Wnk12 10 Napisano 8 Grudnia 2018 Udostępnij Napisano 8 Grudnia 2018 Witam. Od tygodnia pojawia mi się ta strona. Mam problem z usunieciem takiego czegos a widze ze tematy juz były lecz nie potrafie stwierdzic które wpisy trzeba wkleic aby usunac problem. Pomoże ktoś ? załączam link do plików FRST i Addition przez zippyshare https://www12.zippyshare.com/v/olUuP87D/file.htmlhttps://www12.zippyshare.com/v/V0Ac6V2w/file.html Cytuj Link to post Share on other sites
chrisplbw 407 Napisano 9 Grudnia 2018 Udostępnij Napisano 9 Grudnia 2018 Sprawdź Aplikacje i Funkcje czy coś się nie zainstalowało, dodatkowo dodatki i wtyczki w FireFox + czy nie zmieniło strony startowej. Przeskanuj Malwarebytes. 1 Cytuj Link to post Share on other sites
jarrino 3911 Napisano 9 Grudnia 2018 Udostępnij Napisano 9 Grudnia 2018 Sprawdź jako administrator, czy coś o podobnej nazwie znajduje się w rejestrze i jeśli jest ,to wywal... 1 Cytuj Link to post Share on other sites
Wnk12 10 Napisano 10 Grudnia 2018 Autor Udostępnij Napisano 10 Grudnia 2018 Sprawdź jako administrator, czy coś o podobnej nazwie znajduje się w rejestrze i jeśli jest ,to wywal... Jakimi programami mogę w rejestrze znaleźć po nazwie ? Cytuj Link to post Share on other sites
jarrino 3911 Napisano 10 Grudnia 2018 Udostępnij Napisano 10 Grudnia 2018 Jak wejdziesz w rejestr,to jest zakładka wyszukaj... Cytuj Link to post Share on other sites
3ndurek 3595 Napisano 10 Grudnia 2018 Udostępnij Napisano 10 Grudnia 2018 Na początek przeskanuj AdwCleaner i usuń to co wykryje. Później zrób logi w FRST i wrzuć je na wklejto.pl czyli wklejasz tekst a nie plik. Przed zaznacz Addition.txt. Te są zniekształcone. Cytuj Link to post Share on other sites
adijedi 32 Napisano 13 Grudnia 2018 Udostępnij Napisano 13 Grudnia 2018 hej, nie wiem skąd mi się to wzięło, ale malware i ccleaner nie zdołał wykasować tego świństwa ------http://gmaegames.pro... jakie kroki poczynić? Cytuj Link to post Share on other sites
3ndurek 3595 Napisano 13 Grudnia 2018 Udostępnij Napisano 13 Grudnia 2018 @@adijedi, Pobierz i uruchom https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/ Przed skanem zaznacz Addition.txt i wrzuć tu te pliki z notatnika. 1 Cytuj Link to post Share on other sites
adijedi 32 Napisano 14 Grudnia 2018 Udostępnij Napisano 14 Grudnia 2018 3ndurek - pomogło, dzięki ! Cytuj Link to post Share on other sites
ChesterAfter 0 Napisano 15 Grudnia 2018 Udostępnij Napisano 15 Grudnia 2018 3ndurek, mam ten sam problem co kolega, mógłbyś jakoś poinstruować co zrobić? Cytuj Link to post Share on other sites
3ndurek 3595 Napisano 15 Grudnia 2018 Udostępnij Napisano 15 Grudnia 2018 @@ChesterAfter, Pobierz i uruchom https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/ Przed skanem zaznacz Addition.txt i wrzuć tu te pliki z notatnika. Załącz tutaj te pliki Cytuj Link to post Share on other sites
Andrew 5905 Napisano 15 Grudnia 2018 Udostępnij Napisano 15 Grudnia 2018 Warto jeszcze prześledzić po dacie modyfikacji katalogów, można w ten sposób odkryć ścieżkę w której wgrał się wirus. Cytuj Link to post Share on other sites
ChesterAfter 0 Napisano 16 Grudnia 2018 Udostępnij Napisano 16 Grudnia 2018 Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 09.12.2018 Uruchomiony przez Chester (16-12-2018 08:56:56) Uruchomiony z D:\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2017-12-11 12:07:11) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1050097802-1924140053-2559007084-500 - Administrator - Disabled) Chester (S-1-5-21-1050097802-1924140053-2559007084-1000 - Administrator - Enabled) => C:\Users\Chester Gość (S-1-5-21-1050097802-1924140053-2559007084-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1050097802-1924140053-2559007084-1002 - Limited - Enabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189} AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.101 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\{A2116AF9-FA9D-41EA-9874-1E40B227D4DE}) (Version: 12.2.5.195 - Adobe Systems, Inc) Aktualizacje NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden ALLPlayer V7.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) American Truck Simulator (HKLM-x32\...\{FBB16F58-B03A-4894-9F75-DC6351F130FC}) (Version: 1.29.2.4 - SCS Software) Colin McRae Rally 04 (HKLM-x32\...\{F8718F95-21A1-44B9-97EC-679C93020BAE}) (Version: 1.01 - Codemasters) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.22 - NVIDIA Corporation) Hidden Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: - ) Fallout New Vegas Ultimate Edition (HKLM-x32\...\Fallout New Vegas Ultimate Edition_is1) (Version: - ) Farming Simulator 17 Platinum Edition ROPA (HKLM\...\ZmFybWluZ3NpbXVsYXRvcjE3_is1) (Version: 1 - ) GG (HKU\S-1-5-21-1050097802-1924140053-2559007084-1000\...\GG) (Version: 12 - GG Network S.A.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games) HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd) Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation) Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation) Kingdom Come: Deliverance (HKLM-x32\...\1719198803_is1) (Version: 1.5 - GOG.com) Kingdom Come: Deliverance Treasures of the Past DLC (HKLM-x32\...\1300320746_is1) (Version: 1.5 - GOG.com) League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc) Mafia 3 (HKLM-x32\...\Mafia 3_is1) (Version: - ) Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation) Microsoft .NET Framework 4.7.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.7.03062 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24516 (HKLM-x32\...\{b8e12890-118d-4721-8e54-05d978086712}) (Version: 14.0.24516.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24516 (HKLM-x32\...\{c325004c-5538-45b3-a7ad-94473a4dcd3b}) (Version: 14.0.24516.0 - Microsoft Corporation) Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation) Need for Speed Shift MULTi10 - ElAmigos wersja 1.02 (HKLM-x32\...\{A6EA3779-A6AD-4D06-8704-D0986F855D4A}_is1) (Version: 1.02 - EA Games) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden NVIDIA GeForce Experience 3.16.0.122 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.122 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation) NVIDIA Sterownik graficzny 417.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 417.22 - NVIDIA Corporation) Oprogramowanie mikroukładu Intel® (HKLM-x32\...\{e48a2f61-851a-4155-82f9-af1b04db8c3b}) (Version: 10.0.13 - Intel® Corporation) Hidden Panel sterowania NVIDIA 417.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 417.22 - NVIDIA Corporation) Hidden PowerISO (HKLM-x32\...\PowerISO) (Version: 7.0 - Power Software Ltd) qBittorrent 4.1.2 (HKLM-x32\...\qBittorrent) (Version: 4.1.2 - The qBittorrent project) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7188 - Realtek Semiconductor Corp.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.0 - Rockstar Games) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH) The Elder Scrolls: Skyrim - Special Edition (HKLM-x32\...\The Elder Scrolls: Skyrim - Special Edition_is1) (Version: - ) Tom Clancy's Splinter Cell Blacklist ver. 1.03 (HKLM-x32\...\{01102112-03YT-31VB-00E9-54SDHF2186AC}_is1) (Version: 1.03 - Ubisoft Entertainment) VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.7 - MSI) vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) WinRAR 5.50 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) XTREME GAMING ENGINE (HKLM-x32\...\GIGABYTE XTREME GAMING ENGINE_is1) (Version: 1.2.1.1 - GIGABYTE Technology Co.,Inc.) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation) ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-09-13] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-09-13] (Alexander Roshal) ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation) ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation) ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-11-29] (NVIDIA Corporation) ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-09-13] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-09-13] (Alexander Roshal) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {02E7ADA6-389C-4A44-AD4D-80158B9172E6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-11] (Google Inc.) Task: {12C0CF3C-E6FE-4151-94B8-11612A61EB84} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1050097802-1924140053-2559007084-1000 Task: {247EF7CF-B657-46F1-967D-075232C0220E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-06] (Adobe Systems Incorporated) Task: {2935A8E1-1C10-4ECA-B543-FFE73D44A1D8} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation) Task: {2E891FA0-3D6D-47EB-A549-256FB7951A1F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-11-16] (NVIDIA Corporation) Task: {37A70F68-4009-4EBA-B03C-0F067316026E} - System32\Tasks\Launcher GIGABYTE XTREME GAMING ENGINE => C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\Xtreme.exe [2017-01-09] (GIGABYTE Technology Co.,Ltd.) Task: {39DD898E-0E28-4F77-B5FE-8577943096CB} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-11-16] (NVIDIA Corporation) Task: {6823493C-3429-494E-9A51-554491DBE352} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-11-16] (NVIDIA Corporation) Task: {69783221-AD89-44AE-9002-4FD78FEFE76C} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe [2018-12-06] (Adobe Systems Incorporated) Task: {6E9F70FA-6D0D-4F4E-ACA2-E11AE2461F0B} - System32\Tasks\Chester => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Chester /t REG_SZ /d "cmd.exe /c start www.dipladoks.org" Task: {7EBF4782-1283-4095-AB14-970C84DCC3FE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-11] (Google Inc.) Task: {A249C662-40D8-4BBC-ABBF-CC89D04F5B29} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-11-16] (NVIDIA Corporation) Task: {B13B527B-F1C1-4118-92AE-883E6C8E6F60} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\Real\RealDownloader\downloader2.exe Task: {B4C946DF-729B-45A5-ACC1-3BDE541AD807} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-11-16] (NVIDIA Corporation) Task: {B9095D92-86F6-4B25-AF21-0323E6F55DC2} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation) Task: {DA3DEFB8-FD47-432E-A90F-990AD5F0E46C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-11-16] (NVIDIA Corporation) Task: {E7335A1A-1A22-4111-BC99-E0E3C7EFAC60} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation) Task: {E7A56411-6BA1-4846-A10E-EC55DE1C327F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-11-16] (NVIDIA Corporation) Task: {EDAF76F9-4B5F-4B68-98BF-C5C99C5178AB} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2017-12-11 13:26 - 2018-11-29 17:11 - 000154424 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-07-26 08:58 - 2017-07-26 08:58 - 000192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe 2018-06-17 13:48 - 2018-11-16 12:55 - 001314672 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2018-12-09 00:31 - 2018-10-30 19:06 - 001057056 _____ () D:\Moje Gry\Steam\bin\cef\cef.win7x64\SDL2.dll 2018-12-09 00:31 - 2018-09-23 01:00 - 102804768 _____ () D:\Moje Gry\Steam\bin\cef\cef.win7x64\libcef.dll 2018-12-09 00:31 - 2018-09-23 01:00 - 004866336 _____ () D:\Moje Gry\Steam\bin\cef\cef.win7x64\libglesv2.dll 2018-12-09 00:31 - 2018-09-23 01:00 - 000116000 _____ () D:\Moje Gry\Steam\bin\cef\cef.win7x64\libegl.dll 2018-12-14 00:30 - 2018-12-12 06:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll 2018-12-14 00:30 - 2018-12-12 06:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll 2018-12-03 17:43 - 2018-12-03 17:43 - 031311872 _____ () C:\Users\Chester\AppData\Local\Google\Chrome\User Data\PepperFlash\32.0.0.101\pepflashplayer.dll 2017-12-11 13:34 - 2016-08-18 20:26 - 000225792 _____ () C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\GvFireware.dll 2017-12-11 13:34 - 2014-05-01 02:49 - 000025088 _____ () C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\BSL430.dll 2014-02-19 18:51 - 2014-02-19 18:51 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll 2017-12-11 16:28 - 2018-10-30 19:06 - 000879904 _____ () D:\Moje Gry\Steam\SDL2.dll 2017-12-11 16:28 - 2016-09-01 02:02 - 004969248 _____ () D:\Moje Gry\Steam\v8.dll 2017-12-11 16:28 - 2016-09-01 02:02 - 001563936 _____ () D:\Moje Gry\Steam\icui18n.dll 2017-12-11 16:28 - 2016-09-01 02:02 - 001195296 _____ () D:\Moje Gry\Steam\icuuc.dll 2017-12-11 16:28 - 2018-11-26 21:29 - 002649376 _____ () D:\Moje Gry\Steam\video.dll 2018-01-14 13:16 - 2017-12-20 02:43 - 005137696 _____ () D:\Moje Gry\Steam\libavcodec-57.dll 2018-01-14 13:16 - 2017-12-20 02:43 - 000847136 _____ () D:\Moje Gry\Steam\libavutil-55.dll 2018-01-14 13:16 - 2017-12-20 02:43 - 000695584 _____ () D:\Moje Gry\Steam\libavformat-57.dll 2018-01-14 13:16 - 2017-12-20 02:43 - 000351520 _____ () D:\Moje Gry\Steam\libavresample-3.dll 2018-01-14 13:16 - 2017-12-20 02:43 - 000783648 _____ () D:\Moje Gry\Steam\libswscale-4.dll 2017-12-11 16:28 - 2018-11-26 21:29 - 001028384 _____ () D:\Moje Gry\Steam\bin\chromehtml.DLL 2017-12-11 16:28 - 2016-07-04 23:17 - 000266560 _____ () D:\Moje Gry\Steam\openvr_api.dll ==================== Alternate Data Streams (filtrowane) ========= ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1050097802-1924140053-2559007084-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Chester\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 194.54.22.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == Załączenie wejścia w fixlist spowoduje jego usunięcie. ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{B22409C1-035A-4D13-B5BD-FFE0444D29E1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{80FA409D-57A1-4006-B977-D598A116D899}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{CC0BC8B2-270A-4FAD-85B6-77774B95796D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{7D2E8BA9-0557-4DE5-848C-9BF9C50A9FF0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{E1BDBA6A-E5CE-4148-AF48-10A607F647C3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{A3ED07A0-8F5C-440A-9764-A0B2CED7E3C7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{FB464235-792D-435E-B632-FBA595758B37}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{D948C985-8A7E-4830-97AA-D4CE912051F0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{EF58D728-05B2-489C-AEFD-BC07AAA91739}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{48B95FDE-7CAD-40AE-BCA9-6B3CE5BFB722}] => (Allow) D:\Moje Gry\Steam\Steam.exe FirewallRules: [{2EA1C9CD-0F0B-472C-81CF-763748CF83D4}] => (Allow) D:\Moje Gry\Steam\Steam.exe FirewallRules: [{7C2ABA84-FB8F-42C2-9538-94293E7243F1}] => (Allow) D:\Moje Gry\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{EDAE8A19-D168-481C-92DB-08E840515C57}] => (Allow) D:\Moje Gry\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{FEFF145D-5B98-4C79-8840-B5B670DDB3B6}] => (Allow) D:\Moje Gry\GTA V\GTA5.exe FirewallRules: [{43D6796C-F6E6-4C42-A664-C4741D28A16E}] => (Allow) D:\Moje Gry\GTA V\GTA5.exe FirewallRules: [{12733842-8654-4170-8496-9B27AADAC722}] => (Allow) C:\Users\Chester\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{D033DC8C-7AB3-4B7B-833A-56F1AF8728D1}] => (Allow) C:\Users\Chester\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{CB24701B-78BE-4D01-A6D1-FE2A6D095890}D:\moje gry\fallout 4\fallout4.exe] => (Allow) D:\moje gry\fallout 4\fallout4.exe FirewallRules: [uDP Query User{B7B8C8F2-0C72-4FDC-9075-BA807F76E4CF}D:\moje gry\fallout 4\fallout4.exe] => (Allow) D:\moje gry\fallout 4\fallout4.exe FirewallRules: [TCP Query User{8B5FE8C5-D37D-4C78-B5F5-0FA49B9792BD}D:\moje gry\fallout 4\fallout4.exe] => (Allow) D:\moje gry\fallout 4\fallout4.exe FirewallRules: [uDP Query User{DF335664-3B60-40E4-B71D-4E247C237F95}D:\moje gry\fallout 4\fallout4.exe] => (Allow) D:\moje gry\fallout 4\fallout4.exe FirewallRules: [TCP Query User{BE30A0B7-1464-4216-8FE2-3F4168838459}D:\downloads\conan\conan exiles\conansandbox\binaries\win64\conansandbox.exe] => (Allow) D:\downloads\conan\conan exiles\conansandbox\binaries\win64\conansandbox.exe FirewallRules: [uDP Query User{A75AC71C-7642-4AA5-8778-6ACFA81EAD92}D:\downloads\conan\conan exiles\conansandbox\binaries\win64\conansandbox.exe] => (Allow) D:\downloads\conan\conan exiles\conansandbox\binaries\win64\conansandbox.exe FirewallRules: [TCP Query User{C06761A5-E264-4804-8DA9-75A2C9E8B9D3}D:\moje gry\need for speed - most wanted\nfs13.exe] => (Allow) D:\moje gry\need for speed - most wanted\nfs13.exe FirewallRules: [uDP Query User{17C0F99B-4CCD-4018-9EA0-B7A55A2B3145}D:\moje gry\need for speed - most wanted\nfs13.exe] => (Allow) D:\moje gry\need for speed - most wanted\nfs13.exe FirewallRules: [TCP Query User{D17A89E2-B8C0-48AE-98F2-BA1B61F3C2D1}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe FirewallRules: [uDP Query User{D6156947-1C78-4C56-BD91-41BEF5C3A7D1}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe FirewallRules: [TCP Query User{6668CD79-3A6C-4D2D-923D-42F034DB420F}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe FirewallRules: [uDP Query User{3721BBD2-9FCF-4F4C-93A2-97BED2E321DE}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe FirewallRules: [TCP Query User{A8DFCD4B-25E1-4D38-BBF7-99581EF28390}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe FirewallRules: [uDP Query User{BF53ADA1-7B49-49A6-A266-5C40A1FC91F9}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe FirewallRules: [TCP Query User{A0942369-EBA1-4D3A-B9F6-75C4290A75E9}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe FirewallRules: [uDP Query User{98A2A605-3F43-46F0-880B-0B2682F076A4}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe FirewallRules: [TCP Query User{565A1610-7348-4C3A-9706-A82FF9BD4196}D:\moje gry\motogp 15\motogp15x64.exe] => (Allow) D:\moje gry\motogp 15\motogp15x64.exe FirewallRules: [uDP Query User{212F48A1-0887-482E-B43D-21B6BAFDF8FA}D:\moje gry\motogp 15\motogp15x64.exe] => (Allow) D:\moje gry\motogp 15\motogp15x64.exe FirewallRules: [TCP Query User{6857472F-6EEC-4C21-B92D-29A0C9852506}D:\moje gry\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) D:\moje gry\kingdom come deliverance\bin\win64\kingdomcome.exe FirewallRules: [uDP Query User{BD180148-F7AF-4A49-B08A-6127B97135AF}D:\moje gry\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) D:\moje gry\kingdom come deliverance\bin\win64\kingdomcome.exe FirewallRules: [{E15CC98D-A591-495C-9BDB-4A577BE4278B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{F52DBB90-A34C-4D91-95CD-D022AFDE9995}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [TCP Query User{89BCCC90-3552-4B11-B653-B3FB8E1C8679}D:\moje gry\might and magic heroes vii deluxe edition\binaries\win64\mmh7game-win64-shipping.exe] => (Block) D:\moje gry\might and magic heroes vii deluxe edition\binaries\win64\mmh7game-win64-shipping.exe FirewallRules: [uDP Query User{C26F078F-75CE-4ED7-BF53-13AF7298907A}D:\moje gry\might and magic heroes vii deluxe edition\binaries\win64\mmh7game-win64-shipping.exe] => (Block) D:\moje gry\might and magic heroes vii deluxe edition\binaries\win64\mmh7game-win64-shipping.exe FirewallRules: [TCP Query User{488E25D7-F7CB-4966-B791-2468233A1ADE}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe FirewallRules: [uDP Query User{B1D84AC7-6088-45BA-B450-7449E852A8EC}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe FirewallRules: [TCP Query User{98DC62F5-7BE7-44B2-83EE-65309F807D9E}D:\moje gry\fifa 18\fifa18.exe] => (Allow) D:\moje gry\fifa 18\fifa18.exe FirewallRules: [uDP Query User{8C1DCFEB-E7DF-4D13-A811-5AF47377E3BB}D:\moje gry\fifa 18\fifa18.exe] => (Allow) D:\moje gry\fifa 18\fifa18.exe FirewallRules: [{3628F5A2-94E9-4976-A85C-53A2A2738D52}] => (Allow) D:\Moje Gry\Assassin's Creed Rogue\ACC.exe FirewallRules: [{8E7B62CA-8401-46F6-AA8B-7AF6E9A5C8E1}] => (Allow) D:\Moje Gry\Assassin's Creed Rogue\ACC.exe FirewallRules: [TCP Query User{CA6B8149-A325-49C0-8AE5-795AA5A285EA}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe FirewallRules: [uDP Query User{74F19D5C-2060-4E34-B69B-FEA44807E96E}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe FirewallRules: [{9A7401CB-74B0-4708-BCF4-4FEB0BD94B8D}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe FirewallRules: [{D96FF583-8D09-4BF8-9C2E-47F2863C16F1}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe FirewallRules: [TCP Query User{AE3911BE-3FEA-4825-81AE-AB038503FBA0}D:\moje gry\far cry primal\bin\fcprimal.exe] => (Allow) D:\moje gry\far cry primal\bin\fcprimal.exe FirewallRules: [uDP Query User{70DB6489-1E2D-4190-B175-8C070CF98036}D:\moje gry\far cry primal\bin\fcprimal.exe] => (Allow) D:\moje gry\far cry primal\bin\fcprimal.exe FirewallRules: [TCP Query User{109A4FF2-E4A4-4F9A-9055-A8A0A7E5D740}D:\moje gry\assetto corsa\acs.exe] => (Block) D:\moje gry\assetto corsa\acs.exe FirewallRules: [uDP Query User{B40F5862-BDDD-4161-9A12-EF33DB98B647}D:\moje gry\assetto corsa\acs.exe] => (Block) D:\moje gry\assetto corsa\acs.exe FirewallRules: [TCP Query User{03F92ADB-1A32-47AD-B65D-A2243B578A2C}D:\moje gryr\city car driving\bin\win32\starter.exe] => (Allow) D:\moje gryr\city car driving\bin\win32\starter.exe FirewallRules: [uDP Query User{651F0C56-E5E4-4FC4-A3E4-43165848793C}D:\moje gryr\city car driving\bin\win32\starter.exe] => (Allow) D:\moje gryr\city car driving\bin\win32\starter.exe FirewallRules: [TCP Query User{3278C984-D9F4-4F8F-84E0-CE577ACED040}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe FirewallRules: [uDP Query User{6FBF1373-F2AA-4A34-904C-28E9EDD0372C}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe FirewallRules: [TCP Query User{45BB8B60-D3CE-4621-BEAA-7FE45995384B}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe FirewallRules: [uDP Query User{C6546A5D-C8F2-47BB-88A7-500DE25CD78C}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe FirewallRules: [TCP Query User{F7ED8B67-33F8-460F-8D3D-BF30A23D57B8}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe FirewallRules: [uDP Query User{44A73401-82DF-4A67-B928-07300B362E2A}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe FirewallRules: [{0C20DA42-7F4F-449C-8626-80CDD72608A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{5491E442-BFE3-4B4D-8565-FF3CAD94F069}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{5347E9A3-B471-483D-8578-B5B4FBDF7D1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{2A4854D9-EB6B-4C5B-A7EA-4EE2B9C1818C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{5A00BD8F-C31A-4281-91F0-C3CD5DB6ABB8}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe FirewallRules: [uDP Query User{C2549DF4-6E02-4846-A7D0-148FB32B8F1C}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe FirewallRules: [TCP Query User{93C75633-24FE-4019-9671-B21261969F0B}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe FirewallRules: [uDP Query User{6566854C-1343-4AC3-8F76-C8BED76DCEB5}D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Allow) D:\moje gry\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe FirewallRules: [TCP Query User{E7F20B40-D494-4650-9B64-D7BF3509560F}D:\moje gry\tom clancy's splinter cell blacklist\src\system\blacklist_dx11_game.exe] => (Allow) D:\moje gry\tom clancy's splinter cell blacklist\src\system\blacklist_dx11_game.exe FirewallRules: [uDP Query User{93EE11CA-D2B4-4DCC-8B05-71FC30A04703}D:\moje gry\tom clancy's splinter cell blacklist\src\system\blacklist_dx11_game.exe] => (Allow) D:\moje gry\tom clancy's splinter cell blacklist\src\system\blacklist_dx11_game.exe FirewallRules: [{BBC09F60-DC50-401F-BAA2-5DEA69E36A9C}] => (Allow) D:\Moje Gry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [{0A2EED57-CF49-4D42-9EA5-F98953472B6A}] => (Allow) D:\Moje Gry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [{CB21246D-0E4A-4D33-BFDD-FF1BB74A5076}] => (Allow) D:\Moje Gry\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{76B60923-35EC-4D69-8A70-BC76D5D5518A}] => (Allow) D:\Moje Gry\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{09EBA9C5-6F6A-40C5-BA57-5623E9A6A94D}] => (Allow) D:\Moje Gry\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{6219DE39-2955-429F-90D6-A581EC1F5573}] => (Allow) D:\Moje Gry\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{0791E245-49CB-4C02-A1CA-134AA6597901}] => (Allow) D:\Moje Gry\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{179CF049-175C-4C07-850F-26CC81BDA140}] => (Allow) D:\Moje Gry\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{CD54571C-EE12-4FA3-8AE8-B53E5CAACD06}] => (Allow) D:\Moje Gry\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{11D68C35-2007-49CD-B239-3237C3D080F2}] => (Allow) D:\Moje Gry\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{6234649A-31E8-41D4-B4A5-3F942E1F72E4}] => (Allow) D:\Moje Gry\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe FirewallRules: [{544F15AA-CD1D-435E-B54D-1D09FA13CBD4}] => (Allow) D:\Moje Gry\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe FirewallRules: [TCP Query User{DE57FDBF-A885-4A8E-9F44-7DA575657960}D:\moje gry\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) D:\moje gry\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe FirewallRules: [uDP Query User{EC43BA30-2804-479B-94D4-49143124D483}D:\moje gry\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) D:\moje gry\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe FirewallRules: [{4BAB996D-FCD8-4AE5-BC60-1E998A012498}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Punkty Przywracania systemu ========================= 15-12-2018 13:56:40 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (12/15/2018 01:18:38 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/15/2018 01:08:57 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/13/2018 03:26:10 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/12/2018 11:56:12 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program GTAIV.exe w wersji 1.0.8.