Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 03-05-2017 01 Uruchomiony przez Vaengar (administrator) VENGEANCE-6700 (04-05-2017 14:12:26) Uruchomiony z C:\Users\Vaengar\Downloads\Antiwir Załadowane profile: Vaengar (Dostępne profile: defaultuser0 & Vaengar) Platform: Windows 10 Pro Wersja 1607 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe (ASUSTeK) C:\Program Files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.28\AsusFanControlService.exe (Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegisterService.exe (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\HyStream\ASUSMediaBackgroundServer.exe (MSI) C:\Windows\SysWOW64\muachost.exe () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe (SAVITECH) C:\Program Files (x86)\SAVITECH\SVLoadSense\SVLoadSense.exe () C:\Program Files (x86)\ASUS\KeyBot II\KeyBotII.exe () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2Svc32.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\ShareEdit.exe () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2Svc64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\ASUSWSAgent.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe (Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe (Adobe Systems Incorporated) D:\Programy graficzne\Acrobat 10.0\Acrobat\acrobat_sl.exe () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe (Adobe Systems Inc.) D:\Programy graficzne\Acrobat 10.0\Acrobat\acrotray.exe () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegister.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8712960 2015-10-07] (Realtek Semiconductor) HKLM\...\Run: [SVLoadSense] => c:\Program Files (x86)\SAVITECH\SVLoadSense\SVLoadSense.exe [1762000 2015-09-21] (SAVITECH) HKLM\...\Run: [SS2UILauncher] => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe [347616 2015-11-13] () HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-04-27] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-30] (Microsoft Corporation) HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [AO Link Server] => C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ALRun.exe -start HKLM-x32\...\Run: [ASUS Media Streamer ShareEdit] => C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\ShareEdit.exe [1194808 2015-07-07] () HKLM-x32\...\Run: [ASUS Media Streamer DMS] => C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe [2569528 2015-07-07] () HKLM-x32\...\Run: [ASUS Media Streamer WSAgent] => C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\ASUSWSAgent.exe [86840 2015-06-03] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => D:\Programy graficzne\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Programy graficzne\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.) HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [13396944 2017-02-07] (Micro-Star INT'L CO., LTD.) HKLM-x32\...\Run: [MSIRegister] => C:\MSI\MSIRegister\MSIRegister.exe [1258448 2016-11-09] (Micro-Star INT'L CO., LTD.) HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup HKU\S-1-5-21-3106282050-108205753-2009622092-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd) HKU\S-1-5-21-3106282050-108205753-2009622092-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd) HKU\S-1-5-21-3106282050-108205753-2009622092-1002\...\RunOnce: [Edge_DisableAdobeFlashPlayer] => C:\Windows\System32\cmd.exe /c REG ADD "HKEY_CURRENT_USER\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Microsoft (dane wartości zawierają 66 znaków więcej). HKU\S-1-5-21-3106282050-108205753-2009622092-1002\...\RunOnce: [Edge_DisablePagePrediction] => C:\Windows\System32\cmd.exe /c REG ADD "HKEY_CURRENT_USER\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Microsoft (dane wartości zawierają 60 znaków więcej). HKU\S-1-5-21-3106282050-108205753-2009622092-1002\...