Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 14.01.2019 01 Uruchomiony przez PiotriPawel (administrator) DESKTOP-H0L45LA (15-01-2019 21:28:01) Uruchomiony z F:\Pobrane Załadowane profile: PiotriPawel (Dostępne profile: PiotriPawel) Platform: Windows 10 Education Wersja 1809 17763.253 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Scarlet.Crush Productions) C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe (Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\NisSrv.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\YourPhone.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (Zhorn Software) D:\Stickies\stickies.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1811.3241.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\HxOutlook.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe (Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [jv16 PT (Startup Optimizer)] => "D:\Jv 16 PowerTools\jv16pt_PreWorker2.exe" /StartupOptimizer /PT:"D:\Jv 16 PowerTools\" HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.) HKLM\...\Policies\Explorer: [NoRecentDocsHistory] 00000000 HKLM\...\Policies\Explorer: [NoShellSearchButton] 0 HKLM\...\Policies\Explorer: [NoTrayContextMenu] 00000000 HKLM\...\Policies\Explorer: [NoSetTaskBar] 0 HKLM\...\Policies\Explorer: [NoFileMenu] 0 HKLM\...\Policies\Explorer: [NoNetworkConnections] 0 HKLM\...\Policies\Explorer: [NoChangeStartMenu] 00000000 HKLM\...\Policies\Explorer: [NoDesktop] 00000000 HKLM\...\Policies\Explorer: [MaxRecentDocs] 0 HKLM\...\Policies\Explorer: [NoNetConnectDisconnect] 0 HKLM\...\Policies\Explorer: [NoRemoteRecursiveEvents] 0 HKLM\...\Policies\Explorer: [NoFind] 0 HKLM\...\Policies\Explorer: [ClearRecentDocsOnExit] 00000000 HKLM\...\Policies\Explorer: [NoInternetIcon] 0 HKLM\...\Policies\Explorer: [NoStartBanner] 00000000 HKLM\...\Policies\Explorer: [NoNetHood] 0 HKLM\...\Policies\Explorer: [NoViewContextMenu] 00000000 HKLM\...\Policies\Explorer: [NoWinKey] 0 HKLM\...\Policies\Explorer: [NoNetConnextDisconnect] 0 HKLM\...\Policies\Explorer: [NoFavoritesMenu] 0 HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0 HKLM\...\Policies\Explorer: [NoDriveAutoRun] -1 HKLM\...\Policies\Explorer: [NoSMConfigurePrograms] 0 HKLM\...\Policies\Explorer: [NoControlPanle] 0 HKU\S-1-5-21-3233140318-2867628280-3791645511-1001\...\Run: [com.blitz.app] => C:\Users\PiotriPawel\AppData\Local\Blitz\Update.exe [1841104 2019-01-02] (GitHub) HKU\S-1-5-18\...\Policies\system: [NoAdminPage] 0 HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () HKLM\...\Drivers32-x32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2018-12-26] ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk [2018-11-16] ShortcutTarget: Stickies.lnk -> D:\Stickies\stickies.exe (Zhorn Software) Startup: C:\Users\PiotriPawel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RtkNGUI64.lnk [2018-10-29] ShortcutTarget: RtkNGUI64.lnk -> C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 62.179.1.63 62.179.1.62 Tcpip\..\Interfaces\{07cd2da5-327f-4be5-8f46-854c9edf57fc}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{a92461da-7a25-4c12-b61e-96736fceb813}: [DhcpNameServer] 62.179.1.63 62.179.1.62 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = FireFox: ======== FF DefaultProfile: 464mo0hh.default-1546897867381 FF ProfilePath: C:\Users\PiotriPawel\AppData\Roaming\Mozilla\Firefox\Profiles\464mo0hh.default-1546897867381 [2019-01-15] FF Extension: (Adblock Plus – wersja rozwojowa) - C:\Users\PiotriPawel\AppData\Roaming\Mozilla\Firefox\Profiles\464mo0hh.default-1546897867381\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-01-08] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_148.dll [2018-11-13] () FF Plugin: @videolan.org/vlc,version=3.0.4 -> D:\VLC\npvlc.dll [2018-08-10] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_148.dll [2018-11-13] () FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-12-11] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-12-11] (NVIDIA Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.) ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-01-05] (ASUSTeK Computer Inc.) S4 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe [1340376 2017-12-05] (ASUSTeK Computer Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6877224 2018-06-05] () S4 Disc Soft Lite Bus Service; D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3480768 2018-02-16] (Disc Soft Ltd) R2 Ds3Service; C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe [389632 2016-01-10] (Scarlet.Crush Productions) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [761088 2018-06-08] (Intel(R) Corporation) S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [737552 2018-06-08] (Intel(R) Corporation) S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2270528 2018-12-04] (Electronic Arts) S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3131208 2018-12-04] (Electronic Arts) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5381128 2019-01-09] (Microsoft Corporation) S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2018-09-15] () R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-11] (Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-11] (Microsoft