Wirus od http://gmaegames.pro/redirect-from-banner.html

[Wnk12 10]

Witam. Od tygodnia pojawia mi się ta strona. Mam problem z usunieciem takiego czegos a widze ze tematy juz były lecz nie potrafie stwierdzic które wpisy trzeba wkleic aby usunac problem. Pomoże ktoś ?

załączam link do plików FRST i Addition przez zippyshare

 

https://www12.zippyshare.com/v/olUuP87D/file.html
https://www12.zippyshare.com/v/V0Ac6V2w/file.html
 

[chrisplbw 407]

Sprawdź Aplikacje i Funkcje czy coś się nie zainstalowało, dodatkowo dodatki i wtyczki w FireFox + czy nie zmieniło strony startowej.

Przeskanuj Malwarebytes.

[jarrino 3909]

Sprawdź jako administrator, czy coś o podobnej nazwie znajduje się w rejestrze i jeśli jest ,to wywal...

[Wnk12 10]

Sprawdź jako administrator, czy coś o podobnej nazwie znajduje się w rejestrze i jeśli jest ,to wywal...

 

Jakimi programami mogę w rejestrze znaleźć po nazwie ?

[jarrino 3909]

Jak wejdziesz w rejestr,to jest zakładka wyszukaj...

[3ndurek 3584]

Na początek przeskanuj AdwCleaner i usuń to co wykryje.

 

Później zrób logi w FRST i wrzuć je na wklejto.pl czyli wklejasz tekst a nie plik. Przed zaznacz Addition.txt.

Te są zniekształcone.

[adijedi 32]

hej, nie wiem skąd mi się to wzięło, ale malware i ccleaner nie zdołał wykasować tego świństwa  ------http://gmaegames.pro...

jakie kroki poczynić?

[3ndurek 3584]

@@adijedi, 

Pobierz i uruchom https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/

Przed skanem zaznacz Addition.txt i wrzuć tu te pliki z notatnika.

[adijedi 32]

3ndurek - pomogło, dzięki !

[ChesterAfter 0]

3ndurek, mam ten sam problem co kolega, mógłbyś jakoś poinstruować co zrobić?

[3ndurek 3584]

@@ChesterAfter, 

Pobierz i uruchom https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/

Przed skanem zaznacz Addition.txt i wrzuć tu te pliki z notatnika.

 

Załącz tutaj te pliki

[Andrew 5852]

Warto jeszcze prześledzić po dacie modyfikacji katalogów, można w ten sposób odkryć ścieżkę w której wgrał się wirus.

[ChesterAfter 0]

Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 09.12.2018

Uruchomiony przez Chester (16-12-2018 08:56:56)

Uruchomiony z D:\Downloads

Windows 7 Home Premium Service Pack 1 (X64) (2017-12-11 12:07:11)

Tryb startu: Normal

==========================================================

 

 

==================== Konta użytkowników: =============================

 

Administrator (S-1-5-21-1050097802-1924140053-2559007084-500 - Administrator - Disabled)

Chester (S-1-5-21-1050097802-1924140053-2559007084-1000 - Administrator - Enabled) => C:\Users\Chester

Gość (S-1-5-21-1050097802-1924140053-2559007084-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-1050097802-1924140053-2559007084-1002 - Limited - Enabled)

 

==================== Centrum zabezpieczeń ========================

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

 

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}

AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Zainstalowane programy ======================

 

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

 

Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.101 - Adobe Systems Incorporated)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.2 (HKLM-x32\...\{A2116AF9-FA9D-41EA-9874-1E40B227D4DE}) (Version: 12.2.5.195 - Adobe Systems, Inc)

Aktualizacje NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden

ALLPlayer V7.X (HKLM-x32\...\ALLPlayer_is1) (Version:  - ALLPlayer Group, Ltd.)

American Truck Simulator (HKLM-x32\...\{FBB16F58-B03A-4894-9F75-DC6351F130FC}) (Version: 1.29.2.4 - SCS Software)

Colin McRae Rally 04 (HKLM-x32\...\{F8718F95-21A1-44B9-97EC-679C93020BAE}) (Version: 1.01 - Codemasters)

DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.22 - NVIDIA Corporation) Hidden

Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version:  - )

Fallout New Vegas Ultimate Edition (HKLM-x32\...\Fallout New Vegas Ultimate Edition_is1) (Version:  - )

Farming Simulator 17 Platinum Edition ROPA (HKLM\...\ZmFybWluZ3NpbXVsYXRvcjE3_is1) (Version: 1 - )

GG (HKU\S-1-5-21-1050097802-1924140053-2559007084-1000\...\GG) (Version: 12 - GG Network S.A.)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden

Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden

Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)

HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)

Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)

Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)

Kingdom Come: Deliverance (HKLM-x32\...\1719198803_is1) (Version: 1.5 - GOG.com)

Kingdom Come: Deliverance Treasures of the Past DLC (HKLM-x32\...\1300320746_is1) (Version: 1.5 - GOG.com)

League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)

Mafia 3 (HKLM-x32\...\Mafia 3_is1) (Version:  - )

Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)

Microsoft .NET Framework 4.7.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.7.03062 - Microsoft Corporation)

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24516 (HKLM-x32\...\{b8e12890-118d-4721-8e54-05d978086712}) (Version: 14.0.24516.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24516 (HKLM-x32\...\{c325004c-5538-45b3-a7ad-94473a4dcd3b}) (Version: 14.0.24516.0 - Microsoft Corporation)

Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version:  - Microsoft Corporation)

Need for Speed Shift MULTi10 - ElAmigos wersja 1.02 (HKLM-x32\...\{A6EA3779-A6AD-4D06-8704-D0986F855D4A}_is1) (Version: 1.02 - EA Games)

NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden

NVIDIA GeForce Experience 3.16.0.122 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.122 - NVIDIA Corporation)

NVIDIA Oprogramowanie systemu PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)

NVIDIA Sterownik graficzny 417.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 417.22 - NVIDIA Corporation)

Oprogramowanie mikroukładu Intel® (HKLM-x32\...\{e48a2f61-851a-4155-82f9-af1b04db8c3b}) (Version: 10.0.13 - Intel® Corporation) Hidden

Panel sterowania NVIDIA 417.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 417.22 - NVIDIA Corporation) Hidden

PowerISO (HKLM-x32\...\PowerISO) (Version: 7.0 - Power Software Ltd)

qBittorrent 4.1.2 (HKLM-x32\...\qBittorrent) (Version: 4.1.2 - The qBittorrent project)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7188 - Realtek Semiconductor Corp.)

Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.0 - Rockstar Games)

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH)

The Elder Scrolls: Skyrim - Special Edition (HKLM-x32\...\The Elder Scrolls: Skyrim - Special Edition_is1) (Version:  - )

Tom Clancy's Splinter Cell Blacklist ver. 1.03 (HKLM-x32\...\{01102112-03YT-31VB-00E9-54SDHF2186AC}_is1) (Version: 1.03 - Ubisoft Entertainment)

VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.7 - MSI)

vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden

Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)

WinRAR 5.50 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

XTREME GAMING ENGINE (HKLM-x32\...\GIGABYTE XTREME GAMING ENGINE_is1) (Version: 1.2.1.1 - GIGABYTE Technology Co.,Inc.)

 

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

 

ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)

ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-09-13] (Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-09-13] (Alexander Roshal)

ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)

ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)

ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-11-29] (NVIDIA Corporation)

ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd)

ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-09-13] (Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-09-13] (Alexander Roshal)

 

==================== Zaplanowane zadania (filtrowane) =============

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

 

Task: {02E7ADA6-389C-4A44-AD4D-80158B9172E6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-11] (Google Inc.)

Task: {12C0CF3C-E6FE-4151-94B8-11612A61EB84} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1050097802-1924140053-2559007084-1000

Task: {247EF7CF-B657-46F1-967D-075232C0220E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-06] (Adobe Systems Incorporated)

Task: {2935A8E1-1C10-4ECA-B543-FFE73D44A1D8} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)

Task: {2E891FA0-3D6D-47EB-A549-256FB7951A1F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-11-16] (NVIDIA Corporation)

Task: {37A70F68-4009-4EBA-B03C-0F067316026E} - System32\Tasks\Launcher GIGABYTE XTREME GAMING ENGINE => C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\Xtreme.exe [2017-01-09] (GIGABYTE Technology Co.,Ltd.)

Task: {39DD898E-0E28-4F77-B5FE-8577943096CB} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-11-16] (NVIDIA Corporation)

Task: {6823493C-3429-494E-9A51-554491DBE352} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-11-16] (NVIDIA Corporation)

Task: {69783221-AD89-44AE-9002-4FD78FEFE76C} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe [2018-12-06] (Adobe Systems Incorporated)

Task: {6E9F70FA-6D0D-4F4E-ACA2-E11AE2461F0B} - System32\Tasks\Chester => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Chester /t REG_SZ /d "cmd.exe /c start www.dipladoks.org"

Task: {7EBF4782-1283-4095-AB14-970C84DCC3FE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-11] (Google Inc.)

Task: {A249C662-40D8-4BBC-ABBF-CC89D04F5B29} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-11-16] (NVIDIA Corporation)

Task: {B13B527B-F1C1-4118-92AE-883E6C8E6F60} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\Real\RealDownloader\downloader2.exe

Task: {B4C946DF-729B-45A5-ACC1-3BDE541AD807} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-11-16] (NVIDIA Corporation)

Task: {B9095D92-86F6-4B25-AF21-0323E6F55DC2} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)

Task: {DA3DEFB8-FD47-432E-A90F-990AD5F0E46C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-11-16] (NVIDIA Corporation)

Task: {E7335A1A-1A22-4111-BC99-E0E3C7EFAC60} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)

Task: {E7A56411-6BA1-4846-A10E-EC55DE1C327F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-11-16] (NVIDIA Corporation)

Task: {EDAF76F9-4B5F-4B68-98BF-C5C99C5178AB} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)

 

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)

 

 

==================== Skróty & WMI ========================

 

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)

 

 

==================== Załadowane moduły (filtrowane) ==============

 

2017-12-11 13:26 - 2018-11-29 17:11 - 000154424 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2017-07-26 08:58 - 2017-07-26 08:58 - 000192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe

2018-06-17 13:48 - 2018-11-16 12:55 - 001314672 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll

2018-12-09 00:31 - 2018-10-30 19:06 - 001057056 _____ () D:\Moje Gry\Steam\bin\cef\cef.win7x64\SDL2.dll

2018-12-09 00:31 - 2018-09-23 01:00 - 102804768 _____ () D:\Moje Gry\Steam\bin\cef\cef.win7x64\libcef.dll

2018-12-09 00:31 - 2018-09-23 01:00 - 004866336 _____ () D:\Moje Gry\Steam\bin\cef\cef.win7x64\libglesv2.dll

2018-12-09 00:31 - 2018-09-23 01:00 - 000116000 _____ () D:\Moje Gry\Steam\bin\cef\cef.win7x64\libegl.dll

2018-12-14 00:30 - 2018-12-12 06:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll

2018-12-14 00:30 - 2018-12-12 06:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll

2018-12-03 17:43 - 2018-12-03 17:43 - 031311872 _____ () C:\Users\Chester\AppData\Local\Google\Chrome\User Data\PepperFlash\32.0.0.101\pepflashplayer.dll

2017-12-11 13:34 - 2016-08-18 20:26 - 000225792 _____ () C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\GvFireware.dll

2017-12-11 13:34 - 2014-05-01 02:49 - 000025088 _____ () C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\BSL430.dll

2014-02-19 18:51 - 2014-02-19 18:51 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll

2017-12-11 16:28 - 2018-10-30 19:06 - 000879904 _____ () D:\Moje Gry\Steam\SDL2.dll

2017-12-11 16:28 - 2016-09-01 02:02 - 004969248 _____ () D:\Moje Gry\Steam\v8.dll

2017-12-11 16:28 - 2016-09-01 02:02 - 001563936 _____ () D:\Moje Gry\Steam\icui18n.dll

2017-12-11 16:28 - 2016-09-01 02:02 - 001195296 _____ () D:\Moje Gry\Steam\icuuc.dll

2017-12-11 16:28 - 2018-11-26 21:29 - 002649376 _____ () D:\Moje Gry\Steam\video.dll

2018-01-14 13:16 - 2017-12-20 02:43 - 005137696 _____ () D:\Moje Gry\Steam\libavcodec-57.dll

2018-01-14 13:16 - 2017-12-20 02:43 - 000847136 _____ () D:\Moje Gry\Steam\libavutil-55.dll

2018-01-14 13:16 - 2017-12-20 02:43 - 000695584 _____ () D:\Moje Gry\Steam\libavformat-57.dll

2018-01-14 13:16 - 2017-12-20 02:43 - 000351520 _____ () D:\Moje Gry\Steam\libavresample-3.dll

2018-01-14 13:16 - 2017-12-20 02:43 - 000783648 _____ () D:\Moje Gry\Steam\libswscale-4.dll

2017-12-11 16:28 - 2018-11-26 21:29 - 001028384 _____ () D:\Moje Gry\Steam\bin\chromehtml.DLL

2017-12-11 16:28 - 2016-07-04 23:17 - 000266560 _____ () D:\Moje Gry\Steam\openvr_api.dll

 

==================== Alternate Data Streams (filtrowane) =========

 

==================== Tryb awaryjny (filtrowane) ===================

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)

 

 

==================== Powiązania plików (filtrowane) ===============

 

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)

 

 

==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)

 

 

==================== Hosts - zawartość: ===============================

 

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

 

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts

 

 

==================== Inne obszary ============================

 

(Obecnie brak automatycznej naprawy dla tej sekcji.)

 

HKU\S-1-5-21-1050097802-1924140053-2559007084-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Chester\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 194.54.22.2

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Zapora systemu Windows [funkcja włączona]

 

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==

 

Załączenie wejścia w fixlist spowoduje jego usunięcie.

 

 

==================== Reguły Zapory systemu Windows (filtrowane) ===============

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

 

FirewallRules: [{B22409C1-035A-4D13-B5BD-FFE0444D29E1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe

FirewallRules: [{80FA409D-57A1-4006-B977-D598A116D899}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe

FirewallRules: [{CC0BC8B2-270A-4FAD-85B6-77774B95796D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe

FirewallRules: [{7D2E8BA9-0557-4DE5-848C-9BF9C50A9FF0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{E1BDBA6A-E5CE-4148-AF48-10A607F647C3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{A3ED07A0-8F5C-440A-9764-A0B2CED7E3C7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{FB464235-792D-435E-B632-FBA595758B37}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{D948C985-8A7E-4830-97AA-D4CE912051F0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

FirewallRules: [{EF58D728-05B2-489C-AEFD-BC07AAA91739}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

FirewallRules: [{48B95FDE-7CAD-40AE-BCA9-6B3CE5BFB722}] => (Allow) D:\Moje Gry\Steam\Steam.exe

FirewallRules: [{2EA1C9CD-0F0B-472C-81CF-763748CF83D4}] => (Allow) D:\Moje Gry\Steam\Steam.exe

FirewallRules: [{7C2ABA84-FB8F-42C2-9538-94293E7243F1}] => (Allow) D:\Moje Gry\Steam\bin\cef\cef.win7\steamwebhelper.exe

FirewallRules: [{EDAE8A19-D168-481C-92DB-08E840515C57}] => (Allow) D:\Moje Gry\Steam\bin\cef\cef.win7\steamwebhelper.exe

FirewallRules: [{FEFF145D-5B98-4C79-8840-B5B670DDB3B6}] => (Allow) D:\Moje Gry\GTA V\GTA5.exe

FirewallRules: [{43D6796C-F6E6-4C42-A664-C4741D28A16E}] => (Allow) D:\Moje Gry\GTA V\GTA5.exe

FirewallRules: [{12733842-8654-4170-8496-9B27AADAC722}] => (Allow) C:\Users\Chester\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{D033DC8C-7AB3-4B7B-833A-56F1AF8728D1}] => (Allow) C:\Users\Chester\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [TCP Query User{CB24701B-78BE-4D01-A6D1-FE2A6D095890}D:\moje gry\fallout 4\fallout4.exe] => (Allow) D:\moje gry\fallout 4\fallout4.exe

FirewallRules: [uDP Query User{B7B8C8F2-0C72-4FDC-9075-BA807F76E4CF}D:\moje gry\fallout 4\fallout4.exe] => (Allow) D:\moje gry\fallout 4\fallout4.exe

FirewallRules: [TCP Query User{8B5FE8C5-D37D-4C78-B5F5-0FA49B9792BD}D:\moje gry\fallout 4\fallout4.exe] => (Allow) D:\moje gry\fallout 4\fallout4.exe

FirewallRules: [uDP Query User{DF335664-3B60-40E4-B71D-4E247C237F95}D:\moje gry\fallout 4\fallout4.exe] => (Allow) D:\moje gry\fallout 4\fallout4.exe

FirewallRules: [TCP Query User{BE30A0B7-1464-4216-8FE2-3F4168838459}D:\downloads\conan\conan exiles\conansandbox\binaries\win64\conansandbox.exe] => (Allow) D:\downloads\conan\conan exiles\conansandbox\binaries\win64\conansandbox.exe

FirewallRules: [uDP Query User{A75AC71C-7642-4AA5-8778-6ACFA81EAD92}D:\downloads\conan\conan exiles\conansandbox\binaries\win64\conansandbox.exe] => (Allow) D:\downloads\conan\conan exiles\conansandbox\binaries\win64\conansandbox.exe

FirewallRules: [TCP Query User{C06761A5-E264-4804-8DA9-75A2C9E8B9D3}D:\moje gry\need for speed - most wanted\nfs13.exe] => (Allow) D:\moje gry\need for speed - most wanted\nfs13.exe

FirewallRules: [uDP Query User{17C0F99B-4CCD-4018-9EA0-B7A55A2B3145}D:\moje gry\need for speed - most wanted\nfs13.exe] => (Allow) D:\moje gry\need for speed - most wanted\nfs13.exe

FirewallRules: [TCP Query User{D17A89E2-B8C0-48AE-98F2-BA1B61F3C2D1}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe

FirewallRules: [uDP Query User{D6156947-1C78-4C56-BD91-41BEF5C3A7D1}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe

FirewallRules: [TCP Query User{6668CD79-3A6C-4D2D-923D-42F034DB420F}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe

FirewallRules: [uDP Query User{3721BBD2-9FCF-4F4C-93A2-97BED2E321DE}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe

FirewallRules: [TCP Query User{A8DFCD4B-25E1-4D38-BBF7-99581EF28390}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe

FirewallRules: [uDP Query User{BF53ADA1-7B49-49A6-A266-5C40A1FC91F9}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe

FirewallRules: [TCP Query User{A0942369-EBA1-4D3A-B9F6-75C4290A75E9}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe

FirewallRules: [uDP Query User{98A2A605-3F43-46F0-880B-0B2682F076A4}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe

FirewallRules: [TCP Query User{565A1610-7348-4C3A-9706-A82FF9BD4196}D:\moje gry\motogp 15\motogp15x64.exe] => (Allow) D:\moje gry\motogp 15\motogp15x64.exe

FirewallRules: [uDP Query User{212F48A1-0887-482E-B43D-21B6BAFDF8FA}D:\moje gry\motogp 15\motogp15x64.exe] => (Allow) D:\moje gry\motogp 15\motogp15x64.exe

FirewallRules: [TCP Query User{6857472F-6EEC-4C21-B92D-29A0C9852506}D:\moje gry\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) D:\moje gry\kingdom come deliverance\bin\win64\kingdomcome.exe

FirewallRules: [uDP Query User{BD180148-F7AF-4A49-B08A-6127B97135AF}D:\moje gry\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) D:\moje gry\kingdom come deliverance\bin\win64\kingdomcome.exe

FirewallRules: [{E15CC98D-A591-495C-9BDB-4A577BE4278B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{F52DBB90-A34C-4D91-95CD-D022AFDE9995}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [TCP Query User{89BCCC90-3552-4B11-B653-B3FB8E1C8679}D:\moje gry\might and magic heroes vii deluxe edition\binaries\win64\mmh7game-win64-shipping.exe] => (Block) D:\moje gry\might and magic heroes vii deluxe edition\binaries\win64\mmh7game-win64-shipping.exe

FirewallRules: [uDP Query User{C26F078F-75CE-4ED7-BF53-13AF7298907A}D:\moje gry\might and magic heroes vii deluxe edition\binaries\win64\mmh7game-win64-shipping.exe] => (Block) D:\moje gry\might and magic heroes vii deluxe edition\binaries\win64\mmh7game-win64-shipping.exe

FirewallRules: [TCP Query User{488E25D7-F7CB-4966-B791-2468233A1ADE}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe

FirewallRules: [uDP Query User{B1D84AC7-6088-45BA-B450-7449E852A8EC}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe

FirewallRules: [TCP Query User{98DC62F5-7BE7-44B2-83EE-65309F807D9E}D:\moje gry\fifa 18\fifa18.exe] => (Allow) D:\moje gry\fifa 18\fifa18.exe

FirewallRules: [uDP Query User{8C1DCFEB-E7DF-4D13-A811-5AF47377E3BB}D:\moje gry\fifa 18\fifa18.exe] => (Allow) D:\moje gry\fifa 18\fifa18.exe

FirewallRules: [{3628F5A2-94E9-4976-A85C-53A2A2738D52}] => (Allow) D:\Moje Gry\Assassin's Creed Rogue\ACC.exe

FirewallRules: [{8E7B62CA-8401-46F6-AA8B-7AF6E9A5C8E1}] => (Allow) D:\Moje Gry\Assassin's Creed Rogue\ACC.exe

FirewallRules: [TCP Query User{CA6B8149-A325-49C0-8AE5-795AA5A285EA}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe

FirewallRules: [uDP Query User{74F19D5C-2060-4E34-B69B-FEA44807E96E}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe

FirewallRules: [{9A7401CB-74B0-4708-BCF4-4FEB0BD94B8D}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe

FirewallRules: [{D96FF583-8D09-4BF8-9C2E-47F2863C16F1}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe

FirewallRules: [TCP Query User{AE3911BE-3FEA-4825-81AE-AB038503FBA0}D:\moje gry\far cry primal\bin\fcprimal.exe] => (Allow) D:\moje gry\far cry primal\bin\fcprimal.exe

FirewallRules: [uDP Query User{70DB6489-1E2D-4190-B175-8C070CF98036}D:\moje gry\far cry primal\bin\fcprimal.exe] => (Allow) D:\moje gry\far cry primal\bin\fcprimal.exe

FirewallRules: [TCP Query User{109A4FF2-E4A4-4F9A-9055-A8A0A7E5D740}D:\moje gry\assetto corsa\acs.exe] => (Block) D:\moje gry\assetto corsa\acs.exe

FirewallRules: [uDP Query User{B40F5862-BDDD-4161-9A12-EF33DB98B647}D:\moje gry\assetto corsa\acs.exe] => (Block) D:\moje gry\assetto corsa\acs.exe

FirewallRules: [TCP Query User{03F92ADB-1A32-47AD-B65D-A2243B578A2C}D:\moje gryr\city car driving\bin\win32\starter.exe] => (Allow) D:\moje gryr\city car driving\bin\win32\starter.exe

FirewallRules: [uDP Query User{651F0C56-E5E4-4FC4-A3E4-43165848793C}D:\moje gryr\city car driving\bin\win32\starter.exe] => (Allow) D:\moje gryr\city car driving\bin\win32\starter.exe

FirewallRules: [TCP Query User{3278C984-D9F4-4F8F-84E0-CE577ACED040}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe

FirewallRules: [uDP Query User{6FBF1373-F2AA-4A34-904C-28E9EDD0372C}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe

FirewallRules: [TCP Query User{45BB8B60-D3CE-4621-BEAA-7FE45995384B}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe

FirewallRules: [uDP Query User{C6546A5D-C8F2-47BB-88A7-500DE25CD78C}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe

FirewallRules: [TCP Query User{F7ED8B67-33F8-460F-8D3D-BF30A23D57B8}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe

FirewallRules: [uDP Query User{44A73401-82DF-4A67-B928-07300B362E2A}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe

FirewallRules: [{0C20DA42-7F4F-449C-8626-80CDD72608A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{5491E442-BFE3-4B4D-8565-FF3CAD94F069}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{5347E9A3-B471-483D-8578-B5B4FBDF7D1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{2A4854D9-EB6B-4C5B-A7EA-4EE2B9C1818C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [TCP Query User{5A00BD8F-C31A-4281-91F0-C3CD5DB6ABB8}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe

FirewallRules: [uDP Query User{C2549DF4-6E02-4846-A7D0-148FB32B8F1C}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe

FirewallRules: [TCP Query User{93C75633-24FE-4019-9671-B21261969F0B}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe

FirewallRules: [uDP Query User{6566854C-1343-4AC3-8F76-C8BED76DCEB5}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe

FirewallRules: [TCP Query User{E7F20B40-D494-4650-9B64-D7BF3509560F}D:\moje gry\tom clancy's splinter cell blacklist\src\system\blacklist_dx11_game.exe] => (Allow) D:\moje gry\tom clancy's splinter cell blacklist\src\system\blacklist_dx11_game.exe

FirewallRules: [uDP Query User{93EE11CA-D2B4-4DCC-8B05-71FC30A04703}D:\moje gry\tom clancy's splinter cell blacklist\src\system\blacklist_dx11_game.exe] => (Allow) D:\moje gry\tom clancy's splinter cell blacklist\src\system\blacklist_dx11_game.exe

FirewallRules: [{BBC09F60-DC50-401F-BAA2-5DEA69E36A9C}] => (Allow) D:\Moje Gry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

FirewallRules: [{0A2EED57-CF49-4D42-9EA5-F98953472B6A}] => (Allow) D:\Moje Gry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

FirewallRules: [{CB21246D-0E4A-4D33-BFDD-FF1BB74A5076}] => (Allow) D:\Moje Gry\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe

FirewallRules: [{76B60923-35EC-4D69-8A70-BC76D5D5518A}] => (Allow) D:\Moje Gry\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe

FirewallRules: [{09EBA9C5-6F6A-40C5-BA57-5623E9A6A94D}] => (Allow) D:\Moje Gry\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe

FirewallRules: [{6219DE39-2955-429F-90D6-A581EC1F5573}] => (Allow) D:\Moje Gry\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe

FirewallRules: [{0791E245-49CB-4C02-A1CA-134AA6597901}] => (Allow) D:\Moje Gry\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe

FirewallRules: [{179CF049-175C-4C07-850F-26CC81BDA140}] => (Allow) D:\Moje Gry\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe

FirewallRules: [{CD54571C-EE12-4FA3-8AE8-B53E5CAACD06}] => (Allow) D:\Moje Gry\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe

FirewallRules: [{11D68C35-2007-49CD-B239-3237C3D080F2}] => (Allow) D:\Moje Gry\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe

FirewallRules: [{6234649A-31E8-41D4-B4A5-3F942E1F72E4}] => (Allow) D:\Moje Gry\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe

FirewallRules: [{544F15AA-CD1D-435E-B54D-1D09FA13CBD4}] => (Allow) D:\Moje Gry\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe

FirewallRules: [TCP Query User{DE57FDBF-A885-4A8E-9F44-7DA575657960}D:\moje gry\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) D:\moje gry\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe

FirewallRules: [uDP Query User{EC43BA30-2804-479B-94D4-49143124D483}D:\moje gry\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) D:\moje gry\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe

FirewallRules: [{4BAB996D-FCD8-4AE5-BC60-1E998A012498}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

==================== Punkty Przywracania systemu =========================

 

15-12-2018 13:56:40 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030

 

==================== Wadliwe urządzenia w Menedżerze urządzeń =============

 

Name: 

Description: 

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

 

 

==================== Błędy w Dzienniku zdarzeń: =========================

 

Dziennik Aplikacja:

==================

Error: (12/15/2018 01:18:38 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

 

Error: (12/15/2018 01:08:57 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

 

Error: (12/13/2018 03:26:10 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

 

Error: (12/12/2018 11:56:12 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Program GTAIV.exe w wersji 1.0.8.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji.

 

Identyfikator procesu: 3a54

 

Godzina rozpoczęcia: 01d4926bd9022a6d

 

Godzina zakończenia: 33

 

Ścieżka aplikacji: D:\Moje Gry\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\GTAIV.exe

 

Identyfikator raportu:

 

Error: (12/12/2018 11:41:06 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nazwa aplikacji powodującej błąd: SteamActivation.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000

Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7601.24291, sygnatura czasowa: 0x5be781b4

Kod wyjątku: 0xc0000005

Przesunięcie błędu: 0x00022302

Identyfikator procesu powodującego błąd: 0x3704

Godzina uruchomienia aplikacji powodującej błąd: 0x01d4926bbfc57e6a

Ścieżka aplikacji powodującej błąd: D:\Moje Gry\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\Activation\SteamActivation.exe

Ścieżka modułu powodującego błąd: C:\Windows\SysWOW64\ntdll.dll

Identyfikator raportu: 02f869dc-fe5f-11e8-8e7f-448a5b9bf344

 

Error: (12/04/2018 11:55:09 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nazwa aplikacji powodującej błąd: SHIFT.exe, wersja: 1.0.2.0, sygnatura czasowa: 0x4af2ddcf

Nazwa modułu powodującego błąd: nvd3dum.dll, wersja: 25.21.14.1722, sygnatura czasowa: 0x5c000b5e

Kod wyjątku: 0xc0000005

Przesunięcie błędu: 0x007e6a36

Identyfikator procesu powodującego błąd: 0x19c4

Godzina uruchomienia aplikacji powodującej błąd: 0x01d48c234fe76b48

Ścieżka aplikacji powodującej błąd: D:\Moje Gry\Need for Speed Shift\SHIFT.exe

Ścieżka modułu powodującego błąd: C:\Windows\system32\nvd3dum.dll

Identyfikator raportu: a5e13c7a-f817-11e8-8e7f-448a5b9bf344

 

Error: (12/03/2018 10:08:18 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

 

Error: (12/03/2018 09:36:31 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nazwa aplikacji powodującej błąd: NvInstallerUtil.exe, wersja: 2.1002.308.0, sygnatura czasowa: 0x5bedc928

Nazwa modułu powodującego błąd: NvInstallerUtil.exe, wersja: 2.1002.308.0, sygnatura czasowa: 0x5bedc928

Kod wyjątku: 0x40000015

Przesunięcie błędu: 0x000f8133

Identyfikator procesu powodującego błąd: 0xbd4

Godzina uruchomienia aplikacji powodującej błąd: 0x01d48b47d3e9617b

Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\NVIDIA Corporation\NvInstallerUtil\NvInstallerUtil.exe

Ścieżka modułu powodującego błąd: C:\Program Files (x86)\NVIDIA Corporation\NvInstallerUtil\NvInstallerUtil.exe

Identyfikator raportu: 1dc606c4-f73b-11e8-9064-448a5b9bf344

 

 

Dziennik System:

=============

Error: (12/15/2018 01:07:14 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: Poprzednie zamknięcie systemu przy 12:49:13 na ‎2018-‎12-‎15 było nieoczekiwane.

 

Error: (12/09/2018 12:31:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Nie można uruchomić usługi Steam Client Service z powodu następującego błędu: 

Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie.

 

Error: (12/09/2018 12:31:34 AM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Steam Client Service.

 

Error: (12/05/2018 10:17:01 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )

Description: Produkt Narzędzia firmy Microsoft chroniące przed złośliwym oprogramowaniem napotkał błąd podczas próby aktualizacji podpisów.

 

Nowa wersja podpisu: 

 

Poprzednia wersja podpisu: 1.281.1389.0

 

Źródło aktualizacji: Serwer usługi Microsoft Update

 

Etap aktualizacji: Wyszukiwanie

 

Ścieżka źródła: http://www.microsoft.com

 

Typ podpisu: Oprogramowanie antywirusowe

 

Typ aktualizacji: Pełne

 

Użytkownik: ZARZĄDZANIE NT\SYSTEM

 

Bieżąca wersja aparatu: 

 

Poprzednia wersja aparatu: 1.1.15400.5

 

Kod błędu: 0x8024402f

 

Opis błędu: Podczas sprawdzania aktualizacji wystąpił nieoczekiwany problem. Aby uzyskać informacje na temat instalowania aktualizacji i rozwiązywania problemów z nimi, zobacz Pomoc i obsługę techniczną.

 

Error: (12/03/2018 09:52:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Usługa NVIDIA LocalSystem Container niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 6000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

 

Error: (12/03/2018 09:52:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: Usługa NVIDIA LocalSystem Container zakończyła działanie; wystąpił następujący błąd: 

Plik wykonywalny polecenia rodzajowego zwrócił wynik wskazujący błąd.

 

Error: (11/07/2018 10:00:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Usługa NVIDIA LocalSystem Container niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 6000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

 

Error: (11/07/2018 10:00:23 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: Usługa NVIDIA LocalSystem Container zakończyła działanie; wystąpił następujący błąd: 

Plik wykonywalny polecenia rodzajowego zwrócił wynik wskazujący błąd.

 

 

==================== Statystyki pamięci =========================== 

 

Procesor: Intel® Core i5-4460 CPU @ 3.20GHz

Procent pamięci w użyciu: 51%

Całkowita pamięć fizyczna: 8141.39 MB

Dostępna pamięć fizyczna: 3913.54 MB

Całkowita pamięć wirtualna: 16280.93 MB

Dostępna pamięć wirtualna: 11404.09 MB

 

==================== Dyski ================================

 

Drive c: () (Fixed) (Total:97.56 GB) (Free:43.75 GB) NTFS

Drive d: () (Fixed) (Total:833.85 GB) (Free:368.37 GB) NTFS

 

\\?\Volume{324d1644-de67-11e7-b47b-806e6f6e6963}\ (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

 

==================== MBR & Tablica partycji ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: A974113A)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=833.9 GB) - (Type=07 NTFS)

 

==================== Koniec  Addition.txt ============================

Chyba nie tak to miało wyglądać

[3ndurek 3584]

Chyba nie tak to miało wyglądać

To jest log z Addition.txt.

 

Brakuje logu FRST.txt.

Edytowane 16 Grudnia 2018 przez 3ndurek

[ChesterAfter 0]

Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 09.12.2018

Uruchomiony przez Chester (administrator)  VENOM (16-12-2018 08:56:42)

Uruchomiony z D:\Downloads

Załadowane profile: Chester (Dostępne profile: Chester)

Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska)

Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome)

Tryb startu: Normal

Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

 

==================== Procesy (filtrowane) =================

 

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

 

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe

(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

(GIGABYTE Technology Co.,Ltd.) C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\Xtreme.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Valve Corporation) D:\Moje Gry\Steam\Steam.exe

(Valve Corporation) D:\Moje Gry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

(Valve Corporation) D:\Moje Gry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

(Valve Corporation) D:\Moje Gry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

(Valve Corporation) D:\Moje Gry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

(Valve Corporation) D:\Moje Gry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

==================== Rejestr (filtrowane) ===========================

 

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7543000 2014-03-04] (Realtek Semiconductor)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)

HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation)

HKU\S-1-5-21-1050097802-1924140053-2559007084-1000\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [3884720 2017-10-04] (ALLPlayer.org)

HKU\S-1-5-21-1050097802-1924140053-2559007084-1000\...\Run: [Chester] => cmd.exe /c start www.dipladoks.org

HKU\S-1-5-21-1050097802-1924140053-2559007084-1000\...\MountPoints2: F - F:\setup.exe

HKU\S-1-5-21-1050097802-1924140053-2559007084-1000\...\MountPoints2: {34484730-de76-11e7-b5a1-448a5b9bf344} - H:\HiSuiteDownLoader.exe

HKU\S-1-5-21-1050097802-1924140053-2559007084-1000\...\MountPoints2: {344847ac-de76-11e7-b5a1-448a5b9bf344} - H:\HiSuiteDownLoader.exe

Startup: C:\Users\Chester\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE XTREME GAMING ENGINE.lnk [2017-12-11]

ShortcutTarget: GIGABYTE XTREME GAMING ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\autorun.exe ()

 

==================== Internet (filtrowane) ====================

 

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

 

Tcpip\Parameters: [DhcpNameServer] 194.54.22.2

Tcpip\..\Interfaces\{3256E9EC-803C-4EEF-9F76-FFCE60E8A3CE}: [DhcpNameServer] 194.54.22.2

 

Internet Explorer:

==================

HKU\S-1-5-21-1050097802-1924140053-2559007084-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gazeta.pl/0,0.html?p=190

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)

 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_101.dll [2018-12-06] ()

FF Plugin: @microsoft.com/GENUINE -> disabled [brak pliku]

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-06] ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2016-09-20] (Adobe Systems, Inc.)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [brak pliku]

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)

 

Chrome: 

=======

CHR DefaultProfile: Default

CHR HomePage: Default -> hxxp://www.gazeta.pl/0,0.html?p=190

CHR StartupUrls: Default -> "hxxp://www.gazeta.pl/0,0.html?p=190"

CHR Profile: C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default [2018-12-16]

CHR Extension: (Adblock Plus) - C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-03]

CHR Extension: (Adblock dla Youtube™) - C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2018-09-14]

CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]

CHR Extension: (Chrome Media Router) - C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-15]

 

==================== Usługi (filtrowane) ====================

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

 

S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [443872 2018-12-12] (Google Inc.)

R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] () [brak podpisu cyfrowego]

S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)

R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)

R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)

R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)

R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation)

S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 

R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

 

===================== Sterowniki (filtrowane) ======================

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

 

S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2017-07-26] (Huawei Technologies Co., Ltd.)

U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Huawei Technologies Co., Ltd.)

R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)

R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)

S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation)

R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation)

R3 XtuAcpiDriver; C:\Windows\System32\DRIVERS\XtuAcpiDriver.sys [54168 2017-04-18] (Intel Corporation)

S3 MSICDSetup; \??\E:\CDriver64.sys [X]

S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]

S4 NVHDA; system32\drivers\nvhda64v.sys [X]

 

==================== NetSvcs (filtrowane) ===================

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

 

 

==================== Jeden miesiąc - utworzone pliki i foldery ========

 

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

 

2018-12-15 14:04 - 2018-12-15 14:05 - 000000000 ____D C:\AdwCleaner

2018-12-15 13:43 - 2018-12-16 08:56 - 000000000 ____D C:\FRST

2018-12-12 23:41 - 2018-12-12 23:41 - 000000000 __SHD C:\ProgramData\SecuROM

2018-12-12 23:41 - 2018-12-12 23:41 - 000000000 __RHD C:\Users\Chester\AppData\Roaming\SecuROM

2018-12-12 23:40 - 2018-12-12 23:40 - 000178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll

2018-12-12 23:40 - 2018-12-12 23:40 - 000001338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk

2018-12-12 23:40 - 2018-12-12 23:40 - 000000000 ____D C:\Windows\SysWOW64\xlive

2018-12-12 23:40 - 2018-12-12 23:40 - 000000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE

2018-12-12 22:43 - 2018-12-12 22:43 - 000000210 _____ C:\Users\Chester\Desktop\Grand Theft Auto IV.url

2018-12-12 14:31 - 2018-12-06 03:39 - 003227648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2018-12-12 14:31 - 2018-11-28 23:02 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll

2018-12-12 14:31 - 2018-11-28 23:02 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL

2018-12-12 14:31 - 2018-11-28 23:02 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll

2018-12-12 14:31 - 2018-11-28 23:02 - 000005632 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx

2018-12-12 14:31 - 2018-11-28 23:02 - 000005632 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll

2018-12-12 14:31 - 2018-11-28 22:50 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL

2018-12-12 14:31 - 2018-11-28 22:50 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll

2018-12-12 14:31 - 2018-11-28 22:38 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll

2018-12-12 14:31 - 2018-11-28 22:38 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx

2018-12-12 14:31 - 2018-11-28 22:38 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll

2018-12-12 14:31 - 2018-11-15 20:46 - 000397088 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2018-12-12 14:31 - 2018-11-15 19:55 - 000348976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2018-12-12 14:31 - 2018-11-15 04:00 - 025735680 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2018-12-12 14:31 - 2018-11-15 03:34 - 020281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2018-12-12 14:31 - 2018-11-15 02:51 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2018-12-12 14:31 - 2018-11-15 02:50 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2018-12-12 14:31 - 2018-11-13 05:54 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2018-12-12 14:31 - 2018-11-13 05:54 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2018-12-12 14:31 - 2018-11-13 05:42 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2018-12-12 14:31 - 2018-11-13 05:41 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2018-12-12 14:31 - 2018-11-13 05:40 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2018-12-12 14:31 - 2018-11-13 05:40 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2018-12-12 14:31 - 2018-11-13 05:39 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2018-12-12 14:31 - 2018-11-13 05:35 - 005778944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2018-12-12 14:31 - 2018-11-13 05:33 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2018-12-12 14:31 - 2018-11-13 05:32 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2018-12-12 14:31 - 2018-11-13 05:30 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2018-12-12 14:31 - 2018-11-13 05:28 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2018-12-12 14:31 - 2018-11-13 05:28 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2018-12-12 14:31 - 2018-11-13 05:28 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2018-12-12 14:31 - 2018-11-13 05:28 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2018-12-12 14:31 - 2018-11-13 05:26 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2018-12-12 14:31 - 2018-11-13 05:21 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2018-12-12 14:31 - 2018-11-13 05:18 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2018-12-12 14:31 - 2018-11-13 05:13 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2018-12-12 14:31 - 2018-11-13 05:13 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2018-12-12 14:31 - 2018-11-13 05:13 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2018-12-12 14:31 - 2018-11-13 05:12 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2018-12-12 14:31 - 2018-11-13 05:11 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2018-12-12 14:31 - 2018-11-13 05:11 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2018-12-12 14:31 - 2018-11-13 05:10 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2018-12-12 14:31 - 2018-11-13 05:10 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2018-12-12 14:31 - 2018-11-13 05:07 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2018-12-12 14:31 - 2018-11-13 05:07 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2018-12-12 14:31 - 2018-11-13 05:06 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2018-12-12 14:31 - 2018-11-13 05:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2018-12-12 14:31 - 2018-11-13 05:05 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2018-12-12 14:31 - 2018-11-13 05:05 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2018-12-12 14:31 - 2018-11-13 05:04 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2018-12-12 14:31 - 2018-11-13 05:03 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2018-12-12 14:31 - 2018-11-13 05:03 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2018-12-12 14:31 - 2018-11-13 05:03 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2018-12-12 14:31 - 2018-11-13 04:55 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2018-12-12 14:31 - 2018-11-13 04:53 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2018-12-12 14:31 - 2018-11-13 04:52 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2018-12-12 14:31 - 2018-11-13 04:51 - 015284736 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2018-12-12 14:31 - 2018-11-13 04:51 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2018-12-12 14:31 - 2018-11-13 04:51 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2018-12-12 14:31 - 2018-11-13 04:50 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2018-12-12 14:31 - 2018-11-13 04:50 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2018-12-12 14:31 - 2018-11-13 04:50 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2018-12-12 14:31 - 2018-11-13 04:49 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2018-12-12 14:31 - 2018-11-13 04:47 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2018-12-12 14:31 - 2018-11-13 04:47 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2018-12-12 14:31 - 2018-11-13 04:46 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2018-12-12 14:31 - 2018-11-13 04:44 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2018-12-12 14:31 - 2018-11-13 04:42 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2018-12-12 14:31 - 2018-11-13 04:39 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2018-12-12 14:31 - 2018-11-13 04:38 - 013681152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2018-12-12 14:31 - 2018-11-13 04:38 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2018-12-12 14:31 - 2018-11-13 04:37 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2018-12-12 14:31 - 2018-11-13 04:37 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2018-12-12 14:31 - 2018-11-13 04:36 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2018-12-12 14:31 - 2018-11-13 04:27 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2018-12-12 14:31 - 2018-11-13 04:18 - 004386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2018-12-12 14:31 - 2018-11-13 04:16 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2018-12-12 14:31 - 2018-11-13 04:15 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2018-12-12 14:31 - 2018-11-13 04:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2018-12-12 14:31 - 2018-11-11 18:19 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi

2018-12-12 14:31 - 2018-11-11 18:02 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll

2018-12-12 14:31 - 2018-11-11 18:01 - 005551848 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2018-12-12 14:31 - 2018-11-11 18:01 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi

2018-12-12 14:31 - 2018-11-11 18:01 - 000366824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys

2018-12-12 14:31 - 2018-11-11 18:01 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2018-12-12 14:31 - 2018-11-11 18:01 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2018-12-12 14:31 - 2018-11-11 18:00 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2018-12-12 14:31 - 2018-11-11 17:58 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2018-12-12 14:31 - 2018-11-11 17:58 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2018-12-12 14:31 - 2018-11-11 17:58 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2018-12-12 14:31 - 2018-11-11 17:58 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2018-12-12 14:31 - 2018-11-11 17:58 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2018-12-12 14:31 - 2018-11-11 17:58 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2018-12-12 14:31 - 2018-11-11 17:58 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2018-12-12 14:31 - 2018-11-11 17:58 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll

2018-12-12 14:31 - 2018-11-11 17:58 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2018-12-12 14:31 - 2018-11-11 17:58 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2018-12-12 14:31 - 2018-11-11 17:58 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2018-12-12 14:31 - 2018-11-11 17:58 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2018-12-12 14:31 - 2018-11-11 17:58 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2018-12-12 14:31 - 2018-11-11 17:58 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2018-12-12 14:31 - 2018-11-11 17:58 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll

2018-12-12 14:31 - 2018-11-11 17:58 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2018-12-12 14:31 - 2018-11-11 17:58 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2018-12-12 14:31 - 2018-11-11 17:58 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2018-12-12 14:31 - 2018-11-11 17:58 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll

2018-12-12 14:31 - 2018-11-11 17:58 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll

2018-12-12 14:31 - 2018-11-11 17:58 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

2018-12-12 14:31 - 2018-11-11 17:58 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2018-12-12 14:31 - 2018-11-11 17:58 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2018-12-12 14:31 - 2018-11-11 17:58 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll

2018-12-12 14:31 - 2018-11-11 17:58 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:49 - 004054760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2018-12-12 14:31 - 2018-11-11 17:49 - 003960040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2018-12-12 14:31 - 2018-11-11 17:47 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2018-12-12 14:31 - 2018-11-11 17:45 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2018-12-12 14:31 - 2018-11-11 17:45 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2018-12-12 14:31 - 2018-11-11 17:45 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2018-12-12 14:31 - 2018-11-11 17:45 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2018-12-12 14:31 - 2018-11-11 17:45 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2018-12-12 14:31 - 2018-11-11 17:45 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2018-12-12 14:31 - 2018-11-11 17:45 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2018-12-12 14:31 - 2018-11-11 17:45 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2018-12-12 14:31 - 2018-11-11 17:45 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2018-12-12 14:31 - 2018-11-11 17:45 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll

2018-12-12 14:31 - 2018-11-11 17:45 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll

2018-12-12 14:31 - 2018-11-11 17:45 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2018-12-12 14:31 - 2018-11-11 17:45 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll

2018-12-12 14:31 - 2018-11-11 17:45 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2018-12-12 14:31 - 2018-11-11 17:45 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll

2018-12-12 14:31 - 2018-11-11 17:45 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2018-12-12 14:31 - 2018-11-11 17:45 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2018-12-12 14:31 - 2018-11-11 17:45 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:25 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe

2018-12-12 14:31 - 2018-11-11 17:25 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys

2018-12-12 14:31 - 2018-11-11 17:25 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe

2018-12-12 14:31 - 2018-11-11 17:24 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe

2018-12-12 14:31 - 2018-11-11 17:20 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe

2018-12-12 14:31 - 2018-11-11 17:20 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys

2018-12-12 14:31 - 2018-11-11 17:19 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

2018-12-12 14:31 - 2018-11-11 17:19 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe

2018-12-12 14:31 - 2018-11-11 17:16 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2018-12-12 14:31 - 2018-11-11 17:16 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2018-12-12 14:31 - 2018-11-11 17:16 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2018-12-12 14:31 - 2018-11-11 17:15 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2018-12-12 14:31 - 2018-11-11 17:15 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys

2018-12-12 14:31 - 2018-11-11 17:15 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys

2018-12-12 14:31 - 2018-11-11 17:15 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys

2018-12-12 14:31 - 2018-11-11 17:15 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys

2018-12-12 14:31 - 2018-11-11 17:15 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2018-12-12 14:31 - 2018-11-11 17:15 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2018-12-12 14:31 - 2018-11-11 17:15 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2018-12-12 14:31 - 2018-11-11 17:15 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2018-12-12 14:31 - 2018-11-11 17:15 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2018-12-12 14:31 - 2018-11-11 17:14 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll

2018-12-12 14:31 - 2018-11-11 17:13 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:13 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:13 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll

2018-12-12 14:31 - 2018-11-11 17:13 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

2018-12-12 14:31 - 2018-11-08 17:58 - 002009600 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2018-12-12 14:31 - 2018-11-08 17:58 - 001889280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2018-12-12 14:31 - 2018-11-08 17:58 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll

2018-12-12 14:31 - 2018-11-08 17:58 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2018-12-12 14:31 - 2018-11-08 17:43 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll

2018-12-12 14:31 - 2018-11-08 17:43 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2018-12-12 14:31 - 2018-11-08 17:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll

2018-12-12 14:31 - 2018-11-08 17:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2018-12-12 14:31 - 2018-11-06 05:36 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2018-12-12 14:31 - 2018-11-06 05:20 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2018-12-12 14:31 - 2018-10-06 17:03 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2018-12-12 14:31 - 2018-10-06 16:59 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll

2018-12-12 14:31 - 2018-10-06 16:59 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll

2018-12-12 14:31 - 2018-10-06 16:58 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll

2018-12-12 14:31 - 2018-10-06 16:58 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2018-12-12 14:31 - 2018-10-06 16:58 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll

2018-12-12 14:31 - 2018-10-06 16:50 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

2018-12-12 14:31 - 2018-10-06 16:44 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll

2018-12-12 14:31 - 2018-10-06 16:44 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll

2018-12-12 14:31 - 2018-10-06 16:43 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll

2018-12-12 14:31 - 2018-10-06 16:43 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll

2018-12-12 14:31 - 2018-10-06 16:16 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

2018-12-09 16:48 - 2018-12-09 23:42 - 000000000 ____D C:\Users\Chester\Documents\Euro Truck Simulator 2

2018-12-09 16:35 - 2018-12-09 16:35 - 000000211 _____ C:\Users\Chester\Desktop\Euro Truck Simulator 2.url

2018-12-09 00:14 - 2018-12-09 00:14 - 000000903 _____ C:\Users\Chester\Desktop\Blacklist.lnk

2018-12-08 21:25 - 2018-12-08 21:25 - 000000000 ____D C:\Users\Chester\Documents\Ubisoft

2018-12-04 23:42 - 2018-12-04 23:56 - 000000000 ____D C:\Users\Chester\Documents\NFS SHIFT

2018-12-04 23:39 - 2018-12-04 23:39 - 000000794 _____ C:\Users\Public\Desktop\Need for Speed Shift.lnk

2018-12-03 21:51 - 2018-12-01 06:05 - 000978336 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll

2018-12-03 21:51 - 2018-12-01 06:05 - 000978336 _____ C:\Windows\system32\vulkan-1.dll

2018-12-03 21:51 - 2018-12-01 06:05 - 000845216 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll

2018-12-03 21:51 - 2018-12-01 06:05 - 000845216 _____ C:\Windows\SysWOW64\vulkan-1.dll

2018-12-03 21:51 - 2018-12-01 06:05 - 000551568 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll

2018-12-03 21:51 - 2018-12-01 06:05 - 000457200 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll

2018-12-03 21:51 - 2018-12-01 06:05 - 000268192 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe

2018-12-03 21:51 - 2018-12-01 06:05 - 000268192 _____ C:\Windows\system32\vulkaninfo.exe

2018-12-03 21:51 - 2018-12-01 06:05 - 000243616 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe

2018-12-03 21:51 - 2018-12-01 06:05 - 000243616 _____ C:\Windows\SysWOW64\vulkaninfo.exe

2018-12-03 21:51 - 2018-12-01 06:03 - 048640072 _____ (NVIDIA Corp.) C:\Windows\system32\nvoptix.dll

2018-12-03 21:51 - 2018-12-01 06:03 - 040098560 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll

2018-12-03 21:51 - 2018-12-01 06:03 - 029812504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll

2018-12-03 21:51 - 2018-12-01 06:03 - 020372384 _____ (NVIDIA Corporation) C:\Windows\system32\nvrtum64.dll

2018-12-03 21:51 - 2018-12-01 06:02 - 020130600 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2018-12-03 21:51 - 2018-12-01 06:02 - 001461136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll

2018-12-03 21:51 - 2018-12-01 06:02 - 001126528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll

2018-12-03 21:51 - 2018-12-01 06:02 - 000631696 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll

2018-12-03 21:51 - 2018-12-01 06:02 - 000522016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll

2018-12-03 21:51 - 2018-12-01 06:02 - 000383568 _____ C:\Windows\system32\nvofapi.dll

2018-12-03 21:51 - 2018-12-01 06:01 - 040260552 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2018-12-03 21:51 - 2018-12-01 06:01 - 035156424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll

2018-12-03 21:51 - 2018-12-01 06:01 - 004541240 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2018-12-03 21:51 - 2018-12-01 06:01 - 004032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll

2018-12-03 21:51 - 2018-12-01 06:01 - 002018288 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441722.dll

2018-12-03 21:51 - 2018-12-01 06:01 - 002002904 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll

2018-12-03 21:51 - 2018-12-01 06:01 - 001511056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll

2018-12-03 21:51 - 2018-12-01 06:01 - 001468048 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441722.dll

2018-12-03 21:51 - 2018-12-01 06:01 - 000489368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcbl64.dll

2018-12-03 21:51 - 2018-12-01 05:56 - 035301872 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl64.dll

2018-12-03 21:51 - 2018-12-01 05:56 - 031592736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll

2018-12-03 21:51 - 2018-12-01 05:56 - 029976000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl32.dll

2018-12-03 21:51 - 2018-12-01 05:56 - 020847432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll

2018-12-03 21:51 - 2018-12-01 05:56 - 019709528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2018-12-03 21:51 - 2018-12-01 05:56 - 017288040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll

2018-12-03 21:51 - 2018-12-01 05:56 - 015909528 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll

2018-12-03 21:51 - 2018-12-01 05:56 - 013203912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll

2018-12-03 21:51 - 2018-12-01 05:56 - 001167592 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll

2018-12-03 21:51 - 2018-12-01 05:56 - 000914592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll

2018-12-03 21:51 - 2018-12-01 05:56 - 000524624 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll

2018-12-03 21:51 - 2018-12-01 05:56 - 000450656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll

2018-12-03 21:51 - 2018-12-01 05:56 - 000419960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll

2018-12-03 21:51 - 2018-12-01 05:56 - 000182048 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll

2018-12-03 21:51 - 2018-12-01 05:56 - 000163560 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll

2018-12-03 21:51 - 2018-12-01 05:56 - 000159672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll

2018-12-03 21:51 - 2018-12-01 05:56 - 000141576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll

2018-12-03 21:51 - 2018-12-01 05:55 - 016986768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll

2018-12-03 21:34 - 2018-10-01 19:47 - 000070024 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys

2018-12-03 06:17 - 2018-12-08 21:25 - 000000000 ____D C:\ProgramData\Orbit

2018-12-02 20:31 - 2018-12-02 20:31 - 000003490 _____ C:\Windows\System32\Tasks\Chester

2018-12-02 20:28 - 2018-12-02 20:28 - 000000000 ____D C:\Users\Chester\AppData\LocalLow\weltenbauer_ Software Entwicklung GmbH

2018-12-02 20:28 - 2018-12-02 20:28 - 000000000 ____D C:\Users\Chester\AppData\LocalLow\weltenbauer. Software Entwicklung GmbH

 

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

 

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

 

2018-12-16 04:35 - 2009-07-14 05:45 - 000022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2018-12-16 04:35 - 2009-07-14 05:45 - 000022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2018-12-15 13:22 - 2011-04-12 14:21 - 000740422 _____ C:\Windows\system32\perfh015.dat

2018-12-15 13:22 - 2011-04-12 14:21 - 000155996 _____ C:\Windows\system32\perfc015.dat

2018-12-15 13:22 - 2009-07-14 06:13 - 001670518 _____ C:\Windows\system32\PerfStringBackup.INI

2018-12-15 13:22 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf

2018-12-15 13:19 - 2017-12-11 13:26 - 000000000 ____D C:\ProgramData\NVIDIA

2018-12-15 13:18 - 2017-12-11 13:34 - 000003324 _____ C:\Windows\System32\Tasks\Launcher GIGABYTE XTREME GAMING ENGINE

2018-12-15 13:17 - 2017-12-11 13:35 - 000000000 ____D C:\Users\Chester\Documents\temp

2018-12-15 13:16 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT

2018-12-14 07:51 - 2018-03-25 10:00 - 000000000 ____D C:\Users\Chester\AppData\Roaming\GG

2018-12-14 00:30 - 2017-12-11 13:16 - 000002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2018-12-13 04:02 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache

2018-12-13 03:24 - 2009-07-14 05:45 - 000267360 _____ C:\Windows\system32\FNTCACHE.DAT

2018-12-13 03:05 - 2017-12-11 13:13 - 001642188 _____ C:\Windows\SysWOW64\PerfStringBackup.INI

2018-12-13 03:04 - 2017-12-11 17:42 - 000000000 ____D C:\Windows\system32\MRT

2018-12-13 03:02 - 2017-12-11 17:42 - 137260640 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

2018-12-13 00:07 - 2017-12-11 17:00 - 000000000 ____D C:\Users\Chester\Documents\Rockstar Games

2018-12-12 23:41 - 2018-01-01 17:53 - 000000000 ____D C:\Users\Chester\AppData\Local\CrashDumps

2018-12-12 23:41 - 2017-12-11 17:01 - 000000000 ____D C:\Users\Chester\AppData\Local\Rockstar Games

2018-12-12 23:40 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared

2018-12-12 23:37 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2018-12-12 22:43 - 2018-02-05 17:59 - 000002440 _____ C:\Users\Chester\Desktop\Total Battle Members List.txt

2018-12-10 23:04 - 2010-11-21 04:27 - 000592616 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

2018-12-09 00:31 - 2018-09-01 18:29 - 000000000 ____D C:\Users\Chester\AppData\Roaming\qBittorrent

2018-12-06 10:27 - 2018-03-13 15:27 - 000004560 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier

2018-12-06 10:27 - 2018-02-21 18:33 - 000004412 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2018-12-06 10:27 - 2018-02-21 18:32 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2018-12-06 10:27 - 2018-02-21 18:32 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2018-12-06 10:27 - 2018-02-21 18:32 - 000000000 ____D C:\Windows\SysWOW64\Macromed

2018-12-06 10:27 - 2018-02-21 18:32 - 000000000 ____D C:\Windows\system32\Macromed

2018-12-03 21:53 - 2017-12-11 13:25 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation

2018-12-03 21:52 - 2017-12-11 13:53 - 000000000 ____D C:\Users\Chester\AppData\Local\NVIDIA

2018-12-03 21:36 - 2018-06-17 13:48 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-12-03 21:36 - 2018-06-17 13:48 - 000003790 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-12-03 21:36 - 2017-12-11 13:25 - 000000000 ____D C:\ProgramData\NVIDIA Corporation

2018-12-03 21:36 - 2017-12-11 13:25 - 000000000 ____D C:\Program Files\NVIDIA Corporation

2018-12-03 21:35 - 2018-06-17 13:48 - 000003940 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-12-03 21:35 - 2018-06-17 13:48 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-12-03 21:35 - 2018-06-17 13:48 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-12-03 21:35 - 2018-06-17 13:48 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-12-03 21:35 - 2017-12-11 18:42 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-12-03 21:35 - 2017-12-11 13:48 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-12-03 21:35 - 2017-12-11 13:48 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-12-03 21:35 - 2017-12-11 13:48 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-12-03 21:35 - 2017-12-11 13:48 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-12-03 06:17 - 2018-01-11 21:57 - 000000000 ____D C:\Users\Chester\Documents\My Games

2018-12-01 05:56 - 2017-12-11 13:37 - 036852448 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll

2018-12-01 05:56 - 2017-11-09 04:33 - 000505696 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll

2018-12-01 05:55 - 2017-11-09 04:32 - 004847696 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll

2018-12-01 05:55 - 2017-11-09 04:32 - 004286008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll

2018-11-29 18:44 - 2017-11-09 03:57 - 000045453 _____ C:\Windows\system32\nvinfo.pb

2018-11-29 17:11 - 2017-12-11 13:26 - 005338608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll

2018-11-29 17:11 - 2017-12-11 13:26 - 002620624 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll

2018-11-29 17:11 - 2017-12-11 13:26 - 001767632 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll

2018-11-29 17:11 - 2017-12-11 13:26 - 000651248 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll

2018-11-29 17:11 - 2017-12-11 13:26 - 000450600 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll

2018-11-29 17:11 - 2017-12-11 13:26 - 000125240 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

2018-11-29 17:11 - 2017-12-11 13:26 - 000082800 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll

2018-11-28 14:00 - 2018-03-25 09:51 - 000000000 ____D C:\Users\Chester\AppData\Local\GG

2018-11-28 00:28 - 2017-12-11 13:26 - 008453862 _____ C:\Windows\system32\nvcoproc.bin

2018-11-25 15:42 - 2018-07-09 19:43 - 000000000 ____D C:\Users\Chester\AppData\Local\Ubisoft Game Launcher

2018-11-25 15:42 - 2018-07-09 19:43 - 000000000 ____D C:\Program Files (x86)\Ubisoft

2018-11-20 01:04 - 2017-12-11 13:32 - 000007597 _____ C:\Users\Chester\AppData\Local\Resmon.ResmonCfg

2018-11-16 12:55 - 2018-06-17 13:48 - 002864496 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll

2018-11-16 12:55 - 2018-06-17 13:48 - 002264432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll

2018-11-16 12:55 - 2018-06-17 13:48 - 001322864 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll

 

==================== Pliki w katalogu głównym wybranych folderów =======

 

2017-12-11 13:32 - 2018-11-20 01:04 - 000007597 _____ () C:\Users\Chester\AppData\Local\Resmon.ResmonCfg

 

Niektóre pliki w TEMP:

====================

2014-03-25 12:22 - 2014-03-25 12:22 - 000398832 ____R (MSI) C:\Users\Chester\AppData\Local\Temp\AutoWifi.exe

2017-12-11 13:10 - 2010-12-31 04:07 - 000086880 ____R (Microsoft Corporation) C:\Users\Chester\AppData\Local\Temp\devcon64.exe

2018-12-12 23:41 - 2018-12-13 00:01 - 000204800 _____ (Sony DADC Austria AG) C:\Users\Chester\AppData\Local\Temp\drm_dyndata_7370014.dll

2018-12-12 23:41 - 2018-12-15 15:18 - 000204800 _____ (Sony DADC Austria AG) C:\Users\Chester\AppData\Local\Temp\drm_dyndata_7380014.dll

2018-01-04 22:56 - 2017-10-02 13:48 - 000186736 _____ (RealNetworks, Inc.) C:\Users\Chester\AppData\Local\Temp\lowproc.exe

2018-04-24 22:12 - 2018-04-24 22:12 - 001644360 _____ (Kibeta                                                      ) C:\Users\Chester\AppData\Local\Temp\Morphvox Pro 4.4.70_1479443225.exe

2017-12-11 13:26 - 2017-10-27 17:06 - 000760032 _____ (NVIDIA Corporation) C:\Users\Chester\AppData\Local\Temp\nvSCPAPI.dll

2017-12-11 13:37 - 2017-10-27 17:06 - 000370296 _____ (NVIDIA Corporation) C:\Users\Chester\AppData\Local\Temp\nvStInst.exe

2018-01-06 18:29 - 2018-11-24 00:21 - 000004034 _____ () C:\Users\Chester\AppData\Local\Temp\t.dll

 

==================== Bamital & volsnap ======================

 

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

 

C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo

C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo

C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo

C:\Windows\explorer.exe => Plik podpisany cyfrowo

C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo

C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo

C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo

C:\Windows\system32\services.exe => Plik podpisany cyfrowo

C:\Windows\system32\User32.dll => Plik podpisany cyfrowo

C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo

C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo

C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo

C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo

C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo

C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo

C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo

 

LastRegBack: 2018-12-14 07:10

 

==================== Koniec  FRST.txt ============================

[3ndurek 3584]

Uruchom FRST, naciśnij jednocześnie CTRL+Y Otworzy się Notatnik - wklej do niego:

 

 

Task: {6E9F70FA-6D0D-4F4E-ACA2-E11AE2461F0B} - System32\Tasks\Chester => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Chester /t REG_SZ /d "cmd.exe /c start www.dipladoks.org"

HKU\S-1-5-21-1050097802-1924140053-2559007084-1000\...\Run: [Chester] => cmd.exe /c start www.dipladoks.org

HKU\S-1-5-21-1050097802-1924140053-2559007084-1000\...\MountPoints2: F - F:\setup.exe

HKU\S-1-5-21-1050097802-1924140053-2559007084-1000\...\MountPoints2: {34484730-de76-11e7-b5a1-448a5b9bf344} - H:\HiSuiteDownLoader.exe

HKU\S-1-5-21-1050097802-1924140053-2559007084-1000\...\MountPoints2: {344847ac-de76-11e7-b5a1-448a5b9bf344} - H:\HiSuiteDownLoader.exe

FF Plugin: @microsoft.com/GENUINE -> disabled [brak pliku]

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [brak pliku]

R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] () [brak podpisu cyfrowego]

S3 MSICDSetup; \??\E:\CDriver64.sys [X]

S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]

S4 NVHDA; system32\drivers\nvhda64v.sys [X]

Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"}

EmptyTemp:

 

Naciśnij jednocześnie CTRL+S. W FRST kliknij na Fix (NAPRAW)

 

Daj znać czy pomogło.

[ChesterAfter 0]

Problem zniknął, wielkie dzięki i szacun za to że orientujecie się w tych kodach

[Fungeez 0]

Witam,

Potrzebuję pomocy. Też mam problem z wyskakującą stroną http://gmaegames.pro/redirect-from-banner.html podczas startu systemu. Tutaj mój log z frst

 

Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 19.12.2018 01
Uruchomiony przez Misiek (administrator)  MISIEK-KOMPUTER (20-12-2018 14:02:13)
Uruchomiony z C:\Users\Misiek\Downloads
Załadowane profile: Misiek (Dostępne profile: Misiek & Justynka)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: FF)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Rapoo) C:\Program Files (x86)\Rapoo\V100\V100Config.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(RAPOO) C:\Program Files (x86)\Rapoo\V100\V100Mouse\V100Mouse.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Rejestr (filtrowane) ===========================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235944 2017-09-14] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [177928 2018-12-13] (ESET)
HKLM-x32\...\Run: [Rapoo V100 Config] => C:\Program Files (x86)\Rapoo\V100\V100Config.exe [2131256 2014-03-14] (Rapoo)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [Genesis RX66 keyboard] => "C:\Program Files (x86)\Genesis\Genesis RX66\Monitor.exe"
HKU\S-1-5-21-2408824183-3484963206-3134108798-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [5230784 2017-12-15] (Disc Soft Ltd)
HKU\S-1-5-21-2408824183-3484963206-3134108798-1000\...\Run: [Misiek] => cmd.exe /c start www.dipladoks.org
HKU\S-1-5-21-2408824183-3484963206-3134108798-1000\...\MountPoints2: {27f9ed7f-e5c8-11e7-b80d-8c89a5526d09} - G:\OnePlus_setup.exe /s
HKU\S-1-5-21-2408824183-3484963206-3134108798-1000\...\MountPoints2: {27f9ede0-e5c8-11e7-b80d-8c89a5526d09} - H:\setup.exe
HKU\S-1-5-18\...\RunOnce: [sPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -  ()

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F048F146-085D-4E6D-8381-522334E41A65}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-11-27] (Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-27] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: zfrkphpx.default-1545308685690
FF ProfilePath: C:\Users\Misiek\AppData\Roaming\Mozilla\Firefox\Profiles\zfrkphpx.default-1545308685690 [2018-12-20]
FF Session Restore: Mozilla\Firefox\Profiles\zfrkphpx.default-1545308685690 -> [funkcja włączona]
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-27] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-12-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-12-11] (NVIDIA Corporation)
FF Plugin HKU\S-1-5-21-2408824183-3484963206-3134108798-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [brak pliku]

