzata\Desktop\Czarodziejska Choinka.lnk
2015-12-24 10:34 - 2014-11-08 14:56 - 00001577 _____ C:\Users\Małgorzata\Desktop\Mysia Wieża.lnk
2015-12-24 10:34 - 2014-09-07 20:01 - 00002709 _____ C:\Users\Public\Desktop\Skype.lnk
2015-12-24 10:34 - 2014-09-07 08:55 - 00001053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-12-24 10:34 - 2014-07-07 18:12 - 00001276 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader 5.0 CE.lnk
2015-12-24 10:34 - 2014-07-07 18:12 - 00001270 _____ C:\Users\Public\Desktop\Acrobat Reader 5.0 CE.lnk
2015-12-24 10:34 - 2014-06-28 15:56 - 00001874 _____ C:\Users\Małgorzata\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk
2015-12-24 10:34 - 2014-04-26 01:02 - 00001643 _____ C:\Users\Public\Desktop\Rosyjska Czarownica.lnk
2015-12-24 10:34 - 2014-04-25 03:55 - 00000355 _____ C:\Users\Małgorzata\Desktop\Computer - Shortcut.lnk
2015-12-24 10:34 - 2014-04-24 21:35 - 00001667 _____ C:\Users\Małgorzata\Desktop\p.lnk
2015-12-24 10:34 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2015-12-24 10:34 - 2012-11-08 23:56 - 00001364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-12-24 10:34 - 2012-11-08 23:56 - 00001295 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-12-24 10:34 - 2012-11-08 23:53 - 00002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2015-12-24 10:30 - 2015-02-26 20:47 - 00000000 ____D C:\Users\Małgorzata\Desktop\zdjęcia dom
2015-12-24 01:19 - 2014-06-04 21:42 - 00000000 ____D C:\Users\Małgorzata\AppData\Local\Google
2015-12-24 01:02 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-19 20:29 - 2015-05-06 20:22 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-12-18 18:46 - 2014-06-04 21:41 - 00451040 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-12-18 18:46 - 2014-06-04 21:41 - 00097648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2015-12-18 13:33 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-18 13:32 - 2015-06-01 02:46 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-12-18 13:32 - 2015-06-01 02:46 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-12-18 00:10 - 2014-09-07 20:00 - 00000000 ____D C:\ProgramData\Skype
2015-12-18 00:08 - 2014-09-07 20:01 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-17 23:58 - 2014-06-04 21:42 - 00004040 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-17 23:58 - 2014-06-04 21:42 - 00003804 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-17 23:46 - 2015-05-31 17:09 - 00000000 ____D C:\Users\Małgorzata
2015-12-17 23:42 - 2014-07-07 18:09 - 00000000 ____D C:\Users\Małgorzata\AppData\Local\CrashDumps
2015-12-17 23:37 - 2012-11-08 23:50 - 00000000 ____D C:\ProgramData\McAfee
2015-12-17 23:19 - 2012-07-26 09:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-12-17 23:18 - 2012-07-26 06:37 - 00000000 ____D C:\Users\Default.migrated
2015-12-17 22:58 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-15 22:51 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2015-12-15 14:11 - 2014-06-04 21:43 - 00003924 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-12-15 14:11 - 2014-06-04 21:41 - 00273784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-12-15 14:11 - 2014-06-04 21:41 - 00155304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-12-15 14:11 - 2014-06-04 21:41 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-12-15 14:11 - 2014-06-04 21:41 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-12-15 14:11 - 2014-06-04 21:41 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-12-15 14:10 - 2014-06-04 21:41 - 01055560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-12-12 20:53 - 2014-06-06 01:21 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-12 19:50 - 2014-06-06 01:21 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-10 23:10 - 2014-06-05 08:16 - 00000000 ____D C:\Users\Małgorzata\AppData\Local\softthinks
2015-12-10 22:26 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2015-12-10 19:27 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-10 19:26 - 2013-08-22 15:44 - 00389432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-10 19:25 - 2014-09-07 21:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-10 19:25 - 2014-09-07 21:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-10 19:11 - 2014-06-13 09:33 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-10 19:10 - 2014-09-07 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-10 18:59 - 2015-11-16 06:55 - 00003882 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1447653291
2015-12-09 22:30 - 2015-05-06 20:22 - 00003860 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-12-09 22:30 - 2014-09-04 21:11 - 00003818 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-12-07 19:47 - 2014-09-07 20:01 - 00000000 ____D C:\Users\Małgorzata\AppData\Local\Skype
2015-12-01 18:19 - 2015-06-14 16:25 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-01 18:19 - 2015-06-14 16:25 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-29 10:46 - 2015-06-01 02:59 - 00000000 ___DC C:\WINDOWS\Panther

==================== Files in the root of some directories =======

2015-01-30 21:41 - 2015-02-01 20:34 - 0008647 _____ () C:\Users\Małgorzata\AppData\Local\unins000.dat
2015-02-01 20:34 - 2015-02-01 20:34 - 0707744 _____ () C:\Users\Małgorzata\AppData\Local\unins000.exe
2015-01-30 21:41 - 2015-02-01 20:34 - 0011761 _____ () C:\Users\Małgorzata\AppData\Local\unins000.msg
2012-11-08 23:50 - 2012-11-08 23:50 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2012-11-08 23:47 - 2012-11-08 23:47 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2012-11-08 23:48 - 2012-11-08 23:49 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2012-11-08 23:46 - 2012-11-08 23:46 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2012-11-08 23:49 - 2012-11-08 23:50 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log

Some files in TEMP:
====================
C:\Users\Małgorzata\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-12-24 12:19

==================== End of FRST.txt ============================