Corporation) S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.242\WsAppService.exe [495720 2018-08-29] (Wondershare) R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-03] () R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-10-25] (Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-10-25] (Disc Soft Ltd) R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d65x64.inf_amd64_b209c049d1368da5\e1d65x64.sys [577984 2019-01-08] (Intel Corporation) R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation) R1 epp; D:\EEK\bin64\epp.sys [142952 2019-01-15] (Emsisoft Ltd) R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [33328 2018-01-18] (ELAN Microelectronic Corp.) S3 GPCIDrv; D:\OC GURU II\GPCIDrv64.sys [14376 2014-08-28] () R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-11-03] (REALiX(tm)) R3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47200 2018-10-25] (hxxp://libusb-win32.sourceforge.net) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e7b3660b4830c245\nvlddmkm.sys [20424640 2018-12-17] (NVIDIA Corporation) S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation) R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] () S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] () R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions) R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46776 2018-12-21] () R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [48032 2018-12-21] (SteelSeries ApS) S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2018-09-15] (Microsoft Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46680 2018-12-11] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [330936 2018-12-11] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-11] (Microsoft Corporation) R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2019-01-12] (Zemana Ltd.) R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2019-01-07] (Zemana Ltd.) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-01-15 21:23 - 2019-01-15 21:28 - 000074173 _____ C:\WINDOWS\ZAM.krnl.trace 2019-01-15 21:23 - 2019-01-15 21:28 - 000023976 _____ C:\WINDOWS\ZAM_Guard.krnl.trace 2019-01-15 21:23 - 2019-01-15 21:23 - 000000008 __RSH C:\ProgramData\ntuser.pol 2019-01-15 21:19 - 2019-01-15 21:19 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2019-01-15 20:38 - 2019-01-15 20:38 - 000002257 _____ C:\Users\PiotriPawel\Desktop\Blitz.lnk 2019-01-15 19:03 - 2019-01-15 20:28 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2019-01-15 15:43 - 2019-01-15 21:28 - 000000000 ____D C:\FRST 2019-01-15 14:51 - 2019-01-15 14:51 - 000000000 ____D C:\ProgramData\Emsisoft 2019-01-15 14:32 - 2019-01-15 21:19 - 000706602 _____ C:\WINDOWS\ntbtlog.txt 2019-01-12 16:09 - 2019-01-12 16:09 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys 2019-01-12 16:09 - 2019-01-12 16:09 - 000001231 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk 2019-01-12 16:09 - 2019-01-12 16:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware 2019-01-12 16:09 - 2019-01-12 16:09 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware 2019-01-11 21:55 - 2019-01-11 21:55 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2019-01-11 20:04 - 2019-01-11 20:04 - 000057640 _____ C:\ProgramData\agent.uninstall.1547233462.bdinstall.v2.bin 2019-01-11 10:32 - 2019-01-11 10:32 - 000076892 _____ C:\ProgramData\agent.update.1547199122.bdinstall.v2.bin 2019-01-11 01:15 - 2019-01-11 01:15 - 000000000 ____D C:\ProgramData\Bitdefender 2019-01-11 01:14 - 2019-01-11 01:14 - 000000000 ____D C:\Users\PiotriPawel\AppData\Roaming\QuickScan 2019-01-11 01:12 - 2019-01-11 01:12 - 000102924 _____ C:\ProgramData\agent.1547165525.bdinstall.v2.bin 2019-01-11 01:12 - 2019-01-11 01:12 - 000000000 ____D C:\ProgramData\Bitdefender Agent 2019-01-11 01:11 - 2019-01-11 01:11 - 010372016 _____ C:\Users\PiotriPawel\Downloads\bitdefender_online.exe 2019-01-11 01:08 - 2019-01-11 01:08 - 007320272 _____ (Malwarebytes) C:\Users\PiotriPawel\Downloads\adwcleaner_7.2.6.0.exe 2019-01-11 01:05 - 2019-01-11 01:05 - 000000000 ____D C:\Users\PiotriPawel\Downloads\4e464c2e-9316-46bc-a2c4-4937c9f6cac6_6d2abbf687528bcbc23fa8e061d71f3b186d823a 2019-01-11 01:03 - 2019-01-11 01:03 - 006624296 _____ (Zemana Ltd. ) C:\Users\PiotriPawel\Downloads\Zemana.AntiMalware.Setup(1).exe 2019-01-11 01:03 - 2019-01-11 01:03 - 000619569 _____ C:\Users\PiotriPawel\Downloads\4e464c2e-9316-46bc-a2c4-4937c9f6cac6_6d2abbf687528bcbc23fa8e061d71f3b186d823a.cab 2019-01-09 23:56 - 2019-01-09 16:34 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2019-01-09 23:56 - 2019-01-09 16:34 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2019-01-09 23:53 - 2019-01-09 23:53 - 004118960 _____ (Easeware ) C:\Users\PiotriPawel\Downloads\DriverEasy_Setup.exe 2019-01-09 23:53 - 2019-01-09 23:53 - 000000609 _____ C:\Users\Public\Desktop\Driver Easy.lnk 2019-01-09 23:53 - 2019-01-09 23:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy 2019-01-09 16:32 - 2019-01-09 16:32 - 026806784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 023440384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 020811776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 