==================== Usługi (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3128000 2017-12-15] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2302160 2018-12-13] (ESET)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [682056 2018-06-19] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8174664 2018-06-19] (GOG.com)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [145512 2018-01-23] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 AAErrorPort; C:\Users\Misiek\AppData\Local\Temp\ActiveAnticheat\aaerrport.exe [X] <==== UWAGA
S2 Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Sterowniki (filtrowane) ======================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-12-20] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-12-20] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [143448 2018-11-23] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107896 2018-11-23] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [188832 2018-11-23] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [109864 2018-11-23] (ESET)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30960 2015-05-29] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2016-03-29] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation)
R3 rpvm100d; C:\Windows\System32\drivers\rpvm100d.sys [30976 2014-03-10] (RAPOO)
S3 RTL85n64; C:\Windows\System32\DRIVERS\RTL85n64.sys [2061856 2010-03-23] (Realtek Semiconductor Corporation )
R3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [3821064 2016-10-01] (Realtek Semiconductor Corporation )
S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x64.sys [X]
S3 PRProt; \??\C:\Users\Misiek\AppData\Local\Temp\ActiveAnticheat\1223403\active64.sys [X] <==== UWAGA
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2018-12-20 13:54 - 2018-12-20 13:55 - 000000000 ____D C:\AdwCleaner
2018-12-20 13:53 - 2018-12-20 13:54 - 007321808 _____ (Malwarebytes) C:\Users\Misiek\Downloads\adwcleaner_7.2.5.0.exe
2018-12-20 13:51 - 2018-12-20 13:52 - 000000261 _____ C:\Users\Misiek\Downloads\Search.txt
2018-12-20 13:16 - 2018-12-20 13:48 - 000029275 _____ C:\Users\Misiek\Downloads\Addition.txt
2018-12-20 13:15 - 2018-12-20 14:02 - 000009958 _____ C:\Users\Misiek\Downloads\FRST.txt
2018-12-20 13:08 - 2018-12-20 13:36 - 000002596 _____ C:\Users\Misiek\Downloads\Fixlog.txt
2018-12-20 13:08 - 2018-12-20 13:08 - 000000530 _____ C:\Users\Misiek\Downloads\czvadkubil.txt
2018-12-20 13:07 - 2018-12-20 14:02 - 000000000 ____D C:\FRST
2018-12-20 13:07 - 2018-12-20 13:08 - 000000530 _____ C:\Users\Misiek\Downloads\xqcdyymbspnamc.txt
2018-12-20 13:07 - 2018-12-20 13:07 - 000000002 _____ C:\Users\Misiek\Downloads\ekhqytlooeywyd.txt
2018-12-20 13:07 - 2018-12-20 13:07 - 000000000 ____D C:\Users\Misiek\Downloads\FRST-OlderVersion
2018-12-20 13:06 - 2018-12-20 13:07 - 002419712 _____ (Farbar) C:\Users\Misiek\Downloads\FRST64.exe
2018-12-19 19:14 - 2018-12-19 19:38 - 000000000 ____D C:\Users\Justynka\angielski
2018-12-19 15:31 - 2018-12-20 11:46 - 000000000 ____D C:\Users\Misiek\Downloads\Divinity.Original.Sin.2.Definitive.Edition-CODEX
2018-12-18 23:15 - 2018-12-20 11:46 - 000000000 ____D C:\Users\Misiek\AppData\LocalLow\uTorrent
2018-12-15 17:27 - 2018-12-15 17:28 - 000166315 _____ C:\Users\Misiek\Downloads\document.pdf
2018-12-13 16:26 - 2018-12-11 08:32 - 000133616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2018-12-13 16:23 - 2018-12-12 02:43 - 000978360 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2018-12-13 16:23 - 2018-12-12 02:43 - 000978360 _____ C:\Windows\system32\vulkan-1.dll
2018-12-13 16:23 - 2018-12-12 02:43 - 000845216 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2018-12-13 16:23 - 2018-12-12 02:43 - 000845216 _____ C:\Windows\SysWOW64\vulkan-1.dll
2018-12-13 16:23 - 2018-12-12 02:43 - 000552024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2018-12-13 16:23 - 2018-12-12 02:43 - 000457304 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2018-12-13 16:23 - 2018-12-12 02:43 - 000268192 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2018-12-13 16:23 - 2018-12-12 02:43 - 000268192 _____ C:\Windows\system32\vulkaninfo.exe
2018-12-13 16:23 - 2018-12-12 02:43 - 000243640 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2018-12-13 16:23 - 2018-12-12 02:43 - 000243640 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2018-12-13 16:23 - 2018-12-12 02:42 - 048639872 _____ (NVIDIA Corp.) C:\Windows\system32\nvoptix.dll
2018-12-13 16:23 - 2018-12-12 02:42 - 040099112 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2018-12-13 16:23 - 2018-12-12 02:42 - 031592760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2018-12-13 16:23 - 2018-12-12 02:42 - 029813320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2018-12-13 16:23 - 2018-12-12 02:42 - 020372280 _____ (NVIDIA Corporation) C:\Windows\system32\nvrtum64.dll
2018-12-13 16:23 - 2018-12-12 02:42 - 020135392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-12-13 16:23 - 2018-12-12 02:42 - 015909552 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-12-13 16:23 - 2018-12-12 02:42 - 002002904 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-12-13 16:23 - 2018-12-12 02:42 - 001511224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-12-13 16:23 - 2018-12-12 02:42 - 001468504 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441735.dll
2018-12-13 16:23 - 2018-12-12 02:42 - 001461152 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-12-13 16:23 - 2018-12-12 02:42 - 001126816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-12-13 16:23 - 2018-12-12 02:42 - 000631256 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-12-13 16:23 - 2018-12-12 02:42 - 000521872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-12-13 16:23 - 2018-12-12 02:42 - 000419984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2018-12-13 16:23 - 2018-12-12 02:42 - 000383952 _____ C:\Windows\system32\nvofapi.dll
2018-12-13 16:23 - 2018-12-12 02:41 - 040261208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-12-13 16:23 - 2018-12-12 02:41 - 035301896 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl64.dll
2018-12-13 16:23 - 2018-12-12 02:41 - 035157080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-12-13 16:23 - 2018-12-12 02:41 - 029976016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl32.dll
2018-12-13 16:23 - 2018-12-12 02:41 - 020847944 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2018-12-13 16:23 - 2018-12-12 02:41 - 019709536 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-12-13 16:23 - 2018-12-12 02:41 - 017288040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2018-12-13 16:23 - 2018-12-12 02:41 - 016987144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-12-13 16:23 - 2018-12-12 02:41 - 013204120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-12-13 16:23 - 2018-12-12 02:41 - 004541072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-12-13 16:23 - 2018-12-12 02:41 - 004286200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-12-13 16:23 - 2018-12-12 02:41 - 004032600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-12-13 16:23 - 2018-12-12 02:41 - 002017752 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441735.dll
2018-12-13 16:23 - 2018-12-12 02:41 - 001167600 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-12-13 16:23 - 2018-12-12 02:41 - 000914592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-12-13 16:23 - 2018-12-12 02:41 - 000524440 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2018-12-13 16:23 - 2018-12-12 02:41 - 000496624 _____ (NVIDIA Corporation) C:\Windows\system32\nvcbl64.dll
2018-12-13 16:23 - 2018-12-12 02:41 - 000450656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-12-13 16:23 - 2018-12-12 02:41 - 000182248 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2018-12-13 16:23 - 2018-12-12 02:41 - 000163392 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2018-12-13 16:23 - 2018-12-12 02:41 - 000159864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2018-12-13 16:23 - 2018-12-12 02:41 - 000141592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2018-12-12 17:16 - 2018-12-06 03:39 - 003227648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-12-12 17:16 - 2018-11-28 23:02 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2018-12-12 17:16 - 2018-11-28 23:02 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2018-12-12 17:16 - 2018-11-28 23:02 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2018-12-12 17:16 - 2018-11-28 23:02 - 000005632 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2018-12-12 17:16 - 2018-11-28 23:02 - 000005632 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2018-12-12 17:16 - 2018-11-28 22:50 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2018-12-12 17:16 - 2018-11-28 22:50 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2018-12-12 17:16 - 2018-11-28 22:38 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2018-12-12 17:16 - 2018-11-28 22:38 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2018-12-12 17:16 - 2018-11-28 22:38 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2018-12-12 17:16 - 2018-11-15 20:46 - 000397088 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-12-12 17:16 - 2018-11-15 19:55 - 000348976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-12-12 17:16 - 2018-11-15 04:00 - 025735680 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-12-12 17:16 - 2018-11-15 03:34 - 020281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-12-12 17:16 - 2018-11-15 02:51 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-12-12 17:16 - 2018-11-15 02:50 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-12-12 17:16 - 2018-11-13 05:54 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-12-12 17:16 - 2018-11-13 05:54 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-12-12 17:16 - 2018-11-13 05:42 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-12-12 17:16 - 2018-11-13 05:41 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-12-12 17:16 - 2018-11-13 05:40 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-12-12 17:16 - 2018-11-13 05:40 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-12-12 17:16 - 2018-11-13 05:39 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-12-12 17:16 - 2018-11-13 05:35 - 005778944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-12-12 17:16 - 2018-11-13 05:33 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-12-12 17:16 - 2018-11-13 05:32 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-12-12 17:16 - 2018-11-13 05:30 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-12-12 17:16 - 2018-11-13 05:28 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-12-12 17:16 - 2018-11-13 05:28 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-12-12 17:16 - 2018-11-13 05:28 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-12-12 17:16 - 2018-11-13 05:28 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-12-12 17:16 - 2018-11-13 05:26 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-12-12 17:16 - 2018-11-13 05:21 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-12-12 17:16 - 2018-11-13 05:18 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-12-12 17:16 - 2018-11-13 05:13 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-12-12 17:16 - 2018-11-13 05:13 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-12-12 17:16 - 2018-11-13 05:13 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-12-12 17:16 - 2018-11-13 05:12 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-12-12 17:16 - 2018-11-13 05:11 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-12-12 17:16 - 2018-11-13 05:11 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-12-12 17:16 - 2018-11-13 05:10 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-12-12 17:16 - 2018-11-13 05:10 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-12-12 17:16 - 2018-11-13 05:07 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-12-12 17:16 - 2018-11-13 05:07 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-12-12 17:16 - 2018-11-13 05:06 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-12-12 17:16 - 2018-11-13 05:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-12-12 17:16 - 2018-11-13 05:05 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-12-12 17:16 - 2018-11-13 05:05 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-12-12 17:16 - 2018-11-13 05:04 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-12-12 17:16 - 2018-11-13 05:03 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-12-12 17:16 - 2018-11-13 05:03 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-12-12 17:16 - 2018-11-13 05:03 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-12-12 17:16 - 2018-11-13 04:55 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-12-12 17:16 - 2018-11-13 04:53 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-12-12 17:16 - 2018-11-13 04:52 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-12-12 17:16 - 2018-11-13 04:51 - 015284736 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-12-12 17:16 - 2018-11-13 04:51 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-12-12 17:16 - 2018-11-13 04:51 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-12-12 17:16 - 2018-11-13 04:50 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-12-12 17:16 - 2018-11-13 04:50 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-12-12 17:16 - 2018-11-13 04:50 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-12-12 17:16 - 2018-11-13 04:49 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-12-12 17:16 - 2018-11-13 04:47 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-12-12 17:16 - 2018-11-13 04:47 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-12-12 17:16 - 2018-11-13 04:46 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-12-12 17:16 - 2018-11-13 04:44 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-12-12 17:16 - 2018-11-13 04:42 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-12-12 17:16 - 2018-11-13 04:39 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-12-12 17:16 - 2018-11-13 04:38 - 013681152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-12-12 17:16 - 2018-11-13 04:38 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-12-12 17:16 - 2018-11-13 04:37 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-12-12 17:16 - 2018-11-13 04:37 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-12-12 17:16 - 2018-11-13 04:36 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-12-12 17:16 - 2018-11-13 04:27 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-12-12 17:16 - 2018-11-13 04:18 - 004386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-12-12 17:16 - 2018-11-13 04:16 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-12-12 17:16 - 2018-11-13 04:15 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-12-12 17:16 - 2018-11-13 04:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-12-12 17:16 - 2018-11-11 18:19 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-12-12 17:16 - 2018-11-11 18:02 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-12-12 17:16 - 2018-11-11 18:01 - 005551848 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-12-12 17:16 - 2018-11-11 18:01 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-12-12 17:16 - 2018-11-11 18:01 - 000366824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-12-12 17:16 - 2018-11-11 18:01 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-12-12 17:16 - 2018-11-11 18:01 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-12-12 17:16 - 2018-11-11 18:00 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-12-12 17:16 - 2018-11-11 17:58 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-12-12 17:16 - 2018-11-11 17:58 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-12-12 17:16 - 2018-11-11 17:58 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-12-12 17:16 - 2018-11-11 17:58 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-12-12 17:16 - 2018-11-11 17:58 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-12-12 17:16 - 2018-11-11 17:58 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-12-12 17:16 - 2018-11-11 17:58 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2018-12-12 17:16 - 2018-11-11 17:58 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-12-12 17:16 - 2018-11-11 17:58 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-12-12 17:16 - 2018-11-11 17:58 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-12-12 17:16 - 2018-11-11 17:58 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-12-12 17:16 - 2018-11-11 17:58 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-12-12 17:16 - 2018-11-11 17:58 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-12-12 17:16 - 2018-11-11 17:58 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-12-12 17:16 - 2018-11-11 17:58 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-12-12 17:16 - 2018-11-11 17:58 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-12-12 17:16 - 2018-11-11 17:58 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-12-12 17:16 - 2018-11-11 17:58 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-12-12 17:16 - 2018-11-11 17:58 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-12-12 17:16 - 2018-11-11 17:58 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-12-12 17:16 - 2018-11-11 17:58 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-12-12 17:16 - 2018-11-11 17:58 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-12-12 17:16 - 2018-11-11 17:58 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-12-12 17:16 - 2018-11-11 17:58 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-12-12 17:16 - 2018-11-11 17:58 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:49 - 004054760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-12-12 17:16 - 2018-11-11 17:49 - 003960040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-12-12 17:16 - 2018-11-11 17:47 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-12-12 17:16 - 2018-11-11 17:45 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-12-12 17:16 - 2018-11-11 17:45 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-12-12 17:16 - 2018-11-11 17:45 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-12-12 17:16 - 2018-11-11 17:45 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2018-12-12 17:16 - 2018-11-11 17:45 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-12-12 17:16 - 2018-11-11 17:45 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-12-12 17:16 - 2018-11-11 17:45 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-12-12 17:16 - 2018-11-11 17:45 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-12-12 17:16 - 2018-11-11 17:45 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-12-12 17:16 - 2018-11-11 17:45 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-12-12 17:16 - 2018-11-11 17:45 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-12-12 17:16 - 2018-11-11 17:45 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-12-12 17:16 - 2018-11-11 17:45 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-12-12 17:16 - 2018-11-11 17:45 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-12-12 17:16 - 2018-11-11 17:45 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-12-12 17:16 - 2018-11-11 17:45 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-12-12 17:16 - 2018-11-11 17:45 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-12-12 17:16 - 2018-11-11 17:45 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:25 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-12-12 17:16 - 2018-11-11 17:25 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-12-12 17:16 - 2018-11-11 17:25 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-12-12 17:16 - 2018-11-11 17:24 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-12-12 17:16 - 2018-11-11 17:20 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-12-12 17:16 - 2018-11-11 17:20 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-12-12 17:16 - 2018-11-11 17:19 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-12-12 17:16 - 2018-11-11 17:19 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-12-12 17:16 - 2018-11-11 17:16 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-12-12 17:16 - 2018-11-11 17:16 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-12-12 17:16 - 2018-11-11 17:16 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-12-12 17:16 - 2018-11-11 17:15 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-12-12 17:16 - 2018-11-11 17:15 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-12-12 17:16 - 2018-11-11 17:15 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-12-12 17:16 - 2018-11-11 17:15 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-12-12 17:16 - 2018-11-11 17:15 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-12-12 17:16 - 2018-11-11 17:15 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-12-12 17:16 - 2018-11-11 17:15 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-12-12 17:16 - 2018-11-11 17:15 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-12-12 17:16 - 2018-11-11 17:15 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-12-12 17:16 - 2018-11-11 17:15 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-12-12 17:16 - 2018-11-11 17:14 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-12-12 17:16 - 2018-11-11 17:13 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:13 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:13 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-12-12 17:16 - 2018-11-11 17:13 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-12-12 17:16 - 2018-11-08 17:58 - 002009600 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-12-12 17:16 - 2018-11-08 17:58 - 001889280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2018-12-12 17:16 - 2018-11-08 17:58 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-12-12 17:16 - 2018-11-08 17:58 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2018-12-12 17:16 - 2018-11-08 17:43 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-12-12 17:16 - 2018-11-08 17:43 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2018-12-12 17:16 - 2018-11-08 17:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-12-12 17:16 - 2018-11-08 17:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2018-12-12 17:16 - 2018-11-06 05:36 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-12-12 17:16 - 2018-11-06 05:20 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-12-12 17:16 - 2018-10-06 17:03 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-12-12 17:16 - 2018-10-06 16:59 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-12-12 17:16 - 2018-10-06 16:59 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-12-12 17:16 - 2018-10-06 16:58 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-12-12 17:16 - 2018-10-06 16:58 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-12-12 17:16 - 2018-10-06 16:58 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-12-12 17:16 - 2018-10-06 16:50 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-12-12 17:16 - 2018-10-06 16:44 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-12-12 17:16 - 2018-10-06 16:44 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-12-12 17:16 - 2018-10-06 16:43 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-12-12 17:16 - 2018-10-06 16:43 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-12-12 17:16 - 2018-10-06 16:16 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-12-12 16:59 - 2018-12-12 16:59 - 000000000 ____D C:\Users\Justynka\AppData\Roaming\DAEMON Tools Lite
2018-12-12 16:54 - 2018-12-12 16:54 - 000000000 ____D C:\Users\Justynka\AppData\Local\CEF
2018-12-11 20:08 - 2018-12-19 22:31 - 000000000 ____D C:\Users\Justynka\AppData\LocalLow\Mozilla
2018-12-11 20:08 - 2018-12-13 14:48 - 000000000 ____D C:\Users\Justynka\AppData\Local\Mozilla
2018-12-11 20:08 - 2018-12-11 20:08 - 000058016 _____ C:\Users\Justynka\AppData\Local\GDIPFONTCACHEV1.DAT
2018-12-11 20:08 - 2018-12-11 20:08 - 000001425 _____ C:\Users\Justynka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-12-11 20:08 - 2018-12-11 20:08 - 000000000 ____D C:\Users\Justynka\AppData\Roaming\Mozilla
2018-12-11 20:08 - 2018-12-11 20:08 - 000000000 ____D C:\Users\Justynka\AppData\Roaming\Adobe
2018-12-11 20:07 - 2018-12-19 19:14 - 000000000 ____D C:\Users\Justynka
2018-12-11 20:07 - 2018-12-12 16:59 - 000000000 ____D C:\Users\Justynka\AppData\Local\NVIDIA Corporation
2018-12-11 20:07 - 2018-12-11 20:08 - 000000000 ____D C:\Users\Justynka\AppData\Local\VirtualStore
2018-12-11 20:07 - 2018-12-11 20:07 - 000000020 ___SH C:\Users\Justynka\ntuser.ini
2018-12-11 20:07 - 2018-12-11 20:07 - 000000000 _SHDL C:\Users\Justynka\Ustawienia lokalne
2018-12-11 20:07 - 2018-12-11 20:07 - 000000000 _SHDL C:\Users\Justynka\Szablony
2018-12-11 20:07 - 2018-12-11 20:07 - 000000000 _SHDL C:\Users\Justynka\Moje dokumenty
2018-12-11 20:07 - 2018-12-11 20:07 - 000000000 _SHDL C:\Users\Justynka\Menu Start
2018-12-11 20:07 - 2018-12-11 20:07 - 000000000 _SHDL C:\Users\Justynka\Documents\Moje wideo
2018-12-11 20:07 - 2018-12-11 20:07 - 000000000 _SHDL C:\Users\Justynka\Documents\Moje obrazy
2018-12-11 20:07 - 2018-12-11 20:07 - 000000000 _SHDL C:\Users\Justynka\Documents\Moja muzyka
2018-12-11 20:07 - 2018-12-11 20:07 - 000000000 _SHDL C:\Users\Justynka\Dane aplikacji
2018-12-11 20:07 - 2018-12-11 20:07 - 000000000 _SHDL C:\Users\Justynka\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-12-11 20:07 - 2018-12-11 20:07 - 000000000 _SHDL C:\Users\Justynka\AppData\Local\Historia
2018-12-11 20:07 - 2018-12-11 20:07 - 000000000 _SHDL C:\Users\Justynka\AppData\Local\Dane aplikacji
2018-12-11 20:07 - 2018-12-11 20:07 - 000000000 ____D C:\Users\Justynka\AppData\Local\NVIDIA
2018-12-11 20:07 - 2018-12-11 20:07 - 000000000 ____D C:\Users\Justynka\ansel
2018-12-11 20:07 - 2009-07-14 19:09 - 000000000 ____D C:\Users\Justynka\AppData\Roaming\Media Center Programs
2018-12-07 19:06 - 2018-12-07 19:06 - 000000000 ____D C:\Users\Misiek\AppData\Roaming\NVIDIA
2018-12-07 18:12 - 2018-12-07 18:12 - 000000559 _____ C:\Users\Public\Desktop\Fallout 4.lnk
2018-12-07 17:49 - 2018-12-07 17:49 - 000002058 _____ C:\Users\Public\Desktop\Genesis RX66.lnk
2018-12-07 17:49 - 2018-12-07 17:49 - 000000000 ____D C:\Users\Misiek\Downloads\Genesis-RX66-driver-production-date-after-201706
2018-12-06 21:51 - 2018-12-06 21:51 - 000003522 _____ C:\Windows\System32\Tasks\Misiek
2018-12-06 21:47 - 2018-12-06 21:47 - 000115712 _____ (Sony Computer Entertainment Inc.) C:\Windows\system32\libScePad.dll
2018-12-06 21:47 - 2018-12-06 21:47 - 000115712 _____ (Sony Computer Entertainment Inc.) C:\Users\Misiek\Downloads\libScePad.dll
2018-12-06 21:39 - 2018-12-06 21:39 - 000000000 ____D C:\Users\Misiek\AppData\Roaming\Steam
2018-12-06 21:33 - 2018-12-06 21:39 - 000000000 ____D C:\Users\Misiek\AppData\Local\CrashDumps
2018-12-05 22:14 - 2018-12-06 21:45 - 000000000 ____D C:\Users\Misiek\AppData\Local\Fallout4
2018-12-05 22:14 - 2018-12-05 22:14 - 000000000 ____D C:\Users\Public\Documents\Steam
2018-12-04 23:13 - 2018-12-01 06:01 - 002018288 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441722.dll
2018-12-04 23:13 - 2018-12-01 06:01 - 001468048 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441722.dll
2018-11-30 23:44 - 2018-11-30 23:44 - 000000000 ____D C:\Users\Misiek\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
2018-11-30 23:41 - 2018-11-30 23:41 - 000000000 ____D C:\Users\Misiek\Documents\OCCT
2018-11-30 22:53 - 2018-11-30 22:53 - 000000971 _____ C:\Users\Misiek\Desktop\OCCT.lnk
2018-11-30 22:53 - 2018-11-30 22:53 - 000000000 ____D C:\Users\Misiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OCCT
2018-11-30 22:53 - 2018-11-30 22:53 - 000000000 ____D C:\Program Files (x86)\OCCTPT
2018-11-30 22:52 - 2018-11-30 22:53 - 008136268 _____ C:\Users\Misiek\Downloads\OCCTPT4.5.1.exe
2018-11-27 18:34 - 2018-11-27 19:16 - 000001917 _____ C:\Users\Misiek\Desktop\Rapoo V100 driver program.lnk
2018-11-27 18:34 - 2018-11-27 19:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rapoo
2018-11-27 18:33 - 2018-11-27 19:16 - 000110868 _____ C:\Windows\unins000.dat
2018-11-27 18:33 - 2018-11-27 19:10 - 000000000 ____D C:\Program Files (x86)\Rapoo
2018-11-27 18:33 - 2018-11-27 18:33 - 001543121 _____ C:\Windows\unins000.exe
2018-11-27 18:33 - 2014-03-10 15:24 - 000030976 _____ (RAPOO) C:\Windows\system32\Drivers\rpvm100d.sys
2018-11-27 18:20 - 2018-11-16 16:46 - 002017536 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441701.dll
2018-11-27 18:20 - 2018-11-16 16:46 - 001468192 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441701.dll
2018-11-27 17:59 - 2018-10-01 19:47 - 000070024 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2018-11-23 21:26 - 2018-11-13 20:05 - 002017736 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441694.dll
2018-11-23 21:26 - 2018-11-13 20:05 - 001468032 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441694.dll
2018-11-23 20:55 - 2018-11-11 02:25 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-11-23 20:55 - 2018-11-11 02:25 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-11-23 20:55 - 2018-11-11 02:25 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-11-23 20:55 - 2018-11-11 02:24 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-11-23 20:55 - 2018-11-11 02:10 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-11-23 20:55 - 2018-11-11 02:10 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-11-23 20:55 - 2018-11-11 01:47 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-11-23 20:55 - 2018-10-27 04:42 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2018-11-23 20:55 - 2018-10-27 04:42 - 000202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2018-11-23 20:55 - 2018-10-27 04:42 - 000150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2018-11-23 20:55 - 2018-10-27 04:42 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2018-11-23 20:55 - 2018-10-27 04:41 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\dispex.dll
2018-11-23 20:55 - 2018-10-27 04:27 - 000173568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2018-11-23 20:55 - 2018-10-27 04:27 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2018-11-23 20:55 - 2018-10-27 04:27 - 000121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2018-11-23 20:55 - 2018-10-27 04:11 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2018-11-23 20:55 - 2018-10-27 04:11 - 000156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2018-11-23 20:55 - 2018-10-27 04:04 - 000141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2018-11-23 20:55 - 2018-10-27 04:04 - 000126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2018-11-23 20:55 - 2018-10-27 04:04 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshcon.dll
2018-11-23 20:55 - 2018-10-27 04:04 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dispex.dll
2018-11-23 20:55 - 2018-10-06 14:42 - 001988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2018-11-23 20:55 - 2018-10-06 14:05 - 002565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2018-11-23 20:55 - 2018-09-23 03:55 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2018-11-23 20:55 - 2018-09-23 03:54 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2018-11-23 20:55 - 2018-09-23 03:54 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2018-11-23 20:55 - 2018-09-23 03:54 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2018-11-23 20:55 - 2018-09-23 03:54 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2018-11-23 20:55 - 2018-09-23 03:54 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2018-11-23 20:55 - 2018-09-23 03:54 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2018-11-23 20:55 - 2018-09-23 03:54 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2018-11-23 20:55 - 2018-09-23 03:54 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2018-11-23 20:55 - 2018-09-23 03:37 - 001549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2018-11-23 20:55 - 2018-09-23 03:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2018-11-23 20:55 - 2018-09-23 03:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2018-11-23 20:55 - 2018-09-23 03:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2018-11-23 20:55 - 2018-09-23 03:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2018-11-23 20:55 - 2018-09-23 03:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2018-11-23 20:55 - 2018-09-23 03:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2018-11-23 20:55 - 2018-09-23 03:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2018-11-23 20:55 - 2018-09-23 03:34 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2018-11-23 20:55 - 2018-09-23 03:34 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2018-11-23 20:55 - 2018-09-23 03:33 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2018-11-23 20:55 - 2018-09-23 03:22 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2018-11-23 20:55 - 2018-09-23 03:22 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2018-11-23 20:55 - 2018-09-23 03:21 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2018-11-23 20:55 - 2018-09-23 03:21 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2018-11-23 20:55 - 2018-08-28 04:48 - 000419608 _____ C:\Windows\SysWOW64\locale.nls
2018-11-23 20:55 - 2018-08-28 04:48 - 000419608 _____ C:\Windows\system32\locale.nls