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 3a54 Godzina rozpoczęcia: 01d4926bd9022a6d Godzina zakończenia: 33 Ścieżka aplikacji: D:\Moje Gry\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\GTAIV.exe Identyfikator raportu: Error: (12/12/2018 11:41:06 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: SteamActivation.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7601.24291, sygnatura czasowa: 0x5be781b4 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00022302 Identyfikator procesu powodującego błąd: 0x3704 Godzina uruchomienia aplikacji powodującej błąd: 0x01d4926bbfc57e6a Ścieżka aplikacji powodującej błąd: D:\Moje Gry\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\Activation\SteamActivation.exe Ścieżka modułu powodującego błąd: C:\Windows\SysWOW64\ntdll.dll Identyfikator raportu: 02f869dc-fe5f-11e8-8e7f-448a5b9bf344 Error: (12/04/2018 11:55:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: SHIFT.exe, wersja: 1.0.2.0, sygnatura czasowa: 0x4af2ddcf Nazwa modułu powodującego błąd: nvd3dum.dll, wersja: 25.21.14.1722, sygnatura czasowa: 0x5c000b5e Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x007e6a36 Identyfikator procesu powodującego błąd: 0x19c4 Godzina uruchomienia aplikacji powodującej błąd: 0x01d48c234fe76b48 Ścieżka aplikacji powodującej błąd: D:\Moje Gry\Need for Speed Shift\SHIFT.exe Ścieżka modułu powodującego błąd: C:\Windows\system32\nvd3dum.dll Identyfikator raportu: a5e13c7a-f817-11e8-8e7f-448a5b9bf344 Error: (12/03/2018 10:08:18 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/03/2018 09:36:31 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: NvInstallerUtil.exe, wersja: 2.1002.308.0, sygnatura czasowa: 0x5bedc928 Nazwa modułu powodującego błąd: NvInstallerUtil.exe, wersja: 2.1002.308.0, sygnatura czasowa: 0x5bedc928 Kod wyjątku: 0x40000015 Przesunięcie błędu: 0x000f8133 Identyfikator procesu powodującego błąd: 0xbd4 Godzina uruchomienia aplikacji powodującej błąd: 0x01d48b47d3e9617b Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\NVIDIA Corporation\NvInstallerUtil\NvInstallerUtil.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\NVIDIA Corporation\NvInstallerUtil\NvInstallerUtil.exe Identyfikator raportu: 1dc606c4-f73b-11e8-9064-448a5b9bf344 Dziennik System: ============= Error: (12/15/2018 01:07:14 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 12:49:13 na 2018-12-15 było nieoczekiwane. Error: (12/09/2018 12:31:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Steam Client Service z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (12/09/2018 12:31:34 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Steam Client Service. Error: (12/05/2018 10:17:01 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: Produkt Narzędzia firmy Microsoft chroniące przed złośliwym oprogramowaniem napotkał błąd podczas próby aktualizacji podpisów. Nowa wersja podpisu: Poprzednia wersja podpisu: 1.281.1389.0 Źródło aktualizacji: Serwer usługi Microsoft Update Etap aktualizacji: Wyszukiwanie Ścieżka źródła: http://www.microsoft.com Typ podpisu: Oprogramowanie antywirusowe Typ aktualizacji: Pełne Użytkownik: ZARZĄDZANIE NT\SYSTEM Bieżąca wersja aparatu: Poprzednia wersja aparatu: 1.1.15400.5 Kod błędu: 0x8024402f Opis błędu: Podczas sprawdzania aktualizacji wystąpił nieoczekiwany problem. Aby uzyskać informacje na temat instalowania aktualizacji i rozwiązywania problemów z nimi, zobacz Pomoc i obsługę techniczną. Error: (12/03/2018 09:52:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa NVIDIA LocalSystem Container niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 6000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (12/03/2018 09:52:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa NVIDIA LocalSystem Container zakończyła działanie; wystąpił następujący błąd: Plik wykonywalny polecenia rodzajowego zwrócił wynik wskazujący błąd. Error: (11/07/2018 10:00:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa NVIDIA LocalSystem Container niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 6000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (11/07/2018 10:00:23 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa NVIDIA LocalSystem Container zakończyła działanie; wystąpił następujący błąd: Plik wykonywalny polecenia rodzajowego zwrócił wynik wskazujący błąd. ==================== Statystyki pamięci =========================== Procesor: Intel® Core i5-4460 CPU @ 3.20GHz Procent pamięci w użyciu: 51% Całkowita pamięć fizyczna: 8141.39 MB Dostępna pamięć fizyczna: 3913.54 MB Całkowita pamięć wirtualna: 16280.93 MB Dostępna pamięć wirtualna: 11404.09 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:97.56 GB) (Free:43.75 GB) NTFS Drive d: () (Fixed) (Total:833.85 GB) (Free:368.37 GB) NTFS \\?\Volume{324d1644-de67-11e7-b47b-806e6f6e6963}\ (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: A974113A) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=833.9 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================ Chyba nie tak to miało wyglądać Cytuj Link to post Share on other sites
3ndurek 3595 Napisano 16 Grudnia 2018 Udostępnij Napisano 16 Grudnia 2018 (edytowane) Chyba nie tak to miało wyglądać To jest log z Addition.txt. Brakuje logu FRST.txt. Edytowane 16 Grudnia 2018 przez 3ndurek Cytuj Link to post Share on other sites
ChesterAfter 0 Napisano 16 Grudnia 2018 Udostępnij Napisano 16 Grudnia 2018 Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 09.12.2018 Uruchomiony przez Chester (administrator) VENOM (16-12-2018 08:56:42) Uruchomiony z D:\Downloads Załadowane profile: Chester (Dostępne profile: Chester) Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (GIGABYTE Technology Co.,Ltd.) C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\Xtreme.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Valve Corporation) D:\Moje Gry\Steam\Steam.exe (Valve Corporation) D:\Moje Gry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) D:\Moje Gry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) D:\Moje Gry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) D:\Moje Gry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) D:\Moje Gry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7543000 2014-03-04] (Realtek Semiconductor) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation) HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation) HKU\S-1-5-21-1050097802-1924140053-2559007084-1000\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [3884720 2017-10-04] (ALLPlayer.org) HKU\S-1-5-21-1050097802-1924140053-2559007084-1000\...\Run: [Chester] => cmd.exe /c start www.dipladoks.org HKU\S-1-5-21-1050097802-1924140053-2559007084-1000\...\MountPoints2: F - F:\setup.exe HKU\S-1-5-21-1050097802-1924140053-2559007084-1000\...\MountPoints2: {34484730-de76-11e7-b5a1-448a5b9bf344} - H:\HiSuiteDownLoader.exe HKU\S-1-5-21-1050097802-1924140053-2559007084-1000\...\MountPoints2: {344847ac-de76-11e7-b5a1-448a5b9bf344} - H:\HiSuiteDownLoader.exe Startup: C:\Users\Chester\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE XTREME GAMING ENGINE.lnk [2017-12-11] ShortcutTarget: GIGABYTE XTREME GAMING ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\autorun.exe () ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 194.54.22.2 Tcpip\..\Interfaces\{3256E9EC-803C-4EEF-9F76-FFCE60E8A3CE}: [DhcpNameServer] 194.54.22.2 Internet Explorer: ================== HKU\S-1-5-21-1050097802-1924140053-2559007084-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gazeta.pl/0,0.html?p=190 BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_101.dll [2018-12-06] () FF Plugin: @microsoft.com/GENUINE -> disabled [brak pliku] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-06] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2016-09-20] (Adobe Systems, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [brak pliku] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://www.gazeta.pl/0,0.html?p=190 CHR StartupUrls: Default -> "hxxp://www.gazeta.pl/0,0.html?p=190" CHR Profile: C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default [2018-12-16] CHR Extension: (Adblock Plus) - C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-03] CHR Extension: (Adblock dla Youtube™) - C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2018-09-14] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03] CHR Extension: (Chrome Media Router) - C:\Users\Chester\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-15] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [443872 2018-12-12] (Google Inc.) R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] () [brak podpisu cyfrowego] S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation) R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2017-07-26] (Huawei Technologies Co., Ltd.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Huawei Technologies Co., Ltd.) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation) R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation) R3 XtuAcpiDriver; C:\Windows\System32\DRIVERS\XtuAcpiDriver.sys [54168 2017-04-18] (Intel Corporation) S3 MSICDSetup; \??\E:\CDriver64.sys [X] S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X] S4 NVHDA; system32\drivers\nvhda64v.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-12-15 14:04 - 2018-12-15 14:05 - 000000000 ____D C:\AdwCleaner 2018-12-15 13:43 - 2018-12-16 08:56 - 000000000 ____D C:\FRST 2018-12-12 23:41 - 2018-12-12 23:41 - 000000000 __SHD C:\ProgramData\SecuROM 2018-12-12 23:41 - 2018-12-12 23:41 - 000000000 __RHD C:\Users\Chester\AppData\Roaming\SecuROM 2018-12-12 23:40 - 2018-12-12 23:40 - 000178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll 2018-12-12 23:40 - 2018-12-12 23:40 - 000001338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk 2018-12-12 23:40 - 2018-12-12 23:40 - 000000000 ____D C:\Windows\SysWOW64\xlive 2018-12-12 23:40 - 2018-12-12 23:40 - 000000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE 2018-12-12 22:43 - 2018-12-12 22:43 - 000000210 _____ C:\Users\Chester\Desktop\Grand Theft Auto IV.url 2018-12-12 14:31 - 2018-12-06 03:39 - 003227648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2018-12-12 14:31 - 2018-11-28 23:02 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2018-12-12 14:31 - 2018-11-28 23:02 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2018-12-12 14:31 - 2018-11-28 23:02 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2018-12-12 14:31 - 2018-11-28 23:02 - 000005632 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2018-12-12 14:31 - 2018-11-28 23:02 - 000005632 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2018-12-12 14:31 - 2018-11-28 22:50 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2018-12-12 14:31 - 2018-11-28 22:50 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2018-12-12 14:31 - 2018-11-28 22:38 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2018-12-12 14:31 - 2018-11-28 22:38 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2018-12-12 14:31 - 2018-11-28 22:38 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2018-12-12 14:31 - 2018-11-15 20:46 - 000397088 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2018-12-12 14:31 - 2018-11-15 19:55 - 000348976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2018-12-12 14:31 - 2018-11-15 04:00 - 025735680 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2018-12-12 14:31 - 2018-11-15 03:34 - 020281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2018-12-12 14:31 - 2018-11-15 02:51 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2018-12-12 14:31 - 2018-11-15 02:50 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2018-12-12 14:31 - 2018-11-13 05:54 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2018-12-12 14:31 - 2018-11-13 05:54 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2018-12-12 14:31 - 2018-11-13 05:42 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2018-12-12 14:31 - 2018-11-13 05:41 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2018-12-12 14:31 - 2018-11-13 05:40 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2018-12-12 14:31 - 2018-11-13 05:40 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2018-12-12 14:31 - 2018-11-13 05:39 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2018-12-12 14:31 - 2018-11-13 05:35 - 005778944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2018-12-12 14:31 - 2018-11-13 05:33 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2018-12-12 14:31 - 2018-11-13 05:32 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2018-12-12 14:31 - 2018-11-13 05:30 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2018-12-12 14:31 - 2018-11-13 05:28 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2018-12-12 14:31 - 2018-11-13 05:28 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2018-12-12 14:31 - 2018-11-13 05:28 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2018-12-12 14:31 - 2018-11-13 05:28 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2018-12-12 14:31 - 2018-11-13 05:26 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2018-12-12 14:31 - 2018-11-13 05:21 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2018-12-12 14:31 - 2018-11-13 05:18 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2018-12-12 14:31 - 2018-11-13 05:13 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2018-12-12 14:31 - 2018-11-13 05:13 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2018-12-12 14:31 - 2018-11-13 05:13 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2018-12-12 14:31 - 2018-11-13 05:12 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2018-12-12 14:31 - 2018-11-13 05:11 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2018-12-12 14:31 - 2018-11-13 05:11 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2018-12-12 14:31 - 2018-11-13 05:10 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2018-12-12 14:31 - 2018-11-13 05:10 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2018-12-12 14:31 - 2018-11-13 05:07 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2018-12-12 14:31 - 2018-11-13 05:07 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2018-12-12 14:31 - 2018-11-13 05:06 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2018-12-12 14:31 - 2018-11-13 05:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2018-12-12 14:31 - 2018-11-13 05:05 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2018-12-12 14:31 - 2018-11-13 05:05 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2018-12-12 14:31 - 2018-11-13 05:04 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2018-12-12 14:31 - 2018-11-13 05:03 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2018-12-12 14:31 - 2018-11-13 05:03 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2018-12-12 14:31 - 2018-11-13 05:03 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2018-12-12 14:31 - 2018-11-13 04:55 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2018-12-12 14:31 - 2018-11-13 04:53 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2018-12-12 14:31 - 2018-11-13 04:52 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2018-12-12 14:31 - 2018-11-13 04:51 - 015284736 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2018-12-12 14:31 - 2018-11-13 04:51 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2018-12-12 14:31 - 2018-11-13 04:51 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2018-12-12 14:31 - 2018-11-13 04:50 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2018-12-12 14:31 - 2018-11-13 04:50 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2018-12-12 14:31 - 2018-11-13 04:50 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2018-12-12 14:31 - 2018-11-13 04:49 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2018-12-12 14:31 - 2018-11-13 04:47 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2018-12-12 14:31 - 2018-11-13 04:47 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2018-12-12 14:31 - 2018-11-13 04:46 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2018-12-12 14:31 - 2018-11-13 04:44 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2018-12-12 14:31 - 2018-11-13 04:42 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2018-12-12 14:31 - 2018-11-13 04:39 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2018-12-12 14:31 - 2018-11-13 04:38 - 013681152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2018-12-12 14:31 - 2018-11-13 04:38 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2018-12-12 14:31 - 2018-11-13 04:37 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2018-12-12 14:31 - 2018-11-13 04:37 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2018-12-12 14:31 - 2018-11-13 04:36 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2018-12-12 14:31 - 2018-11-13 04:27 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2018-12-12 14:31 - 2018-11-13 04:18 - 004386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2018-12-12 14:31 - 2018-11-13 04:16 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2018-12-12 14:31 - 2018-11-13 04:15 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2018-12-12 14:31 - 2018-11-13 04:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2018-12-12 14:31 - 2018-11-11 18:19 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2018-12-12 14:31 - 2018-11-11 18:02 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2018-12-12 14:31 - 2018-11-11 18:01 - 005551848 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2018-12-12 14:31 - 2018-11-11 18:01 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2018-12-12 14:31 - 2018-11-11 18:01 - 000366824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys 2018-12-12 14:31 - 2018-11-11 18:01 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2018-12-12 14:31 - 2018-11-11 18:01 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2018-12-12 14:31 - 2018-11-11 18:00 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2018-12-12 14:31 - 2018-11-11 17:58 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2018-12-12 14:31 - 2018-11-11 17:58 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2018-12-12 14:31 - 2018-11-11 17:58 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2018-12-12 14:31 - 2018-11-11 17:58 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2018-12-12 14:31 - 2018-11-11 17:58 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2018-12-12 14:31 - 2018-11-11 17:58 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2018-12-12 14:31 - 2018-11-11 17:58 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2018-12-12 14:31 - 2018-11-11 17:58 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2018-12-12 14:31 - 2018-11-11 17:58 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2018-12-12 14:31 - 2018-11-11 17:58 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2018-12-12 14:31 - 2018-11-11 17:58 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2018-12-12 14:31 - 2018-11-11 17:58 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2018-12-12 14:31 - 2018-11-11 17:58 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2018-12-12 14:31 - 2018-11-11 17:58 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2018-12-12 14:31 - 2018-11-11 17:58 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2018-12-12 14:31 - 2018-11-11 17:58 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2018-12-12 14:31 - 2018-11-11 17:58 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2018-12-12 14:31 - 2018-11-11 17:58 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2018-12-12 14:31 - 2018-11-11 17:58 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2018-12-12 14:31 - 2018-11-11 17:58 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2018-12-12 14:31 - 2018-11-11 17:58 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2018-12-12 14:31 - 2018-11-11 17:58 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2018-12-12 14:31 - 2018-11-11 17:58 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2018-12-12 14:31 - 2018-11-11 17:58 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2018-12-12 14:31 - 2018-11-11 17:58 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:49 - 004054760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2018-12-12 14:31 - 2018-11-11 17:49 - 003960040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2018-12-12 14:31 - 2018-11-11 17:47 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2018-12-12 14:31 - 2018-11-11 17:45 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2018-12-12 14:31 - 2018-11-11 17:45 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2018-12-12 14:31 - 2018-11-11 17:45 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2018-12-12 14:31 - 2018-11-11 17:45 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2018-12-12 14:31 - 2018-11-11 17:45 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2018-12-12 14:31 - 2018-11-11 17:45 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2018-12-12 14:31 - 2018-11-11 17:45 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2018-12-12 14:31 - 2018-11-11 17:45 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2018-12-12 14:31 - 2018-11-11 17:45 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2018-12-12 14:31 - 2018-11-11 17:45 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2018-12-12 14:31 - 2018-11-11 17:45 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2018-12-12 14:31 - 2018-11-11 17:45 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2018-12-12 14:31 - 2018-11-11 17:45 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2018-12-12 14:31 - 2018-11-11 17:45 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2018-12-12 14:31 - 2018-11-11 17:45 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2018-12-12 14:31 - 2018-11-11 17:45 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2018-12-12 14:31 - 2018-11-11 17:45 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2018-12-12 14:31 - 2018-11-11 17:45 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:25 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2018-12-12 14:31 - 2018-11-11 17:25 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2018-12-12 14:31 - 2018-11-11 17:25 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2018-12-12 14:31 - 2018-11-11 17:24 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2018-12-12 14:31 - 2018-11-11 17:20 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2018-12-12 14:31 - 2018-11-11 17:20 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys 2018-12-12 14:31 - 2018-11-11 17:19 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2018-12-12 14:31 - 2018-11-11 17:19 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2018-12-12 14:31 - 2018-11-11 17:16 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2018-12-12 14:31 - 2018-11-11 17:16 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2018-12-12 14:31 - 2018-11-11 17:16 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2018-12-12 14:31 - 2018-11-11 17:15 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2018-12-12 14:31 - 2018-11-11 17:15 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys 2018-12-12 14:31 - 2018-11-11 17:15 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys 2018-12-12 14:31 - 2018-11-11 17:15 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys 2018-12-12 14:31 - 2018-11-11 17:15 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys 2018-12-12 14:31 - 2018-11-11 17:15 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2018-12-12 14:31 - 2018-11-11 17:15 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2018-12-12 14:31 - 2018-11-11 17:15 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2018-12-12 14:31 - 2018-11-11 17:15 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2018-12-12 14:31 - 2018-11-11 17:15 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2018-12-12 14:31 - 2018-11-11 17:14 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2018-12-12 14:31 - 2018-11-11 17:13 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:13 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:13 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2018-12-12 14:31 - 2018-11-11 17:13 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2018-12-12 14:31 - 2018-11-08 17:58 - 002009600 