\RunOnce: [Edge_DisableSaveProtectedMediaLicensesonmyDevice] => C:\Windows\System32\cmd.exe /c REG ADD "HKEY_CURRENT_USER\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Microsoft (dane wartości zawierają 79 znaków więcej). HKU\S-1-5-21-3106282050-108205753-2009622092-1002\...\RunOnce: [Edge_DisableShowSearchSuggestionasItype] => C:\Windows\System32\cmd.exe /c REG ADD "HKEY_CURRENT_USER\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Microsoft (dane wartości zawierają 94 znaków więcej). HKU\S-1-5-21-3106282050-108205753-2009622092-1002\...\MountPoints2: {1a5dea56-2fe9-11e7-8177-708bcd57659e} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3106282050-108205753-2009622092-1002\...\MountPoints2: {25db0195-066f-11e7-815a-708bcd57659e} - "H:\setup.exe" HKU\S-1-5-21-3106282050-108205753-2009622092-1002\...\MountPoints2: {d5baef78-d756-11e6-8142-708bcd57659e} - "J:\setup.exe" HKU\S-1-5-21-3106282050-108205753-2009622092-1002\...\MountPoints2: {e8322174-f5c5-11e6-814f-708bcd57659e} - "J:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3106282050-108205753-2009622092-1002\...\MountPoints2: {e8322196-f5c5-11e6-814f-708bcd57659e} - "I:\HiSuiteDownLoader.exe" ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 31.11.202.254 37.8.214.2 Tcpip\..\Interfaces\{229c7636-fd8e-45e5-9579-adfe45d2f82d}: [DhcpNameServer] 31.11.202.254 37.8.214.2 Internet Explorer: ================== BHO: Brak nazwy -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Windows\system32\OldNewExplorer64.dll [2016-07-26] (www.startisback.com) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-30] (Oracle Corporation) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-30] (Oracle Corporation) BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Vaengar\AppData\Roaming\Mozilla\Firefox\Profiles\erxdhxku.default-1493805161416 [2017-05-04] FF Homepage: Mozilla\Firefox\Profiles\erxdhxku.default-1493805161416 -> www.google.com FF Extension: (Ghostery) - C:\Users\Vaengar\AppData\Roaming\Mozilla\Firefox\Profiles\erxdhxku.default-1493805161416\Extensions\firefox@ghostery.com.xpi [2017-05-03] FF Extension: (uBlock Origin) - C:\Users\Vaengar\AppData\Roaming\Mozilla\Firefox\Profiles\erxdhxku.default-1493805161416\Extensions\uBlock0@raymondhill.net.xpi [2017-05-03] FF Extension: (Disable TLS Certificate Transparency) - C:\Users\Vaengar\AppData\Roaming\Mozilla\Firefox\Profiles\erxdhxku.default-1493805161416\features\{511ad654-c32b-4c7f-9ab7-3665dce39263}\disable-cert-transparency@mozilla.org.xpi [2017-05-03] FF Extension: (Disable Prefetch) - C:\Users\Vaengar\AppData\Roaming\Mozilla\Firefox\Profiles\erxdhxku.default-1493805161416\features\{511ad654-c32b-4c7f-9ab7-3665dce39263}\disable-prefetch@mozilla.org.xpi [2017-05-03] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - D:\Programy graficzne\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF Extension: (Adobe Acrobat - Create PDF) - D:\Programy graficzne\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2016-12-01] [Brak podpisu cyfrowego] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll [2017-04-19] () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWoW64\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-19] () FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWoW64\npDeployJava1.dll [2016-11-29] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-30] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: Adobe Acrobat -> D:\Programy graficzne\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) Chrome: ======= CHR HomePage: Default -> hxxps://www.google.com/ CHR DefaultSearchURL: Default -> hxxp://www.ourluckysites.com/search/?type=ds&ts=1493283627&z=2d82402b745b45b2b5dd01agdzct8c9o3b1caqaoez&from=che0812&uid=GOODRAM_22C7076817C400012276&q={searchTerms} CHR DefaultSearchKeyword: Default -> ourluckysites CHR Profile: C:\Users\Vaengar\AppData\Local\Google\Chrome\User