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2018-12-20 13:58 - 2017-11-21 19:09 - 000000000 ____D C:\ProgramData\NVIDIA
2018-12-20 13:57 - 2017-11-21 19:20 - 000000000 ____D C:\Users\Misiek\AppData\LocalLow\Mozilla
2018-12-20 13:56 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-12-20 13:21 - 2009-07-14 05:45 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-12-20 13:21 - 2009-07-14 05:45 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-12-20 13:20 - 2009-07-14 18:55 - 000740098 _____ C:\Windows\system32\perfh015.dat
2018-12-20 13:20 - 2009-07-14 18:55 - 000155672 _____ C:\Windows\system32\perfc015.dat
2018-12-20 13:20 - 2009-07-14 06:13 - 001669190 _____ C:\Windows\system32\PerfStringBackup.INI
2018-12-20 13:20 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-12-20 13:15 - 2018-08-30 19:56 - 000038400 ___SH C:\Users\Misiek\Thumbs.db
2018-12-20 13:11 - 2018-08-06 20:13 - 000000000 ____D C:\Users\Misiek\AppData\LocalLow\Temp
2018-12-20 12:57 - 2017-12-07 21:44 - 000000000 ____D C:\Users\Misiek\AppData\Roaming\uTorrent
2018-12-18 19:46 - 2018-10-16 18:00 - 000000000 ____D C:\Users\Misiek\Downloads\Pillars.of.Eternity.II.Deadfire-2.0.0.0030.elamigos-games.com
2018-12-15 12:48 - 2017-11-21 19:20 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-12-15 12:48 - 2017-11-21 19:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-12-14 19:00 - 2017-11-21 19:09 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-12-13 16:26 - 2018-05-27 09:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-12-13 16:26 - 2017-11-21 19:08 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-12-13 15:56 - 2018-08-30 20:10 - 000001374 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-12-13 15:56 - 2018-05-27 09:28 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 15:56 - 2018-05-27 09:28 - 000003790 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 15:55 - 2018-05-27 09:28 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 15:55 - 2018-05-27 09:28 - 000003940 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 15:55 - 2018-05-27 09:28 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 15:55 - 2018-05-27 09:28 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 15:55 - 2018-05-27 09:28 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 15:55 - 2018-05-27 09:28 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 15:55 - 2018-05-27 09:28 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 15:55 - 2018-05-27 09:28 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 15:55 - 2018-05-27 09:28 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 15:55 - 2017-11-21 19:08 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-12-13 13:33 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2018-12-13 12:44 - 2009-07-14 05:45 - 000267360 _____ C:\Windows\system32\FNTCACHE.DAT
2018-12-12 22:14 - 2017-11-24 22:00 - 001640860 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-12-12 22:13 - 2017-11-21 19:30 - 000000000 ____D C:\Windows\system32\MRT
2018-12-12 22:12 - 2017-11-21 19:29 - 137260640 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-12-12 02:42 - 2017-11-09 04:33 - 036853968 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2018-12-12 02:42 - 2017-11-09 04:33 - 000505904 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2018-12-12 02:41 - 2017-11-09 04:32 - 004847200 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2018-12-11 11:56 - 2018-05-27 09:28 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2018-12-11 11:56 - 2017-11-21 19:08 - 000045453 _____ C:\Windows\system32\nvinfo.pb
2018-12-11 08:08 - 2017-11-21 19:09 - 005338320 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2018-12-11 08:08 - 2017-11-21 19:09 - 002620456 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2018-12-11 08:08 - 2017-11-21 19:09 - 001767920 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2018-12-11 08:08 - 2017-11-21 19:09 - 000651248 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2018-12-11 08:08 - 2017-11-21 19:09 - 000450600 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2018-12-11 08:08 - 2017-11-21 19:09 - 000124968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2018-12-11 08:08 - 2017-11-21 19:09 - 000082800 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2018-12-11 03:57 - 2017-11-21 19:09 - 008459772 _____ C:\Windows\system32\nvcoproc.bin
2018-12-10 23:04 - 2018-07-04 16:10 - 000592616 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2018-12-10 12:29 - 2017-11-21 19:09 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2018-12-08 14:38 - 2017-11-21 19:04 - 000000000 ____D C:\Users\Misiek\AppData\Local\VirtualStore
2018-12-07 19:06 - 2018-01-17 21:16 - 000000000 ____D C:\Users\Misiek\Documents\My Games
2018-12-07 19:00 - 2018-02-21 22:58 - 000000000 ____D C:\ProgramData\Package Cache
2018-12-07 18:57 - 2017-11-21 19:05 - 000000000 ____D C:\Windows\SysWOW64\directx
2018-12-07 17:49 - 2017-12-20 23:09 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-12-06 11:15 - 2018-05-27 09:28 - 002865136 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2018-12-06 11:15 - 2018-05-27 09:28 - 002265072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2018-12-06 11:15 - 2018-05-27 09:28 - 001323504 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2018-12-02 19:11 - 2018-01-20 00:15 - 000000000 ____D C:\ProgramData\Nero
2018-12-01 12:20 - 2017-11-21 19:07 - 000000000 ____D C:\Users\Misiek\Documents\The Witcher 3
2018-11-28 16:40 - 2018-01-20 12:30 - 000001309 _____ C:\Users\Misiek\Desktop\HOMM 3 WOG.lnk
2018-11-27 19:10 - 2018-05-27 09:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-11-27 19:10 - 2018-05-27 09:00 - 000000000 ____D C:\Program Files (x86)\Java
2018-11-27 19:09 - 2018-05-27 09:00 - 000098680 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2018-11-27 18:25 - 2018-05-27 09:29 - 000000000 ____D C:\Users\Misiek\AppData\Local\NVIDIA Corporation
2018-11-23 20:17 - 2017-12-20 22:00 - 000107896 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2018-11-23 20:17 - 2017-11-02 09:02 - 000143448 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2018-11-23 20:17 - 2017-10-09 16:49 - 000188832 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2018-11-23 20:17 - 2017-09-19 09:05 - 000109864 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys

==================== Bamital & volsnap ======================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo
C:\Windows\explorer.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\Windows\system32\services.exe => Plik podpisany cyfrowo
C:\Windows\system32\User32.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo

LastRegBack: 2018-12-15 17:13

==================== Koniec  FRST.txt ============================

[3ndurek 3584]

@@Fungeez, 

Brakuje logu Addition.txt.

Przed skanem zaznacz Addition.txt 

[Fungeez 0]

przepraszam już daję

 

Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 19.12.2018 01
Uruchomiony przez Misiek (20-12-2018 18:59:52)
Uruchomiony z C:\Users\Misiek\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2017-11-21 18:03:50)
Tryb startu: Normal
==========================================================


==================== Konta użytkowników: =============================

Administrator (S-1-5-21-2408824183-3484963206-3134108798-500 - Administrator - Disabled)
Gość (S-1-5-21-2408824183-3484963206-3134108798-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2408824183-3484963206-3134108798-1002 - Limited - Enabled)
Justynka (S-1-5-21-2408824183-3484963206-3134108798-1003 - Limited - Enabled) => C:\Users\Justynka
Misiek (S-1-5-21-2408824183-3484963206-3134108798-1000 - Administrator - Enabled) => C:\Users\Misiek

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

µTorrent (HKU\S-1-5-21-2408824183-3484963206-3134108798-1000\...\uTorrent) (Version: 3.5.4.44632 - BitTorrent Inc.)
Aktualizacje NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden
Audacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{D1844DC3-B378-47CC-AB40-7FC16C79A2CD}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.7.0.0333 - Disc Soft Ltd)
DiagnosticsHub_CollectionService (HKLM\...\{0CB7B447-4937-4945-B8C0-807A77B830D5}) (Version: 15.7.27520 - Microsoft Corporation) Hidden
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.35 - NVIDIA Corporation) Hidden
Entity Framework 6.2.0 Tools  for Visual Studio 2017 (HKLM-x32\...\{D58F95D9-65E0-4057-9008-1226B3516B76}) (Version: 6.2.61529.0 - Microsoft Corporation) Hidden
ESET Security (HKLM\...\{8B35CE46-1F7C-4B22-815E-AB6DC63EE3AB}) (Version: 11.0.149.0 - ESET, spol. s r.o.)
Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version:  - )
Genesis RX66 keyboard Driver (HKLM-x32\...\{68F65E0D-F894-4F5A-B9E9-F3CAB29FB59A}) (Version: 1.0 - Genesis)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Heroes of Might and Magic III - Złota Edycja (HKLM-x32\...\Heroes of Might and Magic III - Złota Edycja_is1) (Version:  - )
Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\1207661193_is1) (Version: 2.1.0.24 - GOG.com)
Heroes of Might and Magic V with Hammers of Fate (HKLM-x32\...\1207661143_is1) (Version: 2.1.0.22 - GOG.com)
icecap_collection_neutral (HKLM-x32\...\{12C1EC05-F936-4A80-821E-7AAC64C4E6FF}) (Version: 15.6.27413 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{C8E22DF4-5498-4B61-93CF-3081BE95A1BA}) (Version: 15.6.27413 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{848D4C75-1E6E-4FFF-BBB0-7A43FCAC316D}) (Version: 15.6.27406 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{F2B4BA7C-84B2-4CFB-8502-899D383B3659}) (Version: 15.6.27406 - Microsoft Corporation) Hidden
IntelliTraceProfilerProxy (HKLM-x32\...\{ACBAA378-519A-441D-9349-C0AAD8DEAD04}) (Version: 15.0.17289.01 - Microsoft Corporation) Hidden
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Mass Effect™: Andromeda (HKLM-x32\...\{72BBCA87-9350-48BC-9E2F-6DBC1E80C993}) (Version: 1.0.0.4 - Electronic Arts)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2017 (HKLM\...\{EE99006A-F227-41BA-884C-C3AF9642D95A}) (Version: 14.0.3006.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2017 (HKLM-x32\...\{FBD0D997-4E36-4B10-8471-BD7CF42ECE7F}) (Version: 14.0.3006.16 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{c46f54b7-7013-4588-baf9-208a096a972e}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.16.1252.717 - Microsoft Corporation)
Might & Magic Heroes VI - Shades of Darkness (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 2.1.1 - Ubisoft)
Mozilla Firefox 64.0 (x64 pl) (HKLM\...\Mozilla Firefox 64.0 (x64 pl)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation)
NVIDIA Oprogramowanie systemu PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
NVIDIA Sterownik 3D Vision 417.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 417.35 - NVIDIA Corporation)
NVIDIA Sterownik dźwięku HD 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 417.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 417.35 - NVIDIA Corporation)
NVIDIA Sterownik kontrolera 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
OCCT 4.5.1 (HKLM-x32\...\OCCT) (Version: 4.5.1 - Ocbase.com)
OnePlus USB Drivers 1.00 (HKLM-x32\...\OnePlus USB Drivers 1.00) (Version: 1.00 - OnePlus, Inc)
OpenIV (HKU\S-1-5-21-2408824183-3484963206-3134108798-1000\...\OpenIV) (Version: 2.9.2.932 - .black/OpenIV Team)
Pakiet sterowników systemu Windows - OnePlus, Inc. (WinUSB) AndroidUsbDeviceClass  (05/24/2012 6.0.0000.00000) (HKLM\...\59AFF6524BE5C0983F2711DEB8D25D511D4F4924) (Version: 05/24/2012 6.0.0000.00000 - OnePlus, Inc.)
Pakiet zbiorczy funkcji IntelliSense platformy Microsoft .NET Framework Cumulative Intellisense Pack dla programu Visual Studio (Polski) (HKLM-x32\...\{BCCDC1D3-999C-445B-826F-5B5548F19858}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
Panel sterowania NVIDIA 417.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 417.35 - NVIDIA Corporation) Hidden
Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 3.7.0.1280 - GOG.com)
Pillars of Eternity Preorder Item and Pet (HKLM-x32\...\1207666843_is1) (Version: 3.7.0.1280 - GOG.com)
Pillars of Eternity: Deadfire Pack (HKLM-x32\...\1577585691_is1) (Version: 3.7.0.1280 - GOG.com)
Pillars of Eternity: The White March - Part 1 (HKLM-x32\...\1439895308_is1) (Version: 3.7.0.1280 - GOG.com)
Pillars of Eternity: The White March - Part 2 (HKLM-x32\...\1439897569_is1) (Version: 3.7.0.1280 - GOG.com)
Rapoo V100 Backlit Keyboard & Optical Mouse driver program v1.0 (HKLM-x32\...\{2436CA56-172A-444E-A5C2-0D814456AF8D}_is1) (Version:  - Rapoo, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8254 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
vcpp_crt.redist.clickonce (HKLM-x32\...\{828CB637-23AD-4B59-A4E4-649A2B91D995}) (Version: 14.14.26405 - Microsoft Corporation) Hidden
Visual Studio Community 2017 (HKLM-x32\...\8d791f92) (Version: 15.7.27703.2047 - Microsoft Corporation)
VS Immersive Activate Helper (HKLM-x32\...\{10948144-16FC-42B6-8DEA-5AC2428278DF}) (Version: 16.0.94.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{4D42BCAC-81DD-4450-8BDC-7FCC4C975D2F}) (Version: 16.0.94.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{C5D83E0F-12E7-4BA3-98E6-DAE0E73B5BF9}) (Version: 15.0.27205 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{A68D7884-F036-4A0D-AE1A-410E0311E135}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{91DDDFB5-1782-48C2-BA2A-8F4D9DE39D27}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{6A1ECF65-2CBF-4B33-9D4A-D1C0A0E5FE45}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{5DFEB1ED-29B8-44F0-8615-DE758242B0E2}) (Version: 15.7.27617 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{CEF65212-694E-4F0B-ADB5-17CE0C2AE213}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{B6600254-A9D1-4265-826B-28B0E28C1F37}) (Version: 15.7.27617 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{EF15DAFE-8E43-48E6-AE94-CBA196675318}) (Version: 15.7.27617 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{8EB2C670-04C2-482D-BACD-B4095E27FD39}) (Version: 15.6.27309 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{9B1DD088-CF09-46A1-8B42-18D231B19E39}) (Version: 15.7.27604 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{F5BCAD30-D22C-4B08-A581-1EBE3A35C6B1}) (Version: 15.7.27617 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{871BE104-8114-4C84-9809-D3F2DAB18E06}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{5779B6DD-604A-41CE-BC3D-9D4BDDA22AD2}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
WinRAR 5.50 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-12-13] (ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-09-13] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-09-13] (Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2017-12-15] (Disc Soft Ltd)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-12-13] (ESET)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2017-12-15] (Disc Soft Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-12-11] (NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-12-13] (ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-09-13] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-09-13] (Alexander Roshal)

==================== Zaplanowane zadania (filtrowane) =============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {158E910A-75CA-4CA5-8AC1-CB0E1C87F750} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {3E63FAE7-04CB-4BE0-A306-825CAD9AF2A7} - System32\Tasks\OptimizerTask => C:\Users\Misiek\AppData\Roaming\Prototype.PC\lcner.exe
Task: {53DB9CF1-D371-4585-AE4D-99DB4E49175E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-12-06] (NVIDIA Corporation)
Task: {62262615-165D-474E-AFF8-34F3FF7AC0A0} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation)
Task: {7DFA8280-A58B-4626-91EB-B5E12ED5559B} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {81DFB14E-043E-4535-8484-C8FB2DBEAEAF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation)
Task: {9165C92D-1E56-4606-8D33-6866AD7D0C16} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation)
Task: {C1B49FAD-5AAF-4FA4-843C-6D7724624691} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {E03F59AC-01C6-4AE4-A2F6-5A57D0DD5924} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-12-06] (NVIDIA Corporation)
Task: {E1FAEF09-074C-433E-8CAE-9A3EB51AE7EA} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-12-06] (NVIDIA Corporation)
Task: {EED2C657-9EE1-4BC8-B49B-E466F83AC2CF} - System32\Tasks\Misiek => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Misiek /t REG_SZ /d "cmd.exe /c start www.dipladoks.org"
Task: {F46B51E7-35FE-47FA-9E6C-DBAD069E1332} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {FEC6D549-E4DE-4796-9606-FA018318498E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation)

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)


==================== Skróty & WMI ========================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)


==================== Załadowane moduły (filtrowane) ==============

2018-05-27 09:28 - 2018-12-06 11:14 - 001315312 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-05-27 09:28 - 2018-12-06 11:14 - 001033200 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-11-27 18:33 - 2014-02-21 17:53 - 000042496 _____ () C:\Program Files (x86)\Rapoo\V100\V100Mouse\KBGetKey.dll

==================== Alternate Data Streams (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)


==================== Tryb awaryjny (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)


==================== Powiązania plików (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)


==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)


==================== Hosts - zawartość: ===============================

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Inne obszary ============================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKU\S-1-5-21-2408824183-3484963206-3134108798-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Misiek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Zapora systemu Windows [funkcja włączona]

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==

Załączenie wejścia w fixlist spowoduje jego usunięcie.


==================== Reguły Zapory systemu Windows (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [TCP Query User{F9A7BED7-9435-4AFB-BDA2-1874BE8852CC}E:\instalki\pakiet_sterowników\sdi_r1790.exe] => (Allow) E:\instalki\pakiet_sterowników\sdi_r1790.exe
FirewallRules: [uDP Query User{4DBAF45F-9808-4F53-8E77-50C3B8E4499A}E:\instalki\pakiet_sterowników\sdi_r1790.exe] => (Allow) E:\instalki\pakiet_sterowników\sdi_r1790.exe
FirewallRules: [{7B93109C-51BA-4C40-B4CF-6C967B85CFE2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0DE6B50C-5333-46D8-A798-C5B54A86E8FE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{BF45B589-51B1-4906-84CD-C72BEB220520}C:\users\misiek\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\misiek\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [uDP Query User{E5457F47-567C-448D-BA2A-0E023E19AB71}C:\users\misiek\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\misiek\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{F735955D-60EA-426C-9A54-2F3A17D4F77D}C:\users\misiek\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\misiek\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [uDP Query User{268DE8BF-241F-4715-8092-D74C308F2DF5}C:\users\misiek\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\misiek\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{FEBD550A-9792-418D-B92B-2C549F79AC3D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{77D584C6-F0AE-45AF-B0E2-F89FF73CE51E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4B94B269-0415-4528-A82D-1E4A75B1328A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{FD4304D0-15CA-4DB5-B601-52F12A44A821}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{86B15E08-FBDA-461D-A7CD-88A4D98B3B01}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
FirewallRules: [{A39B5B3B-E1A3-453C-89AB-9BF9652DB792}] => (Allow) E:\gry\HOMM 5\Might & Magic Heroes VI.exe
FirewallRules: [{FADBE224-14F8-434A-A460-4C7EF6AB5C68}] => (Allow) E:\gry\HOMM 5\Might & Magic Heroes VI.exe
FirewallRules: [{334CE40B-67A3-4740-9660-1BEF2D94E213}] => (Allow) E:\gry\HOMM 6\Might & Magic Heroes VI.exe
FirewallRules: [{EA9B06EA-9ABF-4B4C-9414-A05400D2E490}] => (Allow) E:\gry\HOMM 6\Might & Magic Heroes VI.exe
FirewallRules: [TCP Query User{CB4CD635-FE3C-41B5-84D9-0335A9546E5F}D:\instalki\pakiet_sterowników\sdi_x64_r1790.exe] => (Allow) D:\instalki\pakiet_sterowników\sdi_x64_r1790.exe
FirewallRules: [uDP Query User{8D1E1964-450B-42D4-BBD7-34623C791F36}D:\instalki\pakiet_sterowników\sdi_x64_r1790.exe] => (Allow) D:\instalki\pakiet_sterowników\sdi_x64_r1790.exe
FirewallRules: [TCP Query User{0E1E8985-743A-4524-9BAE-A9D6768EA640}E:\gry\grand theft auto v\gta5.exe] => (Allow) E:\gry\grand theft auto v\gta5.exe
FirewallRules: [uDP Query User{DDA0C2AD-18BB-4A51-B09C-29B31B418C34}E:\gry\grand theft auto v\gta5.exe] => (Allow) E:\gry\grand theft auto v\gta5.exe
FirewallRules: [{4B4688E9-BB8F-4133-8B75-66A2E9DF3C86}] => (Block) E:\gry\Grand Theft Auto V\GTA5.exe
FirewallRules: [TCP Query User{38F54D82-E612-449A-89E6-8F87B29996CF}E:\gry\grand theft auto v - kopia\gta5.exe] => (Allow) E:\gry\grand theft auto v - kopia\gta5.exe
FirewallRules: [uDP Query User{3462BC74-71B6-4148-8BB0-20156A0DDFBE}E:\gry\grand theft auto v - kopia\gta5.exe] => (Allow) E:\gry\grand theft auto v - kopia\gta5.exe
FirewallRules: [TCP Query User{60F69018-32C3-4DEC-873C-65DE37A587E8}E:\gry\grand theft auto v - kopia\gta5.exe] => (Allow) E:\gry\grand theft auto v - kopia\gta5.exe
FirewallRules: [uDP Query User{ECF5ABCD-ED17-465D-B7C8-7ED9374F7870}E:\gry\grand theft auto v - kopia\gta5.exe] => (Allow) E:\gry\grand theft auto v - kopia\gta5.exe
FirewallRules: [{8BFDD401-BD9A-41DE-9A47-EA5A4F2904D8}] => (Allow) E:\gry\Mass effect Andromeda\MassEffectAndromedaTrial.exe
FirewallRules: [{761E8CFF-81B2-4973-8616-62554656E528}] => (Allow) E:\gry\Mass effect Andromeda\MassEffectAndromedaTrial.exe
FirewallRules: [{6831EC4B-60A2-40BA-A400-29F648A3898F}] => (Allow) E:\gry\Mass effect Andromeda\MassEffectAndromeda.exe
FirewallRules: [{25F9F928-C29D-4A1D-8A07-6F8639280B97}] => (Allow) E:\gry\Mass effect Andromeda\MassEffectAndromeda.exe
FirewallRules: [TCP Query User{DF9BC727-45BC-4DBF-AC25-21A2F6582C5A}D:\instalki\pakiet_sterowników\sdi_x64_r1790.exe] => (Allow) D:\instalki\pakiet_sterowników\sdi_x64_r1790.exe
FirewallRules: [uDP Query User{5FCAE3B4-9DC1-4EBB-A09E-96CA7649F14F}D:\instalki\pakiet_sterowników\sdi_x64_r1790.exe] => (Allow) D:\instalki\pakiet_sterowników\sdi_x64_r1790.exe
FirewallRules: [{9980FBF6-F501-4D2B-B671-AF7C7C70404D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{49A98321-BA6A-42B8-AAA8-A7EA2798B81D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [TCP Query User{1687EB28-04E6-4035-91C1-2DB69205496D}C:\users\misiek\appdata\local\programs\sw-exporter\summoners war exporter.exe] => (Block) C:\users\misiek\appdata\local\programs\sw-exporter\summoners war exporter.exe
FirewallRules: [uDP Query User{1FD2DEA5-3579-4DCD-A0E4-464866704B9C}C:\users\misiek\appdata\local\programs\sw-exporter\summoners war exporter.exe] => (Block) C:\users\misiek\appdata\local\programs\sw-exporter\summoners war exporter.exe
FirewallRules: [{B803DD3F-53FE-4607-B785-28492AA8D719}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D9593C48-79CA-40A9-8B6B-9ED13A1397B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{30AFA52C-F9DD-435F-9457-7CF554517671}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0649EC82-875C-45F8-AD82-551A8799D50B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Punkty Przywracania systemu =========================

20-12-2018 15:10:21 Windows Update

==================== Wadliwe urządzenia w Menedżerze urządzeń =============

Name: Realtek 8185 Extensible 802.11b/g Wireless Device
Description: Realtek 8185 Extensible 802.11b/g Wireless Device
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp
Service: RTL85n64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Błędy w Dzienniku zdarzeń: =========================

Dziennik Aplikacja:
==================

Dziennik System:
=============
Error: (12/20/2018 06:56:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Nero BackItUp Scheduler 4.0 z powodu następującego błędu:
Nie można odnaleźć określonego pliku.