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2018-12-12 14:31 - 2018-11-08 17:58 - 001889280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2018-12-12 14:31 - 2018-11-08 17:58 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2018-12-12 14:31 - 2018-11-08 17:58 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2018-12-12 14:31 - 2018-11-08 17:43 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2018-12-12 14:31 - 2018-11-08 17:43 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2018-12-12 14:31 - 2018-11-08 17:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2018-12-12 14:31 - 2018-11-08 17:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2018-12-12 14:31 - 2018-11-06 05:36 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2018-12-12 14:31 - 2018-11-06 05:20 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2018-12-12 14:31 - 2018-10-06 17:03 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2018-12-12 14:31 - 2018-10-06 16:59 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll 2018-12-12 14:31 - 2018-10-06 16:59 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2018-12-12 14:31 - 2018-10-06 16:58 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2018-12-12 14:31 - 2018-10-06 16:58 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2018-12-12 14:31 - 2018-10-06 16:58 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2018-12-12 14:31 - 2018-10-06 16:50 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2018-12-12 14:31 - 2018-10-06 16:44 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll 2018-12-12 14:31 - 2018-10-06 16:44 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2018-12-12 14:31 - 2018-10-06 16:43 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2018-12-12 14:31 - 2018-10-06 16:43 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2018-12-12 14:31 - 2018-10-06 16:16 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2018-12-09 16:48 - 2018-12-09 23:42 - 000000000 ____D C:\Users\Chester\Documents\Euro Truck Simulator 2 2018-12-09 16:35 - 2018-12-09 16:35 - 000000211 _____ C:\Users\Chester\Desktop\Euro Truck Simulator 2.url 2018-12-09 00:14 - 2018-12-09 00:14 - 000000903 _____ C:\Users\Chester\Desktop\Blacklist.lnk 2018-12-08 21:25 - 2018-12-08 21:25 - 000000000 ____D C:\Users\Chester\Documents\Ubisoft 2018-12-04 23:42 - 2018-12-04 23:56 - 000000000 ____D C:\Users\Chester\Documents\NFS SHIFT 2018-12-04 23:39 - 2018-12-04 23:39 - 000000794 _____ C:\Users\Public\Desktop\Need for Speed Shift.lnk 2018-12-03 21:51 - 2018-12-01 06:05 - 000978336 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2018-12-03 21:51 - 2018-12-01 06:05 - 000978336 _____ C:\Windows\system32\vulkan-1.dll 2018-12-03 21:51 - 2018-12-01 06:05 - 000845216 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2018-12-03 21:51 - 2018-12-01 06:05 - 000845216 _____ C:\Windows\SysWOW64\vulkan-1.dll 2018-12-03 21:51 - 2018-12-01 06:05 - 000551568 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2018-12-03 21:51 - 2018-12-01 06:05 - 000457200 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2018-12-03 21:51 - 2018-12-01 06:05 - 000268192 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2018-12-03 21:51 - 2018-12-01 06:05 - 000268192 _____ C:\Windows\system32\vulkaninfo.exe 2018-12-03 21:51 - 2018-12-01 06:05 - 000243616 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2018-12-03 21:51 - 2018-12-01 06:05 - 000243616 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2018-12-03 21:51 - 2018-12-01 06:03 - 048640072 _____ (NVIDIA Corp.) C:\Windows\system32\nvoptix.dll 2018-12-03 21:51 - 2018-12-01 06:03 - 040098560 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2018-12-03 21:51 - 2018-12-01 06:03 - 029812504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2018-12-03 21:51 - 2018-12-01 06:03 - 020372384 _____ (NVIDIA Corporation) C:\Windows\system32\nvrtum64.dll 2018-12-03 21:51 - 2018-12-01 06:02 - 020130600 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2018-12-03 21:51 - 2018-12-01 06:02 - 001461136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2018-12-03 21:51 - 2018-12-01 06:02 - 001126528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2018-12-03 21:51 - 2018-12-01 06:02 - 000631696 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2018-12-03 21:51 - 2018-12-01 06:02 - 000522016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2018-12-03 21:51 - 2018-12-01 06:02 - 000383568 _____ C:\Windows\system32\nvofapi.dll 2018-12-03 21:51 - 2018-12-01 06:01 - 040260552 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2018-12-03 21:51 - 2018-12-01 06:01 - 035156424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2018-12-03 21:51 - 2018-12-01 06:01 - 004541240 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2018-12-03 21:51 - 2018-12-01 06:01 - 004032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2018-12-03 21:51 - 2018-12-01 06:01 - 002018288 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441722.dll 2018-12-03 21:51 - 2018-12-01 06:01 - 002002904 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2018-12-03 21:51 - 2018-12-01 06:01 - 001511056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2018-12-03 21:51 - 2018-12-01 06:01 - 001468048 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441722.dll 2018-12-03 21:51 - 2018-12-01 06:01 - 000489368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcbl64.dll 2018-12-03 21:51 - 2018-12-01 05:56 - 035301872 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl64.dll 2018-12-03 21:51 - 2018-12-01 05:56 - 031592736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2018-12-03 21:51 - 2018-12-01 05:56 - 029976000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl32.dll 2018-12-03 21:51 - 2018-12-01 05:56 - 020847432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2018-12-03 21:51 - 2018-12-01 05:56 - 019709528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2018-12-03 21:51 - 2018-12-01 05:56 - 017288040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2018-12-03 21:51 - 2018-12-01 05:56 - 015909528 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll 2018-12-03 21:51 - 2018-12-01 05:56 - 013203912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll 2018-12-03 21:51 - 2018-12-01 05:56 - 001167592 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll 2018-12-03 21:51 - 2018-12-01 05:56 - 000914592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2018-12-03 21:51 - 2018-12-01 05:56 - 000524624 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2018-12-03 21:51 - 2018-12-01 05:56 - 000450656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2018-12-03 21:51 - 2018-12-01 05:56 - 000419960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2018-12-03 21:51 - 2018-12-01 05:56 - 000182048 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2018-12-03 21:51 - 2018-12-01 05:56 - 000163560 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2018-12-03 21:51 - 2018-12-01 05:56 - 000159672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2018-12-03 21:51 - 2018-12-01 05:56 - 000141576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2018-12-03 21:51 - 2018-12-01 05:55 - 016986768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2018-12-03 21:34 - 2018-10-01 19:47 - 000070024 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2018-12-03 06:17 - 2018-12-08 21:25 - 000000000 ____D C:\ProgramData\Orbit 2018-12-02 20:31 - 2018-12-02 20:31 - 000003490 _____ C:\Windows\System32\Tasks\Chester 2018-12-02 20:28 - 2018-12-02 20:28 - 000000000 ____D C:\Users\Chester\AppData\LocalLow\weltenbauer_ Software Entwicklung GmbH 2018-12-02 20:28 - 2018-12-02 20:28 - 000000000 ____D C:\Users\Chester\AppData\LocalLow\weltenbauer. Software Entwicklung GmbH ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-12-16 04:35 - 2009-07-14 05:45 - 000022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-12-16 04:35 - 2009-07-14 05:45 - 000022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-12-15 13:22 - 2011-04-12 14:21 - 000740422 _____ C:\Windows\system32\perfh015.dat 2018-12-15 13:22 - 2011-04-12 14:21 - 000155996 _____ C:\Windows\system32\perfc015.dat 2018-12-15 13:22 - 2009-07-14 06:13 - 001670518 _____ C:\Windows\system32\PerfStringBackup.INI 2018-12-15 13:22 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2018-12-15 13:19 - 2017-12-11 13:26 - 000000000 ____D C:\ProgramData\NVIDIA 2018-12-15 13:18 - 2017-12-11 13:34 - 000003324 _____ C:\Windows\System32\Tasks\Launcher GIGABYTE XTREME GAMING ENGINE 2018-12-15 13:17 - 2017-12-11 13:35 - 000000000 ____D C:\Users\Chester\Documents\temp 2018-12-15 13:16 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-12-14 07:51 - 2018-03-25 10:00 - 000000000 ____D C:\Users\Chester\AppData\Roaming\GG 2018-12-14 00:30 - 2017-12-11 13:16 - 000002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-12-13 04:02 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache 2018-12-13 03:24 - 2009-07-14 05:45 - 000267360 _____ C:\Windows\system32\FNTCACHE.DAT 2018-12-13 03:05 - 2017-12-11 13:13 - 001642188 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2018-12-13 03:04 - 2017-12-11 17:42 - 000000000 ____D C:\Windows\system32\MRT 2018-12-13 03:02 - 2017-12-11 17:42 - 137260640 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2018-12-13 00:07 - 2017-12-11 17:00 - 000000000 ____D C:\Users\Chester\Documents\Rockstar Games 2018-12-12 23:41 - 2018-01-01 17:53 - 000000000 ____D C:\Users\Chester\AppData\Local\CrashDumps 2018-12-12 23:41 - 2017-12-11 17:01 - 000000000 ____D C:\Users\Chester\AppData\Local\Rockstar Games 2018-12-12 23:40 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared 2018-12-12 23:37 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2018-12-12 22:43 - 2018-02-05 17:59 - 000002440 _____ C:\Users\Chester\Desktop\Total Battle Members List.txt 2018-12-10 23:04 - 2010-11-21 04:27 - 000592616 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2018-12-09 00:31 - 2018-09-01 18:29 - 000000000 ____D C:\Users\Chester\AppData\Roaming\qBittorrent 2018-12-06 10:27 - 2018-03-13 15:27 - 000004560 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier 2018-12-06 10:27 - 2018-02-21 18:33 - 000004412 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2018-12-06 10:27 - 2018-02-21 18:32 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2018-12-06 10:27 - 2018-02-21 18:32 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2018-12-06 10:27 - 2018-02-21 18:32 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2018-12-06 10:27 - 2018-02-21 18:32 - 000000000 ____D C:\Windows\system32\Macromed 2018-12-03 21:53 - 2017-12-11 13:25 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2018-12-03 21:52 - 2017-12-11 13:53 - 000000000 ____D C:\Users\Chester\AppData\Local\NVIDIA 2018-12-03 21:36 - 2018-06-17 13:48 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-03 21:36 - 2018-06-17 13:48 - 000003790 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-03 21:36 - 2017-12-11 13:25 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2018-12-03 21:36 - 2017-12-11 13:25 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2018-12-03 21:35 - 2018-06-17 13:48 - 000003940 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-03 21:35 - 2018-06-17 13:48 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-03 21:35 - 2018-06-17 13:48 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-03 21:35 - 2018-06-17 13:48 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-03 21:35 - 2017-12-11 18:42 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-03 21:35 - 2017-12-11 13:48 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-03 21:35 - 2017-12-11 13:48 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-03 21:35 - 2017-12-11 13:48 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-03 21:35 - 2017-12-11 13:48 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-03 06:17 - 2018-01-11 21:57 - 000000000 ____D C:\Users\Chester\Documents\My Games 2018-12-01 05:56 - 2017-12-11 13:37 - 036852448 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2018-12-01 05:56 - 2017-11-09 04:33 - 000505696 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2018-12-01 05:55 - 2017-11-09 04:32 - 004847696 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2018-12-01 05:55 - 2017-11-09 04:32 - 004286008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2018-11-29 18:44 - 2017-11-09 03:57 - 000045453 _____ C:\Windows\system32\nvinfo.pb 2018-11-29 17:11 - 2017-12-11 13:26 - 005338608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2018-11-29 17:11 - 2017-12-11 13:26 - 002620624 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2018-11-29 17:11 - 2017-12-11 13:26 - 001767632 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2018-11-29 17:11 - 2017-12-11 13:26 - 000651248 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2018-11-29 17:11 - 2017-12-11 13:26 - 000450600 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2018-11-29 17:11 - 2017-12-11 13:26 - 000125240 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2018-11-29 17:11 - 2017-12-11 13:26 - 000082800 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2018-11-28 14:00 - 2018-03-25 09:51 - 000000000 ____D C:\Users\Chester\AppData\Local\GG 2018-11-28 00:28 - 2017-12-11 13:26 - 008453862 _____ C:\Windows\system32\nvcoproc.bin 2018-11-25 15:42 - 2018-07-09 19:43 - 000000000 ____D C:\Users\Chester\AppData\Local\Ubisoft Game Launcher 2018-11-25 15:42 - 2018-07-09 19:43 - 000000000 ____D C:\Program Files (x86)\Ubisoft 2018-11-20 01:04 - 2017-12-11 13:32 - 000007597 _____ C:\Users\Chester\AppData\Local\Resmon.ResmonCfg 2018-11-16 12:55 - 2018-06-17 13:48 - 002864496 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2018-11-16 12:55 - 2018-06-17 13:48 - 002264432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2018-11-16 12:55 - 2018-06-17 13:48 - 001322864 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll ==================== Pliki w katalogu głównym wybranych folderów ======= 2017-12-11 13:32 - 2018-11-20 01:04 - 000007597 _____ () C:\Users\Chester\AppData\Local\Resmon.ResmonCfg Niektóre pliki w TEMP: ==================== 2014-03-25 12:22 - 2014-03-25 12:22 - 000398832 ____R (MSI) C:\Users\Chester\AppData\Local\Temp\AutoWifi.exe 2017-12-11 13:10 - 2010-12-31 04:07 - 000086880 ____R (Microsoft Corporation) C:\Users\Chester\AppData\Local\Temp\devcon64.exe 2018-12-12 23:41 - 2018-12-13 00:01 - 000204800 _____ (Sony DADC Austria AG) C:\Users\Chester\AppData\Local\Temp\drm_dyndata_7370014.dll 2018-12-12 23:41 - 2018-12-15 15:18 - 000204800 _____ (Sony DADC Austria AG) C:\Users\Chester\AppData\Local\Temp\drm_dyndata_7380014.dll 2018-01-04 22:56 - 2017-10-02 13:48 - 000186736 _____ (RealNetworks, Inc.) C:\Users\Chester\AppData\Local\Temp\lowproc.exe 2018-04-24 22:12 - 2018-04-24 22:12 - 001644360 _____ (Kibeta ) C:\Users\Chester\AppData\Local\Temp\Morphvox Pro 4.4.70_1479443225.exe 2017-12-11 13:26 - 2017-10-27 17:06 - 000760032 _____ (NVIDIA Corporation) C:\Users\Chester\AppData\Local\Temp\nvSCPAPI.dll 2017-12-11 13:37 - 2017-10-27 17:06 - 000370296 _____ (NVIDIA Corporation) C:\Users\Chester\AppData\Local\Temp\nvStInst.exe 2018-01-06 18:29 - 2018-11-24 00:21 - 000004034 _____ () C:\Users\Chester\AppData\Local\Temp\t.dll ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2018-12-14 07:10 ==================== Koniec FRST.txt ============================ Cytuj Link to post Share on other sites
3ndurek 3595 Napisano 16 Grudnia 2018 Udostępnij Napisano 16 Grudnia 2018 Uruchom FRST, naciśnij jednocześnie CTRL+Y Otworzy się Notatnik - wklej do niego: Task: {6E9F70FA-6D0D-4F4E-ACA2-E11AE2461F0B} - System32\Tasks\Chester => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Chester /t REG_SZ /d "cmd.exe /c start www.dipladoks.org" HKU\S-1-5-21-1050097802-1924140053-2559007084-1000\...\Run: [Chester] => cmd.exe /c start www.dipladoks.org HKU\S-1-5-21-1050097802-1924140053-2559007084-1000\...\MountPoints2: F - F:\setup.exe HKU\S-1-5-21-1050097802-1924140053-2559007084-1000\...\MountPoints2: {34484730-de76-11e7-b5a1-448a5b9bf344} - H:\HiSuiteDownLoader.exe HKU\S-1-5-21-1050097802-1924140053-2559007084-1000\...\MountPoints2: {344847ac-de76-11e7-b5a1-448a5b9bf344} - H:\HiSuiteDownLoader.exe FF Plugin: @microsoft.com/GENUINE -> disabled [brak pliku] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [brak pliku] R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] () [brak podpisu cyfrowego] S3 MSICDSetup; \??\E:\CDriver64.sys [X] S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X] S4 NVHDA; system32\drivers\nvhda64v.sys [X] Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"} EmptyTemp: Naciśnij jednocześnie CTRL+S. W FRST kliknij na Fix (NAPRAW) Daj znać czy pomogło. 1 Cytuj Link to post Share on other sites
ChesterAfter 0 Napisano 16 Grudnia 2018 Udostępnij Napisano 16 Grudnia 2018 Problem zniknął, wielkie dzięki i szacun za to że orientujecie się w tych kodach Cytuj Link to post Share on other sites
Fungeez 0 Napisano 20 Grudnia 2018 Udostępnij Napisano 20 Grudnia 2018 Witam, Potrzebuję pomocy. Też mam problem z wyskakującą stroną http://gmaegames.pro/redirect-from-banner.html podczas startu systemu. Tutaj mój log z frst Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 19.12.2018 01Uruchomiony przez Misiek (administrator) MISIEK-KOMPUTER (20-12-2018 14:02:13)Uruchomiony z C:\Users\Misiek\DownloadsZaładowane profile: Misiek (Dostępne profile: Misiek & Justynka)Platform: Windows 7 Ultimate Service Pack 1 (X64) Język: Polski (Polska)Internet Explorer Wersja 11 (Domyślna przeglądarka: FF)Tryb startu: NormalInstrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Procesy (filtrowane) =================(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe(Microsoft Corporation) C:\Windows\System32\rundll32.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe(ESET) C:\Program Files\ESET\ESET Security\egui.exe(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe(Rapoo) C:\Program Files (x86)\Rapoo\V100\V100Config.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe(RAPOO) C:\Program Files (x86)\Rapoo\V100\V100Mouse\V100Mouse.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe==================== Rejestr (filtrowane) ===========================(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235944 2017-09-14] (Realtek Semiconductor)HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [177928 2018-12-13] (ESET)HKLM-x32\...\Run: [Rapoo V100 Config] => C:\Program Files (x86)\Rapoo\V100\V100Config.exe [2131256 2014-03-14] (Rapoo)HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)HKLM-x32\...\Run: [Genesis RX66 keyboard] => "C:\Program Files (x86)\Genesis\Genesis RX66\Monitor.exe"HKU\S-1-5-21-2408824183-3484963206-3134108798-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [5230784 2017-12-15] (Disc Soft Ltd)HKU\S-1-5-21-2408824183-3484963206-3134108798-1000\...\Run: [Misiek] => cmd.exe /c start www.dipladoks.orgHKU\S-1-5-21-2408824183-3484963206-3134108798-1000\...\MountPoints2: {27f9ed7f-e5c8-11e7-b80d-8c89a5526d09} - G:\OnePlus_setup.exe /sHKU\S-1-5-21-2408824183-3484963206-3134108798-1000\...\MountPoints2: {27f9ede0-e5c8-11e7-b80d-8c89a5526d09} - H:\setup.exeHKU\S-1-5-18\...\RunOnce: [sPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - ()==================== Internet (filtrowane) ====================(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)Tcpip\Parameters: [DhcpNameServer] 192.168.1.1Tcpip\..\Interfaces\{F048F146-085D-4E6D-8381-522334E41A65}: [DhcpNameServer] 192.168.1.1Internet Explorer:==================BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-11-27] (Oracle Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-27] (Oracle Corporation)FireFox:========FF DefaultProfile: zfrkphpx.default-1545308685690FF ProfilePath: C:\Users\Misiek\AppData\Roaming\Mozilla\Firefox\Profiles\zfrkphpx.default-1545308685690 [2018-12-20]FF Session Restore: Mozilla\Firefox\Profiles\zfrkphpx.default-1545308685690 -> [funkcja włączona]FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-27] (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-27] (Oracle Corporation)FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-12-11] (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-12-11] (NVIDIA Corporation)FF Plugin HKU\S-1-5-21-2408824183-3484963206-3134108798-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [brak pliku]==================== Usługi (filtrowane) ====================(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3128000 2017-12-15] (Disc Soft Ltd)R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2302160 2018-12-13] (ESET)S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [682056 2018-06-19] (GOG.com)S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8174664 2018-06-19] (GOG.com)R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation)S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation)S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [145512 2018-01-23] (Microsoft Corporation)R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)S3 AAErrorPort; C:\Users\Misiek\AppData\Local\Temp\ActiveAnticheat\aaerrport.exe [X] <==== UWAGAS2 Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [X]R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r===================== Sterowniki (filtrowane) ======================(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-12-20] (Disc Soft Ltd)R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-12-20] (Disc Soft Ltd)R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [143448 2018-11-23] (ESET)R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107896 2018-11-23] (ESET)R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [188832 2018-11-23] (ESET)R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [109864 2018-11-23] (ESET)R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30960 2015-05-29] (Intel Corporation)R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2016-03-29] (Intel Corporation)S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation)R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation)R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation)R3 rpvm100d; C:\Windows\System32\drivers\rpvm100d.sys [30976 2014-03-10] (RAPOO)S3 RTL85n64; C:\Windows\System32\DRIVERS\RTL85n64.sys [2061856 2010-03-23] (Realtek Semiconductor Corporation )R3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [3821064 2016-10-01] (Realtek Semiconductor Corporation )S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x64.sys [X]S3 PRProt; \??