Data\Default [2017-05-03] CHR Extension: (Docs) - C:\Users\Vaengar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-05] CHR Extension: (Dysk Google) - C:\Users\Vaengar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-05] CHR Extension: (YouTube) - C:\Users\Vaengar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-05] CHR Extension: (Gmail) - C:\Users\Vaengar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-05] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-05-08] () R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2015-06-05] (ASUSTeK Computer Inc.) R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] () [Brak podpisu cyfrowego] R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.28\AsusFanControlService.exe [398648 2015-08-20] (ASUSTeK Computer Inc.) R2 AsusGameFirstService; C:\Program Files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe [346424 2015-04-10] (ASUSTeK) R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428656 2017-04-27] (AVG Technologies CZ, s.r.o.) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [395024 2016-12-27] (EasyAntiCheat Ltd) S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [284224 2016-12-06] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6625856 2016-11-28] (GOG.com) R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-04-11] () R2 MSIREGISTER_MR; C:\MSI\MSIRegister\MSIRegisterService.exe [132048 2016-10-07] (Micro-Star INT'L CO., LTD.) S2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [54200 2016-05-27] (Micro-Star INT'L CO., LTD.) R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2286544 2017-02-07] (Micro-Star INT'L CO., LTD.) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-02-23] (NVIDIA Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-30] (Microsoft Corporation) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Brak podpisu cyfrowego] S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.) R3 AndroidAFD; C:\Windows\SysWow64\drivers\AndroidAFDx64.sys [22192 2015-10-19] (ASUSTek Computer Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] () R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] () R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-03-14] (Disc Soft Ltd) S3 dtproscsibus; C:\Windows\System32\drivers\dtproscsibus.sys [30352 2016-11-29] (Disc Soft Ltd) R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d65x64.sys [530416 2015-06-18] (Intel Corporation) S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2017-04-11] (Huawei Technologies Co., Ltd.) S3 gencounter; C:\Windows\System32\drivers\vmgencounter.sys [13312 2016-07-16] (Microsoft Corporation) [Brak podpisu cyfrowego] U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-04-11] (Huawei Technologies Co., Ltd.) S3 hyperkbd; C:\Windows\System32\drivers\hyperkbd.sys [16384 2016-07-16] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 I2cHkBurn; C:\Windows\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.) R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2015-08-20] (ASUSTeK Computer Inc.) S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R1 NFC_Driver; C:\Windows\System32\drivers\NFC_Driver.sys [48336 2015-04-10] (Titan ARC Corp.) S3 NTIOLib_ACTIVE_X; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\NTIOLib_X64.sys [13776 2016-04-12] (MSI) R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_b67dc924fff8de6d\nvlddmkm.sys [14199224 2017-01-04] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46016 2017-02-23] (NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-02-23] (NVIDIA Corporation) S3 s3cap; C:\Windows\System32\drivers\vms3cap.sys [9216 2016-07-16] (Microsoft Corporation) [Brak podpisu cyfrowego] R3 SensorsSimulatorDriver; C:\Windows\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation) R1 SvThLSNS; c:\Program Files (x86)\SAVITECH\SVLoadSense\x64\SvThLSNS.sys [15184 2015-09-21] (Windows (R) Win 7 DDK provider) S3 Synth3dVsc; C:\Windows\System32\drivers\Synth3dVsc.sys [64000 2016-07-16] (Microsoft Corporation) [Brak podpisu cyfrowego] U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () S3 VMBusHID; C:\Windows\System32\drivers\VMBusHID.sys [25088 2016-07-16] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2016-07-16] (Microsoft Corporation) [Brak podpisu cyfrowego] S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) S3 WiseRegNotify; C:\Windows\WiseRegNotify.sys [29616 2016-10-04] (WiseCleaner.com) R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-03-14] (Zemana Ltd.) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-05-04 14:11 - 2017-05-04 14:12 - 00022354 _____ C:\Windows\ZAM_Guard.krnl.trace 2017-05-03 23:48 - 2017-05-03 23:48 - 749754746 _____ C:\Users\Vaengar\Downloads\PortalKnKnights.v0.8.1.part2.rar 2017-05-03 23:38 - 2017-05-03 23:46 - 1038090251 _____ C:\Users\Vaengar\Downloads\PortalKnKnights.v0.8.1.part1.rar 2017-05-03 22:55 - 2017-05-04 09:11 - 00001066 _____ C:\Users\Public\Desktop\HiSuite.lnk 2017-05-03 22:55 - 2017-05-03 22:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite 2017-05-03 22:55 - 2017-05-03 22:55 - 00000000 ____D C:\Program Files (x86)\HiSuite 2017-05-03 22:55 - 2017-04-11 04:17 - 00287232 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbnet.sys 2017-05-03 22:55 - 2017-04-11 04:17 - 00226560 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbmdm.sys 2017-05-03 22:55 - 2017-04-11 04:17 - 00127360 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_cdcacm.sys 2017-05-03 22:55 - 2017-04-11 04:17 - 00116864 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_usbdev.sys 2017-05-03 15:03 - 2017-05-04 09:11 - 00001581 _____ C:\Users\Vaengar\Desktop\firefox.exe.lnk 2017-05-03 15:02 - 2017-05-03 15:02 - 00010009 _____ C:\Users\Vaengar\Desktop\Sprzęt działalnoś2ć.xlsx 2017-05-03 13:11 - 2017-05-03 13:11 - 00499572 _____ C:\Users\Vaengar\Downloads\pexels-photo-172748.jpeg 2017-05-03 13:03 - 2017-05-03 13:03 - 00606070 _____ C:\Users\Vaengar\Downloads\pexels-photo-196666.jpeg 2017-05-03 12:14 - 2017-05-04 14:11 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2017-05-03 12:14 - 2017-05-04 14:01 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-05-03 12:14 - 2017-05-04 14:01 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2017-05-03 12:14 - 2017-05-03 12:14 - 00000000 ____D C:\Users\Vaengar\Downloads\MBR 2017-05-03 12:14 - 2017-05-03 12:14 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-05-03 12:11 - 2017-05-03 12:11 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Vaengar\Downloads\mbar-1.09.3.1001.exe 2017-05-03 12:06 - 2017-05-03 12:06 - 00000008 __RSH C:\Users\Vaengar\ntuser.pol 2017-05-03 12:06 - 2017-05-03 12:06 - 00000008 __RSH C:\ProgramData\ntuser.pol 2017-05-03 11:52 - 2017-05-03 11:52 - 00000000 ____D C:\Users\Vaengar\Desktop\Stare dane programu Firefox 2017-05-03 10:28 - 2017-05-03 10:28 - 00173879 _____ C:\Users\Vaengar\Desktop\ART.pdf 2017-05-03 10:06 - 2017-05-03 10:06 - 00000000 _____ C:\Windows\SysWOW64\1 2017-05-02 18:27 - 2017-05-02 18:27 - 00000165 ____H C:\Users\Vaengar\Desktop\~$Sprzęt działalność.xlsx 2017-05-01 17:07 - 2017-05-01 17:11 - 00560680 _____ C:\Windows\system32\Drivers\EasyAntiCheat.sys 2017-05-01 17:07 - 2016-12-27 10:23 - 00395024 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe 2017-05-01 13:34 - 2017-05-01 17:13 - 00000805 _____ C:\Users\Public\Desktop\Watch_Dogs 2.lnk 2017-05-01 13:34 - 2017-05-01 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Watch_Dogs 2 2017-04-30 22:11 - 2017-04-30 22:27 - 00000000 ____D C:\Users\Vaengar\Desktop\Pałac Wojciechów 2017-04-28 10:06 - 2017-04-29 00:01 - 00000000 ____D C:\Alitkojck 2017-04-28 09:34 - 2017-04-28 09:37 - 00000000 ____D