Error: (12/20/2018 06:56:39 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT)
Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się.

Ścieżka modułu: C:\Windows\system32\Rtlihvs.dll
Kod błędu: 126

Error: (12/20/2018 02:44:11 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika.

Error: (12/20/2018 01:56:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Nero BackItUp Scheduler 4.0 z powodu następującego błędu:
Nie można odnaleźć określonego pliku.

Error: (12/20/2018 01:56:50 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT)
Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się.

Ścieżka modułu: C:\Windows\system32\Rtlihvs.dll
Kod błędu: 126

Error: (12/20/2018 01:55:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Usługa udostępniania w sieci programu Windows Media Player niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (12/20/2018 01:55:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Disc Soft Lite Bus Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (12/20/2018 01:55:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa NVIDIA LocalSystem Container niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 6000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.


==================== Statystyki pamięci ===========================

Procesor: Intel® Core i5-2400 CPU @ 3.10GHz
Procent pamięci w użyciu: 18%
Całkowita pamięć fizyczna: 16349.92 MB
Dostępna pamięć fizyczna: 13363.15 MB
Całkowita pamięć wirtualna: 32697.98 MB
Dostępna pamięć wirtualna: 28852.33 MB

==================== Dyski ================================

Drive c: () (Fixed) (Total:403.53 GB) (Free:279.6 GB) NTFS
Drive d: () (Fixed) (Total:232.88 GB) (Free:60.56 GB) NTFS
Drive e: () (Fixed) (Total:527.88 GB) (Free:348.52 GB) NTFS

\\?\Volume{5b702bc7-cee5-11e7-9981-806e6f6e6963}\ (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Tablica partycji ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 0B020B02)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 3BB5A7C4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=403.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=527.9 GB) - (Type=07 NTFS)

==================== Koniec  Addition.txt ============================

[3ndurek 3584]

Uruchom FRST, naciśnij jednocześnie CTRL+Y, otworzy się notatnik - wklej do niego:

 

Task: {EED2C657-9EE1-4BC8-B49B-E466F83AC2CF} - System32\Tasks\Misiek => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Misiek /t REG_SZ /d "cmd.exe /c start www.dipladoks.org"

HKU\S-1-5-21-2408824183-3484963206-3134108798-1000\...\Run: [Misiek] => cmd.exe /c start www.dipladoks.org

HKU\S-1-5-21-2408824183-3484963206-3134108798-1000\...\MountPoints2: {27f9ed7f-e5c8-11e7-b80d-8c89a5526d09} - G:\OnePlus_setup.exe /s

HKU\S-1-5-21-2408824183-3484963206-3134108798-1000\...\MountPoints2: {27f9ede0-e5c8-11e7-b80d-8c89a5526d09} - H:\setup.exe

HKU\S-1-5-18\...\RunOnce: [sPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601

FF Plugin HKU\S-1-5-21-2408824183-3484963206-3134108798-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [brak pliku]

S3 AAErrorPort; C:\Users\Misiek\AppData\Local\Temp\ActiveAnticheat\aaerrport.exe [X] <==== UWAGA

S2 Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [X]

S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x64.sys [X]

S3 PRProt; \??\C:\Users\Misiek\AppData\Local\Temp\ActiveAnticheat\1223403\active64.sys [X] <==== UWAGA

S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]

S3 tsusbhub; system32\drivers\tsusbhub.sys [X]

S3 VGPU; System32\drivers\rdvgkmd.sys [X]

Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"}

EmptyTemp:

 

 

 

Naciśnij jednocześnie CTRL+S. W FRST kliknij na Fix (NAPRAW)

 

Daj znać czy pomogło.

[Fungeez 0]

3ndurek!!

Pomogło ;D wszystko wróciło do normy, dzięki!

[ryczek11 0]

Witam proszę o pomoc 

Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 20.12.2018

Uruchomiony przez kezcyR (20-12-2018 22:03:41)

Uruchomiony z C:\Users\kezcyR\Downloads

Windows 10 Pro Wersja 1803 17134.407 (X64) (2018-05-17 14:25:21)

Tryb startu: Normal

==========================================================

 

 

==================== Konta użytkowników: =============================

 

Administrator (S-1-5-21-3531603651-1163280169-3900036242-500 - Administrator - Disabled)

forza (S-1-5-21-3531603651-1163280169-3900036242-1004 - Limited - Disabled)

Gość (S-1-5-21-3531603651-1163280169-3900036242-501 - Limited - Disabled)

kezcyR (S-1-5-21-3531603651-1163280169-3900036242-1001 - Administrator - Enabled) => C:\Users\kezcyR

Konto domyślne (S-1-5-21-3531603651-1163280169-3900036242-503 - Limited - Disabled)

kriss (S-1-5-21-3531603651-1163280169-3900036242-1005 - Limited - Disabled)

kryni (S-1-5-21-3531603651-1163280169-3900036242-1003 - Limited - Disabled)

WDAGUtilityAccount (S-1-5-21-3531603651-1163280169-3900036242-504 - Limited - Disabled)

 

==================== Centrum zabezpieczeń ========================

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

 

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Pakiet Bezpieczeństwa UPC by F-Secure (Enabled - Up to date) {35BE5FA4-2DEA-00F8-DC55-FD8AF743F44F}

AS: Pakiet Bezpieczeństwa UPC by F-Secure (Disabled - Up to date) {8EDFBE40-0BD0-0F76-E6E5-C6F88CC4BEF2}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Zainstalowane programy ======================

 

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

 

µTorrent (HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\...\uTorrent) (Version: 3.5.4.44846 - BitTorrent Inc.)

Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.1.102.55 - Adobe Systems Incorporated)

AIMP (HKLM-x32\...\AIMP) (Version: v4.13.1895, 06.05.2017 - AIMP DevTeam)

Airytec Switch Off (HKLM\...\Airytec Switch Off) (Version: 3.5.1 - Airytec)

Aktualizacje NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden

AMD Ryzen Master (HKLM\...\{03213877-8001-4F2C-8917-26B127DE1540}) (Version: 1.0.1.0239 - Advanced Micro Devices, Inc.)

AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)

AORUS GRAPHICS ENGINE (HKLM-x32\...\AORUS GRAPHICS ENGINE_is1) (Version: 1.2.2 - GIGABYTE Technology Co.,Inc.)

Apple Application Support (32-bit) (HKLM-x32\...\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}) (Version: 6.5 - Apple Inc.)

Apple Application Support (64-bit) (HKLM\...\{C8087B7C-8496-45BE-92FB-91D31EB73969}) (Version: 6.5 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{64695C4A-C68F-46B5-A734-50EBF124A68E}) (Version: 11.3.3.4 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)

Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Advanced Micro Devices, Inc.) Hidden

Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)

Battlefield™ V (HKLM-x32\...\{e26b382f-e945-4f70-9318-121b683f1d61}) (Version: 1.0.59.30619 - Electronic Arts)

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)

Computer Security 17.215.129.0 (release) (HKLM-x32\...\{658FDBCA-B7A1-43E4-A849-9F0812473331}) (Version: 17.215.129.0 - F-Secure Corporation) Hidden

CopyTrans Control Center Uninstall Only (HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\...\CopyTrans Suite) (Version: 4.017 - WindSolutions)

CPUID CPU-Z 1.85 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.85 - CPUID, Inc.)

CPUID HWMonitor 1.38 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.38 - CPUID, Inc.)

Discord (HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)

DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.35 - NVIDIA Corporation) Hidden

Driver Booster 4.4 (HKLM-x32\...\Driver Booster_is1) (Version: 4.4.0 - IObit)

Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden

FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.58.64628 - Electronic Arts)

F-Secure Network CCF 100.0.0.0 (HKLM-x32\...\{670203BE-8801-4A41-8480-29B7EC37FC7D}) (Version: 100.0.0.0 - F-Secure Corporation) Hidden

F-Secure Ultralight 1.0.5438.0 (release) (cc0c4f981bd2f23d1e5e325af11ed0a0ecf2a348) (HKLM-x32\...\{C75644E8-5FB5-4B8F-8FD2-08CC5D7ECD87}) (Version: 1.0.5438.0 - F-Secure Corporation) Hidden

GameSessions Data Delivery x64 (HKLM\...\{6AC64924-363E-4CBD-BAD6-1CA9B6C1A4D4}) (Version: 1.28.455.0 - Tangentix Ltd)

GameSessions Runtime x64 (HKLM\...\{65DF8FB2-E3A4-4D88-9500-50B1013CFA9E}) (Version: 1.28.445.0 - Tangentix Ltd)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden

iTunes (HKLM\...\{1765C7A3-D52F-436A-A3F5-84C34A7F69D3}) (Version: 12.7.5.9 - Apple Inc.)

Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden

Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)

Logitech Gaming Software 8.92 (HKLM\...\Logitech Gaming Software) (Version: 8.92.67 - Logitech Inc.)

Microsoft OneDrive (HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)

NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden

NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation)

NVIDIA Oprogramowanie systemu PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)

NVIDIA Sterownik 3D Vision 417.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 417.35 - NVIDIA Corporation)

NVIDIA Sterownik dźwięku HD 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)

NVIDIA Sterownik graficzny 417.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 417.35 - NVIDIA Corporation)

NVIDIA Sterownik kontrolera 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)

OEM Application Profile (HKLM-x32\...\{D9559CE2-9C58-F414-43EA-F908FEA13BB8}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden

Online Safety 2.215.7452.4118 (HKLM-x32\...\{0DD64CD2-B23F-4A3D-A88D-EF6848A20167}) (Version: 2.215.7452.4118 - F-Secure Corporation) Hidden

Origin (HKLM-x32\...\Origin) (Version: 10.5.32.18460 - Electronic Arts, Inc.)

Pakiet Bezpieczeństwa UPC (HKLM-x32\...\{12CFC2FB-3ED2-45D8-94E4-7C20511A232C}) (Version: 3.15.612.0 - F-Secure Corporation) Hidden

Pakiet Bezpieczeństwa UPC (HKLM-x32\...\F-Secure ServiceEnabler 46267) (Version: 3.15.612.0 - F-Secure Corporation)

Panel sterowania NVIDIA 417.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 417.35 - NVIDIA Corporation) Hidden

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8228 - Realtek Semiconductor Corp.)

SHU (HKLM-x32\...\{DF11DD92-DBB8-4F3F-9564-A8BBDBE986F5}_is1) (Version: 1.0 - ScreenShu Software)

Shut Down-O-Matic (HKLM-x32\...\Shut Down-O-Matic) (Version:  - )

Spotify (HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\...\Spotify) (Version: 1.0.87.491.ge2a121fc - Spotify AB)

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH)

TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)

Total War: Warhammer 2 (HKLM-x32\...\Total War: Warhammer 2_is1) (Version:  - )

Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)

Uplay (HKLM-x32\...\Uplay) (Version: 43.1 - Ubisoft)

Vampyr (HKLM-x32\...\Vampyr_is1) (Version:  - )

WinRAR 5.50 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

 

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

 

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku

ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku

ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => D:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-05-31] (AIMP DevTeam)

ContextMenuHandlers1: [sAScanShlExt] -> {94243EC1-AEE5-4d44-A6CF-6407ED967FED} =>  -> Brak pliku

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2017-09-13] (Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2017-09-13] (Alexander Roshal)

ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => D:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-05-31] (AIMP DevTeam)

ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => D:\Program Files\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-07-15] (Advanced Micro Devices, Inc.)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-12-11] (NVIDIA Corporation)

ContextMenuHandlers6: [sAScanShlExt] -> {94243EC1-AEE5-4d44-A6CF-6407ED967FED} =>  -> Brak pliku

ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2017-09-13] (Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2017-09-13] (Alexander Roshal)

 

==================== Zaplanowane zadania (filtrowane) =============

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

 

Task: {166D7442-3620-4B5E-831F-320323B4673C} - Brak ścieżki do pliku

Task: {240DAD12-40A0-4FE5-A1A2-8DA7D5F67744} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)

Task: {244ABCCD-D530-4089-811D-3D4154D0CCFD} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd)

Task: {2DB8F87F-3DBE-4D7A-B81D-B94AB477CF48} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-12-06] (NVIDIA Corporation)

Task: {587013D2-DB02-41E4-9E49-2220A8825442} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-20] (Google Inc.)

Task: {5E34A4F3-8216-4CA7-97FA-1A88E05C7EE3} - System32\Tasks\kezcyR => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v kezcyR /t REG_SZ /d "explorer.exe hxxp://dipladoks.org" <==== UWAGA

Task: {63E036F6-7D0F-48A9-9AD9-18516263414A} - System32\Tasks\S-1-5-21-3531603651-1163280169-3900036242-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-12] (Microsoft Corporation)

Task: {6578D829-9D2D-4697-AE93-A7735A0709E8} - System32\Tasks\Driver Booster SkipUAC (kezcyR) => D:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe [2017-05-03] (IObit)

Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()

Task: {6733CBBC-4160-4C75-A784-83966DBCDDA4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-12-06] (NVIDIA Corporation)

Task: {70C7E0DF-1AD9-42D2-8405-035D427E7AD5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation)

Task: {749AF653-BA91-4D7D-BDA5-50B28550E241} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\RadeonInstaller.exe [2017-04-02] (Advanced Micro Devices, Inc.)

Task: {754EDE74-7DBA-4A83-BEF7-E14DB898D9F4} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-12-16] (AVG Technologies CZ, s.r.o.)

Task: {77AEADF1-52DB-4A4E-A08B-C7837F16318C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-12-06] (NVIDIA Corporation)

Task: {79C3CAEB-CA9F-4799-9669-669B99263470} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)

Task: {8B64FADF-8CBC-4F3E-8DC0-CD37FD1361DC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-12] (Microsoft Corporation)

Task: {9D2F171C-1F7D-4E06-8CEA-3006CE49D612} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-12] (Microsoft Corporation)

Task: {A43C4E9A-43A9-44F8-AA58-5524D2444B88} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation)

Task: {A664A459-74EB-47AB-800B-A9C93719D16C} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)

Task: {B55A25C5-6A4E-4261-B841-F994E4EC4E4D} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)

Task: {C1454BF7-F934-4334-A09E-9A23DAD865D0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-12] (Microsoft Corporation)

Task: {C853577C-7E86-42D6-B92D-4FAFAFCF5923} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-20] (Google Inc.)

Task: {D56BFDAD-1E60-4A88-AEDB-09A236DB7328} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-12] (Microsoft Corporation)

Task: {E5EC5E82-9C8F-45F9-B82F-463D5204F60C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation)

Task: {EF7C4459-2E5D-42F3-9FC0-CBB8A4617122} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation)

Task: {FCD8B280-F552-4261-84B8-6C8A26F35A2E} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)

 

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)

 

 

==================== Skróty & WMI ========================

 

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)

 

 

ShortcutWithArgument: C:\Users\kezcyR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Sticky Notes.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=nbjdhgkkhefpifbifjiflpaajchdkhpg

 

==================== Załadowane moduły (filtrowane) ==============

 

2018-12-13 16:09 - 2018-12-13 16:09 - 000418784 _____ () C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\daas2_x64.dll

2018-03-16 14:19 - 2018-03-16 14:19 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2018-05-15 17:58 - 2018-05-15 17:58 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2017-05-20 15:27 - 2018-12-06 11:14 - 001315312 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll

2018-12-13 16:09 - 2018-12-13 16:09 - 000319968 _____ () C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\senddump_fshoster_plugin64.dll

2017-06-10 14:50 - 2017-06-15 19:07 - 000076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe

2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll

2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll

2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll

2018-11-19 19:13 - 2018-11-01 07:55 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2018-05-22 21:09 - 2018-05-22 21:09 - 000088888 _____ () D:\Program Files\iTunes\zlib1.dll

2018-05-22 21:08 - 2018-05-22 21:08 - 001356088 _____ () D:\Program Files\iTunes\libxml2.dll

2018-12-14 15:50 - 2018-12-12 06:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll

2018-12-14 15:50 - 2018-12-12 06:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll

2017-05-20 15:27 - 2018-12-06 11:14 - 001033200 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

 

==================== Alternate Data Streams (filtrowane) =========

 

(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)

 

 

==================== Tryb awaryjny (filtrowane) ===================

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)

 

 

==================== Powiązania plików (filtrowane) ===============

 

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)

 

 

==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)

 

 

==================== Hosts - zawartość: ===============================

 

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

 

2018-06-09 16:58 - 2018-12-20 20:32 - 000000355 _____ C:\WINDOWS\system32\Drivers\etc\hosts

 

127.0.0.1 localhost

 

==================== Inne obszary ============================

 

(Obecnie brak automatycznej naprawy dla tej sekcji.)

 

HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\kezcyR\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\IMG_0202.HEIC — kopia.JPEG

DNS Servers: 192.168.55.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )

Zapora systemu Windows [funkcja włączona]

 

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==

 

Załączenie wejścia w fixlist spowoduje jego usunięcie.

 

HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\...\StartupApproved\Run: => "OneDrive"

HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\...\StartupApproved\Run: => "Spotify"

HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\...\StartupApproved\Run: => "MouseServer"

 

==================== Reguły Zapory systemu Windows (filtrowane) ===============

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

 

FirewallRules: [{74A067BE-D81A-4FBA-9698-27719D60CD2F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{ED8DFC8E-552B-4E49-8637-80F9C124822C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{64B86992-BE4B-4B05-8DE5-AAA6E58EFA33}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{191494B7-FA6E-4F6D-B6C0-12B2E62C8063}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{3E532078-F1A5-4FD9-83C3-9CB2F3715AF2}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

FirewallRules: [uDP Query User{FC1996C7-4874-47A6-9BAB-1D1DF21E39B7}C:\users\kezcyr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kezcyr\appdata\roaming\spotify\spotify.exe

FirewallRules: [TCP Query User{B49D1ADE-E67B-4751-A08A-9B6B12F3C3DD}C:\users\kezcyr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kezcyr\appdata\roaming\spotify\spotify.exe

FirewallRules: [{7BAE9583-BD24-4C59-ADD3-C7A3EF5E77B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{CCC0CCED-7B33-4876-8406-65D7E5E588B5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{B0B6B94C-6890-4B2F-BD5C-D73CACA5CC01}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{7B0B9012-7A0A-4BC1-B1DF-FEA1728A3470}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{4F6B6D69-2FD0-4AAD-8691-0E4DFF2AA039}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{388AEFDB-2566-44EC-B872-5ABD9E3767C8}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [TCP Query User{DB703EAD-6D97-4496-86C3-99E3BE1F17C8}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe

FirewallRules: [uDP Query User{74C127FE-533B-4A75-97CC-8250E736763E}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe

FirewallRules: [{7B10C6E2-3C4E-4037-86F3-347AB14F668B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe

FirewallRules: [{E19DA4C3-C61E-47D5-B015-5783057C2CEF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe

FirewallRules: [{44F3F610-191B-4EC5-8C1B-02871F96AF9E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe

FirewallRules: [{2AAAFF60-BBF8-4871-B4EB-E882DCA3A5E6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe

FirewallRules: [{C3EA99A0-936F-4475-9A82-0DBE7BEF4778}] => (Allow) d:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe

FirewallRules: [{EBED67C9-430E-40A1-A9D8-9260E2E3B645}] => (Allow) d:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe

FirewallRules: [{04C673ED-6F71-43F9-A108-04FD28CE5676}] => (Allow) d:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe

FirewallRules: [{1EFA7CAF-CAEF-44CC-9B16-093580FBBA6C}] => (Allow) d:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe

FirewallRules: [{9D9D0B8C-B1C5-470E-8B38-BA7D703D91D5}] => (Allow) d:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe

FirewallRules: [{2513F7D4-F662-4FF5-B8A1-7C2C86A2D7B0}] => (Allow) d:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe

FirewallRules: [{7D5BBFD3-E5A7-4252-AA22-AA1F56E9483B}] => (Allow) C:\Program Files\Tangentix\DDRuntime\GSLauncher.exe

FirewallRules: [{06F86E82-D227-4CCF-ABAC-438812982FE6}] => (Allow) LPort=8733

FirewallRules: [{EFD6D0E7-C5F3-4323-A006-01E9F9B585CB}] => (Allow) C:\Users\kezcyR\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{E48824D5-A94A-416B-A90B-31FCA8B143B0}] => (Allow) C:\Users\kezcyR\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [TCP Query User{55F0C125-E9B1-49D9-86BF-D5D653FD1348}C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe] => (Allow) C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe

FirewallRules: [uDP Query User{2A3E2BD2-440C-49A3-A3D6-3F162E3DC510}C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe] => (Allow) C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe

FirewallRules: [{241F368D-D107-4C2B-AB8D-99DA7C7A48F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{3E297CC8-E522-4F75-A1CD-FB1A3584C8FD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{E1558A0D-2ABB-4B0C-B7D8-DAE68B809288}] => (Allow) D:\Program Files\iTunes\iTunes.exe

FirewallRules: [TCP Query User{5A8CD81A-1FF3-4683-81D2-9E7FB4443E40}C:\gry\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\gry\steamapps\common\total war rome ii\rome2.exe

FirewallRules: [uDP Query User{440496D7-5776-44B2-BEF0-E617F42CEF65}C:\gry\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\gry\steamapps\common\total war rome ii\rome2.exe