\C:\Users\Misiek\AppData\Local\Temp\ActiveAnticheat\1223403\active64.sys [X] <==== UWAGAS3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]S3 tsusbhub; system32\drivers\tsusbhub.sys [X]S3 VGPU; System32\drivers\rdvgkmd.sys [X]==================== NetSvcs (filtrowane) ===================(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)==================== Jeden miesiąc - utworzone pliki i foldery ========(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)2018-12-20 13:54 - 2018-12-20 13:55 - 000000000 ____D C:\AdwCleaner2018-12-20 13:53 - 2018-12-20 13:54 - 007321808 _____ (Malwarebytes) C:\Users\Misiek\Downloads\adwcleaner_7.2.5.0.exe2018-12-20 13:51 - 2018-12-20 13:52 - 000000261 _____ C:\Users\Misiek\Downloads\Search.txt2018-12-20 13:16 - 2018-12-20 13:48 - 000029275 _____ C:\Users\Misiek\Downloads\Addition.txt2018-12-20 13:15 - 2018-12-20 14:02 - 000009958 _____ C:\Users\Misiek\Downloads\FRST.txt2018-12-20 13:08 - 2018-12-20 13:36 - 000002596 _____ C:\Users\Misiek\Downloads\Fixlog.txt2018-12-20 13:08 - 2018-12-20 13:08 - 000000530 _____ C:\Users\Misiek\Downloads\czvadkubil.txt2018-12-20 13:07 - 2018-12-20 14:02 - 000000000 ____D C:\FRST2018-12-20 13:07 - 2018-12-20 13:08 - 000000530 _____ C:\Users\Misiek\Downloads\xqcdyymbspnamc.txt2018-12-20 13:07 - 2018-12-20 13:07 - 000000002 _____ C:\Users\Misiek\Downloads\ekhqytlooeywyd.txt2018-12-20 13:07 - 2018-12-20 13:07 - 000000000 ____D C:\Users\Misiek\Downloads\FRST-OlderVersion2018-12-20 13:06 - 2018-12-20 13:07 - 002419712 _____ (Farbar) C:\Users\Misiek\Downloads\FRST64.exe2018-12-19 19:14 - 2018-12-19 19:38 - 000000000 ____D C:\Users\Justynka\angielski2018-12-19 15:31 - 2018-12-20 11:46 - 000000000 ____D C:\Users\Misiek\Downloads\Divinity.Original.Sin.2.Definitive.Edition-CODEX2018-12-18 23:15 - 2018-12-20 11:46 - 000000000 ____D C:\Users\Misiek\AppData\LocalLow\uTorrent2018-12-15 17:27 - 2018-12-15 17:28 - 000166315 _____ C:\Users\Misiek\Downloads\document.pdf2018-12-13 16:26 - 2018-12-11 08:32 - 000133616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe2018-12-13 16:23 - 2018-12-12 02:43 - 000978360 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll2018-12-13 16:23 - 2018-12-12 02:43 - 000978360 _____ C:\Windows\system32\vulkan-1.dll2018-12-13 16:23 - 2018-12-12 02:43 - 000845216 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll2018-12-13 16:23 - 2018-12-12 02:43 - 000845216 _____ C:\Windows\SysWOW64\vulkan-1.dll2018-12-13 16:23 - 2018-12-12 02:43 - 000552024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll2018-12-13 16:23 - 2018-12-12 02:43 - 000457304 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll2018-12-13 16:23 - 2018-12-12 02:43 - 000268192 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe2018-12-13 16:23 - 2018-12-12 02:43 - 000268192 _____ C:\Windows\system32\vulkaninfo.exe2018-12-13 16:23 - 2018-12-12 02:43 - 000243640 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe2018-12-13 16:23 - 2018-12-12 02:43 - 000243640 _____ C:\Windows\SysWOW64\vulkaninfo.exe2018-12-13 16:23 - 2018-12-12 02:42 - 048639872 _____ (NVIDIA Corp.) C:\Windows\system32\nvoptix.dll2018-12-13 16:23 - 2018-12-12 02:42 - 040099112 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll2018-12-13 16:23 - 2018-12-12 02:42 - 031592760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll2018-12-13 16:23 - 2018-12-12 02:42 - 029813320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll2018-12-13 16:23 - 2018-12-12 02:42 - 020372280 _____ (NVIDIA Corporation) C:\Windows\system32\nvrtum64.dll2018-12-13 16:23 - 2018-12-12 02:42 - 020135392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys2018-12-13 16:23 - 2018-12-12 02:42 - 015909552 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll2018-12-13 16:23 - 2018-12-12 02:42 - 002002904 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll2018-12-13 16:23 - 2018-12-12 02:42 - 001511224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll2018-12-13 16:23 - 2018-12-12 02:42 - 001468504 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441735.dll2018-12-13 16:23 - 2018-12-12 02:42 - 001461152 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll2018-12-13 16:23 - 2018-12-12 02:42 - 001126816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll2018-12-13 16:23 - 2018-12-12 02:42 - 000631256 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll2018-12-13 16:23 - 2018-12-12 02:42 - 000521872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll2018-12-13 16:23 - 2018-12-12 02:42 - 000419984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll2018-12-13 16:23 - 2018-12-12 02:42 - 000383952 _____ C:\Windows\system32\nvofapi.dll2018-12-13 16:23 - 2018-12-12 02:41 - 040261208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll2018-12-13 16:23 - 2018-12-12 02:41 - 035301896 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl64.dll2018-12-13 16:23 - 2018-12-12 02:41 - 035157080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll2018-12-13 16:23 - 2018-12-12 02:41 - 029976016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl32.dll2018-12-13 16:23 - 2018-12-12 02:41 - 020847944 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll2018-12-13 16:23 - 2018-12-12 02:41 - 019709536 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll2018-12-13 16:23 - 2018-12-12 02:41 - 017288040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll2018-12-13 16:23 - 2018-12-12 02:41 - 016987144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll2018-12-13 16:23 - 2018-12-12 02:41 - 013204120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll2018-12-13 16:23 - 2018-12-12 02:41 - 004541072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll2018-12-13 16:23 - 2018-12-12 02:41 - 004286200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll2018-12-13 16:23 - 2018-12-12 02:41 - 004032600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll2018-12-13 16:23 - 2018-12-12 02:41 - 002017752 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441735.dll2018-12-13 16:23 - 2018-12-12 02:41 - 001167600 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll2018-12-13 16:23 - 2018-12-12 02:41 - 000914592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll2018-12-13 16:23 - 2018-12-12 02:41 - 000524440 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll2018-12-13 16:23 - 2018-12-12 02:41 - 000496624 _____ (NVIDIA Corporation) C:\Windows\system32\nvcbl64.dll2018-12-13 16:23 - 2018-12-12 02:41 - 000450656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll2018-12-13 16:23 - 2018-12-12 02:41 - 000182248 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll2018-12-13 16:23 - 2018-12-12 02:41 - 000163392 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll2018-12-13 16:23 - 2018-12-12 02:41 - 000159864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll2018-12-13 16:23 - 2018-12-12 02:41 - 000141592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll2018-12-12 17:16 - 2018-12-06 03:39 - 003227648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2018-12-12 17:16 - 2018-11-28 23:02 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll2018-12-12 17:16 - 2018-11-28 23:02 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL2018-12-12 17:16 - 2018-11-28 23:02 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll2018-12-12 17:16 - 2018-11-28 23:02 - 000005632 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx2018-12-12 17:16 - 2018-11-28 23:02 - 000005632 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll2018-12-12 17:16 - 2018-11-28 22:50 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL2018-12-12 17:16 - 2018-11-28 22:50 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll2018-12-12 17:16 - 2018-11-28 22:38 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll2018-12-12 17:16 - 2018-11-28 22:38 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx2018-12-12 17:16 - 2018-11-28 22:38 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll2018-12-12 17:16 - 2018-11-15 20:46 - 000397088 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2018-12-12 17:16 - 2018-11-15 19:55 - 000348976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2018-12-12 17:16 - 2018-11-15 04:00 - 025735680 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2018-12-12 17:16 - 2018-11-15 03:34 - 020281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2018-12-12 17:16 - 2018-11-15 02:51 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2018-12-12 17:16 - 2018-11-15 02:50 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2018-12-12 17:16 - 2018-11-13 05:54 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2018-12-12 17:16 - 2018-11-13 05:54 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2018-12-12 17:16 - 2018-11-13 05:42 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2018-12-12 17:16 - 2018-11-13 05:41 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2018-12-12 17:16 - 2018-11-13 05:40 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2018-12-12 17:16 - 2018-11-13 05:40 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2018-12-12 17:16 - 2018-11-13 05:39 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2018-12-12 17:16 - 2018-11-13 05:35 - 005778944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2018-12-12 17:16 - 2018-11-13 05:33 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2018-12-12 17:16 - 2018-11-13 05:32 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2018-12-12 17:16 - 2018-11-13 05:30 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2018-12-12 17:16 - 2018-11-13 05:28 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2018-12-12 17:16 - 2018-11-13 05:28 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2018-12-12 17:16 - 2018-11-13 05:28 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2018-12-12 17:16 - 2018-11-13 05:28 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2018-12-12 17:16 - 2018-11-13 05:26 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2018-12-12 17:16 - 2018-11-13 05:21 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2018-12-12 17:16 - 2018-11-13 05:18 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2018-12-12 17:16 - 2018-11-13 05:13 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2018-12-12 17:16 - 2018-11-13 05:13 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2018-12-12 17:16 - 2018-11-13 05:13 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2018-12-12 17:16 - 2018-11-13 05:12 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2018-12-12 17:16 - 2018-11-13 05:11 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx2018-12-12 17:16 - 2018-11-13 05:11 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2018-12-12 17:16 - 2018-11-13 05:10 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2018-12-12 17:16 - 2018-11-13 05:10 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll2018-12-12 17:16 - 2018-11-13 05:07 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2018-12-12 17:16 - 2018-11-13 05:07 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2018-12-12 17:16 - 2018-11-13 05:06 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2018-12-12 17:16 - 2018-11-13 05:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2018-12-12 17:16 - 2018-11-13 05:05 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2018-12-12 17:16 - 2018-11-13 05:05 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2018-12-12 17:16 - 2018-11-13 05:04 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2018-12-12 17:16 - 2018-11-13 05:03 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2018-12-12 17:16 - 2018-11-13 05:03 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll2018-12-12 17:16 - 2018-11-13 05:03 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2018-12-12 17:16 - 2018-11-13 04:55 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2018-12-12 17:16 - 2018-11-13 04:53 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll2018-12-12 17:16 - 2018-11-13 04:52 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2018-12-12 17:16 - 2018-11-13 04:51 - 015284736 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2018-12-12 17:16 - 2018-11-13 04:51 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2018-12-12 17:16 - 2018-11-13 04:51 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2018-12-12 17:16 - 2018-11-13 04:50 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2018-12-12 17:16 - 2018-11-13 04:50 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll2018-12-12 17:16 - 2018-11-13 04:50 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx2018-12-12 17:16 - 2018-11-13 04:49 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2018-12-12 17:16 - 2018-11-13 04:47 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2018-12-12 17:16 - 2018-11-13 04:47 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2018-12-12 17:16 - 2018-11-13 04:46 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2018-12-12 17:16 - 2018-11-13 04:44 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll2018-12-12 17:16 - 2018-11-13 04:42 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2018-12-12 17:16 - 2018-11-13 04:39 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll2018-12-12 17:16 - 2018-11-13 04:38 - 013681152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2018-12-12 17:16 - 2018-11-13 04:38 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2018-12-12 17:16 - 2018-11-13 04:37 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2018-12-12 17:16 - 2018-11-13 04:37 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2018-12-12 17:16 - 2018-11-13 04:36 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2018-12-12 17:16 - 2018-11-13 04:27 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2018-12-12 17:16 - 2018-11-13 04:18 - 004386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2018-12-12 17:16 - 2018-11-13 04:16 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2018-12-12 17:16 - 2018-11-13 04:15 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2018-12-12 17:16 - 2018-11-13 04:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2018-12-12 17:16 - 2018-11-11 18:19 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi2018-12-12 17:16 - 2018-11-11 18:02 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll2018-12-12 17:16 - 2018-11-11 18:01 - 005551848 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2018-12-12 17:16 - 2018-11-11 18:01 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi2018-12-12 17:16 - 2018-11-11 18:01 - 000366824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys2018-12-12 17:16 - 2018-11-11 18:01 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2018-12-12 17:16 - 2018-11-11 18:01 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys2018-12-12 17:16 - 2018-11-11 18:00 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll2018-12-12 17:16 - 2018-11-11 17:58 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2018-12-12 17:16 - 2018-11-11 17:58 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll2018-12-12 17:16 - 2018-11-11 17:58 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll2018-12-12 17:16 - 2018-11-11 17:58 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2018-12-12 17:16 - 2018-11-11 17:58 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll2018-12-12 17:16 - 2018-11-11 17:58 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll2018-12-12 17:16 - 2018-11-11 17:58 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll2018-12-12 17:16 - 2018-11-11 17:58 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll2018-12-12 17:16 - 2018-11-11 17:58 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2018-12-12 17:16 - 2018-11-11 17:58 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll2018-12-12 17:16 - 2018-11-11 17:58 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll2018-12-12 17:16 - 2018-11-11 17:58 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll2018-12-12 17:16 - 2018-11-11 17:58 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll2018-12-12 17:16 - 2018-11-11 17:58 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll2018-12-12 17:16 - 2018-11-11 17:58 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll2018-12-12 17:16 - 2018-11-11 17:58 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll2018-12-12 17:16 - 2018-11-11 17:58 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll2018-12-12 17:16 - 2018-11-11 17:58 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2018-12-12 17:16 - 2018-11-11 17:58 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll2018-12-12 17:16 - 2018-11-11 17:58 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll2018-12-12 17:16 - 2018-11-11 17:58 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll2018-12-12 17:16 - 2018-11-11 17:58 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll2018-12-12 17:16 - 2018-11-11 17:58 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll2018-12-12 17:16 - 2018-11-11 17:58 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll2018-12-12 17:16 - 2018-11-11 17:58 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:49 - 004054760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2018-12-12 17:16 - 2018-11-11 17:49 - 003960040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2018-12-12 17:16 - 2018-11-11 17:47 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll2018-12-12 17:16 - 2018-11-11 17:45 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll2018-12-12 17:16 - 2018-11-11 17:45 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll2018-12-12 17:16 - 2018-11-11 17:45 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2018-12-12 17:16 - 2018-11-11 17:45 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll2018-12-12 17:16 - 2018-11-11 17:45 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll2018-12-12 17:16 - 2018-11-11 17:45 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll2018-12-12 17:16 - 2018-11-11 17:45 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2018-12-12 17:16 - 2018-11-11 17:45 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll2018-12-12 17:16 - 2018-11-11 17:45 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll2018-12-12 17:16 - 2018-11-11 17:45 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll2018-12-12 17:16 - 2018-11-11 17:45 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll2018-12-12 17:16 - 2018-11-11 17:45 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2018-12-12 17:16 - 2018-11-11 17:45 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll2018-12-12 17:16 - 2018-11-11 17:45 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll2018-12-12 17:16 - 2018-11-11 17:45 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll2018-12-12 17:16 - 2018-11-11 17:45 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll2018-12-12 17:16 - 2018-11-11 17:45 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2018-12-12 17:16 - 2018-11-11 17:45 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:25 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe2018-12-12 17:16 - 2018-11-11 17:25 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys2018-12-12 17:16 - 2018-11-11 17:25 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe2018-12-12 17:16 - 2018-11-11 17:24 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe2018-12-12 17:16 - 2018-11-11 17:20 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe2018-12-12 17:16 - 2018-11-11 17:20 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys2018-12-12 17:16 - 2018-11-11 17:19 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe2018-12-12 17:16 - 2018-11-11 17:19 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe2018-12-12 17:16 - 2018-11-11 17:16 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys2018-12-12 17:16 - 2018-11-11 17:16 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys2018-12-12 17:16 - 2018-11-11 17:16 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys2018-12-12 17:16 - 2018-11-11 17:15 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe2018-12-12 17:16 - 2018-11-11 17:15 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys2018-12-12 17:16 - 2018-11-11 17:15 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys2018-12-12 17:16 - 2018-11-11 17:15 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys2018-12-12 17:16 - 2018-11-11 17:15 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys2018-12-12 17:16 - 2018-11-11 17:15 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe2018-12-12 17:16 - 2018-11-11 17:15 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe2018-12-12 17:16 - 2018-11-11 17:15 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll2018-12-12 17:16 - 2018-11-11 17:15 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe2018-12-12 17:16 - 2018-11-11 17:15 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe2018-12-12 17:16 - 2018-11-11 17:14 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll2018-12-12 17:16 - 2018-11-11 17:13 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:13 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:13 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll2018-12-12 17:16 - 2018-11-11 17:13 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll2018-12-12 17:16 - 2018-11-08 17:58 - 002009600 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll2018-12-12 17:16 - 2018-11-08 17:58 - 001889280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll2018-12-12 17:16 - 2018-11-08 17:58 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll2018-12-12 17:16 - 2018-11-08 17:58 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll2018-12-12 17:16 - 2018-11-08 17:43 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll2018-12-12 17:16 - 2018-11-08 17:43 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll2018-12-12 17:16 - 2018-11-08 17:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll2018-12-12 17:16 - 2018-11-08 17:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll2018-12-12 17:16 - 2018-11-06 05:36 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll2018-12-12 17:16 - 2018-11-06 05:20 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll2018-12-12 17:16 - 2018-10-06 17:03 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll2018-12-12 17:16 - 2018-10-06 16:59 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll2018-12-12 17:16 - 2018-10-06 16:59 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll2018-12-12 17:16 - 2018-10-06 16:58 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll2018-12-12 17:16 - 2018-10-06 16:58 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll2018-12-12 17:16 - 2018-10-06 16:58 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll2018-12-12 17:16 - 2018-10-06 16:50 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll2018-12-12 17:16 - 2018-10-06 16:44 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll2018-12-12 17:16 - 2018-10-06 16:44 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll2018-12-12 17:16 - 2018-10-06 16:43 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll2018-12-12 17:16 - 2018-10-06 16:43 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll2018-12-12 17:16 - 2018-10-06 16:16 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll2018-12-12 16:59 - 2018-12-12 16:59 - 000000000 ____D C:\Users\Justynka\AppData\Roaming\DAEMON Tools Lite2018-12-12 16:54 - 2018-12-12 16:54 - 000000000 ____D C:\Users\Justynka\AppData\Local\CEF2018-12-11 20:08 - 2018-12-19 22:31 - 000000000 ____D C:\Users\Justynka\AppData\LocalLow\Mozilla2018-12-11 20:08 - 2018-12-13 14:48 - 000000000 ____D C:\Users\Justynka\AppData\Local\Mozilla2018-12-11 20:08 - 2018-12-11 20:08 - 000058016 _____ C:\Users\Justynka\AppData\Local\GDIPFONTCACHEV1.DAT2018-12-11 20:08 - 2018-12-11 20:08 - 000001425 _____ C:\Users\Justynka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2018-12-11 20:08 - 2018-12-11 20:08 - 000000000 ____D C:\Users\Justynka\AppData\Roaming\Mozilla2018-12-11 20:08 - 2018-12-11 20:08 - 000000000 ____D C:\Users\Justynka\AppData\Roaming\Adobe2018-12-11 20:07 - 2018-12-19 19:14 - 000000000 ____D C:\Users\Justynka2018-12-11 20:07 - 2018-12-12 16:59 - 000000000 ____D C:\Users\Justynka\AppData\Local\NVIDIA Corporation2018-12-11 20:07 - 2018-12-11 20:08 - 000000000 ____D C:\Users\Justynka\AppData\Local\VirtualStore2018-12-11 20:07 - 2018-12-11 20:07 - 000000020 ___SH C:\Users\Justynka\ntuser.ini2018-12-11 20:07 - 2018-12-11 20:07 - 000000000 _SHDL C:\Users\Justynka\Ustawienia lokalne2018-12-11 20:07 - 2018-12-11 20:07 - 000000000 _SHDL C:\Users\Justynka\Szablony2018-12-11 20:07 - 2018-12-11 20:07 - 000000000 _SHDL C:\Users\Justynka\Moje dokumenty2018-12-11 20:07 - 2018-12-11 20:07 - 000000000 _SHDL C:\Users\Justynka\Menu Start2018-12-11 20:07 - 2018-12-11 20:07 - 000000000 _SHDL C:\Users\Justynka\Documents\Moje wideo2018-12-11 20:07 - 2018-12-11 20:07 - 000000000 _SHDL C:\Users\Justynka\Documents\Moje obrazy2018-12-11 20:07 - 2018-12-11 20:07 - 000000000 _SHDL C:\Users\Justynka\Documents\Moja muzyka2018-12-11 20:07 - 2018-12-11 20:07 - 000000000 _SHDL C:\Users\Justynka\Dane aplikacji2018-12-11 20:07 - 2018-12-11 20:07 - 000000000 _SHDL C:\Users\Justynka\AppData\Roaming\Microsoft\Windows\Start Menu\Programy2018-12-11 20:07 - 2018-12-11 20:07 - 000000000 _SHDL C:\Users\Justynka\AppData\Local\Historia2018-12-11 20:07 - 2018-12-11 20:07 - 000000000 _SHDL C:\Users\Justynka\AppData\Local\Dane aplikacji2018-12-11 20:07 - 2018-12-11 20:07 - 000000000 ____D C:\Users\Justynka\AppData\Local\NVIDIA2018-12-11 20:07 - 2018-12-11 20:07 - 000000000 ____D C:\Users\Justynka\ansel2018-12-11 20:07 - 2009-07-14 19:09 - 000000000 ____D C:\Users\Justynka\AppData\Roaming\Media Center Programs2018-12-07 19:06 - 2018-12-07 19:06 - 000000000 ____D C:\Users\Misiek\AppData\Roaming\NVIDIA2018-12-07 18:12 - 2018-12-07 18:12 - 000000559 _____ C:\Users\Public\Desktop\Fallout 4.lnk2018-12-07 17:49 - 2018-12-07 17:49 - 000002058 _____ C:\Users\Public\Desktop\Genesis RX66.lnk2018-12-07 17:49 - 2018-12-07 17:49 - 000000000 ____D C:\Users\Misiek\Downloads\Genesis-RX66-driver-production-date-after-2017062018-12-06 21:51 - 2018-12-06 21:51 - 000003522 _____ C:\Windows\System32\Tasks\Misiek2018-12-06 21:47 - 2018-12-06 21:47 - 000115712 _____ (Sony Computer Entertainment Inc.) C:\Windows\system32\libScePad.dll2018-12-06 21:47 - 2018-12-06 21:47 - 000115712 _____ (Sony Computer Entertainment Inc.) C:\Users\Misiek\Downloads\libScePad.dll2018-12-06 21:39 - 2018-12-06 21:39 - 000000000 ____D C:\Users\Misiek\AppData\Roaming\Steam2018-12-06 21:33 - 2018-12-06 21:39 - 000000000 ____D C:\Users\Misiek\AppData\Local\CrashDumps2018-12-05 22:14 - 2018-12-06 21:45 - 000000000 ____D C:\Users\Misiek\AppData\Local\Fallout42018-12-05 22:14 - 2018-12-05 22:14 - 000000000 ____D C:\Users\Public\Documents\Steam2018-12-04 23:13 - 2018-12-01 06:01 - 002018288 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441722.dll2018-12-04 23:13 - 2018-12-01 06:01 - 001468048 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441722.dll2018-11-30 23:44 - 2018-11-30 23:44 - 000000000 ____D C:\Users\Misiek\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me2018-11-30 23:41 - 2018-11-30 23:41 - 000000000 ____D C:\Users\Misiek\Documents\OCCT2018-11-30 22:53 - 2018-11-30 22:53 - 000000971 _____ C:\Users\Misiek\Desktop\OCCT.lnk2018-11-30 22:53 - 2018-11-30 22:53 - 000000000 ____D