C:\Users\Vaengar\AppData\Local\VSIXInstaller 2017-04-27 22:50 - 2017-04-27 22:50 - 00000000 _____ C:\autoexec.bat 2017-04-27 21:33 - 2017-04-27 21:39 - 96501476 _____ C:\Users\Vaengar\Desktop\Zabytki okiem kamery - Jakub Siwek .mp4 2017-04-27 19:19 - 2017-04-27 19:19 - 02520613 _____ C:\Users\Vaengar\Desktop\Sayen_Brochure_04-2017.pdf 2017-04-27 12:48 - 2017-05-04 14:11 - 00000000 ____D C:\Users\Vaengar\Downloads\Antiwir 2017-04-27 12:46 - 2017-05-04 14:12 - 00000000 ____D C:\FRST 2017-04-27 12:04 - 2017-04-27 12:04 - 04102600 _____ C:\Users\Vaengar\Downloads\adwcleaner_6.046.exe 2017-04-27 12:02 - 2017-05-02 12:23 - 00000000 _____ C:\Windows\SysWOW64\11 2017-04-27 12:02 - 2017-04-27 12:02 - 00000000 ____D C:\ProgramData\Apple 2017-04-27 12:02 - 2017-04-27 12:02 - 00000000 _____ C:\Windows\SysWOW64\22 2017-04-26 10:08 - 2017-04-26 10:08 - 00000000 ____D C:\Windows\psgo 2017-04-26 10:06 - 2017-05-03 09:11 - 00000000 ____D C:\Program Files\MK 2017-04-26 10:06 - 2017-05-03 09:09 - 00000000 ____D C:\Insist 2017-04-25 20:42 - 2017-04-25 20:42 - 00000000 ____D C:\Users\Vaengar\Desktop\Patrycja foto 2017-04-25 20:41 - 2017-04-25 23:04 - 00000000 ____D C:\Users\Vaengar\Desktop\Żeliszów 2017-04-24 23:15 - 2017-04-24 23:15 - 00192404 _____ C:\Users\Vaengar\Desktop\ART.ai 2017-04-24 23:15 - 2017-04-24 23:15 - 00000218 _____ C:\Users\Vaengar\AppData\Local\recently-used.xbel 2017-04-24 22:37 - 2017-04-24 22:37 - 00173822 _____ C:\Users\Vaengar\Desktop\Untitled-1.ai 2017-04-24 18:49 - 2017-04-24 18:49 - 00195381 _____ C:\Users\Vaengar\Desktop\Untitled-22.ai 2017-04-24 12:40 - 2017-04-19 23:30 - 00009864 _____ C:\Users\Vaengar\Desktop\Nowy OpenDocument Dokument tekstowy.odt 2017-04-24 12:39 - 2017-04-25 20:42 - 00000000 ____D C:\Users\Vaengar\Desktop\x 2017-04-23 15:08 - 2017-04-24 21:18 - 00000249 _____ C:\Users\Vaengar\Desktop\Nowy dokument tekstowy (2).txt 2017-04-23 10:43 - 2017-04-23 10:46 - 00000000 ____D C:\Users\Vaengar\Downloads\Diamond Foxxx 2017-04-22 07:08 - 2017-04-23 21:31 - 00000000 ____D C:\Users\Vaengar\Desktop\KP 2017-04-21 14:41 - 2017-04-21 14:41 - 06030375 _____ C:\Users\Vaengar\Desktop\Untitle22d-1.ai 2017-04-21 00:18 - 2017-04-21 00:18 - 00167464 _____ C:\Users\Vaengar\Desktop\twarzdologo.ai 2017-04-19 23:31 - 2017-04-20 15:40 - 00009715 _____ C:\Users\Vaengar\Desktop\List do M.odt 2017-04-19 20:31 - 2017-04-19 20:33 - 00000000 ____D C:\Users\Vaengar\Documents\Visual Studio 2015 2017-04-19 20:12 - 2017-04-19 20:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2017-04-19 20:12 - 2017-04-19 20:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2017-04-19 20:11 - 2017-04-19 20:11 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition 2017-04-19 20:11 - 2017-04-19 20:11 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2017-04-19 20:05 - 2017-04-28 09:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0 2017-04-19 20:02 - 2017-04-19 20:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer 2017-04-19 19:37 - 2017-04-19 19:37 - 00001006 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-Deklaracje.lnk 2017-04-19 19:37 - 2017-04-19 19:37 - 00000000 ____D C:\Users\Vaengar\AppData\Roaming\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1 2017-04-19 19:37 - 2017-04-19 19:37 - 00000000 ____D C:\Program Files (x86)\e-Deklaracje 2017-04-19 11:48 - 2017-04-19 11:48 - 00000000 ____D C:\Program Files (x86)\58F7326C_jumpeasy 2017-04-19 10:24 - 2017-04-19 10:24 - 03196565 _____ C:\Users\Vaengar\Desktop\bannerexpo1.ai 2017-04-18 21:28 - 2017-04-18 21:28 - 00006982 _____ C:\Users\Vaengar\Desktop\PrezentacjaSAYEN.vpj 2017-04-18 21:17 - 2017-04-18 21:17 - 86119917 _____ C:\Users\Vaengar\Desktop\Prezentacja_PORTO.ai 2017-04-18 21:01 - 2017-05-04 09:11 - 00001217 _____ C:\Users\Public\Desktop\VideoPad Video Editor.lnk 2017-04-18 21:01 - 2017-04-18 21:01 - 