FirewallRules: [{8ED352F9-1733-4101-BE4A-856960650B02}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\medieval2.exe

FirewallRules: [{41F166C3-512F-42ED-8F03-E1A9D1E5B544}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\medieval2.exe

FirewallRules: [TCP Query User{7D889E8E-709A-4731-AF0C-96E5CB0773FA}D:\games\total war - warhammer 2\warhammer2.exe] => (Allow) D:\games\total war - warhammer 2\warhammer2.exe

FirewallRules: [uDP Query User{230A4F86-C14D-42A6-AF48-8C67242212FD}D:\games\total war - warhammer 2\warhammer2.exe] => (Allow) D:\games\total war - warhammer 2\warhammer2.exe

FirewallRules: [{1724613A-A7F1-40D0-B059-0549B3122AED}] => (Allow) G:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

FirewallRules: [{0CCE9025-131C-4BE7-89FD-6733B9467C0F}] => (Allow) G:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

FirewallRules: [TCP Query User{E9CF9C94-12F2-49DC-ADA3-03886CEA30F2}G:\program files (x86)\origin games\fifa 19\fifa19.exe] => (Allow) G:\program files (x86)\origin games\fifa 19\fifa19.exe

FirewallRules: [uDP Query User{AE278957-1DCA-4B49-9DC8-C1670DF7028B}G:\program files (x86)\origin games\fifa 19\fifa19.exe] => (Allow) G:\program files (x86)\origin games\fifa 19\fifa19.exe

FirewallRules: [{5ED90CA1-4154-43B5-BF97-BB22FE92B477}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe

FirewallRules: [{905CFB8B-A8EC-470B-9C41-F4A47857FC45}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe

FirewallRules: [{19C908CB-46B8-4E61-9106-C702403708C2}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe

FirewallRules: [{478FA6F9-11D3-4625-8813-B7E22603F270}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe

FirewallRules: [{FAE962AF-CD96-47E5-9244-0F85411B2511}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Call of Duty - Infinite Warfare\iw7_ship.exe

FirewallRules: [{1B3E4509-8ADA-436B-A255-DA4C1C5A7256}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Call of Duty - Infinite Warfare\iw7_ship.exe

FirewallRules: [{1EB7F4CE-751E-475A-BD0A-CAB5216D8861}] => (Allow) C:\Gry\steamapps\common\Total War Rome II\launcher\launcher.exe

FirewallRules: [{3D8D2882-5388-4BA5-9222-AF0AF8FB930F}] => (Allow) C:\Gry\steamapps\common\Total War Rome II\launcher\launcher.exe

FirewallRules: [{540A57B4-B6B5-4D80-AE84-E3F1AA5A2D6A}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield V\bfvTrial.exe

FirewallRules: [{F9D2F0CC-47D5-47F2-8D3B-53613CCE50F7}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield V\bfvTrial.exe

FirewallRules: [{BADDD5A5-6BF7-4C1E-9F16-2A9EEB76390F}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield V\bfv.exe

FirewallRules: [{D8984A56-BA86-48A5-BF8C-636D7A09DD48}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield V\bfv.exe

FirewallRules: [{94CFFA55-C99F-4B16-B09B-A3180F2B7C9F}] => (Allow) G:\Program Files (x86)\Origin Games\FIFA 19\FIFASetup\fifaconfig.exe

FirewallRules: [{4F7B364A-3FC0-4273-B050-28F1CA6D303D}] => (Allow) G:\Program Files (x86)\Origin Games\FIFA 19\FIFASetup\fifaconfig.exe

FirewallRules: [TCP Query User{4CF30755-6C2D-44CC-B43B-053066268F6C}G:\program files (x86)\origin games\battlefield 1\bf1.exe] => (Block) G:\program files (x86)\origin games\battlefield 1\bf1.exe

FirewallRules: [uDP Query User{932E7ADF-647D-4DFB-ADF9-71CF6801F283}G:\program files (x86)\origin games\battlefield 1\bf1.exe] => (Block) G:\program files (x86)\origin games\battlefield 1\bf1.exe

FirewallRules: [{03C4153B-6FFB-4298-BC4E-F3EE4EE51368}] => (Allow) C:\Gry\steamapps\common\Total War Rome II\launcher\launcher.exe

FirewallRules: [{14C6936F-599B-4005-9D43-57FBFAA3B779}] => (Allow) C:\Gry\steamapps\common\Total War Rome II\launcher\launcher.exe

FirewallRules: [{4D30C7F8-31A4-4CC7-ABB6-52A1FA702BE0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{7BD262D6-EF0C-4C0E-BAD9-1D01A1E237E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{879A4845-0F3B-4275-AD09-39CB194FAC43}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{693F5FD6-3815-4666-9A52-905BE450CF61}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [TCP Query User{6ED39FFC-48ED-47D8-B4DE-EBDF5189A925}C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe] => (Allow) C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe

FirewallRules: [uDP Query User{100DC78B-D577-4500-97F5-9972F44D7208}C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe] => (Allow) C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe

FirewallRules: [{5EE45D80-3C0C-43F6-9957-50AA04A5CF17}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield V\bfvTrial.exe

FirewallRules: [{EFE540AE-CCFE-4962-922E-DD02294458DC}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield V\bfvTrial.exe

FirewallRules: [{AF53DCF3-D6A2-45B5-BB94-AE6F6BE7E52F}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield V\bfv.exe

FirewallRules: [{13B404D3-89F7-4CA5-9218-304333125855}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield V\bfv.exe

FirewallRules: [{355B67F2-EC7D-475E-A704-BE6314354944}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [TCP Query User{56EA1B73-EB40-4190-AA88-E6892E09ABFE}C:\gry\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\gry\steamapps\common\total war rome ii\rome2.exe

FirewallRules: [uDP Query User{1DE743F4-349C-41B8-BA20-C0362FB9D9A9}C:\gry\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\gry\steamapps\common\total war rome ii\rome2.exe

FirewallRules: [TCP Query User{7EB65AA4-4249-4FF2-8CFF-2D21A84969BA}G:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe] => (Allow) G:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe

FirewallRules: [uDP Query User{29D488B0-1F80-4FB2-9656-ED9CC78FFFA0}G:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe] => (Allow) G:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe

 

==================== Punkty Przywracania systemu =========================

 

04-12-2018 18:24:15 Instalator modułów systemu Windows

05-12-2018 19:51:14 Instalator modułów systemu Windows

07-12-2018 16:30:10 Instalator modułów systemu Windows

09-12-2018 12:15:24 Instalator modułów systemu Windows

10-12-2018 14:13:34 Instalator modułów systemu Windows

11-12-2018 16:58:01 Instalator modułów systemu Windows

19-12-2018 17:54:18 Zaplanowany punkt kontrolny

20-12-2018 21:32:03 Operacja przywracania

 

==================== Wadliwe urządzenia w Menedżerze urządzeń =============

 

 

==================== Błędy w Dzienniku zdarzeń: =========================

 

Dziennik Aplikacja:

==================

Error: (12/20/2018 09:44:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )

Description: Zainicjowanie bazy danych wykazu przez Usługi kryptograficzne nie powiodło się. Błąd ESENT: -550.

 

Error: (12/20/2018 09:42:59 PM) (Source: ESENT) (EventID: 455) (User: )

Description: svchost (3616,R,98) SRUJet: Wystąpił błąd -1811 (0xfffff8ed) podczas otwierania pliku dziennika C:\WINDOWS\system32\SRU\SRU033A0.log.

 

Error: (12/20/2018 09:26:12 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: DESKTOP-JTHHCR7)

Description: HRESULT:0x8004FF6F

Description:You don’t need to install Microsoft Security Essentials. Your version of Windows includes an updated version of Windows Defender that provides the same level of protection as Microsoft Security Essentials, along with other significant improvements.  <a>For more information on the differences and improvements, see online Help</a>. Error code:0x8004FF6F.

 

Error: (12/20/2018 09:22:01 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-JTHHCR7)

Description: httphttp-2147467263

 

Error: (12/20/2018 08:51:30 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-JTHHCR7)

Description: httphttp-2147467263

 

Error: (12/20/2018 08:38:06 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-JTHHCR7)

Description: httphttp-2147467263

 

Error: (12/20/2018 07:12:44 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-JTHHCR7)

Description: httphttp-2147467263

 

Error: (12/20/2018 07:11:33 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-JTHHCR7)

Description: httphttp-2147467263

 

 

Dziennik System:

=============

Error: (12/20/2018 10:02:12 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)

Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Uruchom do aplikacji serwera COM z identyfikatorem klasy CLSID 

Windows.SecurityCenter.WscBrokerManager

 i identyfikatorem aplikacji APPID 

Niedostępny

 użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.

 

Error: (12/20/2018 10:00:23 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-JTHHCR7)

Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID 

{D63B10C5-BB46-4990-A94F-E40B9D520160}

 i identyfikatorem aplikacji APPID 

{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}

 użytkownikowi DESKTOP-JTHHCR7\kezcyR o identyfikatorze zabezpieczeń SID (S-1-5-21-3531603651-1163280169-3900036242-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.

 

Error: (12/20/2018 10:00:07 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)

Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Uruchom do aplikacji serwera COM z identyfikatorem klasy CLSID 

Windows.SecurityCenter.WscDataProtection

 i identyfikatorem aplikacji APPID 

Niedostępny

 użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.

 

Error: (12/20/2018 09:59:55 PM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: ZARZĄDZANIE NT)

Description: A TCG Command has returned an error.

Desc: AuthenticateSession

Param1: 0x1

Param2: 0x60000001c

Param3: 0x900000006

Param4: 0x0

Status: 0x12

 

Error: (12/20/2018 09:59:20 PM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: ZARZĄDZANIE NT)

Description: A TCG Command has returned an error.

Desc: AuthenticateSession

Param1: 0x1

Param2: 0x60000001c

Param3: 0x900000006

Param4: 0x0

Status: 0x12

 

Error: (12/20/2018 09:50:53 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JTHHCR7)

Description: Serwer {D63B10C5-BB46-4990-A94F-E40B9D520160} nie zarejestrował się w modelu DCOM w wymaganym czasie.

 

Error: (12/20/2018 09:49:26 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)

Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Uruchom do aplikacji serwera COM z identyfikatorem klasy CLSID 

Windows.SecurityCenter.WscBrokerManager

 i identyfikatorem aplikacji APPID 

Niedostępny

 użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.

 

Error: (12/20/2018 09:47:22 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)

Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Uruchom do aplikacji serwera COM z identyfikatorem klasy CLSID 

Windows.SecurityCenter.WscDataProtection

 i identyfikatorem aplikacji APPID 

Niedostępny

 użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.

 

 

Windows Defender:

===================================

Date: 2018-12-20 20:56:15.307

Description: 

Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem.

Identyfikator skanowania: {33CC6477-9DE7-4ED5-8261-E4E9493063DB}

Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem

Parametry skanowania: Pełne skanowanie

Użytkownik: DESKTOP-JTHHCR7\kezcyR

 

Date: 2018-12-20 20:39:36.426

Description: 

Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.

Aby uzyskać więcej informacji, zobacz:

https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Zpevdo.A&threatid=2147727143&enterprise=0

Nazwa: Trojan:Win32/Zpevdo.A

Identyfikator: 2147727143

Ważność: Poważny

Kategoria: Koń trojański

Ścieżka: file:_C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\aquarius\1545332136\tmp000003e6\tmp00000f52

Pochodzenie wykrycia: Komputer lokalny

Typ wykrycia: FastPath

Źródło wykrycia: Ochrona w czasie rzeczywistym

Użytkownik: ZARZĄDZANIE NT\SYSTEM

Nazwa procesu: C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fshoster64.exe

Wersja podpisu: AV: 1.283.1068.0, AS: 1.283.1068.0, NIS: 1.283.1068.0

Wersja aparatu: AM: 1.1.15500.2, NIS: 1.1.15500.2

 

Date: 2018-12-20 18:39:12.774

Description: 

Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.

Aby uzyskać więcej informacji, zobacz:

https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Zpevdo.A&threatid=2147727143&enterprise=0

Nazwa: Trojan:Win32/Zpevdo.A

Identyfikator: 2147727143

Ważność: Poważny

Kategoria: Koń trojański

Ścieżka: file:_C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\aquarius\1545321875\tmp0000006e\tmp00000001

Pochodzenie wykrycia: Komputer lokalny

Typ wykrycia: FastPath

Źródło wykrycia: Ochrona w czasie rzeczywistym

Użytkownik: ZARZĄDZANIE NT\SYSTEM

Nazwa procesu: C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fshoster64.exe

Wersja podpisu: AV: 1.283.1068.0, AS: 1.283.1068.0, NIS: 1.283.1068.0

Wersja aparatu: AM: 1.1.15500.2, NIS: 1.1.15500.2

 

Date: 2018-12-20 04:51:30.974

Description: 

Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.

Aby uzyskać więcej informacji, zobacz:

https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Zpevdo.A&threatid=2147727143&enterprise=0

Nazwa: Trojan:Win32/Zpevdo.A

Identyfikator: 2147727143

Ważność: Poważny

Kategoria: Koń trojański

Ścieżka: file:_C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\aquarius\1545271960\tmp0000046c\tmp0000008c

Pochodzenie wykrycia: Komputer lokalny

Typ wykrycia: FastPath

Źródło wykrycia: Ochrona w czasie rzeczywistym

Użytkownik: ZARZĄDZANIE NT\SYSTEM

Nazwa procesu: C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fshoster64.exe

Wersja podpisu: AV: 1.283.981.0, AS: 1.283.981.0, NIS: 1.283.981.0

Wersja aparatu: AM: 1.1.15500.2, NIS: 1.1.15500.2

 

Date: 2018-12-19 22:56:34.506

Description: 

Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.

Aby uzyskać więcej informacji, zobacz:

https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Zpevdo.A&threatid=2147727143&enterprise=0

Nazwa: Trojan:Win32/Zpevdo.A

Identyfikator: 2147727143

Ważność: Poważny

Kategoria: Koń trojański

Ścieżka: file:_C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\aquarius\1545251087\tmp000002e4\tmp0000016b

Pochodzenie wykrycia: Komputer lokalny

Typ wykrycia: FastPath

Źródło wykrycia: Ochrona w czasie rzeczywistym

Użytkownik: ZARZĄDZANIE NT\SYSTEM

Nazwa procesu: C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fshoster64.exe

Wersja podpisu: AV: 1.283.981.0, AS: 1.283.981.0, NIS: 1.283.981.0

Wersja aparatu: AM: 1.1.15500.2, NIS: 1.1.15500.2

 

Date: 2018-12-20 22:00:06.583

Description: 

Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby załadowania podpisów i podejmie próbę powrotu do znanego zestawu dobrych podpisów.

Podpisy objęte próbą: Bieżące

Kod błędu: 0x80070003

Opis błędu: System nie może odnaleźć określonej ścieżki. 

Wersja podpisu: 0.0.0.0;0.0.0.0

Wersja aparatu: 0.0.0.0

 

Date: 2018-12-20 21:43:05.213

Description: 

Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby załadowania podpisów i podejmie próbę powrotu do znanego zestawu dobrych podpisów.

Podpisy objęte próbą: Bieżące

Kod błędu: 0x80070003

Opis błędu: System nie może odnaleźć określonej ścieżki. 

Wersja podpisu: 0.0.0.0;0.0.0.0

Wersja aparatu: 0.0.0.0

 

Date: 2018-12-17 22:56:50.760

Description: 

Agent ochrony w czasie rzeczywistym produktu Program antywirusowy Windows Defender wykrył błąd i jego uruchomienie nie powiodło się.

Funkcja: Monitorowanie zachowania

Kod błędu: 0x80508023

Opis błędu: Program nie znalazł na tym urządzeniu złośliwego oprogramowania ani innego potencjalnie niechcianego oprogramowania. 

Przyczyna: Ochrona przed złośliwym kodem przestała działać z nieznanej przyczyny. W niektórych przypadkach problem można rozwiązać, uruchamiając ponownie usługę.

 

Date: 2018-12-10 12:45:20.326

Description: 

Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby aktualizacji podpisów.

Nowa wersja podpisu: 

Poprzednia wersja podpisu: 1.281.1199.0

Źródło aktualizacji: Centrum firmy Microsoft ds. ochrony przed złośliwym oprogramowaniem

Typ podpisu: Oprogramowanie antywirusowe

Typ aktualizacji: Pełne

Użytkownik: ZARZĄDZANIE NT\USŁUGA SIECIOWA

Bieżąca wersja aparatu: 

Poprzednia wersja aparatu: 1.1.15400.5

Kod błędu: 0x80072ee7

Opis błędu: Nie można określić nazwy serwera lub adresu. 

 

Date: 2018-12-10 12:45:20.326

Description: 

Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby aktualizacji podpisów.

Nowa wersja podpisu: 

Poprzednia wersja podpisu: 1.281.1199.0

Źródło aktualizacji: Centrum firmy Microsoft ds. ochrony przed złośliwym oprogramowaniem

Typ podpisu: Oprogramowanie antyszpiegowskie

Typ aktualizacji: Pełne

Użytkownik: ZARZĄDZANIE NT\USŁUGA SIECIOWA

Bieżąca wersja aparatu: 

Poprzednia wersja aparatu: 1.1.15400.5

Kod błędu: 0x80072ee7

Opis błędu: Nie można określić nazwy serwera lub adresu. 

 

CodeIntegrity:

===================================

 

Date: 2018-12-20 21:21:00.043

Description: 

Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fshook64.dll that did not meet the Microsoft signing level requirements.

 

Date: 2018-12-07 22:24:21.741

Description: 

Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1542633654\fshook64.dll that did not meet the Microsoft signing level requirements.

 

Date: 2018-12-06 20:55:11.212

Description: 

Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1542633654\fshook64.dll that did not meet the Microsoft signing level requirements.

 

Date: 2018-12-03 21:20:04.001

Description: 

Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1542633654\fshook64.dll that did not meet the Microsoft signing level requirements.

 

Date: 2018-12-03 16:03:48.333

Description: 

Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1542633654\fshook64.dll that did not meet the Microsoft signing level requirements.

 

Date: 2018-11-09 23:33:09.464

Description: 

Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1541671335\fshook64.dll that did not meet the Microsoft signing level requirements.

 

Date: 2018-09-09 13:07:39.548

Description: 

Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1530012511\fshook64.dll that did not meet the Microsoft signing level requirements.

 

Date: 2018-09-06 22:02:00.253

Description: 

Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1530012511\fshook64.dll that did not meet the Microsoft signing level requirements.

 

==================== Statystyki pamięci =========================== 

 

Procesor: AMD Ryzen 5 1600 Six-Core Processor 

Procent pamięci w użyciu: 23%

Całkowita pamięć fizyczna: 16334.97 MB

Dostępna pamięć fizyczna: 12420.9 MB

Całkowita pamięć wirtualna: 18247.97 MB

Dostępna pamięć wirtualna: 12879.57 MB

 

==================== Dyski ================================

 

Drive c: () (Fixed) (Total:255.62 GB) (Free:99.28 GB) NTFS

Drive d: (Nowy) (Fixed) (Total:195.31 GB) (Free:156.04 GB) NTFS

Drive g: (Nowy) (Fixed) (Total:736.2 GB) (Free:404.96 GB) NTFS

 

\\?\Volume{af2fd9bf-94c3-4bde-8d43-a635a1086cd5}\ (Odzyskiwanie) (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS

\\?\Volume{d9e2c7a0-7968-4a62-9454-a54d05cb533d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

 

==================== MBR & Tablica partycji ==================

 

========================================================

Disk: 0 (Protective MBR) (Size: 256.2 GB) (Disk ID: 00000000)

 

Partition: GPT.

 

========================================================

Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

 

Partition: GPT.

 

==================== Koniec  Addition.txt ============================

Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 20.12.2018

Uruchomiony przez kezcyR (administrator)  DESKTOP-JTHHCR7 (20-12-2018 22:03:14)

Uruchomiony z C:\Users\kezcyR\Downloads

Załadowane profile: kezcyR (Dostępne profile: kezcyR)

Platform: Windows 10 Pro Wersja 1803 17134.407 (X64) Język: Polski (Polska)

Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome)

Tryb startu: Normal

Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

 

==================== Procesy (filtrowane) =================

 

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

 

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(F-Secure Corporation) C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fsorsp64.exe

(F-Secure Corporation) C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\fshoster32.exe

(F-Secure Corporation) C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\fshoster32.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

(F-Secure Corporation) C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fsulprothoster.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe

(F-Secure Corporation) C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fshoster64.exe

(F-Secure Corporation) C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fshoster64.exe

(Advanced Micro Devices, Inc.) D:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe

(Electronic Arts) G:\Program Files (x86)\Origin\OriginWebHelperService.exe

(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

(Microsoft Corporation) C:\Windows\System32\wbengine.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(F-Secure Corporation) C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\fshoster32.exe

(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe

(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe

(F-Secure Corporation) C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\nif\1545052401\fs_ols_ca.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe

(Apple Inc.) D:\Program Files\iTunes\iTunesHelper.exe

(BitTorrent Inc.) C:\Users\kezcyR\AppData\Roaming\uTorrent\uTorrent.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(BitTorrent Inc.) C:\Users\kezcyR\AppData\Roaming\uTorrent\updates\3.5.4_44846\utorrentie.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(BitTorrent Inc.) C:\Users\kezcyR\AppData\Roaming\uTorrent\updates\3.5.4_44846\utorrentie.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

==================== Rejestr (filtrowane) ===========================

 

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

 

HKLM\...\Run: [securityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17494136 2017-04-06] (Logitech Inc.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-08-10] (Realtek Semiconductor)

HKLM\...\Run: [iTunesHelper] => D:\Program Files\iTunes\iTunesHelper.exe [298296 2018-05-22] (Apple Inc.)

HKLM-x32\...\Run: [startCCC] => D:\Program Files\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-15] (Advanced Micro Devices, Inc.)

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== UWAGA

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA

HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)

HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)

HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\...\Run: [CCleaner Monitoring] => D:\Program Files\CCleaner\CCleaner64.exe [9856176 2017-09-20] (Piriform Ltd)

HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\...\Run: [spotify] => C:\Users\kezcyR\AppData\Roaming\Spotify\Spotify.exe [24528272 2018-08-09] (Spotify Ltd)

HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\...\Run: [uTorrent] => C:\Users\kezcyR\AppData\Roaming\uTorrent\uTorrent.exe [1738936 2018-12-10] (BitTorrent Inc.)

HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\...\Run: [kezcyR] => explorer.exe hxxp://dipladoks.org <==== UWAGA

HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\system32\ficvdec_x64.dll [652288 2013-05-28] ()

HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\SysWOW64\tsccvid64.dll [630272 2014-11-11] (TechSmith Corporation)

HKLM\...\Drivers32: [vidc.tsc2] => C:\Windows\SysWOW64\tsc2_codec64.dll [270848 2014-08-27] (TechSmith Corporation)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L)

HKLM\...\Drivers32-x32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [641024 2013-05-28] ()

HKLM\...\Drivers32-x32: [vidc.tscc] => C:\Windows\SysWOW64\tsccvid.dll [602624 2014-11-11] (TechSmith Corporation)

HKLM\...\Drivers32-x32: [vidc.tsc2] => C:\Windows\SysWOW64\tsc2_codec32.dll [234496 2014-08-27] (TechSmith Corporation)

HKLM\...\Drivers32-x32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L)

Startup: C:\Users\kezcyR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE AORUS GRAPHICS ENGINE.lnk [2017-11-19]

ShortcutTarget: GIGABYTE AORUS GRAPHICS ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\AORUS GRAPHICS ENGINE\autorun.exe ()

GroupPolicy: Ograniczenia ? <==== UWAGA

 

==================== Internet (filtrowane) ====================

 

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

 

Hosts: 127.0.0.1 localhost

Tcpip\Parameters: [DhcpNameServer] 192.168.55.1

Tcpip\..\Interfaces\{10a67035-a3d4-4956-bad6-f135de3f8741}: [DhcpNameServer] 192.168.55.1

 

Internet Explorer:

==================

HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://redtube.com/

BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\nif\1545052401\browser\install\fs_ie_https\fs_ie_https64.dll [2018-12-17] (F-Secure Corporation)

BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\nif\1545052401\browser\install\fs_ie_https\fs_ie_https.dll [2018-12-17] (F-Secure Corporation)

 

FireFox:

========

FF DefaultProfile: 5653h37p.default

FF ProfilePath: C:\Users\kezcyR\AppData\Roaming\Mozilla\Firefox\Profiles\5653h37p.default [2018-12-16]

FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\nif\1545052401\browser\install\fs_firefox_https\fs_firefox_https.xpi

FF Extension: (Browsing Protection by F-Secure) - C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\nif\1545052401\browser\install\fs_firefox_https\fs_firefox_https.xpi [2018-12-17]

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\nif\1545052401\browser\install\fs_firefox_https\fs_firefox_https.xpi

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll [2018-07-15] ()

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-12-11] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-12-11] (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)

StartMenuInternet: Firefox-3F5481D0F98F9607 - d:\Program Files (x86)\Mozilla Firefox\firefox.exe

 

Chrome: 

=======

CHR HomePage: Default -> hxxps://www.google.com/

CHR StartupUrls: Default -> "chrome://apps/","hxxps://www.google.com/","hxxps://www.google.com/","hxxp://www.gazeta.pl/0,0.html?p=190"

CHR Profile: C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default [2018-12-20]

CHR Extension: (Prezentacje) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]

CHR Extension: (HD for YouTube™) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjbfncbadcmnkopckegnmjgihagponf [2018-04-12]

CHR Extension: (Dokumenty) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]

CHR Extension: (Dysk Google) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]

CHR Extension: (YouTube) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-20]

CHR Extension: (Space & Patterns) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkdmjaboldkklmcomdamidplnfpnmmmd [2018-09-20]

CHR Extension: (Arkusze) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]

CHR Extension: (Word Online) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2017-05-20]

CHR Extension: (EditThisCookie) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2018-11-28]

CHR Extension: (Dokumenty Google offline) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-14]

CHR Extension: (AdBlock) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-11]

CHR Extension: (Browsing Protection by F-Secure) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2018-11-26]

CHR Extension: (Konwerter Wideo) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcjjnhgakghmggnimjkldjmmpabhnhne [2017-05-20]

CHR Extension: (Sticky Notes) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbjdhgkkhefpifbifjiflpaajchdkhpg [2017-05-20]

CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]

CHR Extension: (Ling.pl) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\phednmfiggicdnaopabobjickokgljlg [2017-05-20]

CHR Extension: (Gmail) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-20]

CHR Extension: (Chrome Media Router) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-20]

CHR Profile: C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\System Profile [2018-03-03]

CHR HKLM\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx

 

==================== Usługi (filtrowane) ====================

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

 

R2 AMD FUEL Service; D:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-07-15] (Advanced Micro Devices, Inc.) [brak podpisu cyfrowego]

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-04-27] (Apple Inc.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6893704 2018-06-28] ()

R2 fshoster; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\fshoster32.exe [213448 2018-10-05] (F-Secure Corporation)

R2 fsnethoster; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\fshoster32.exe [213448 2018-10-05] (F-Secure Corporation)

R2 fsulhoster; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fshoster64.exe [579560 2018-12-13] (F-Secure Corporation)

R2 fsulnethoster; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fshoster64.exe [579560 2018-12-13] (F-Secure Corporation)

R2 fsulorsp; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fsorsp64.exe [101320 2018-12-13] (F-Secure Corporation)

R2 fsulprothoster; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fsulprothoster.exe [579560 2018-12-13] (F-Secure Corporation)

S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [443872 2018-12-12] (Google Inc.)

R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-04-06] (Logitech Inc.)

R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation)

S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation)

S3 Origin Client Service; G:\Program Files (x86)\Origin\OriginClientService.exe [2270528 2018-12-04] (Electronic Arts)

R2 Origin Web Helper Service; G:\Program Files (x86)\Origin\OriginWebHelperService.exe [3131208 2018-12-04] (Electronic Arts)

R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2017-06-15] ()

S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation)

S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()

S2 SwOffScheduler; d:\Program Files\Airytec\Switch Off\swoff.exe [173056 2014-09-23] (Airytec) [brak podpisu cyfrowego]

S2 SwOffWeb; d:\Program Files\Airytec\Switch Off\swoff.exe [173056 2014-09-23] (Airytec) [brak podpisu cyfrowego]

S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-12] (Microsoft Corporation)

R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-12] (Microsoft Corporation)

R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 

R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

 

===================== Sterowniki (filtrowane) ======================

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

 

R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [34664 2018-07-15] (Advanced Micro Devices, Inc)

R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [33144 2018-04-09] (Advanced Micro Devices, Inc)

S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices, Inc. )

R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices)

R0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [137496 2018-09-12] (Advanced Micro Devices, Inc. )

R2 AMDRyzenMasterDriver1.0.0; C:\Program Files\AMD\RyzenMaster\bin\AMDRyzenMasterDriver.sys [70312 2017-03-27] (Advanced Micro Devices)

S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows ® Win 7 DDK provider)

R3 F-Secure Gatekeeper; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fsulgk.sys [252072 2018-12-13] (F-Secure Corporation)

R1 F-Secure UL HIPS; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fshs.sys [111040 2018-12-13] (F-Secure Corporation)

R0 fsbts; C:\WINDOWS\System32\drivers\fsbts.sys [65872 2018-08-07] ()

S0 fselms; C:\WINDOWS\System32\drivers\fselms.sys [15360 2018-09-10] (F-Secure Corporation)

R3 fsni; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\nif\1545052401\fsni64.sys [109616 2018-12-17] (F-Secure Corporation)

R3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [54552 2017-04-05] (Logitech Inc.)

R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)

R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-04-06] (Logitech Inc.)

R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_01c064f3d89f92be\nvlddmkm.sys [20424640 2018-12-12] (NVIDIA Corporation)

S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation)

R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation)

S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (QUALCOMM Incorporated)

R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1118648 2018-11-21] (Realtek )

S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46680 2018-12-12] (Microsoft Corporation)

R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [330936 2018-12-12] (Microsoft Corporation)

S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-12] (Microsoft Corporation)

U3 avgbdisk; Brak ImagePath

S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]

 

==================== NetSvcs (filtrowane) ===================

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

 

 

==================== Jeden miesiąc - utworzone pliki i foldery ========

 

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

 

2018-12-20 22:03 - 2018-12-20 22:03 - 000021400 _____ C:\Users\kezcyR\Downloads\FRST.txt

2018-12-20 22:03 - 2018-12-20 22:03 - 000000000 ____D C:\Users\kezcyR\Downloads\FRST-OlderVersion

2018-12-20 22:03 - 2018-12-20 22:03 - 000000000 ____D C:\FRST

2018-12-20 22:02 - 2018-12-20 22:03 - 002420224 _____ (Farbar) C:\Users\kezcyR\Downloads\FRST64.exe

2018-12-20 22:00 - 2018-12-20 22:00 - 000000000 ____D C:\Users\kezcyR\AppData\LocalLow\uTorrent

2018-12-20 21:26 - 2018-12-20 21:26 - 000002259 _____ C:\WINDOWS\epplauncher.mif

2018-12-20 21:25 - 2018-12-20 21:25 - 015087296 _____ (Microsoft Corporation) C:\Users\kezcyR\Downloads\MSEInstall.exe

2018-12-20 20:33 - 2018-12-20 20:35 - 000000000 ____D C:\AdwCleaner

2018-12-20 20:32 - 2018-12-20 20:33 - 007321808 _____ (Malwarebytes) C:\Users\kezcyR\Downloads\AdwCleaner.exe

2018-12-20 20:32 - 2018-12-20 20:32 - 000215280 _____ (AVG Technologies CZ, s.r.o.) C:\Users\kezcyR\Downloads\avg_antivirus_free_setup.exe

2018-12-19 22:44 - 2018-12-20 21:51 - 000000000 ____D C:\Users\kezcyR\AppData\Local\AVGame

2018-12-19 22:11 - 2018-12-20 21:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vampyr

2018-12-19 22:11 - 2018-12-19 22:51 - 000001042 _____ C:\Users\kezcyR\Desktop\Vampyr.lnk

2018-12-16 09:44 - 2018-12-20 21:58 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVG

2018-12-16 09:44 - 2018-12-20 21:58 - 000000000 ____D C:\Program Files\Common Files\AVG

2018-12-13 16:11 - 2018-12-20 21:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pakiet Bezpieczeństwa UPC

2018-12-12 21:59 - 2018-12-12 21:59 - 000000975 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk

2018-12-12 20:02 - 2018-12-11 08:32 - 000133616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe

2018-12-12 20:01 - 2018-12-20 21:58 - 000000000 ____D C:\WINDOWS\LastGood.Tmp

2018-12-12 20:00 - 2018-12-12 02:45 - 000978336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll

2018-12-12 20:00 - 2018-12-12 02:45 - 000978336 _____ C:\WINDOWS\system32\vulkan-1.dll

2018-12-12 20:00 - 2018-12-12 02:45 - 000845216 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll

2018-12-12 20:00 - 2018-12-12 02:45 - 000845216 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll

2018-12-12 20:00 - 2018-12-12 02:45 - 000552248 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll

2018-12-12 20:00 - 2018-12-12 02:45 - 000457016 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll

2018-12-12 20:00 - 2018-12-12 02:45 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe

2018-12-12 20:00 - 2018-12-12 02:45 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo.exe

2018-12-12 20:00 - 2018-12-12 02:45 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe

2018-12-12 20:00 - 2018-12-12 02:45 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe

2018-12-12 20:00 - 2018-12-12 02:44 - 001461024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll

2018-12-12 20:00 - 2018-12-12 02:44 - 001126144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll

2018-12-12 20:00 - 2018-12-12 02:44 - 000631232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll

2018-12-12 20:00 - 2018-12-12 02:44 - 000521472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll

2018-12-12 20:00 - 2018-12-12 02:43 - 040261208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll

2018-12-12 20:00 - 2018-12-12 02:43 - 035157080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll

2018-12-12 20:00 - 2018-12-12 02:43 - 015909552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll

2018-12-12 20:00 - 2018-12-12 02:43 - 013204144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll

2018-12-12 20:00 - 2018-12-12 02:43 - 004946336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll

2018-12-12 20:00 - 2018-12-12 02:43 - 004316760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll

2018-12-12 20:00 - 2018-12-12 02:43 - 002017536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441735.dll

2018-12-12 20:00 - 2018-12-12 02:43 - 002003392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll

2018-12-12 20:00 - 2018-12-12 02:43 - 001511872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll

2018-12-12 20:00 - 2018-12-12 02:43 - 001468296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441735.dll

2018-12-12 20:00 - 2018-12-12 02:43 - 000822784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll

2018-12-12 20:00 - 2018-12-12 02:43 - 000750280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll

2018-12-12 20:00 - 2018-12-12 02:43 - 000609392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll

2018-12-12 20:00 - 2018-12-12 02:42 - 019714448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll

2018-12-12 20:00 - 2018-12-12 02:42 - 016990032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll

2018-12-12 20:00 - 2018-12-12 02:42 - 001471816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll

2018-12-12 20:00 - 2018-12-12 02:42 - 001462232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll

2018-12-12 20:00 - 2018-12-12 02:42 - 001167608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll

2018-12-12 20:00 - 2018-12-12 02:42 - 001152192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll

2018-12-12 20:00 - 2018-12-12 02:42 - 001145744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll

2018-12-12 20:00 - 2018-12-12 02:42 - 000914608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll

2018-12-12 20:00 - 2018-12-12 02:42 - 000794840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll

2018-12-12 20:00 - 2018-12-12 02:42 - 000637696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll

2018-12-10 18:52 - 2018-12-12 02:42 - 004258768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

2018-12-10 18:52 - 2018-12-01 05:56 - 002018080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441722.dll

2018-12-10 18:52 - 2018-12-01 05:56 - 001468032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441722.dll

2018-12-03 18:40 - 2018-12-03 18:40 - 000003568 _____ C:\WINDOWS\System32\Tasks\kezcyR

 

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

 

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

 

2018-12-20 22:02 - 2017-11-12 22:52 - 000000000 ____D C:\Users\kezcyR\AppData\Roaming\uTorrent

2018-12-20 22:02 - 2017-05-20 15:09 - 000000000 ____D C:\ProgramData\NVIDIA

2018-12-20 22:00 - 2018-05-17 15:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2018-12-20 22:00 - 2018-05-17 15:19 - 000000000 ____D C:\Users\kezcyR

2018-12-20 22:00 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2018-12-20 21:58 - 2018-11-19 19:18 - 000000000 ____D C:\Program Files\rempl

2018-12-20 21:58 - 2018-07-01 17:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID

2018-12-20 21:58 - 2018-06-07 17:28 - 000000000 ____D C:\Users\kezcyR\AppData\Roaming\discord

2018-12-20 21:58 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP

2018-12-20 21:58 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\security

2018-12-20 21:58 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Help

2018-12-20 21:58 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF

2018-12-20 21:58 - 2018-04-11 22:04 - 000000000 ____D C:\WINDOWS\system32\Sysprep

2018-12-20 21:58 - 2018-01-08 21:46 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation

2018-12-20 21:58 - 2017-12-24 19:26 - 000000000 ____D C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC

2018-12-20 21:58 - 2017-06-30 15:38 - 000000000 ____D C:\ProgramData\ProductData

2018-12-20 21:58 - 2017-06-30 15:33 - 000000000 ____D C:\Users\kezcyR\AppData\Roaming\IObit

2018-12-20 21:58 - 2017-05-31 18:42 - 000000000 ____D C:\Users\kezcyR\AppData\Roaming\AIMP

2018-12-20 21:58 - 2017-05-20 20:55 - 000000000 ____D C:\Users\kezcyR\AppData\Local\ConnectedDevicesPlatform

2018-12-20 21:58 - 2017-05-20 15:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2018-12-20 21:58 - 2017-05-20 15:08 - 000000000 ____D C:\Program Files\NVIDIA Corporation

2018-12-20 21:58 - 2017-05-20 15:08 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation

2018-12-20 21:58 - 2017-03-18 22:03 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy

2018-12-20 21:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\InfusedApps

2018-12-20 21:51 - 2018-05-17 16:15 - 000000000 ____D C:\WINDOWS\ServiceProfiles

2018-12-20 21:51 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps

2018-12-20 21:51 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\registration

2018-12-20 21:51 - 2017-12-24 19:26 - 000000000 ____D C:\ProgramData\F-Secure

2018-12-20 21:51 - 2017-11-18 23:17 - 000000000 ____D C:\Users\kezcyR\AppData\Local\UnrealEngine

2018-12-20 21:51 - 2017-06-10 13:44 - 000000000 ____D C:\Users\kezcyR\AppData\Local\SHU

2018-12-20 21:51 - 2017-05-30 18:55 - 000000000 ____D C:\ProgramData\Origin

2018-12-20 21:51 - 2017-05-20 15:40 - 000000000 ____D C:\Users\kezcyR\AppData\Local\NVIDIA

2018-12-20 21:51 - 2017-05-20 15:08 - 000000000 ____D C:\ProgramData\NVIDIA Corporation

2018-12-20 21:50 - 2018-07-01 17:23 - 000000000 ____D C:\Program Files\CPUID

2018-12-20 21:29 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI

2018-12-20 21:20 - 2017-05-21 19:58 - 000000000 ____D C:\Users\kezcyR\AppData\Local\Avg

2018-12-20 21:20 - 2017-05-21 19:58 - 000000000 ____D C:\ProgramData\Avg

2018-12-20 21:16 - 2018-06-23 19:12 - 000003082 __RSH C:\ProgramData\ntuser.pol

2018-12-20 20:49 - 2018-04-11 22:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM

2018-12-20 20:42 - 2018-05-17 15:28 - 001763504 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2018-12-20 20:42 - 2018-04-12 16:54 - 000782334 _____ C:\WINDOWS\system32\perfh015.dat

2018-12-20 20:42 - 2018-04-12 16:54 - 000151496 _____ C:\WINDOWS\system32\perfc015.dat

2018-12-20 19:11 - 2018-05-17 15:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2018-12-20 18:37 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness

2018-12-20 16:42 - 2018-05-17 15:24 - 000003042 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (kezcyR)

2018-12-20 16:41 - 2018-05-17 15:24 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3531603651-1163280169-3900036242-1001

2018-12-20 16:41 - 2018-05-17 15:19 - 000002414 _____ C:\Users\kezcyR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2018-12-20 16:41 - 2017-05-20 20:56 - 000000000 ___RD C:\Users\kezcyR\OneDrive

2018-12-19 22:44 - 2017-12-06 19:49 - 000000000 ____D C:\Users\kezcyR\AppData\Local\PlaceholderTileLogoFolder

2018-12-19 21:09 - 2017-11-30 18:24 - 000000000 ____D C:\Users\kezcyR\AppData\Local\Packages

2018-12-19 20:25 - 2018-06-18 18:03 - 000000000 ____D C:\Users\kezcyR\AppData\Roaming\Origin

2018-12-19 16:29 - 2018-05-17 15:24 - 000003568 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2018-12-19 16:29 - 2018-05-17 15:24 - 000003444 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2018-12-17 23:21 - 2018-08-20 17:57 - 000000000 ____D C:\WINDOWS\SysWOW64\directx

2018-12-17 23:21 - 2017-05-28 11:54 - 000000000 ____D C:\Users\kezcyR\AppData\Local\CrashDumps

2018-12-16 09:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports

2018-12-14 23:23 - 2017-09-29 17:53 - 000000000 ___RD C:\Users\kezcyR\3D Objects

2018-12-14 15:50 - 2017-05-20 15:08 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2018-12-14 15:50 - 2017-05-20 15:08 - 000002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2018-12-13 16:11 - 2017-12-24 19:26 - 000002137 _____ C:\Users\Public\Desktop\Pakiet Bezpieczeństwa UPC.lnk

2018-12-12 21:50 - 2017-10-07 18:10 - 000026192 _____ (Windows ® Server 2003 DDK provider) C:\WINDOWS\gdrv.sys

2018-12-12 19:25 - 2018-05-22 17:06 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-12-12 19:25 - 2018-05-22 17:06 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-12-12 19:25 - 2018-05-22 17:06 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-12-12 19:25 - 2018-05-22 17:06 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-12-12 19:25 - 2018-05-22 17:06 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-12-12 19:25 - 2018-05-17 15:24 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-12-12 19:25 - 2018-05-17 15:24 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-12-12 19:25 - 2018-05-17 15:24 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-12-12 19:25 - 2018-05-17 15:24 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-12-12 19:25 - 2018-05-17 15:24 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-12-12 19:25 - 2018-05-17 15:24 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2018-12-12 16:50 - 2018-03-01 19:19 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

2018-12-12 16:50 - 2017-05-20 18:17 - 000592616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

2018-12-12 02:42 - 2018-05-09 17:35 - 004999880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll

2018-12-11 16:58 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp

2018-12-11 12:00 - 2018-05-09 17:35 - 000048148 _____ C:\WINDOWS\system32\nvinfo.pb

2018-12-11 12:00 - 2017-05-20 15:27 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat

2018-12-11 08:08 - 2017-05-20 15:09 - 005338320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll

2018-12-11 08:08 - 2017-05-20 15:09 - 002620456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll

2018-12-11 08:08 - 2017-05-20 15:09 - 001767920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll

2018-12-11 08:08 - 2017-05-20 15:09 - 000651248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll

2018-12-11 08:08 - 2017-05-20 15:09 - 000450600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll

2018-12-11 08:08 - 2017-05-20 15:09 - 000124968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

2018-12-11 08:08 - 2017-05-20 15:09 - 000082800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll

2018-12-11 03:57 - 2017-05-20 15:09 - 008459772 _____ C:\WINDOWS\system32\nvcoproc.bin

2018-12-10 17:55 - 2018-05-22 17:01 - 000000000 ____D C:\Users\kezcyR\AppData\Local\D3DSCache

2018-12-10 12:29 - 2017-09-25 21:38 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat

2018-12-09 16:07 - 2018-09-09 11:58 - 000000000 ____D C:\Users\kezcyR\Desktop\Nowy folder

2018-12-07 16:22 - 2018-10-03 15:40 - 000000000 ____D C:\Users\kezcyR\Desktop\zdjecia

2018-12-06 11:15 - 2018-05-22 17:06 - 002865136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll

2018-12-06 11:15 - 2018-05-22 17:06 - 002265072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll

2018-12-06 11:15 - 2018-05-22 17:06 - 001323504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll

2018-12-02 15:23 - 2017-05-20 16:10 - 000000000 ____D C:\Users\kezcyR\AppData\Roaming\TS3Client

2018-11-21 18:56 - 2018-04-09 17:05 - 001118648 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys

2018-11-20 17:05 - 2018-09-23 15:47 - 000000893 _____ C:\Users\Public\Desktop\FIFA 19.lnk

 

==================== Pliki w katalogu głównym wybranych folderów =======

 

2018-10-23 21:05 - 2018-10-23 21:05 - 000002250 _____ () C:\Users\kezcyR\AppData\Local\recently-used.xbel

2018-04-20 18:04 - 2018-04-20 18:04 - 000000017 _____ () C:\Users\kezcyR\AppData\Local\resmon.resmoncfg

 

==================== Bamital & volsnap ======================

 

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

 

C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo

C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo

C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo

C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo

C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo

C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo

C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo

C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo

C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo

C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo

C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo

C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo

C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo

C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo

C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo

 

LastRegBack: 2018-05-17 15:17

 

==================== Koniec  FRST.txt ============================

Edytowane 20 Grudnia 2018 przez ryczek11

[jarrino 3909]

No przecież masz to opisane w temacie....Zrób tak.

 

Wprowadzanie w błąd // jg

Edytowane 21 Grudnia 2018 przez jacekgothic

[3ndurek 3584]

@@jarrino, co ma sobie niby zrobić? - to nie jest uniwersalny skrypt, poświęcam na to ~10 minut by przejrzeć logi i go wygenerować + właściwe dyrektywy.

 

@@ryczek11,

 

Uruchom FRST, naciśnij jednocześnie CTRL+Y, otworzy się notatnik - wklej do niego:

 

Task: {166D7442-3620-4B5E-831F-320323B4673C} - Brak ścieżki do pliku

Task: {5E34A4F3-8216-4CA7-97FA-1A88E05C7EE3} - System32\Tasks\kezcyR => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v kezcyR /t REG_SZ /d "explorer.exe hxxp://dipladoks.org" <==== UWAGA

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku

ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku

ContextMenuHandlers1: [sAScanShlExt] -> {94243EC1-AEE5-4d44-A6CF-6407ED967FED} =>  -> Brak pliku

ContextMenuHandlers6: [sAScanShlExt] -> {94243EC1-AEE5-4d44-A6CF-6407ED967FED} =>  -> Brak pliku

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== UWAGA

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA

HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\...\Run: [kezcyR] => explorer.exe hxxp://dipladoks.org <==== UWAGA

GroupPolicy: Ograniczenia ? <==== UWAGA

HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://redtube.com/

U3 avgbdisk; Brak ImagePath

S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]

Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"}

EmptyTemp:

 

Naciśnij jednocześnie CTRL+S. W FRST kliknij na Fix (NAPRAW)

 

Daj znać czy pomogło.

Edytowane 21 Grudnia 2018 przez 3ndurek