C:\Users\Misiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OCCT2018-11-30 22:53 - 2018-11-30 22:53 - 000000000 ____D C:\Program Files (x86)\OCCTPT2018-11-30 22:52 - 2018-11-30 22:53 - 008136268 _____ C:\Users\Misiek\Downloads\OCCTPT4.5.1.exe2018-11-27 18:34 - 2018-11-27 19:16 - 000001917 _____ C:\Users\Misiek\Desktop\Rapoo V100 driver program.lnk2018-11-27 18:34 - 2018-11-27 19:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rapoo2018-11-27 18:33 - 2018-11-27 19:16 - 000110868 _____ C:\Windows\unins000.dat2018-11-27 18:33 - 2018-11-27 19:10 - 000000000 ____D C:\Program Files (x86)\Rapoo2018-11-27 18:33 - 2018-11-27 18:33 - 001543121 _____ C:\Windows\unins000.exe2018-11-27 18:33 - 2014-03-10 15:24 - 000030976 _____ (RAPOO) C:\Windows\system32\Drivers\rpvm100d.sys2018-11-27 18:20 - 2018-11-16 16:46 - 002017536 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441701.dll2018-11-27 18:20 - 2018-11-16 16:46 - 001468192 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441701.dll2018-11-27 17:59 - 2018-10-01 19:47 - 000070024 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys2018-11-23 21:26 - 2018-11-13 20:05 - 002017736 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441694.dll2018-11-23 21:26 - 2018-11-13 20:05 - 001468032 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441694.dll2018-11-23 20:55 - 2018-11-11 02:25 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll2018-11-23 20:55 - 2018-11-11 02:25 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll2018-11-23 20:55 - 2018-11-11 02:25 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll2018-11-23 20:55 - 2018-11-11 02:24 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll2018-11-23 20:55 - 2018-11-11 02:10 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll2018-11-23 20:55 - 2018-11-11 02:10 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll2018-11-23 20:55 - 2018-11-11 01:47 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll2018-11-23 20:55 - 2018-10-27 04:42 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll2018-11-23 20:55 - 2018-10-27 04:42 - 000202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll2018-11-23 20:55 - 2018-10-27 04:42 - 000150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx2018-11-23 20:55 - 2018-10-27 04:42 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll2018-11-23 20:55 - 2018-10-27 04:41 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\dispex.dll2018-11-23 20:55 - 2018-10-27 04:27 - 000173568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll2018-11-23 20:55 - 2018-10-27 04:27 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll2018-11-23 20:55 - 2018-10-27 04:27 - 000121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx2018-11-23 20:55 - 2018-10-27 04:11 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe2018-11-23 20:55 - 2018-10-27 04:11 - 000156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe2018-11-23 20:55 - 2018-10-27 04:04 - 000141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe2018-11-23 20:55 - 2018-10-27 04:04 - 000126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe2018-11-23 20:55 - 2018-10-27 04:04 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshcon.dll2018-11-23 20:55 - 2018-10-27 04:04 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dispex.dll2018-11-23 20:55 - 2018-10-06 14:42 - 001988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll2018-11-23 20:55 - 2018-10-06 14:05 - 002565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll2018-11-23 20:55 - 2018-09-23 03:55 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll2018-11-23 20:55 - 2018-09-23 03:54 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll2018-11-23 20:55 - 2018-09-23 03:54 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll2018-11-23 20:55 - 2018-09-23 03:54 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll2018-11-23 20:55 - 2018-09-23 03:54 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll2018-11-23 20:55 - 2018-09-23 03:54 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll2018-11-23 20:55 - 2018-09-23 03:54 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll2018-11-23 20:55 - 2018-09-23 03:54 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll2018-11-23 20:55 - 2018-09-23 03:54 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll2018-11-23 20:55 - 2018-09-23 03:37 - 001549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll2018-11-23 20:55 - 2018-09-23 03:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll2018-11-23 20:55 - 2018-09-23 03:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll2018-11-23 20:55 - 2018-09-23 03:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll2018-11-23 20:55 - 2018-09-23 03:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll2018-11-23 20:55 - 2018-09-23 03:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll2018-11-23 20:55 - 2018-09-23 03:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll2018-11-23 20:55 - 2018-09-23 03:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll2018-11-23 20:55 - 2018-09-23 03:34 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe2018-11-23 20:55 - 2018-09-23 03:34 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe2018-11-23 20:55 - 2018-09-23 03:33 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe2018-11-23 20:55 - 2018-09-23 03:22 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe2018-11-23 20:55 - 2018-09-23 03:22 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe2018-11-23 20:55 - 2018-09-23 03:21 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe2018-11-23 20:55 - 2018-09-23 03:21 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll2018-11-23 20:55 - 2018-08-28 04:48 - 000419608 _____ C:\Windows\SysWOW64\locale.nls2018-11-23 20:55 - 2018-08-28 04:48 - 000419608 _____ C:\Windows\system32\locale.nls==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)2018-12-20 13:58 - 2017-11-21 19:09 - 000000000 ____D C:\ProgramData\NVIDIA2018-12-20 13:57 - 2017-11-21 19:20 - 000000000 ____D C:\Users\Misiek\AppData\LocalLow\Mozilla2018-12-20 13:56 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT2018-12-20 13:21 - 2009-07-14 05:45 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02018-12-20 13:21 - 2009-07-14 05:45 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02018-12-20 13:20 - 2009-07-14 18:55 - 000740098 _____ C:\Windows\system32\perfh015.dat2018-12-20 13:20 - 2009-07-14 18:55 - 000155672 _____ C:\Windows\system32\perfc015.dat2018-12-20 13:20 - 2009-07-14 06:13 - 001669190 _____ C:\Windows\system32\PerfStringBackup.INI2018-12-20 13:20 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf2018-12-20 13:15 - 2018-08-30 19:56 - 000038400 ___SH C:\Users\Misiek\Thumbs.db2018-12-20 13:11 - 2018-08-06 20:13 - 000000000 ____D C:\Users\Misiek\AppData\LocalLow\Temp2018-12-20 12:57 - 2017-12-07 21:44 - 000000000 ____D C:\Users\Misiek\AppData\Roaming\uTorrent2018-12-18 19:46 - 2018-10-16 18:00 - 000000000 ____D C:\Users\Misiek\Downloads\Pillars.of.Eternity.II.Deadfire-2.0.0.0030.elamigos-games.com2018-12-15 12:48 - 2017-11-21 19:20 - 000000000 ____D C:\Program Files\Mozilla Firefox2018-12-15 12:48 - 2017-11-21 19:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service2018-12-14 19:00 - 2017-11-21 19:09 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation2018-12-13 16:26 - 2018-05-27 09:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation2018-12-13 16:26 - 2017-11-21 19:08 - 000000000 ____D C:\ProgramData\NVIDIA Corporation2018-12-13 15:56 - 2018-08-30 20:10 - 000001374 _____ C:\Users\Public\Desktop\GeForce Experience.lnk2018-12-13 15:56 - 2018-05-27 09:28 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}2018-12-13 15:56 - 2018-05-27 09:28 - 000003790 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}2018-12-13 15:55 - 2018-05-27 09:28 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}2018-12-13 15:55 - 2018-05-27 09:28 - 000003940 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}2018-12-13 15:55 - 2018-05-27 09:28 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}2018-12-13 15:55 - 2018-05-27 09:28 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}2018-12-13 15:55 - 2018-05-27 09:28 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}2018-12-13 15:55 - 2018-05-27 09:28 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}2018-12-13 15:55 - 2018-05-27 09:28 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}2018-12-13 15:55 - 2018-05-27 09:28 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}2018-12-13 15:55 - 2018-05-27 09:28 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}2018-12-13 15:55 - 2017-11-21 19:08 - 000000000 ____D C:\Program Files\NVIDIA Corporation2018-12-13 13:33 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache2018-12-13 12:44 - 2009-07-14 05:45 - 000267360 _____ C:\Windows\system32\FNTCACHE.DAT2018-12-12 22:14 - 2017-11-24 22:00 - 001640860 _____ C:\Windows\SysWOW64\PerfStringBackup.INI2018-12-12 22:13 - 2017-11-21 19:30 - 000000000 ____D C:\Windows\system32\MRT2018-12-12 22:12 - 2017-11-21 19:29 - 137260640 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe2018-12-12 02:42 - 2017-11-09 04:33 - 036853968 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll2018-12-12 02:42 - 2017-11-09 04:33 - 000505904 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll2018-12-12 02:41 - 2017-11-09 04:32 - 004847200 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll2018-12-11 11:56 - 2018-05-27 09:28 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat2018-12-11 11:56 - 2017-11-21 19:08 - 000045453 _____ C:\Windows\system32\nvinfo.pb2018-12-11 08:08 - 2017-11-21 19:09 - 005338320 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll2018-12-11 08:08 - 2017-11-21 19:09 - 002620456 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll2018-12-11 08:08 - 2017-11-21 19:09 - 001767920 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll2018-12-11 08:08 - 2017-11-21 19:09 - 000651248 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll2018-12-11 08:08 - 2017-11-21 19:09 - 000450600 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll2018-12-11 08:08 - 2017-11-21 19:09 - 000124968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll2018-12-11 08:08 - 2017-11-21 19:09 - 000082800 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll2018-12-11 03:57 - 2017-11-21 19:09 - 008459772 _____ C:\Windows\system32\nvcoproc.bin2018-12-10 23:04 - 2018-07-04 16:10 - 000592616 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe2018-12-10 12:29 - 2017-11-21 19:09 - 000001951 _____ C:\Windows\NvContainerRecovery.bat2018-12-08 14:38 - 2017-11-21 19:04 - 000000000 ____D C:\Users\Misiek\AppData\Local\VirtualStore2018-12-07 19:06 - 2018-01-17 21:16 - 000000000 ____D C:\Users\Misiek\Documents\My Games2018-12-07 19:00 - 2018-02-21 22:58 - 000000000 ____D C:\ProgramData\Package Cache2018-12-07 18:57 - 2017-11-21 19:05 - 000000000 ____D C:\Windows\SysWOW64\directx2018-12-07 17:49 - 2017-12-20 23:09 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information2018-12-06 11:15 - 2018-05-27 09:28 - 002865136 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll2018-12-06 11:15 - 2018-05-27 09:28 - 002265072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll2018-12-06 11:15 - 2018-05-27 09:28 - 001323504 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll2018-12-02 19:11 - 2018-01-20 00:15 - 000000000 ____D C:\ProgramData\Nero2018-12-01 12:20 - 2017-11-21 19:07 - 000000000 ____D C:\Users\Misiek\Documents\The Witcher 32018-11-28 16:40 - 2018-01-20 12:30 - 000001309 _____ C:\Users\Misiek\Desktop\HOMM 3 WOG.lnk2018-11-27 19:10 - 2018-05-27 09:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java2018-11-27 19:10 - 2018-05-27 09:00 - 000000000 ____D C:\Program Files (x86)\Java2018-11-27 19:09 - 2018-05-27 09:00 - 000098680 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2018-11-27 18:25 - 2018-05-27 09:29 - 000000000 ____D C:\Users\Misiek\AppData\Local\NVIDIA Corporation2018-11-23 20:17 - 2017-12-20 22:00 - 000107896 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys2018-11-23 20:17 - 2017-11-02 09:02 - 000143448 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys2018-11-23 20:17 - 2017-10-09 16:49 - 000188832 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys2018-11-23 20:17 - 2017-09-19 09:05 - 000109864 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys==================== Bamital & volsnap ======================(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowoC:\Windows\system32\wininit.exe => Plik podpisany cyfrowoC:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowoC:\Windows\explorer.exe => Plik podpisany cyfrowoC:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowoC:\Windows\system32\svchost.exe => Plik podpisany cyfrowoC:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowoC:\Windows\system32\services.exe => Plik podpisany cyfrowoC:\Windows\system32\User32.dll => Plik podpisany cyfrowoC:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowoC:\Windows\system32\userinit.exe => Plik podpisany cyfrowoC:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowoC:\Windows\system32\rpcss.dll => Plik podpisany cyfrowoC:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowoC:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowoC:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowoLastRegBack: 2018-12-15 17:13==================== Koniec FRST.txt ============================ Cytuj Link to post Share on other sites
3ndurek 3595 Napisano 20 Grudnia 2018 Udostępnij Napisano 20 Grudnia 2018 @@Fungeez, Brakuje logu Addition.txt. Przed skanem zaznacz Addition.txt 1 Cytuj Link to post Share on other sites
Fungeez 0 Napisano 20 Grudnia 2018 Udostępnij Napisano 20 Grudnia 2018 przepraszam już daję Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 19.12.2018 01Uruchomiony przez Misiek (20-12-2018 18:59:52)Uruchomiony z C:\Users\Misiek\DownloadsWindows 7 Ultimate Service Pack 1 (X64) (2017-11-21 18:03:50)Tryb startu: Normal============================================================================== Konta użytkowników: =============================Administrator (S-1-5-21-2408824183-3484963206-3134108798-500 - Administrator - Disabled)Gość (S-1-5-21-2408824183-3484963206-3134108798-501 - Limited - Disabled)HomeGroupUser$ (S-1-5-21-2408824183-3484963206-3134108798-1002 - Limited - Enabled)Justynka (S-1-5-21-2408824183-3484963206-3134108798-1003 - Limited - Enabled) => C:\Users\JustynkaMisiek (S-1-5-21-2408824183-3484963206-3134108798-1000 - Administrator - Enabled) => C:\Users\Misiek==================== Centrum zabezpieczeń ========================(Załączenie wejścia w fixlist spowoduje jego usunięcie.)AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}==================== Zainstalowane programy ======================(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)µTorrent (HKU\S-1-5-21-2408824183-3484963206-3134108798-1000\...\uTorrent) (Version: 3.5.4.44632 - BitTorrent Inc.)Aktualizacje NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) HiddenAudacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team)ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{D1844DC3-B378-47CC-AB40-7FC16C79A2CD}) (Version: 4.7.02558 - Microsoft Corporation) HiddenDAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.7.0.0333 - Disc Soft Ltd)DiagnosticsHub_CollectionService (HKLM\...\{0CB7B447-4937-4945-B8C0-807A77B830D5}) (Version: 15.7.27520 - Microsoft Corporation) HiddenDisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.35 - NVIDIA Corporation) HiddenEntity Framework 6.2.0 Tools for Visual Studio 2017 (HKLM-x32\...\{D58F95D9-65E0-4057-9008-1226B3516B76}) (Version: 6.2.61529.0 - Microsoft Corporation) HiddenESET Security (HKLM\...\{8B35CE46-1F7C-4B22-815E-AB6DC63EE3AB}) (Version: 11.0.149.0 - ESET, spol. s r.o.)Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: - )Genesis RX66 keyboard Driver (HKLM-x32\...\{68F65E0D-F894-4F5A-B9E9-F3CAB29FB59A}) (Version: 1.0 - Genesis)GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)Heroes of Might and Magic III - Złota Edycja (HKLM-x32\...\Heroes of Might and Magic III - Złota Edycja_is1) (Version: - )Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\1207661193_is1) (Version: 2.1.0.24 - GOG.com)Heroes of Might and Magic V with Hammers of Fate (HKLM-x32\...\1207661143_is1) (Version: 2.1.0.22 - GOG.com)icecap_collection_neutral (HKLM-x32\...\{12C1EC05-F936-4A80-821E-7AAC64C4E6FF}) (Version: 15.6.27413 - Microsoft Corporation) Hiddenicecap_collection_x64 (HKLM\...\{C8E22DF4-5498-4B61-93CF-3081BE95A1BA}) (Version: 15.6.27413 - Microsoft Corporation) Hiddenicecap_collectionresources (HKLM-x32\...\{848D4C75-1E6E-4FFF-BBB0-7A43FCAC316D}) (Version: 15.6.27406 - Microsoft Corporation) Hiddenicecap_collectionresourcesx64 (HKLM-x32\...\{F2B4BA7C-84B2-4CFB-8502-899D383B3659}) (Version: 15.6.27406 - Microsoft Corporation) HiddenIntelliTraceProfilerProxy (HKLM-x32\...\{ACBAA378-519A-441D-9349-C0AAD8DEAD04}) (Version: 15.0.17289.01 - Microsoft Corporation) HiddenJava 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )Mass Effect™: Andromeda (HKLM-x32\...\{72BBCA87-9350-48BC-9E2F-6DBC1E80C993}) (Version: 1.0.0.4 - Electronic Arts)Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)Microsoft .NET Framework 4.7.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.7.03062 - Microsoft Corporation)Microsoft System CLR Types for SQL Server 2017 (HKLM\...\{EE99006A-F227-41BA-884C-C3AF9642D95A}) (Version: 14.0.3006.16 - Microsoft Corporation)Microsoft System CLR Types for SQL Server 2017 (HKLM-x32\...\{FBD0D997-4E36-4B10-8471-BD7CF42ECE7F}) (Version: 14.0.3006.16 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{c46f54b7-7013-4588-baf9-208a096a972e}) (Version: 12.0.40660.0 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.16.1252.717 - Microsoft Corporation)Might & Magic Heroes VI - Shades of Darkness (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 2.1.1 - Ubisoft)Mozilla Firefox 64.0 (x64 pl) (HKLM\...\Mozilla Firefox 64.0 (x64 pl)) (Version: 64.0 - Mozilla)Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) HiddenNVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation)NVIDIA Oprogramowanie systemu PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)NVIDIA Sterownik 3D Vision 417.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 417.35 - NVIDIA Corporation)NVIDIA Sterownik dźwięku HD 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)NVIDIA Sterownik graficzny 417.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 417.35 - NVIDIA Corporation)NVIDIA Sterownik kontrolera 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)OCCT 4.5.1 (HKLM-x32\...\OCCT) (Version: 4.5.1 - Ocbase.com)OnePlus USB Drivers 1.00 (HKLM-x32\...\OnePlus USB Drivers 1.00) (Version: 1.00 - OnePlus, Inc)OpenIV (HKU\S-1-5-21-2408824183-3484963206-3134108798-1000\...\OpenIV) (Version: 2.9.2.932 - .black/OpenIV Team)Pakiet sterowników systemu Windows - OnePlus, Inc. (WinUSB) AndroidUsbDeviceClass (05/24/2012 6.0.0000.00000) (HKLM\...\59AFF6524BE5C0983F2711DEB8D25D511D4F4924) (Version: 05/24/2012 6.0.0000.00000 - OnePlus, Inc.)Pakiet zbiorczy funkcji IntelliSense platformy Microsoft .NET Framework Cumulative Intellisense Pack dla programu Visual Studio (Polski) (HKLM-x32\...\{BCCDC1D3-999C-445B-826F-5B5548F19858}) (Version: 4.7.02558 - Microsoft Corporation) HiddenPanel sterowania NVIDIA 417.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 417.35 - NVIDIA Corporation) HiddenPillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 3.7.0.1280 - GOG.com)Pillars of Eternity Preorder Item and Pet (HKLM-x32\...\1207666843_is1) (Version: 3.7.0.1280 - GOG.com)Pillars of Eternity: Deadfire Pack (HKLM-x32\...\1577585691_is1) (Version: 3.7.0.1280 - GOG.com)Pillars of Eternity: The White March - Part 1 (HKLM-x32\...\1439895308_is1) (Version: 3.7.0.1280 - GOG.com)Pillars of Eternity: The White March - Part 2 (HKLM-x32\...\1439897569_is1) (Version: 3.7.0.1280 - GOG.com)Rapoo V100 Backlit Keyboard & Optical Mouse driver program v1.0 (HKLM-x32\...\{2436CA56-172A-444E-A5C2-0D814456AF8D}_is1) (Version: - Rapoo, Inc.)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8254 - Realtek Semiconductor Corp.)Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)vcpp_crt.redist.clickonce (HKLM-x32\...\{828CB637-23AD-4B59-A4E4-649A2B91D995}) (Version: 14.14.26405 - Microsoft Corporation) HiddenVisual Studio Community 2017 (HKLM-x32\...\8d791f92) (Version: 15.7.27703.2047 - Microsoft Corporation)VS Immersive Activate Helper (HKLM-x32\...\{10948144-16FC-42B6-8DEA-5AC2428278DF}) (Version: 16.0.94.0 - Microsoft Corporation) HiddenVS JIT Debugger (HKLM\...\{4D42BCAC-81DD-4450-8BDC-7FCC4C975D2F}) (Version: 16.0.94.0 - Microsoft Corporation) Hiddenvs_BlendMsi (HKLM-x32\...\{C5D83E0F-12E7-4BA3-98E6-DAE0E73B5BF9}) (Version: 15.0.27205 - Microsoft Corporation) Hiddenvs_clickoncebootstrappermsi (HKLM-x32\...\{A68D7884-F036-4A0D-AE1A-410E0311E135}) (Version: 15.0.27005 - Microsoft Corporation) Hiddenvs_clickoncebootstrappermsires (HKLM-x32\...\{91DDDFB5-1782-48C2-BA2A-8F4D9DE39D27}) (Version: 15.0.27005 - Microsoft Corporation) Hiddenvs_clickoncesigntoolmsi (HKLM-x32\...\{6A1ECF65-2CBF-4B33-9D4A-D1C0A0E5FE45}) (Version: 15.0.27005 - Microsoft Corporation) Hiddenvs_communitymsi (HKLM-x32\...\{5DFEB1ED-29B8-44F0-8615-DE758242B0E2}) (Version: 15.7.27617 - Microsoft Corporation) Hiddenvs_communitymsires (HKLM-x32\...\{CEF65212-694E-4F0B-ADB5-17CE0C2AE213}) (Version: 15.0.26621 - Microsoft Corporation) Hiddenvs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hiddenvs_filehandler_amd64 (HKLM-x32\...\{B6600254-A9D1-4265-826B-28B0E28C1F37}) (Version: 15.7.27617 - Microsoft Corporation) Hiddenvs_filehandler_x86 (HKLM-x32\...\{EF15DAFE-8E43-48E6-AE94-CBA196675318}) (Version: 15.7.27617 - Microsoft Corporation) Hiddenvs_FileTracker_Singleton (HKLM-x32\...\{8EB2C670-04C2-482D-BACD-B4095E27FD39}) (Version: 15.6.27309 - Microsoft Corporation) Hiddenvs_minshellinteropmsi (HKLM-x32\...\{9B1DD088-CF09-46A1-8B42-18D231B19E39}) (Version: 15.7.27604 - Microsoft Corporation) Hiddenvs_minshellmsi (HKLM-x32\...\{F5BCAD30-D22C-4B08-A581-1EBE3A35C6B1}) (Version: 15.7.27617 - Microsoft Corporation) Hiddenvs_minshellmsires (HKLM-x32\...\{871BE104-8114-4C84-9809-D3F2DAB18E06}) (Version: 15.0.26621 - Microsoft Corporation) Hiddenvs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{5779B6DD-604A-41CE-BC3D-9D4BDDA22AD2}) (Version: 15.0.27005 - Microsoft Corporation) Hiddenvs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) HiddenWinRAR 5.50 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-12-13] (ESET)ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-09-13] (Alexander Roshal)ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-09-13] (Alexander Roshal)ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2017-12-15] (Disc Soft Ltd)ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-12-13] (ESET)ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2017-12-15] (Disc Soft Ltd)ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-12-11] (NVIDIA Corporation)ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-12-13] (ESET)ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-09-13] (Alexander Roshal)ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-09-13] (Alexander Roshal)==================== Zaplanowane zadania (filtrowane) =============(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)Task: {158E910A-75CA-4CA5-8AC1-CB0E1C87F750} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)Task: {3E63FAE7-04CB-4BE0-A306-825CAD9AF2A7} - System32\Tasks\OptimizerTask => C:\Users\Misiek\AppData\Roaming\Prototype.PC\lcner.exeTask: {53DB9CF1-D371-4585-AE4D-99DB4E49175E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-12-06] (NVIDIA Corporation)Task: {62262615-165D-474E-AFF8-34F3FF7AC0A0} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation)Task: {7DFA8280-A58B-4626-91EB-B5E12ED5559B} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)Task: {81DFB14E-043E-4535-8484-C8FB2DBEAEAF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation)Task: {9165C92D-1E56-4606-8D33-6866AD7D0C16} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation)Task: {C1B49FAD-5AAF-4FA4-843C-6D7724624691} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)Task: {E03F59AC-01C6-4AE4-A2F6-5A57D0DD5924} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-12-06] (NVIDIA Corporation)Task: {E1FAEF09-074C-433E-8CAE-9A3EB51AE7EA} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-12-06] (NVIDIA Corporation)Task: {EED2C657-9EE1-4BC8-B49B-E466F83AC2CF} - System32\Tasks\Misiek => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Misiek /t REG_SZ /d "cmd.exe /c start www.dipladoks.org"Task: {F46B51E7-35FE-47FA-9E6C-DBAD069E1332} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)Task: {FEC6D549-E4DE-4796-9606-FA018318498E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation)(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)==================== Skróty & WMI ========================(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)==================== Załadowane moduły (filtrowane) ==============2018-05-27 09:28 - 2018-12-06 11:14 - 001315312 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll2018-05-27 09:28 - 2018-12-06 11:14 - 001033200 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll2018-11-27 18:33 - 2014-02-21 17:53 - 000042496 _____ () C:\Program Files (x86)\Rapoo\V100\V100Mouse\KBGetKey.dll==================== Alternate Data Streams (filtrowane) =========(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)==================== Tryb awaryjny (filtrowane) ===================(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)==================== Powiązania plików (filtrowane) ===============(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)==================== Hosts - zawartość: ===============================(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts==================== Inne obszary ============================(Obecnie brak automatycznej naprawy dla tej sekcji.)HKU\S-1-5-21-2408824183-3484963206-3134108798-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Misiek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpgDNS Servers: 192.168.1.1HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)Zapora systemu Windows [funkcja włączona]==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==Załączenie wejścia w fixlist spowoduje jego usunięcie.