00002133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Suite.lnk 2017-04-18 21:01 - 2017-04-18 21:01 - 00001229 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk 2017-04-18 20:30 - 2017-04-20 10:43 - 00000000 ____D C:\Users\Vaengar\Desktop\Logo 2017-04-18 14:00 - 2017-04-18 21:19 - 00000000 ____D C:\Users\Vaengar\Desktop\Nowy folder 2017-04-18 10:45 - 2017-04-18 17:21 - 724121600 _____ C:\Users\Vaengar\Downloads\Desperate_2445s_and_Housewives_8-dfa-dmhw8-2_666.avi 2017-04-17 23:09 - 2017-04-18 23:05 - 00191178 _____ C:\Users\Vaengar\Desktop\CNGlogo.ai 2017-04-17 17:10 - 2017-04-17 17:10 - 00000000 ____D C:\Users\Vaengar\AppData\Roaming\Steinberg 2017-04-17 17:09 - 2017-04-17 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\asiomulti 2017-04-17 17:09 - 2017-04-17 17:09 - 00000000 ____D C:\Program Files (x86)\vidance 2017-04-17 00:37 - 2017-04-17 00:38 - 00512208 _____ C:\Users\Vaengar\Downloads\pexels-photo-190902.jpeg 2017-04-16 21:18 - 2017-04-28 09:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0 2017-04-16 21:15 - 2017-04-28 09:47 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs 2017-04-16 21:15 - 2017-04-28 09:39 - 00000000 ____D C:\Program Files (x86)\Windows Kits 2017-04-15 14:25 - 2017-04-15 14:32 - 00000000 ____D C:\Users\Vaengar\Desktop\DnD 2017-04-14 15:05 - 2017-04-14 15:05 - 04977677 _____ C:\Users\Vaengar\Downloads\pacemaker_speedgraphic_1000.pdf 2017-04-14 10:24 - 2017-04-14 10:24 - 00007974 _____ C:\Users\Vaengar\Downloads\Supreme to Extreme Graphics Options V4.0-1897-4-0.7z 2017-04-14 08:19 - 2017-04-14 08:35 - 00057758 _____ C:\Windows\ZAM.krnl.trace 2017-04-14 07:44 - 2017-04-14 07:44 - 00394497 _____ C:\Users\Vaengar\Downloads\Aveyond.pdf 2017-04-14 07:44 - 2017-04-14 07:44 - 00392951 _____ C:\Users\Vaengar\Downloads\Zafiron.pdf 2017-04-13 22:06 - 2017-04-21 00:47 - 00000000 ____D C:\Update 2017-04-13 19:50 - 2017-04-13 19:50 - 00000000 ____D C:\Users\Vaengar\AppData\Local\MusicLab 2017-04-13 19:50 - 2017-04-13 19:50 - 00000000 ____D C:\ProgramData\MusicLab 2017-04-13 19:49 - 2017-04-16 18:46 - 00000000 ____D C:\Program Files\MusicLab 2017-04-13 10:02 - 2017-04-13 10:28 - 00032170 _____ C:\Users\Vaengar\Downloads\O marce.odt 2017-04-13 10:02 - 2017-04-13 10:02 - 00005443 _____ C:\Users\Vaengar\Downloads\Contact.odt 2017-04-13 10:02 - 2017-04-13 10:02 - 00005068 _____ C:\Users\Vaengar\Downloads\Zakładka shop.odt 2017-04-13 09:44 - 2017-04-13 09:44 - 00387571 _____ C:\Users\Vaengar\Downloads\Regmund(1).pdf 2017-04-12 17:21 - 2017-04-12 17:21 - 00000000 ____D C:\Users\Vaengar\Downloads\champignon 2017-04-12 17:17 - 2017-04-12 17:17 - 00086898 _____ C:\Users\Vaengar\Downloads\honey_script.zip 2017-04-11 22:58 - 2017-04-11 22:58 - 00182044 _____ C:\Users\Vaengar\Desktop\Euphoria_logo.ai 2017-04-11 19:10 - 2017-04-11 19:10 - 00613542 _____ C:\Users\Vaengar\Downloads\179331142.pdf 2017-04-11 19:07 - 2017-04-11 19:07 - 00177133 _____ C:\Users\Vaengar\Documents\Oświadczenie.pdf 2017-04-11 15:13 - 2017-04-11 15:13 - 02188319 _____ C:\Users\Vaengar\Desktop\Untitled-1.psd 2017-04-11 04:17 - 2017-04-11 04:17 - 00018944 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbccgpfilter.sys 2017-04-10 19:27 - 2017-04-10 19:27 - 00769435 _____ C:\Users\Vaengar\Downloads\malzenstwa_i_dzietnosc_w_polsce.pdf 2017-04-10 17:06 - 2017-04-10 17:06 - 00000000 ____D C:\ProgramData\common 2017-04-09 14:55 - 2017-04-09 14:55 - 00664297 _____ C:\Users\Vaengar\Downloads\3176614743.pdf 2017-04-09 14:49 - 2017-04-09 14:49 - 00026036 _____ C:\Users\Vaengar\Downloads\rachunek-marzec.pdf 2017-04-09 12:09 - 2017-04-09 12:09 - 00000000 _____ C:\Windows\system32\last.dump 2017-04-05 21:22 - 2017-04-05 21:22 - 00374041 _____ C:\Users\Vaengar\Downloads\Regmund.pdf 2017-04-05 17:07 - 2017-04-05 17:07 - 00439455 _____ C:\Users\Vaengar\Downloads\Ulf.pdf 2017-04-04 17:46 - 2017-04-04 17:46 - 00168005 _____ C:\Users\Vaengar\Desktop\Untitled-2.ai ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-05-04 14:12 - 2016-11-29 21:04 - 01048576 _____ C:\Windows\PE_Rom.dll 2017-05-04 14:11 - 2016-11-29 21:02 - 00000000 ____D C:\ProgramData\NVIDIA 2017-05-04 14:11 - 2016-10-04 23:44 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-05-04 14:11 - 2016-07-16 08:04 - 00131072 _____ C:\Windows\system32\config\BBI 2017-05-04 14:10 - 2016-11-30 00:08 - 00000000 ____D C:\Users\Vaengar\AppData\LocalLow\Mozilla 2017-05-04 14:08 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\TAPI 2017-05-04 13:47 - 2016-11-29 19:01 - 00000000 ____D C:\Users\Vaengar\AppData\Local\Packages 2017-05-04 13:21 - 2016-10-04 23:44 - 00000000 ____D C:\Windows\system32\SleepStudy 2017-05-04 09:11 - 2017-03-14 17:03 - 00001975 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2017-05-04 09:11 - 2016-11-30 21:57 - 00001054 _____ C:\Users\Public\Desktop\Deluge.lnk 2017-05-04 00:03 - 2017-01-15 00:00 - 00005350 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for VENGEANCE-6700-Vaengar VENGEANCE-6700 2017-05-03 22:57 - 2016-07-16 13:45 - 00000000 ____D C:\Windows\INF 2017-05-03 22:56 - 2017-02-22 20:50 - 00000000 ____D C:\Users\Vaengar\AppData\Local\Hisuite 2017-05-03 22:47 - 2017-03-14 19:15 - 00003668 _____ C:\Windows\System32\Tasks\AVG EUpdate Task 2017-05-03 15:28 - 2016-11-30 20:47 - 00000000 ____D C:\Users\Vaengar\AppData\Roaming\vlc 2017-05-03 12:20 - 2016-11-29 19:04 - 03872038 _____ C:\Windows\system32\PerfStringBackup.INI 2017-05-03 12:20 - 2016-07-17 00:05 - 01680412 _____ C:\Windows\system32\perfh015.dat 2017-05-03 12:20 - 2016-07-17 00:05 - 00460104 _____ C:\Windows\system32\perfc015.dat 2017-05-03 12:12 - 2017-03-14 19:05 - 00000000 ____D C:\AdwCleaner 2017-05-03 12:06 - 2016-12-10 09:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-05-03 12:06 - 2016-11-29 19:01 - 00000000 ____D C:\Users\Vaengar 2017-05-03 12:05 - 2017-03-29 22:06 - 00000000 ____D C:\Users\Vaengar\Desktop\Gry 2017-05-03 12:05 - 2016-11-30 08:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico 2017-05-03 12:05 - 2016-06-11 10:08 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2017-05-03 12:03 - 2017-03-07 22:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-05-03 11:15 - 2017-03-27 23:05 - 00009930 _____ C:\Users\Vaengar\Desktop\Podliczenie 27-02 do 31-03.xlsx 2017-05-03 09:09 - 2017-03-14 18:06 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP152.SYS 2017-05-02 21:56 - 2016-11-30 21:57 - 00000000 ____D C:\Users\Vaengar\AppData\Roaming\deluge 2017-05-02 19:13 - 2017-03-14 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2017-05-01 17:13 - 2016-12-11 19:40 - 00000000 ____D C:\Users\Vaengar\Documents\My Games 2017-05-01 17:06 - 2016-12-06 23:09 - 00000000 ____D C:\Users\Vaengar\Documents\CPY_SAVES 2017-05-01 13:31 - 2017-03-14 17:03 - 00000000 ____D C:\Users\Vaengar\AppData\Roaming\DAEMON Tools Lite 2017-04-28 13:27 - 2016-12-07 21:42 - 00000016 _____ C:\Windows\system32\w3data.vss 2017-04-28 13:27 - 2016-12-07 21:42 - 00000016 _____ C:\Windows\system32\msvcsv60.dll 2017-04-28 13:27 - 2016-12-07 21:42 - 00000016 _____ C:\Windows\msocreg32.dat 2017-04-28 13:27 - 2016-12-07 21:42 - 00000016 _____ C:\Users\Vaengar\AppData\Roaming\msregsvv.dll 2017-04-28 09:47 - 2016-11-29 20:55 - 00000000 ____D C:\ProgramData\Package Cache 2017-04-28 09:40 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-04-28 09:40 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2017-04-28 09:32 - 2016-11-29 21:00 - 00000000 ____D C:\Program Files (x86)\Google 2017-04-28 09:08 - 2017-01-03 09:57 - 00000000 ____D C:\Users\Vaengar\Desktop\Pliki Sayen 2017-04-27 22:10 - 2016-11-30 22:21 - 00000000 ____D C:\Users\Vaengar\Documents\The Witcher 3 2017-04-27 20:59 - 2016-11-29 18:59 - 00000000 ____D C:\Users\defaultuser0 2017-04-27 20:44 - 2017-03-14 19:15 - 00000000 ____D C:\Program Files (x86)\AVG 2017-04-27 20:44 - 2017-03-14 19:14 - 00000000 ____D C:\ProgramData\Avg 2017-04-27 13:11 - 2017-03-14 19:14 - 00000000 ____D C:\Users\Vaengar\AppData\Local\AvgSetupLog 2017-04-27 13:11 - 2016-07-16 08:04 - 00032768 _____ C:\Windows\system32\config\ELAM 2017-04-27 12:48 - 2017-02-10 01:11 - 00000000 ____D C:\Users\Vaengar\Downloads\AI_PSD 2017-04-27 12:08 - 2017-03-14 18:20 - 00000000 ____D C:\Windows\system32\log 2017-04-26 09:57 - 2017-01-14 19:57 - 00000000 ____D C:\Users\Vaengar\AppData\Local\Microsoft Help 2017-04-25 14:36 - 2017-02-22 14:42 - 00000000 ____D C:\Users\Vaengar\Desktop\Teksty na blog - PURPLE STUDIO 2017-04-24 12:35 - 2017-03-09 11:47 - 00010031 _____ C:\Users\Vaengar\Desktop\Sprzęt działalność.xlsx 2017-04-21 00:54 - 2017-03-24 23:28 - 00000000 ____D C:\Users\Vaengar\AppData\Roaming\TS3Client 2017-04-20 10:17 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\rescache 2017-04-19 20:35 - 2016-12-11 15:22 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software 2017-04-19 20:11 - 2017-01-14 19:57 - 00000000 ____D C:\Program Files\Microsoft SQL Server 2017-04-19 20:11 - 2017-01-14 19:57 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2017-04-19 20:07 - 2016-07-16 13:36 - 00000000 ____D C:\Windows\CbsTemp 2017-04-19 20:02 - 2016-09-06 22:19 - 00000000 ____D C:\Program Files (x86)\MSBuild 2017-04-19 19:36 - 2016-11-30 19:12 - 00004486 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-04-19 19:36 - 2016-11-30 19:11 - 00000000 ____D C:\Users\Vaengar\AppData\Local\Adobe 2017-04-19 19:36 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2017-04-19 19:36 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\Macromed 2017-04-18 21:01 - 2016-12-11 15:22 - 00000000 ____D C:\Program Files (x86)\NCH Software 2017-04-16 21:46 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\AppReadiness 2017-04-14 13:19 - 2017-03-14 19:02 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware 2017-04-12 20:19 - 2017-03-20 14:18 - 00392741 _____ C:\DUMP11a3.tmp 2017-04-12 20:13 - 2016-11-29 18:58 - 10701024 _____ C:\Windows\system32\FNTCACHE.DAT 2017-04-11 04:17 - 2017-02-22 20:50 - 02152176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFUpdate_01009.dll 2017-04-11 04:17 - 2017-02-22 20:50 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01009.dll 2017-04-11 04:17 - 2017-02-22 20:50 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusbcoinstaller2.dll 2017-04-11 04:17 - 2015-09-21 17:33 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01009.dll 2017-04-10 21:21 - 2016-12-19 17:12 - 00000132 _____ C:\Users\Vaengar\AppData\Roaming\Adobe PNG Format CS6 Prefs 2017-04-08 00:16 - 2017-02-14 17:13 - 00000000 ____D C:\Users\Vaengar\Documents\WB Games ==================== Pliki w katalogu głównym wybranych folderów ======= 2016-12-19 17:12 - 2017-04-10 21:21 - 0000132 _____ () C:\Users\Vaengar\AppData\Roaming\Adobe PNG Format CS6 Prefs 2016-12-07 21:42 - 2017-04-28 13:27 - 0000016 _____ () C:\Users\Vaengar\AppData\Roaming\msregsvv.dll 2017-01-31 19:13 - 2017-01-31 19:13 - 0001456 _____ () C:\Users\Vaengar\AppData\Local\Adobe Save for Web 13.0 Prefs 2017-04-24 23:15 - 2017-04-24 23:15 - 0000218 _____ () C:\Users\Vaengar\AppData\Local\recently-used.xbel 2017-01-08 22:14 - 2017-03-14 20:01 - 0007615 _____ () C:\Users\Vaengar\AppData\Local\Resmon.ResmonCfg 2016-12-07 21:42 - 2017-02-18 00:19 - 0000016 _____ () C:\ProgramData\autobk.inc 2017-03-14 20:03 - 2017-03-18 12:52 - 0014273 _____ () C:\ProgramData\NvTelemetryContainer.log 2017-03-14 19:32 - 2017-03-14 20:03 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1 ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-05-04 00:03 ==================== Koniec FRST.txt ============================