==================== Reguły Zapory systemu Windows (filtrowane) ===============(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)FirewallRules: [TCP Query User{F9A7BED7-9435-4AFB-BDA2-1874BE8852CC}E:\instalki\pakiet_sterowników\sdi_r1790.exe] => (Allow) E:\instalki\pakiet_sterowników\sdi_r1790.exeFirewallRules: [uDP Query User{4DBAF45F-9808-4F53-8E77-50C3B8E4499A}E:\instalki\pakiet_sterowników\sdi_r1790.exe] => (Allow) E:\instalki\pakiet_sterowników\sdi_r1790.exeFirewallRules: [{7B93109C-51BA-4C40-B4CF-6C967B85CFE2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exeFirewallRules: [{0DE6B50C-5333-46D8-A798-C5B54A86E8FE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exeFirewallRules: [TCP Query User{BF45B589-51B1-4906-84CD-C72BEB220520}C:\users\misiek\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\misiek\appdata\roaming\utorrent\utorrent.exeFirewallRules: [uDP Query User{E5457F47-567C-448D-BA2A-0E023E19AB71}C:\users\misiek\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\misiek\appdata\roaming\utorrent\utorrent.exeFirewallRules: [TCP Query User{F735955D-60EA-426C-9A54-2F3A17D4F77D}C:\users\misiek\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\misiek\appdata\roaming\utorrent\utorrent.exeFirewallRules: [uDP Query User{268DE8BF-241F-4715-8092-D74C308F2DF5}C:\users\misiek\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\misiek\appdata\roaming\utorrent\utorrent.exeFirewallRules: [{FEBD550A-9792-418D-B92B-2C549F79AC3D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{77D584C6-F0AE-45AF-B0E2-F89FF73CE51E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{4B94B269-0415-4528-A82D-1E4A75B1328A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exeFirewallRules: [{FD4304D0-15CA-4DB5-B601-52F12A44A821}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exeFirewallRules: [{86B15E08-FBDA-461D-A7CD-88A4D98B3B01}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exeFirewallRules: [{A39B5B3B-E1A3-453C-89AB-9BF9652DB792}] => (Allow) E:\gry\HOMM 5\Might & Magic Heroes VI.exeFirewallRules: [{FADBE224-14F8-434A-A460-4C7EF6AB5C68}] => (Allow) E:\gry\HOMM 5\Might & Magic Heroes VI.exeFirewallRules: [{334CE40B-67A3-4740-9660-1BEF2D94E213}] => (Allow) E:\gry\HOMM 6\Might & Magic Heroes VI.exeFirewallRules: [{EA9B06EA-9ABF-4B4C-9414-A05400D2E490}] => (Allow) E:\gry\HOMM 6\Might & Magic Heroes VI.exeFirewallRules: [TCP Query User{CB4CD635-FE3C-41B5-84D9-0335A9546E5F}D:\instalki\pakiet_sterowników\sdi_x64_r1790.exe] => (Allow) D:\instalki\pakiet_sterowników\sdi_x64_r1790.exeFirewallRules: [uDP Query User{8D1E1964-450B-42D4-BBD7-34623C791F36}D:\instalki\pakiet_sterowników\sdi_x64_r1790.exe] => (Allow) D:\instalki\pakiet_sterowników\sdi_x64_r1790.exeFirewallRules: [TCP Query User{0E1E8985-743A-4524-9BAE-A9D6768EA640}E:\gry\grand theft auto v\gta5.exe] => (Allow) E:\gry\grand theft auto v\gta5.exeFirewallRules: [uDP Query User{DDA0C2AD-18BB-4A51-B09C-29B31B418C34}E:\gry\grand theft auto v\gta5.exe] => (Allow) E:\gry\grand theft auto v\gta5.exeFirewallRules: [{4B4688E9-BB8F-4133-8B75-66A2E9DF3C86}] => (Block) E:\gry\Grand Theft Auto V\GTA5.exeFirewallRules: [TCP Query User{38F54D82-E612-449A-89E6-8F87B29996CF}E:\gry\grand theft auto v - kopia\gta5.exe] => (Allow) E:\gry\grand theft auto v - kopia\gta5.exeFirewallRules: [uDP Query User{3462BC74-71B6-4148-8BB0-20156A0DDFBE}E:\gry\grand theft auto v - kopia\gta5.exe] => (Allow) E:\gry\grand theft auto v - kopia\gta5.exeFirewallRules: [TCP Query User{60F69018-32C3-4DEC-873C-65DE37A587E8}E:\gry\grand theft auto v - kopia\gta5.exe] => (Allow) E:\gry\grand theft auto v - kopia\gta5.exeFirewallRules: [uDP Query User{ECF5ABCD-ED17-465D-B7C8-7ED9374F7870}E:\gry\grand theft auto v - kopia\gta5.exe] => (Allow) E:\gry\grand theft auto v - kopia\gta5.exeFirewallRules: [{8BFDD401-BD9A-41DE-9A47-EA5A4F2904D8}] => (Allow) E:\gry\Mass effect Andromeda\MassEffectAndromedaTrial.exeFirewallRules: [{761E8CFF-81B2-4973-8616-62554656E528}] => (Allow) E:\gry\Mass effect Andromeda\MassEffectAndromedaTrial.exeFirewallRules: [{6831EC4B-60A2-40BA-A400-29F648A3898F}] => (Allow) E:\gry\Mass effect Andromeda\MassEffectAndromeda.exeFirewallRules: [{25F9F928-C29D-4A1D-8A07-6F8639280B97}] => (Allow) E:\gry\Mass effect Andromeda\MassEffectAndromeda.exeFirewallRules: [TCP Query User{DF9BC727-45BC-4DBF-AC25-21A2F6582C5A}D:\instalki\pakiet_sterowników\sdi_x64_r1790.exe] => (Allow) D:\instalki\pakiet_sterowników\sdi_x64_r1790.exeFirewallRules: [uDP Query User{5FCAE3B4-9DC1-4EBB-A09E-96CA7649F14F}D:\instalki\pakiet_sterowników\sdi_x64_r1790.exe] => (Allow) D:\instalki\pakiet_sterowników\sdi_x64_r1790.exeFirewallRules: [{9980FBF6-F501-4D2B-B671-AF7C7C70404D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exeFirewallRules: [{49A98321-BA6A-42B8-AAA8-A7EA2798B81D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exeFirewallRules: [TCP Query User{1687EB28-04E6-4035-91C1-2DB69205496D}C:\users\misiek\appdata\local\programs\sw-exporter\summoners war exporter.exe] => (Block) C:\users\misiek\appdata\local\programs\sw-exporter\summoners war exporter.exeFirewallRules: [uDP Query User{1FD2DEA5-3579-4DCD-A0E4-464866704B9C}C:\users\misiek\appdata\local\programs\sw-exporter\summoners war exporter.exe] => (Block) C:\users\misiek\appdata\local\programs\sw-exporter\summoners war exporter.exeFirewallRules: [{B803DD3F-53FE-4607-B785-28492AA8D719}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exeFirewallRules: [{D9593C48-79CA-40A9-8B6B-9ED13A1397B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exeFirewallRules: [{30AFA52C-F9DD-435F-9457-7CF554517671}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exeFirewallRules: [{0649EC82-875C-45F8-AD82-551A8799D50B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe==================== Punkty Przywracania systemu =========================20-12-2018 15:10:21 Windows Update==================== Wadliwe urządzenia w Menedżerze urządzeń =============Name: Realtek 8185 Extensible 802.11b/g Wireless DeviceDescription: Realtek 8185 Extensible 802.11b/g Wireless DeviceClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: Realtek Semiconductor CorpService: RTL85n64Problem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.==================== Błędy w Dzienniku zdarzeń: =========================Dziennik Aplikacja:==================Dziennik System:=============Error: (12/20/2018 06:56:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: Nie można uruchomić usługi Nero BackItUp Scheduler 4.0 z powodu następującego błędu:Nie można odnaleźć określonego pliku.Error: (12/20/2018 06:56:39 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT)Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się.Ścieżka modułu: C:\Windows\system32\Rtlihvs.dllKod błędu: 126Error: (12/20/2018 02:44:11 PM) (Source: volsnap) (EventID: 36) (User: )Description: Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika.Error: (12/20/2018 01:56:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: Nie można uruchomić usługi Nero BackItUp Scheduler 4.0 z powodu następującego błędu:Nie można odnaleźć określonego pliku.Error: (12/20/2018 01:56:50 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT)Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się.Ścieżka modułu: C:\Windows\system32\Rtlihvs.dllKod błędu: 126Error: (12/20/2018 01:55:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )Description: Usługa Usługa udostępniania w sieci programu Windows Media Player niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.Error: (12/20/2018 01:55:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: Usługa Disc Soft Lite Bus Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.Error: (12/20/2018 01:55:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )Description: Usługa NVIDIA LocalSystem Container niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 6000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.==================== Statystyki pamięci ===========================Procesor: Intel® Core i5-2400 CPU @ 3.10GHzProcent pamięci w użyciu: 18%Całkowita pamięć fizyczna: 16349.92 MBDostępna pamięć fizyczna: 13363.15 MBCałkowita pamięć wirtualna: 32697.98 MBDostępna pamięć wirtualna: 28852.33 MB==================== Dyski ================================Drive c: () (Fixed) (Total:403.53 GB) (Free:279.6 GB) NTFSDrive d: () (Fixed) (Total:232.88 GB) (Free:60.56 GB) NTFSDrive e: () (Fixed) (Total:527.88 GB) (Free:348.52 GB) NTFS\\?\Volume{5b702bc7-cee5-11e7-9981-806e6f6e6963}\ (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS==================== MBR & Tablica partycji ==========================================================================Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 0B020B02)Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)========================================================Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 3BB5A7C4)Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=403.5 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=527.9 GB) - (Type=07 NTFS)==================== Koniec Addition.txt ============================ Cytuj Link to post Share on other sites
3ndurek 3595 Napisano 20 Grudnia 2018 Udostępnij Napisano 20 Grudnia 2018 Uruchom FRST, naciśnij jednocześnie CTRL+Y, otworzy się notatnik - wklej do niego: Task: {EED2C657-9EE1-4BC8-B49B-E466F83AC2CF} - System32\Tasks\Misiek => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Misiek /t REG_SZ /d "cmd.exe /c start www.dipladoks.org" HKU\S-1-5-21-2408824183-3484963206-3134108798-1000\...\Run: [Misiek] => cmd.exe /c start www.dipladoks.org HKU\S-1-5-21-2408824183-3484963206-3134108798-1000\...\MountPoints2: {27f9ed7f-e5c8-11e7-b80d-8c89a5526d09} - G:\OnePlus_setup.exe /s HKU\S-1-5-21-2408824183-3484963206-3134108798-1000\...\MountPoints2: {27f9ede0-e5c8-11e7-b80d-8c89a5526d09} - H:\setup.exe HKU\S-1-5-18\...\RunOnce: [sPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 FF Plugin HKU\S-1-5-21-2408824183-3484963206-3134108798-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [brak pliku] S3 AAErrorPort; C:\Users\Misiek\AppData\Local\Temp\ActiveAnticheat\aaerrport.exe [X] <==== UWAGA S2 Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [X] S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x64.sys [X] S3 PRProt; \??\C:\Users\Misiek\AppData\Local\Temp\ActiveAnticheat\1223403\active64.sys [X] <==== UWAGA S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"} EmptyTemp: Naciśnij jednocześnie CTRL+S. W FRST kliknij na Fix (NAPRAW) Daj znać czy pomogło. 1 Cytuj Link to post Share on other sites
Fungeez 0 Napisano 20 Grudnia 2018 Udostępnij Napisano 20 Grudnia 2018 3ndurek!!Pomogło ;D wszystko wróciło do normy, dzięki! Cytuj Link to post Share on other sites
ryczek11 0 Napisano 20 Grudnia 2018 Udostępnij Napisano 20 Grudnia 2018 (edytowane) Witam proszę o pomoc Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 20.12.2018 Uruchomiony przez kezcyR (20-12-2018 22:03:41) Uruchomiony z C:\Users\kezcyR\Downloads Windows 10 Pro Wersja 1803 17134.407 (X64) (2018-05-17 14:25:21) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3531603651-1163280169-3900036242-500 - Administrator - Disabled) forza (S-1-5-21-3531603651-1163280169-3900036242-1004 - Limited - Disabled) Gość (S-1-5-21-3531603651-1163280169-3900036242-501 - Limited - Disabled) kezcyR (S-1-5-21-3531603651-1163280169-3900036242-1001 - Administrator - Enabled) => C:\Users\kezcyR Konto domyślne (S-1-5-21-3531603651-1163280169-3900036242-503 - Limited - Disabled) kriss (S-1-5-21-3531603651-1163280169-3900036242-1005 - Limited - Disabled) kryni (S-1-5-21-3531603651-1163280169-3900036242-1003 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3531603651-1163280169-3900036242-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Pakiet Bezpieczeństwa UPC by F-Secure (Enabled - Up to date) {35BE5FA4-2DEA-00F8-DC55-FD8AF743F44F} AS: Pakiet Bezpieczeństwa UPC by F-Secure (Disabled - Up to date) {8EDFBE40-0BD0-0F76-E6E5-C6F88CC4BEF2} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\...\uTorrent) (Version: 3.5.4.44846 - BitTorrent Inc.) Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.1.102.55 - Adobe Systems Incorporated) AIMP (HKLM-x32\...\AIMP) (Version: v4.13.1895, 06.05.2017 - AIMP DevTeam) Airytec Switch Off (HKLM\...\Airytec Switch Off) (Version: 3.5.1 - Airytec) Aktualizacje NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden AMD Ryzen Master (HKLM\...\{03213877-8001-4F2C-8917-26B127DE1540}) (Version: 1.0.1.0239 - Advanced Micro Devices, Inc.) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.) AORUS GRAPHICS ENGINE (HKLM-x32\...\AORUS GRAPHICS ENGINE_is1) (Version: 1.2.2 - GIGABYTE Technology Co.,Inc.) Apple Application Support (32-bit) (HKLM-x32\...\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}) (Version: 6.5 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{C8087B7C-8496-45BE-92FB-91D31EB73969}) (Version: 6.5 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{64695C4A-C68F-46B5-A734-50EBF124A68E}) (Version: 11.3.3.4 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.) Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Advanced Micro Devices, Inc.) Hidden Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts) Battlefield™ V (HKLM-x32\...\{e26b382f-e945-4f70-9318-121b683f1d61}) (Version: 1.0.59.30619 - Electronic Arts) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform) Computer Security 17.215.129.0 (release) (HKLM-x32\...\{658FDBCA-B7A1-43E4-A849-9F0812473331}) (Version: 17.215.129.0 - F-Secure Corporation) Hidden CopyTrans Control Center Uninstall Only (HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\...\CopyTrans Suite) (Version: 4.017 - WindSolutions) CPUID CPU-Z 1.85 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.85 - CPUID, Inc.) CPUID HWMonitor 1.38 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.38 - CPUID, Inc.) Discord (HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\...\Discord) (Version: 0.0.301 - Discord Inc.) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.35 - NVIDIA Corporation) Hidden Driver Booster 4.4 (HKLM-x32\...\Driver Booster_is1) (Version: 4.4.0 - IObit) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.58.64628 - Electronic Arts) F-Secure Network CCF 100.0.0.0 (HKLM-x32\...\{670203BE-8801-4A41-8480-29B7EC37FC7D}) (Version: 100.0.0.0 - F-Secure Corporation) Hidden F-Secure Ultralight 1.0.5438.0 (release) (cc0c4f981bd2f23d1e5e325af11ed0a0ecf2a348) (HKLM-x32\...\{C75644E8-5FB5-4B8F-8FD2-08CC5D7ECD87}) (Version: 1.0.5438.0 - F-Secure Corporation) Hidden GameSessions Data Delivery x64 (HKLM\...\{6AC64924-363E-4CBD-BAD6-1CA9B6C1A4D4}) (Version: 1.28.455.0 - Tangentix Ltd) GameSessions Runtime x64 (HKLM\...\{65DF8FB2-E3A4-4D88-9500-50B1013CFA9E}) (Version: 1.28.445.0 - Tangentix Ltd) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden iTunes (HKLM\...\{1765C7A3-D52F-436A-A3F5-84C34A7F69D3}) (Version: 12.7.5.9 - Apple Inc.) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech) Logitech Gaming Software 8.92 (HKLM\...\Logitech Gaming Software) (Version: 8.92.67 - Logitech Inc.) Microsoft OneDrive (HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 417.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 417.35 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation) NVIDIA Sterownik graficzny 417.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 417.35 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) OEM Application Profile (HKLM-x32\...\{D9559CE2-9C58-F414-43EA-F908FEA13BB8}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Online Safety 2.215.7452.4118 (HKLM-x32\...\{0DD64CD2-B23F-4A3D-A88D-EF6848A20167}) (Version: 2.215.7452.4118 - F-Secure Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 10.5.32.18460 - Electronic Arts, Inc.) Pakiet Bezpieczeństwa UPC (HKLM-x32\...\{12CFC2FB-3ED2-45D8-94E4-7C20511A232C}) (Version: 3.15.612.0 - F-Secure Corporation) Hidden Pakiet Bezpieczeństwa UPC (HKLM-x32\...\F-Secure ServiceEnabler 46267) (Version: 3.15.612.0 - F-Secure Corporation) Panel sterowania NVIDIA 417.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 417.35 - NVIDIA Corporation) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8228 - Realtek Semiconductor Corp.) SHU (HKLM-x32\...\{DF11DD92-DBB8-4F3F-9564-A8BBDBE986F5}_is1) (Version: 1.0 - ScreenShu Software) Shut Down-O-Matic (HKLM-x32\...\Shut Down-O-Matic) (Version: - ) Spotify (HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\...\Spotify) (Version: 1.0.87.491.ge2a121fc - Spotify AB) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH) TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) Total War: Warhammer 2 (HKLM-x32\...\Total War: Warhammer 2_is1) (Version: - ) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation) Uplay (HKLM-x32\...\Uplay) (Version: 43.1 - Ubisoft) Vampyr (HKLM-x32\...\Vampyr_is1) (Version: - ) WinRAR 5.50 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => D:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-05-31] (AIMP DevTeam) ContextMenuHandlers1: [sAScanShlExt] -> {94243EC1-AEE5-4d44-A6CF-6407ED967FED} => -> Brak pliku ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2017-09-13] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2017-09-13] (Alexander Roshal) ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => D:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-05-31] (AIMP DevTeam) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => D:\Program Files\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-07-15] (Advanced Micro Devices, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-12-11] (NVIDIA Corporation) ContextMenuHandlers6: [sAScanShlExt] -> {94243EC1-AEE5-4d44-A6CF-6407ED967FED} => -> Brak pliku ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2017-09-13] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2017-09-13] (Alexander Roshal) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {166D7442-3620-4B5E-831F-320323B4673C} - Brak ścieżki do pliku Task: {240DAD12-40A0-4FE5-A1A2-8DA7D5F67744} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.) Task: {244ABCCD-D530-4089-811D-3D4154D0CCFD} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd) Task: {2DB8F87F-3DBE-4D7A-B81D-B94AB477CF48} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-12-06] (NVIDIA Corporation) Task: {587013D2-DB02-41E4-9E49-2220A8825442} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-20] (Google Inc.) Task: {5E34A4F3-8216-4CA7-97FA-1A88E05C7EE3} - System32\Tasks\kezcyR => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v kezcyR /t REG_SZ /d "explorer.exe hxxp://dipladoks.org" <==== UWAGA Task: {63E036F6-7D0F-48A9-9AD9-18516263414A} - System32\Tasks\S-1-5-21-3531603651-1163280169-3900036242-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-12] (Microsoft Corporation) Task: {6578D829-9D2D-4697-AE93-A7735A0709E8} - System32\Tasks\Driver Booster SkipUAC (kezcyR) => D:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe [2017-05-03] (IObit) Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {6733CBBC-4160-4C75-A784-83966DBCDDA4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-12-06] (NVIDIA Corporation) Task: {70C7E0DF-1AD9-42D2-8405-035D427E7AD5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation) Task: {749AF653-BA91-4D7D-BDA5-50B28550E241} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\RadeonInstaller.exe [2017-04-02] (Advanced Micro Devices, Inc.) Task: {754EDE74-7DBA-4A83-BEF7-E14DB898D9F4} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-12-16] (AVG Technologies CZ, s.r.o.) Task: {77AEADF1-52DB-4A4E-A08B-C7837F16318C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-12-06] (NVIDIA Corporation) Task: {79C3CAEB-CA9F-4799-9669-669B99263470} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation) Task: {8B64FADF-8CBC-4F3E-8DC0-CD37FD1361DC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-12] (Microsoft Corporation) Task: {9D2F171C-1F7D-4E06-8CEA-3006CE49D612} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-12] (Microsoft Corporation) Task: {A43C4E9A-43A9-44F8-AA58-5524D2444B88} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation) Task: {A664A459-74EB-47AB-800B-A9C93719D16C} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation) Task: {B55A25C5-6A4E-4261-B841-F994E4EC4E4D} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation) Task: {C1454BF7-F934-4334-A09E-9A23DAD865D0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-12] (Microsoft Corporation) Task: {C853577C-7E86-42D6-B92D-4FAFAFCF5923} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-20] (Google Inc.) Task: {D56BFDAD-1E60-4A88-AEDB-09A236DB7328} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-12] (Microsoft Corporation) Task: {E5EC5E82-9C8F-45F9-B82F-463D5204F60C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation) Task: {EF7C4459-2E5D-42F3-9FC0-CBB8A4617122} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation) Task: {FCD8B280-F552-4261-84B8-6C8A26F35A2E} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\kezcyR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Sticky Notes.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=nbjdhgkkhefpifbifjiflpaajchdkhpg ==================== Załadowane moduły (filtrowane) ============== 2018-12-13 16:09 - 2018-12-13 16:09 - 000418784 _____ () C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\daas2_x64.dll 2018-03-16 14:19 - 2018-03-16 14:19 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2018-05-15 17:58 - 2018-05-15 17:58 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2017-05-20 15:27 - 2018-12-06 11:14 - 001315312 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2018-12-13 16:09 - 2018-12-13 16:09 - 000319968 _____ () C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\senddump_fshoster_plugin64.dll 2017-06-10 14:50 - 2017-06-15 19:07 - 000076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2018-11-19 19:13 - 2018-11-01 07:55 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-05-22 21:09 - 2018-05-22 21:09 - 000088888 _____ () D:\Program Files\iTunes\zlib1.dll 2018-05-22 21:08 - 2018-05-22 21:08 - 001356088 _____ () D:\Program Files\iTunes\libxml2.dll 2018-12-14 15:50 - 2018-12-12 06:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll 2018-12-14 15:50 - 2018-12-12 06:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll 2017-05-20 15:27 - 2018-12-06 11:14 - 001033200 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2018-06-09 16:58 - 2018-12-20 20:32 - 000000355 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\kezcyR\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\IMG_0202.HEIC — kopia.JPEG DNS Servers: 192.168.55.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == Załączenie wejścia w fixlist spowoduje jego usunięcie. HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\...\StartupApproved\Run: => "MouseServer" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{74A067BE-D81A-4FBA-9698-27719D60CD2F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{ED8DFC8E-552B-4E49-8637-80F9C124822C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{64B86992-BE4B-4B05-8DE5-AAA6E58EFA33}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{191494B7-FA6E-4F6D-B6C0-12B2E62C8063}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{3E532078-F1A5-4FD9-83C3-9CB2F3715AF2}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe FirewallRules: [uDP Query User{FC1996C7-4874-47A6-9BAB-1D1DF21E39B7}C:\users\kezcyr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kezcyr\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{B49D1ADE-E67B-4751-A08A-9B6B12F3C3DD}C:\users\kezcyr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kezcyr\appdata\roaming\spotify\spotify.exe FirewallRules: [{7BAE9583-BD24-4C59-ADD3-C7A3EF5E77B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{CCC0CCED-7B33-4876-8406-65D7E5E588B5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{B0B6B94C-6890-4B2F-BD5C-D73CACA5CC01}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{7B0B9012-7A0A-4BC1-B1DF-FEA1728A3470}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{4F6B6D69-2FD0-4AAD-8691-0E4DFF2AA039}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{388AEFDB-2566-44EC-B872-5ABD9E3767C8}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe FirewallRules: [TCP Query User{DB703EAD-6D97-4496-86C3-99E3BE1F17C8}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [uDP Query User{74C127FE-533B-4A75-97CC-8250E736763E}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{7B10C6E2-3C4E-4037-86F3-347AB14F668B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{E19DA4C3-C61E-47D5-B015-5783057C2CEF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{44F3F610-191B-4EC5-8C1B-02871F96AF9E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{2AAAFF60-BBF8-4871-B4EB-E882DCA3A5E6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{C3EA99A0-936F-4475-9A82-0DBE7BEF4778}] => (Allow) d:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe FirewallRules: [{EBED67C9-430E-40A1-A9D8-9260E2E3B645}] => (Allow) d:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe FirewallRules: [{04C673ED-6F71-43F9-A108-04FD28CE5676}] => (Allow) d:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe FirewallRules: [{1EFA7CAF-CAEF-44CC-9B16-093580FBBA6C}] => (Allow) d:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe FirewallRules: [{9D9D0B8C-B1C5-470E-8B38-BA7D703D91D5}] => (Allow) d:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe FirewallRules: [{2513F7D4-F662-4FF5-B8A1-7C2C86A2D7B0}] => (Allow) d:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe FirewallRules: [{7D5BBFD3-E5A7-4252-AA22-AA1F56E9483B}] => (Allow) C:\Program Files\Tangentix\DDRuntime\GSLauncher.exe FirewallRules: [{06F86E82-D227-4CCF-ABAC-438812982FE6}] => (Allow) LPort=8733 FirewallRules: [{EFD6D0E7-C5F3-4323-A006-01E9F9B585CB}] => (Allow) C:\Users\kezcyR\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E48824D5-A94A-416B-A90B-31FCA8B143B0}] => (Allow) C:\Users\kezcyR\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{55F0C125-E9B1-49D9-86BF-D5D653FD1348}C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe] => (Allow) C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe FirewallRules: [uDP Query User{2A3E2BD2-440C-49A3-A3D6-3F162E3DC510}C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe] => (Allow) C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe FirewallRules: [{241F368D-D107-4C2B-AB8D-99DA7C7A48F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{3E297CC8-E522-4F75-A1CD-FB1A3584C8FD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{E1558A0D-2ABB-4B0C-B7D8-DAE68B809288}] => (Allow) D:\Program Files\iTunes\iTunes.exe FirewallRules: [TCP Query User{5A8CD81A-1FF3-4683-81D2-9E7FB4443E40}C:\gry\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\gry\steamapps\common\total war rome ii\rome2.exe FirewallRules: [uDP Query User{440496D7-5776-44B2-BEF0-E617F42CEF65}C:\gry\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\gry\steamapps\common\total war rome ii\rome2.exe FirewallRules: [{8ED352F9-1733-4101-BE4A-856960650B02}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\medieval2.exe FirewallRules: [{41F166C3-512F-42ED-8F03-E1A9D1E5B544}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\medieval2.exe FirewallRules: [TCP Query User{7D889E8E-709A-4731-AF0C-96E5CB0773FA}D:\games\total war - warhammer 2\warhammer2.exe] => (Allow) D:\games\total war - warhammer 2\warhammer2.exe FirewallRules: [uDP Query User{230A4F86-C14D-42A6-AF48-8C67242212FD}D:\games\total war - warhammer 2\warhammer2.exe] => (Allow) D:\games\total war - warhammer 2\warhammer2.exe FirewallRules: [{1724613A-A7F1-40D0-B059-0549B3122AED}] => (Allow) G:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [{0CCE9025-131C-4BE7-89FD-6733B9467C0F}] => (Allow) G:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [TCP Query User{E9CF9C94-12F2-49DC-ADA3-03886CEA30F2}G:\program files (x86)\origin games\fifa 19\fifa19.exe] => (Allow) G:\program files (x86)\origin games\fifa 19\fifa19.exe FirewallRules: [uDP Query User{AE278957-1DCA-4B49-9DC8-C1670DF7028B}G:\program files (x86)\origin games\fifa 19\fifa19.exe] => (Allow) G:\program files (x86)\origin games\fifa 19\fifa19.exe FirewallRules: [{5ED90CA1-4154-43B5-BF97-BB22FE92B477}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe FirewallRules: [{905CFB8B-A8EC-470B-9C41-F4A47857FC45}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe FirewallRules: [{19C908CB-46B8-4E61-9106-C702403708C2}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe FirewallRules: [{478FA6F9-11D3-4625-8813-B7E22603F270}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe FirewallRules: [{FAE962AF-CD96-47E5-9244-0F85411B2511}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Call of Duty - Infinite Warfare\iw7_ship.exe FirewallRules: [{1B3E4509-8ADA-436B-A255-DA4C1C5A7256}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Call of Duty - Infinite Warfare\iw7_ship.exe FirewallRules: [{1EB7F4CE-751E-475A-BD0A-CAB5216D8861}] => (Allow) C:\Gry\steamapps\common\Total War Rome II\launcher\launcher.exe FirewallRules: [{3D8D2882-5388-4BA5-9222-AF0AF8FB930F}] => (Allow) C:\Gry\steamapps\common\Total War Rome II\launcher\launcher.exe FirewallRules: [{540A57B4-B6B5-4D80-AE84-E3F1AA5A2D6A}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield V\bfvTrial.exe FirewallRules: [{F9D2F0CC-47D5-47F2-8D3B-53613CCE50F7}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield V\bfvTrial.exe FirewallRules: [{BADDD5A5-6BF7-4C1E-9F16-2A9EEB76390F}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield V\bfv.exe FirewallRules: [{D8984A56-BA86-48A5-BF8C-636D7A09DD48}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield V\bfv.exe FirewallRules: [{94CFFA55-C99F-4B16-B09B-A3180F2B7C9F}] => (Allow) G:\Program Files (x86)\Origin Games\FIFA 19\FIFASetup\fifaconfig.exe FirewallRules: [{4F7B364A-3FC0-4273-B050-28F1CA6D303D}] => (Allow) G:\Program Files (x86)\Origin Games\FIFA 19\FIFASetup\fifaconfig.exe FirewallRules: [TCP Query User{4CF30755-6C2D-44CC-B43B-053066268F6C}G:\program files (x86)\origin games\battlefield 1\bf1.exe] => (Block) G:\program files (x86)\origin games\battlefield 1\bf1.exe FirewallRules: [uDP Query User{932E7ADF-647D-4DFB-ADF9-71CF6801F283}G:\program files (x86)\origin games\battlefield 1\bf1.exe] => (Block) G:\program files (x86)\origin games\battlefield 1\bf1.exe FirewallRules: [{03C4153B-6FFB-4298-BC4E-F3EE4EE51368}] => (Allow) C:\Gry\steamapps\common\Total War Rome II\launcher\launcher.exe FirewallRules: [{14C6936F-599B-4005-9D43-57FBFAA3B779}] => (Allow) C:\Gry\steamapps\common\Total War Rome II\launcher\launcher.exe FirewallRules: [{4D30C7F8-31A4-4CC7-ABB6-52A1FA702BE0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{7BD262D6-EF0C-4C0E-BAD9-1D01A1E237E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{879A4845-0F3B-4275-AD09-39CB194FAC43}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{693F5FD6-3815-4666-9A52-905BE450CF61}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{6ED39FFC-48ED-47D8-B4DE-EBDF5189A925}C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe] => (Allow) C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe FirewallRules: [uDP Query User{100DC78B-D577-4500-97F5-9972F44D7208}C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe] => (Allow) C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe FirewallRules: [{5EE45D80-3C0C-43F6-9957-50AA04A5CF17}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield V\bfvTrial.exe FirewallRules: [{EFE540AE-CCFE-4962-922E-DD02294458DC}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield V\bfvTrial.exe FirewallRules: [{AF53DCF3-D6A2-45B5-BB94-AE6F6BE7E52F}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield V\bfv.exe FirewallRules: [{13B404D3-89F7-4CA5-9218-304333125855}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield V\bfv.exe FirewallRules: [{355B67F2-EC7D-475E-A704-BE6314354944}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{56EA1B73-EB40-4190-AA88-E6892E09ABFE}C:\gry\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\gry\steamapps\common\total war rome ii\rome2.exe FirewallRules: [uDP Query User{1DE743F4-349C-41B8-BA20-C0362FB9D9A9}C:\gry\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\gry\steamapps\common\total war rome ii\rome2.exe FirewallRules: [TCP Query User{7EB65AA4-4249-4FF2-8CFF-2D21A84969BA}G:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe] => (Allow) G:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe FirewallRules: [uDP Query User{29D488B0-1F80-4FB2-9656-ED9CC78FFFA0}G:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe] => (Allow) G:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe ==================== Punkty Przywracania systemu ========================= 04-12-2018 18:24:15 Instalator modułów systemu Windows 05-12-2018 19:51:14 Instalator modułów systemu Windows 07-12-2018 16:30:10 Instalator modułów systemu Windows 09-12-2018 12:15:24 Instalator modułów systemu Windows 10-12-2018 14:13:34 Instalator modułów systemu Windows 11-12-2018 16:58:01 Instalator modułów systemu Windows 19-12-2018 17:54:18 Zaplanowany punkt kontrolny 20-12-2018 21:32:03 Operacja przywracania ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (12/20/2018 09:44:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: Zainicjowanie bazy danych wykazu przez Usługi kryptograficzne nie powiodło się. Błąd ESENT: -550. Error: (12/20/2018 09:42:59 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (3616,R,98) SRUJet: Wystąpił błąd -1811 (0xfffff8ed) podczas otwierania pliku dziennika C:\WINDOWS\system32\SRU\SRU033A0.log. Error: (12/20/2018 09:26:12 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: DESKTOP-JTHHCR7) Description: HRESULT:0x8004FF6F Description:You don’t need to install Microsoft Security Essentials. Your version of Windows includes an updated version of Windows Defender that provides the same level of protection as Microsoft Security Essentials, along with other significant improvements. <a>For more information on the differences and improvements, see online Help</a>. Error code:0x8004FF6F. Error: (12/20/2018 09:22:01 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-JTHHCR7) Description: httphttp-2147467263 Error: (12/20/2018 08:51:30 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-JTHHCR7) Description: httphttp-2147467263 Error: (12/20/2018 08:38:06 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-JTHHCR7) Description: httphttp-2147467263 Error: (12/20/2018 07:12:44 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-JTHHCR7) Description: httphttp-2147467263 Error: (12/20/2018 07:11:33 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-JTHHCR7) Description: httphttp-2147467263 Dziennik System: ============= Error: (12/20/2018 10:02:12 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Uruchom do aplikacji serwera COM z identyfikatorem klasy CLSID Windows.SecurityCenter.WscBrokerManager i identyfikatorem aplikacji APPID Niedostępny użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (12/20/2018 10:00:23 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-JTHHCR7) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi DESKTOP-JTHHCR7\kezcyR o identyfikatorze zabezpieczeń SID (S-1-5-21-3531603651-1163280169-3900036242-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (12/20/2018 10:00:07 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Uruchom do aplikacji serwera COM z identyfikatorem klasy CLSID Windows.SecurityCenter.WscDataProtection i identyfikatorem aplikacji APPID Niedostępny użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (12/20/2018 09:59:55 PM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: ZARZĄDZANIE NT) Description: A TCG Command has returned an error. Desc: AuthenticateSession Param1: 0x1 Param2: 0x60000001c Param3: 0x900000006 Param4: 0x0 Status: 0x12 Error: (12/20/2018 09:59:20 PM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: ZARZĄDZANIE NT) Description: A TCG Command has returned an error. Desc: AuthenticateSession Param1: 0x1 Param2: 0x60000001c Param3: 0x900000006 Param4: 0x0 Status: 0x12 Error: (12/20/2018 09:50:53 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JTHHCR7) Description: Serwer {D63B10C5-BB46-4990-A94F-E40B9D520160} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (12/20/2018 09:49:26 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Uruchom do aplikacji serwera COM z identyfikatorem klasy CLSID Windows.SecurityCenter.WscBrokerManager i identyfikatorem aplikacji APPID Niedostępny użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (12/20/2018 09:47:22 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Uruchom do aplikacji serwera COM z identyfikatorem klasy CLSID Windows.SecurityCenter.WscDataProtection i identyfikatorem aplikacji APPID Niedostępny użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Windows Defender: =================================== Date: 2018-12-20 20:56:15.307 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {33CC6477-9DE7-4ED5-8261-E4E9493063DB} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Pełne skanowanie Użytkownik: DESKTOP-JTHHCR7\kezcyR Date: 2018-12-20 20:39:36.426 Description: Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Zpevdo.A&threatid=2147727143&enterprise=0 Nazwa: Trojan:Win32/Zpevdo.A Identyfikator: 2147727143 Ważność: Poważny Kategoria: Koń trojański Ścieżka: file:_C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\aquarius\1545332136\tmp000003e6\tmp00000f52 Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: FastPath Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: ZARZĄDZANIE NT\SYSTEM Nazwa procesu: C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fshoster64.exe Wersja podpisu: AV: 1.283.1068.0, AS: 1.283.1068.0, NIS: 1.283.1068.0 Wersja aparatu: AM: 1.1.15500.2, NIS: 1.1.15500.2 Date: 2018-12-20 18:39:12.774 Description: Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Zpevdo.A&threatid=2147727143&enterprise=0 Nazwa: Trojan:Win32/Zpevdo.A Identyfikator: 2147727143 Ważność: Poważny Kategoria: Koń trojański Ścieżka: file:_C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\aquarius\1545321875\tmp0000006e\tmp00000001 Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: FastPath Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: ZARZĄDZANIE NT\SYSTEM Nazwa procesu: C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fshoster64.exe Wersja podpisu: AV: 1.283.1068.0, AS: 1.283.1068.0, NIS: 1.283.1068.0 Wersja aparatu: AM: 1.1.15500.2, NIS: 1.1.15500.2 Date: 2018-12-20 04:51:30.974 Description: Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Zpevdo.A&threatid=2147727143&enterprise=0 Nazwa: Trojan:Win32/Zpevdo.A Identyfikator: 2147727143 Ważność: Poważny Kategoria: Koń trojański Ścieżka: file:_C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\aquarius\1545271960\tmp0000046c\tmp0000008c Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: FastPath Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: ZARZĄDZANIE NT\SYSTEM Nazwa procesu: C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fshoster64.exe Wersja podpisu: AV: 1.283.981.0, AS: 1.283.981.0, NIS: 1.283.981.0 Wersja aparatu: AM: 1.1.15500.2, NIS: 1.1.15500.2 Date: 2018-12-19 22:56:34.506 Description: Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Zpevdo.A&threatid=2147727143&enterprise=0 Nazwa: Trojan:Win32/Zpevdo.A Identyfikator: 2147727143 Ważność: Poważny Kategoria: Koń trojański Ścieżka: file:_C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\aquarius\1545251087\tmp000002e4\tmp0000016b Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: FastPath Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: ZARZĄDZANIE NT\SYSTEM Nazwa procesu: C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fshoster64.exe Wersja podpisu: AV: 1.283.981.0, AS: 1.283.981.0, NIS: 1.283.981.0 Wersja aparatu: AM: 1.1.15500.2, NIS: 1.1.15500.2 Date: 2018-12-20 22:00:06.583 Description: Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby załadowania podpisów i podejmie próbę powrotu do znanego zestawu dobrych podpisów. Podpisy objęte próbą: Bieżące Kod błędu: 0x80070003 Opis błędu: System nie może odnaleźć określonej ścieżki. Wersja podpisu: 0.0.0.0;0.0.0.0 Wersja aparatu: 0.0.0.0 Date: 2018-12-20 21:43:05.213 Description: Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby załadowania podpisów i podejmie próbę powrotu do znanego zestawu dobrych podpisów. Podpisy objęte próbą: Bieżące Kod błędu: 0x80070003 Opis błędu: System nie może odnaleźć określonej ścieżki. Wersja podpisu: 0.0.0.0;0.0.0.0 Wersja aparatu: 0.0.0.0 Date: 2018-12-17 22:56:50.760 Description: Agent ochrony w czasie rzeczywistym produktu Program antywirusowy Windows Defender wykrył błąd i jego uruchomienie nie powiodło się. Funkcja: Monitorowanie zachowania Kod błędu: 0x80508023 Opis błędu: Program nie znalazł na tym urządzeniu złośliwego oprogramowania ani innego potencjalnie niechcianego oprogramowania. Przyczyna: Ochrona przed złośliwym kodem przestała działać z nieznanej przyczyny. W niektórych przypadkach problem można rozwiązać, uruchamiając ponownie usługę. Date: 2018-12-10 12:45:20.326 Description: Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby aktualizacji podpisów. Nowa wersja podpisu: Poprzednia wersja podpisu: 1.281.1199.0 Źródło aktualizacji: Centrum firmy Microsoft ds. ochrony przed złośliwym oprogramowaniem Typ podpisu: Oprogramowanie antywirusowe Typ aktualizacji: Pełne Użytkownik: ZARZĄDZANIE NT\USŁUGA SIECIOWA Bieżąca wersja aparatu: Poprzednia wersja aparatu: 1.1.15400.5 Kod błędu: 0x80072ee7 Opis błędu: Nie można określić nazwy serwera lub adresu. Date: 2018-12-10 12:45:20.326 Description: Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby aktualizacji podpisów. Nowa wersja podpisu: Poprzednia wersja podpisu: 1.281.1199.0 Źródło aktualizacji: Centrum firmy Microsoft ds. ochrony przed złośliwym oprogramowaniem Typ podpisu: Oprogramowanie antyszpiegowskie Typ aktualizacji: Pełne Użytkownik: ZARZĄDZANIE NT\USŁUGA SIECIOWA Bieżąca wersja aparatu: Poprzednia wersja aparatu: 1.1.15400.5 Kod błędu: 0x80072ee7 Opis błędu: Nie można określić nazwy serwera lub adresu. CodeIntegrity: =================================== Date: 2018-12-20 21:21:00.043 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fshook64.dll that did not meet the Microsoft signing level requirements. Date: 2018-12-07 22:24:21.741 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1542633654\fshook64.dll that did not meet the Microsoft signing level requirements. Date: 2018-12-06 20:55:11.212 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1542633654\fshook64.dll that did not meet the Microsoft signing level requirements. Date: 2018-12-03 21:20:04.001 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1542633654\fshook64.dll that did not meet the Microsoft signing level requirements. Date: 2018-12-03 16:03:48.333 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1542633654\fshook64.dll that did not meet the Microsoft signing level requirements. Date: 2018-11-09 23:33:09.464 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1541671335\fshook64.dll that did not meet the Microsoft signing level requirements. Date: 2018-09-09 13:07:39.548 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1530012511\fshook64.dll that did not meet the Microsoft signing level requirements. Date: 2018-09-06 22:02:00.253 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1530012511\fshook64.dll that did not meet the Microsoft signing level requirements. ==================== Statystyki pamięci =========================== Procesor: AMD Ryzen 5 1600 Six-Core Processor Procent pamięci w użyciu: 23% Całkowita pamięć fizyczna: 16334.97 MB Dostępna pamięć fizyczna: 12420.9 MB Całkowita pamięć wirtualna: 18247.97 MB Dostępna pamięć wirtualna: 12879.57 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:255.62 GB) (Free:99.28 GB) NTFS Drive d: (Nowy) (Fixed) (Total:195.31 GB) (Free:156.04 GB) NTFS Drive g: (Nowy) (Fixed) (Total:736.2 GB) (Free:404.96 GB) NTFS \\?\Volume{af2fd9bf-94c3-4bde-8d43-a635a1086cd5}\ (Odzyskiwanie) (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS \\?\Volume{d9e2c7a0-7968-4a62-9454-a54d05cb533d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Protective MBR) (Size: 256.2 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== Koniec Addition.txt ============================ Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 20.12.2018 Uruchomiony przez kezcyR (administrator) DESKTOP-JTHHCR7 (20-12-2018 22:03:14) Uruchomiony z C:\Users\kezcyR\Downloads Załadowane profile: kezcyR (Dostępne profile: kezcyR) Platform: Windows 10 Pro Wersja 1803 17134.407 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (F-Secure Corporation) C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fsorsp64.exe (F-Secure Corporation) C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\fshoster32.exe (F-Secure Corporation) C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\fshoster32.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (F-Secure Corporation) C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fsulprothoster.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (F-Secure Corporation) C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fshoster64.exe (F-Secure Corporation) C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fshoster64.exe (Advanced Micro Devices, Inc.) D:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe () C:\Windows\SysWOW64\PnkBstrA.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Electronic Arts) G:\Program Files (x86)\Origin\OriginWebHelperService.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Microsoft Corporation) C:\Windows\System32\wbengine.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (F-Secure Corporation) C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\fshoster32.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (F-Secure Corporation) C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\nif\1545052401\fs_ols_ca.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Apple Inc.) D:\Program Files\iTunes\iTunesHelper.exe (BitTorrent Inc.) C:\Users\kezcyR\AppData\Roaming\uTorrent\uTorrent.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (BitTorrent Inc.) C:\Users\kezcyR\AppData\Roaming\uTorrent\updates\3.5.4_44846\utorrentie.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (BitTorrent Inc.) C:\Users\kezcyR\AppData\Roaming\uTorrent\updates\3.5.4_44846\utorrentie.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [securityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17494136 2017-04-06] (Logitech Inc.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-08-10] (Realtek Semiconductor) HKLM\...\Run: [iTunesHelper] => D:\Program Files\iTunes\iTunesHelper.exe [298296 2018-05-22] (Apple Inc.) HKLM-x32\...\Run: [startCCC] => D:\Program Files\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-15] (Advanced Micro Devices, Inc.) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== UWAGA HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\...\Run: [CCleaner Monitoring] => D:\Program Files\CCleaner\CCleaner64.exe [9856176 2017-09-20] (Piriform Ltd) HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\...\Run: [spotify] => C:\Users\kezcyR\AppData\Roaming\Spotify\Spotify.exe [24528272 2018-08-09] (Spotify Ltd) HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\...\Run: [uTorrent] => C:\Users\kezcyR\AppData\Roaming\uTorrent\uTorrent.exe [1738936 2018-12-10] (BitTorrent Inc.) HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\...\Run: [kezcyR] => explorer.exe hxxp://dipladoks.org <==== UWAGA HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\system32\ficvdec_x64.dll [652288 2013-05-28] () HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\SysWOW64\tsccvid64.dll [630272 2014-11-11] (TechSmith Corporation) HKLM\...\Drivers32: [vidc.tsc2] => C:\Windows\SysWOW64\tsc2_codec64.dll [270848 2014-08-27] (TechSmith Corporation) HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) HKLM\...\Drivers32-x32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [641024 2013-05-28] () HKLM\...\Drivers32-x32: [vidc.tscc] => C:\Windows\SysWOW64\tsccvid.dll [602624 2014-11-11] (TechSmith Corporation) HKLM\...\Drivers32-x32: [vidc.tsc2] => C:\Windows\SysWOW64\tsc2_codec32.dll [234496 2014-08-27] (TechSmith Corporation) HKLM\...\Drivers32-x32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) Startup: C:\Users\kezcyR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE AORUS GRAPHICS ENGINE.lnk [2017-11-19] ShortcutTarget: GIGABYTE AORUS GRAPHICS ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\AORUS GRAPHICS ENGINE\autorun.exe () GroupPolicy: Ograniczenia ? <==== UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: 127.0.0.1 localhost Tcpip\Parameters: [DhcpNameServer] 192.168.55.1 Tcpip\..\Interfaces\{10a67035-a3d4-4956-bad6-f135de3f8741}: [DhcpNameServer] 192.168.55.1 Internet Explorer: ================== HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://redtube.com/ BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\nif\1545052401\browser\install\fs_ie_https\fs_ie_https64.dll [2018-12-17] (F-Secure Corporation) BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\nif\1545052401\browser\install\fs_ie_https\fs_ie_https.dll [2018-12-17] (F-Secure Corporation) FireFox: ======== FF DefaultProfile: 5653h37p.default FF ProfilePath: C:\Users\kezcyR\AppData\Roaming\Mozilla\Firefox\Profiles\5653h37p.default [2018-12-16] FF HKLM\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\nif\1545052401\browser\install\fs_firefox_https\fs_firefox_https.xpi FF Extension: (Browsing Protection by F-Secure) - C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\nif\1545052401\browser\install\fs_firefox_https\fs_firefox_https.xpi [2018-12-17] FF HKLM-x32\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\nif\1545052401\browser\install\fs_firefox_https\fs_firefox_https.xpi FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll [2018-07-15] () FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-12-11] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-12-11] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.) StartMenuInternet: Firefox-3F5481D0F98F9607 - d:\Program Files (x86)\Mozilla Firefox\firefox.exe Chrome: ======= CHR HomePage: Default -> hxxps://www.google.com/ CHR StartupUrls: Default -> "chrome://apps/","hxxps://www.google.com/","hxxps://www.google.com/","hxxp://www.gazeta.pl/0,0.html?p=190" CHR Profile: C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default [2018-12-20] CHR Extension: (Prezentacje) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12] CHR Extension: (HD for YouTube™) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjbfncbadcmnkopckegnmjgihagponf [2018-04-12] CHR Extension: (Dokumenty) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12] CHR Extension: (Dysk Google) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17] CHR Extension: (YouTube) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-20] CHR Extension: (Space & Patterns) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkdmjaboldkklmcomdamidplnfpnmmmd [2018-09-20] CHR Extension: (Arkusze) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12] CHR Extension: (Word Online) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2017-05-20] CHR Extension: (EditThisCookie) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2018-11-28] CHR Extension: (Dokumenty Google offline) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-14] CHR Extension: (AdBlock) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-11] CHR Extension: (Browsing Protection by F-Secure) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2018-11-26] CHR Extension: (Konwerter Wideo) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcjjnhgakghmggnimjkldjmmpabhnhne [2017-05-20] CHR Extension: (Sticky Notes) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbjdhgkkhefpifbifjiflpaajchdkhpg [2017-05-20] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03] CHR Extension: (Ling.pl) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\phednmfiggicdnaopabobjickokgljlg [2017-05-20] CHR Extension: (Gmail) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-20] CHR Extension: (Chrome Media Router) - C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-20] CHR Profile: C:\Users\kezcyR\AppData\Local\Google\Chrome\User Data\System Profile [2018-03-03] CHR HKLM\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AMD FUEL Service; D:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-07-15] (Advanced Micro Devices, Inc.) [brak podpisu cyfrowego] R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-04-27] (Apple Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6893704 2018-06-28] () R2 fshoster; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\fshoster32.exe [213448 2018-10-05] (F-Secure Corporation) R2 fsnethoster; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\fshoster32.exe [213448 2018-10-05] (F-Secure Corporation) R2 fsulhoster; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fshoster64.exe [579560 2018-12-13] (F-Secure Corporation) R2 fsulnethoster; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fshoster64.exe [579560 2018-12-13] (F-Secure Corporation) R2 fsulorsp; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fsorsp64.exe [101320 2018-12-13] (F-Secure Corporation) R2 fsulprothoster; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fsulprothoster.exe [579560 2018-12-13] (F-Secure Corporation) S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [443872 2018-12-12] (Google Inc.) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-04-06] (Logitech Inc.) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation) S3 Origin Client Service; G:\Program Files (x86)\Origin\OriginClientService.exe [2270528 2018-12-04] (Electronic Arts) R2 Origin Web Helper Service; G:\Program Files (x86)\Origin\OriginWebHelperService.exe [3131208 2018-12-04] (Electronic Arts) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2017-06-15] () S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation) S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] () S2 SwOffScheduler; d:\Program Files\Airytec\Switch Off\swoff.exe [173056 2014-09-23] (Airytec) [brak podpisu cyfrowego] S2 SwOffWeb; d:\Program Files\Airytec\Switch Off\swoff.exe [173056 2014-09-23] (Airytec) [brak podpisu cyfrowego] S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-12] (Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-12] (Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [34664 2018-07-15] (Advanced Micro Devices, Inc) R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [33144 2018-04-09] (Advanced Micro Devices, Inc) S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices, Inc. ) R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices) R0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [137496 2018-09-12] (Advanced Micro Devices, Inc. ) R2 AMDRyzenMasterDriver1.0.0; C:\Program Files\AMD\RyzenMaster\bin\AMDRyzenMasterDriver.sys [70312 2017-03-27] (Advanced Micro Devices) S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows ® Win 7 DDK provider) R3 F-Secure Gatekeeper; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fsulgk.sys [252072 2018-12-13] (F-Secure Corporation) R1 F-Secure UL HIPS; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1544703598\fshs.sys [111040 2018-12-13] (F-Secure Corporation) R0 fsbts; C:\WINDOWS\System32\drivers\fsbts.sys [65872 2018-08-07] () S0 fselms; C:\WINDOWS\System32\drivers\fselms.sys [15360 2018-09-10] (F-Secure Corporation) R3 fsni; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\nif\1545052401\fsni64.sys [109616 2018-12-17] (F-Secure Corporation) R3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [54552 2017-04-05] (Logitech Inc.) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-04-06] (Logitech Inc.) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_01c064f3d89f92be\nvlddmkm.sys [20424640 2018-12-12] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation) S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (QUALCOMM Incorporated) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1118648 2018-11-21] (Realtek ) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46680 2018-12-12] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [330936 2018-12-12] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-12] (Microsoft Corporation) U3 avgbdisk; Brak ImagePath S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-12-20 22:03 - 2018-12-20 22:03 - 000021400 _____ C:\Users\kezcyR\Downloads\FRST.txt 2018-12-20 22:03 - 2018-12-20 22:03 - 000000000 ____D C:\Users\kezcyR\Downloads\FRST-OlderVersion 2018-12-20 22:03 - 2018-12-20 22:03 - 000000000 ____D C:\FRST 2018-12-20 22:02 - 2018-12-20 22:03 - 002420224 _____ (Farbar) C:\Users\kezcyR\Downloads\FRST64.exe 2018-12-20 22:00 - 2018-12-20 22:00 - 000000000 ____D C:\Users\kezcyR\AppData\LocalLow\uTorrent 2018-12-20 21:26 - 2018-12-20 21:26 - 000002259 _____ C:\WINDOWS\epplauncher.mif 2018-12-20 21:25 - 2018-12-20 21:25 - 015087296 _____ (Microsoft Corporation) C:\Users\kezcyR\Downloads\MSEInstall.exe 2018-12-20 20:33 - 2018-12-20 20:35 - 000000000 ____D C:\AdwCleaner 2018-12-20 20:32 - 2018-12-20 20:33 - 007321808 _____ (Malwarebytes) C:\Users\kezcyR\Downloads\AdwCleaner.exe 2018-12-20 20:32 - 2018-12-20 20:32 - 000215280 _____ (AVG Technologies CZ, s.r.o.) C:\Users\kezcyR\Downloads\avg_antivirus_free_setup.exe 2018-12-19 22:44 - 2018-12-20 21:51 - 000000000 ____D C:\Users\kezcyR\AppData\Local\AVGame 2018-12-19 22:11 - 2018-12-20 21:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vampyr 2018-12-19 22:11 - 2018-12-19 22:51 - 000001042 _____ C:\Users\kezcyR\Desktop\Vampyr.lnk 2018-12-16 09:44 - 2018-12-20 21:58 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVG 2018-12-16 09:44 - 2018-12-20 21:58 - 000000000 ____D C:\Program Files\Common Files\AVG 2018-12-13 16:11 - 2018-12-20 21:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pakiet Bezpieczeństwa UPC 2018-12-12 21:59 - 2018-12-12 21:59 - 000000975 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk 2018-12-12 20:02 - 2018-12-11 08:32 - 000133616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2018-12-12 20:01 - 2018-12-20 21:58 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2018-12-12 20:00 - 2018-12-12 02:45 - 000978336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2018-12-12 20:00 - 2018-12-12 02:45 - 000978336 _____ C:\WINDOWS\system32\vulkan-1.dll 2018-12-12 20:00 - 2018-12-12 02:45 - 000845216 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2018-12-12 20:00 - 2018-12-12 02:45 - 000845216 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2018-12-12 20:00 - 2018-12-12 02:45 - 000552248 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2018-12-12 20:00 - 2018-12-12 02:45 - 000457016 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2018-12-12 20:00 - 2018-12-12 02:45 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2018-12-12 20:00 - 2018-12-12 02:45 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo.exe 2018-12-12 20:00 - 2018-12-12 02:45 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2018-12-12 20:00 - 2018-12-12 02:45 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2018-12-12 20:00 - 2018-12-12 02:44 - 001461024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2018-12-12 20:00 - 2018-12-12 02:44 - 001126144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2018-12-12 20:00 - 2018-12-12 02:44 - 000631232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2018-12-12 20:00 - 2018-12-12 02:44 - 000521472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2018-12-12 20:00 - 2018-12-12 02:43 - 040261208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2018-12-12 20:00 - 2018-12-12 02:43 - 035157080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll 2018-12-12 20:00 - 2018-12-12 02:43 - 015909552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll 2018-12-12 20:00 - 2018-12-12 02:43 - 013204144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2018-12-12 20:00 - 2018-12-12 02:43 - 004946336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2018-12-12 20:00 - 2018-12-12 02:43 - 004316760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2018-12-12 20:00 - 2018-12-12 02:43 - 002017536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441735.dll 2018-12-12 20:00 - 2018-12-12 02:43 - 002003392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2018-12-12 20:00 - 2018-12-12 02:43 - 001511872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2018-12-12 20:00 - 2018-12-12 02:43 - 001468296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441735.dll 2018-12-12 20:00 - 2018-12-12 02:43 - 000822784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll 2018-12-12 20:00 - 2018-12-12 02:43 - 000750280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll 2018-12-12 20:00 - 2018-12-12 02:43 - 000609392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll 2018-12-12 20:00 - 2018-12-12 02:42 - 019714448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2018-12-12 20:00 - 2018-12-12 02:42 - 016990032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2018-12-12 20:00 - 2018-12-12 02:42 - 001471816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll 2018-12-12 20:00 - 2018-12-12 02:42 - 001462232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2018-12-12 20:00 - 2018-12-12 02:42 - 001167608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll 2018-12-12 20:00 - 2018-12-12 02:42 - 001152192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll 2018-12-12 20:00 - 2018-12-12 02:42 - 001145744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2018-12-12 20:00 - 2018-12-12 02:42 - 000914608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2018-12-12 20:00 - 2018-12-12 02:42 - 000794840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2018-12-12 20:00 - 2018-12-12 02:42 - 000637696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2018-12-10 18:52 - 2018-12-12 02:42 - 004258768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2018-12-10 18:52 - 2018-12-01 05:56 - 002018080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441722.dll 2018-12-10 18:52 - 2018-12-01 05:56 - 001468032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441722.dll 2018-12-03 18:40 - 2018-12-03 18:40 - 000003568 _____ C:\WINDOWS\System32\Tasks\kezcyR ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-12-20 22:02 - 2017-11-12 22:52 - 000000000 ____D C:\Users\kezcyR\AppData\Roaming\uTorrent 2018-12-20 22:02 - 2017-05-20 15:09 - 000000000 ____D C:\ProgramData\NVIDIA 2018-12-20 22:00 - 2018-05-17 15:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-12-20 22:00 - 2018-05-17 15:19 - 000000000 ____D C:\Users\kezcyR 2018-12-20 22:00 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-12-20 21:58 - 2018-11-19 19:18 - 000000000 ____D C:\Program Files\rempl 2018-12-20 21:58 - 2018-07-01 17:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID 2018-12-20 21:58 - 2018-06-07 17:28 - 000000000 ____D C:\Users\kezcyR\AppData\Roaming\discord 2018-12-20 21:58 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2018-12-20 21:58 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\security 2018-12-20 21:58 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Help 2018-12-20 21:58 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF 2018-12-20 21:58 - 2018-04-11 22:04 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2018-12-20 21:58 - 2018-01-08 21:46 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation 2018-12-20 21:58 - 2017-12-24 19:26 - 000000000 ____D C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC 2018-12-20 21:58 - 2017-06-30 15:38 - 000000000 ____D C:\ProgramData\ProductData 2018-12-20 21:58 - 2017-06-30 15:33 - 000000000 ____D C:\Users\kezcyR\AppData\Roaming\IObit 2018-12-20 21:58 - 2017-05-31 18:42 - 000000000 ____D C:\Users\kezcyR\AppData\Roaming\AIMP 2018-12-20 21:58 - 2017-05-20 20:55 - 000000000 ____D C:\Users\kezcyR\AppData\Local\ConnectedDevicesPlatform 2018-12-20 21:58 - 2017-05-20 15:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2018-12-20 21:58 - 2017-05-20 15:08 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2018-12-20 21:58 - 2017-05-20 15:08 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2018-12-20 21:58 - 2017-03-18 22:03 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2018-12-20 21:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\InfusedApps 2018-12-20 21:51 - 2018-05-17 16:15 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2018-12-20 21:51 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps 2018-12-20 21:51 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\registration 2018-12-20 21:51 - 2017-12-24 19:26 - 000000000 ____D C:\ProgramData\F-Secure 2018-12-20 21:51 - 2017-11-18 23:17 - 000000000 ____D C:\Users\kezcyR\AppData\Local\UnrealEngine 2018-12-20 21:51 - 2017-06-10 13:44 - 000000000 ____D C:\Users\kezcyR\AppData\Local\SHU 2018-12-20 21:51 - 2017-05-30 18:55 - 000000000 ____D C:\ProgramData\Origin 2018-12-20 21:51 - 2017-05-20 15:40 - 000000000 ____D C:\Users\kezcyR\AppData\Local\NVIDIA 2018-12-20 21:51 - 2017-05-20 15:08 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2018-12-20 21:50 - 2018-07-01 17:23 - 000000000 ____D C:\Program Files\CPUID 2018-12-20 21:29 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2018-12-20 21:20 - 2017-05-21 19:58 - 000000000 ____D C:\Users\kezcyR\AppData\Local\Avg 2018-12-20 21:20 - 2017-05-21 19:58 - 000000000 ____D C:\ProgramData\Avg 2018-12-20 21:16 - 2018-06-23 19:12 - 000003082 __RSH C:\ProgramData\ntuser.pol 2018-12-20 20:49 - 2018-04-11 22:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2018-12-20 20:42 - 2018-05-17 15:28 - 001763504 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-12-20 20:42 - 2018-04-12 16:54 - 000782334 _____ C:\WINDOWS\system32\perfh015.dat 2018-12-20 20:42 - 2018-04-12 16:54 - 000151496 _____ C:\WINDOWS\system32\perfc015.dat 2018-12-20 19:11 - 2018-05-17 15:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-12-20 18:37 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-12-20 16:42 - 2018-05-17 15:24 - 000003042 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (kezcyR) 2018-12-20 16:41 - 2018-05-17 15:24 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3531603651-1163280169-3900036242-1001 2018-12-20 16:41 - 2018-05-17 15:19 - 000002414 _____ C:\Users\kezcyR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-12-20 16:41 - 2017-05-20 20:56 - 000000000 ___RD C:\Users\kezcyR\OneDrive 2018-12-19 22:44 - 2017-12-06 19:49 - 000000000 ____D C:\Users\kezcyR\AppData\Local\PlaceholderTileLogoFolder 2018-12-19 21:09 - 2017-11-30 18:24 - 000000000 ____D C:\Users\kezcyR\AppData\Local\Packages 2018-12-19 20:25 - 2018-06-18 18:03 - 000000000 ____D C:\Users\kezcyR\AppData\Roaming\Origin 2018-12-19 16:29 - 2018-05-17 15:24 - 000003568 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2018-12-19 16:29 - 2018-05-17 15:24 - 000003444 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2018-12-17 23:21 - 2018-08-20 17:57 - 000000000 ____D C:\WINDOWS\SysWOW64\directx 2018-12-17 23:21 - 2017-05-28 11:54 - 000000000 ____D C:\Users\kezcyR\AppData\Local\CrashDumps 2018-12-16 09:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2018-12-14 23:23 - 2017-09-29 17:53 - 000000000 ___RD C:\Users\kezcyR\3D Objects 2018-12-14 15:50 - 2017-05-20 15:08 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-12-14 15:50 - 2017-05-20 15:08 - 000002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-12-13 16:11 - 2017-12-24 19:26 - 000002137 _____ C:\Users\Public\Desktop\Pakiet Bezpieczeństwa UPC.lnk 2018-12-12 21:50 - 2017-10-07 18:10 - 000026192 _____ (Windows ® Server 2003 DDK provider) C:\WINDOWS\gdrv.sys 2018-12-12 19:25 - 2018-05-22 17:06 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-12 19:25 - 2018-05-22 17:06 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-12 19:25 - 2018-05-22 17:06 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-12 19:25 - 2018-05-22 17:06 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-12 19:25 - 2018-05-22 17:06 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-12 19:25 - 2018-05-17 15:24 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-12 19:25 - 2018-05-17 15:24 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-12 19:25 - 2018-05-17 15:24 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-12 19:25 - 2018-05-17 15:24 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-12 19:25 - 2018-05-17 15:24 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-12 19:25 - 2018-05-17 15:24 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-12 16:50 - 2018-03-01 19:19 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2018-12-12 16:50 - 2017-05-20 18:17 - 000592616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2018-12-12 02:42 - 2018-05-09 17:35 - 004999880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2018-12-11 16:58 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-12-11 12:00 - 2018-05-09 17:35 - 000048148 _____ C:\WINDOWS\system32\nvinfo.pb 2018-12-11 12:00 - 2017-05-20 15:27 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat 2018-12-11 08:08 - 2017-05-20 15:09 - 005338320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2018-12-11 08:08 - 2017-05-20 15:09 - 002620456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2018-12-11 08:08 - 2017-05-20 15:09 - 001767920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2018-12-11 08:08 - 2017-05-20 15:09 - 000651248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2018-12-11 08:08 - 2017-05-20 15:09 - 000450600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2018-12-11 08:08 - 2017-05-20 15:09 - 000124968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2018-12-11 08:08 - 2017-05-20 15:09 - 000082800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2018-12-11 03:57 - 2017-05-20 15:09 - 008459772 _____ C:\WINDOWS\system32\nvcoproc.bin 2018-12-10 17:55 - 2018-05-22 17:01 - 000000000 ____D C:\Users\kezcyR\AppData\Local\D3DSCache 2018-12-10 12:29 - 2017-09-25 21:38 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2018-12-09 16:07 - 2018-09-09 11:58 - 000000000 ____D C:\Users\kezcyR\Desktop\Nowy folder 2018-12-07 16:22 - 2018-10-03 15:40 - 000000000 ____D C:\Users\kezcyR\Desktop\zdjecia 2018-12-06 11:15 - 2018-05-22 17:06 - 002865136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2018-12-06 11:15 - 2018-05-22 17:06 - 002265072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2018-12-06 11:15 - 2018-05-22 17:06 - 001323504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll 2018-12-02 15:23 - 2017-05-20 16:10 - 000000000 ____D C:\Users\kezcyR\AppData\Roaming\TS3Client 2018-11-21 18:56 - 2018-04-09 17:05 - 001118648 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys 2018-11-20 17:05 - 2018-09-23 15:47 - 000000893 _____ C:\Users\Public\Desktop\FIFA 19.lnk ==================== Pliki w katalogu głównym wybranych folderów ======= 2018-10-23 21:05 - 2018-10-23 21:05 - 000002250 _____ () C:\Users\kezcyR\AppData\Local\recently-used.xbel 2018-04-20 18:04 - 2018-04-20 18:04 - 000000017 _____ () C:\Users\kezcyR\AppData\Local\resmon.resmoncfg ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2018-05-17 15:17 ==================== Koniec FRST.txt ============================ Edytowane 20 Grudnia 2018 przez ryczek11 Cytuj Link to post Share on other sites
jarrino 3911 Napisano 20 Grudnia 2018 Udostępnij Napisano 20 Grudnia 2018 (edytowane) No przecież masz to opisane w temacie....Zrób tak. Wprowadzanie w błąd // jg Edytowane 21 Grudnia 2018 przez jacekgothic Cytuj Link to post Share on other sites
3ndurek 3595 Napisano 21 Grudnia 2018 Udostępnij Napisano 21 Grudnia 2018 (edytowane) @@jarrino, co ma sobie niby zrobić? - to nie jest uniwersalny skrypt, poświęcam na to ~10 minut by przejrzeć logi i go wygenerować + właściwe dyrektywy. @@ryczek11, Uruchom FRST, naciśnij jednocześnie CTRL+Y, otworzy się notatnik - wklej do niego: Task: {166D7442-3620-4B5E-831F-320323B4673C} - Brak ścieżki do pliku Task: {5E34A4F3-8216-4CA7-97FA-1A88E05C7EE3} - System32\Tasks\kezcyR => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v kezcyR /t REG_SZ /d "explorer.exe hxxp://dipladoks.org" <==== UWAGA ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ContextMenuHandlers1: [sAScanShlExt] -> {94243EC1-AEE5-4d44-A6CF-6407ED967FED} => -> Brak pliku ContextMenuHandlers6: [sAScanShlExt] -> {94243EC1-AEE5-4d44-A6CF-6407ED967FED} => -> Brak pliku HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== UWAGA HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\...\Run: [kezcyR] => explorer.exe hxxp://dipladoks.org <==== UWAGA GroupPolicy: Ograniczenia ? <==== UWAGA HKU\S-1-5-21-3531603651-1163280169-3900036242-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://redtube.com/ U3 avgbdisk; Brak ImagePath S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X] Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"} EmptyTemp: Naciśnij jednocześnie CTRL+S. W FRST kliknij na Fix (NAPRAW) Daj znać czy pomogło. Edytowane 21 Grudnia 2018 przez 3ndurek Cytuj Link to post Share on other sites
Recommended Posts
Dołącz do dyskusji
Możesz dodać zawartość już teraz a zarejestrować się później. Jeśli posiadasz już konto, zaloguj się aby dodać zawartość za jego pomocą.