019024384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 012858368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 012151808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 009677352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-01-09 16:32 - 2019-01-09 16:32 - 007857152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 007645600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 006544800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 006057984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 005732352 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe 2019-01-09 16:32 - 2019-01-09 16:32 - 005440016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2019-01-09 16:32 - 2019-01-09 16:32 - 004520960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe 2019-01-09 16:32 - 2019-01-09 16:32 - 003952952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 003550592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 003380224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 003338328 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 002986352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 002929152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 002777432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 002626360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2019-01-09 16:32 - 2019-01-09 16:32 - 002594872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 002469648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 002437552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 002275896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 002186752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 002021584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 001641616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 001616384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 001602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 001255736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-01-09 16:32 - 2019-01-09 16:32 - 001212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 001201136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 001058848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2019-01-09 16:32 - 2019-01-09 16:32 - 001050936 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-01-09 16:32 - 2019-01-09 16:32 - 001022464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 000870400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 000662528 ____R (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityCapture.Pipeline.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 000387384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 000178696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2019-01-09 16:32 - 2019-01-09 16:32 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 000140808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys 2019-01-09 16:32 - 2019-01-09 16:32 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintWorkflowService.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 000098816 ____R (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityCapture.Broker.dll 2019-01-09 16:32 - 2019-01-09 16:32 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys 2019-01-09 16:32 - 2019-01-09 16:32 - 000047112 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe 2019-01-09 16:32 - 2019-01-09 16:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin 2019-01-09 16:32 - 2019-01-09 16:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin 2019-01-09 16:32 - 2019-01-09 16:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin 2019-01-09 16:32 - 2019-01-09 16:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin 2019-01-09 16:32 - 2019-01-09 16:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin 2019-01-09 16:32 - 2019-01-09 16:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin 2019-01-09 16:32 - 2019-01-09 16:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin 2019-01-09 16:32 - 2019-01-09 16:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin 2019-01-08 16:15 - 2019-01-08 16:15 - 007882747 _____ C:\Users\PiotriPawel\Downloads\Wyklad_11.pdf 2019-01-08 16:15 - 2019-01-08 16:15 - 005126230 _____ C:\Users\PiotriPawel\Downloads\Wyklad_10.pdf 2019-01-08 15:20 - 2019-01-08 15:20 - 000320032 _____ (Mozilla) C:\Users\PiotriPawel\Downloads\Firefox Installer.exe 2019-01-08 04:06 - 2019-01-08 04:06 - 078381056 _____ C:\WINDOWS\system32\config\SOFTWARE.bhv 2019-01-08 04:06 - 2019-01-08 04:06 - 017825792 _____ C:\WINDOWS\system32\config\SYSTEM.bhv 2019-01-08 04:06 - 2019-01-08 04:06 - 000524288 _____ C:\WINDOWS\system32\config\DEFAULT.bhv 2019-01-08 04:06 - 2019-01-08 04:06 - 000065536 _____ C:\WINDOWS\system32\config\SAM.bhv 2019-01-08 04:06 - 2019-01-08 04:06 - 000032768 _____ C:\WINDOWS\system32\config\SECURITY.bhv 2019-01-07 23:39 - 2019-01-15 15:08 - 000000010 _____ C:\WINDOWS\wininit.ini 2019-01-07 23:39 - 2019-01-07 23:39 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking 2019-01-07 23:07 - 2018-12-09 15:37 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20190107-230751.backup 2019-01-07 23:03 - 2019-01-07 23:03 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2019-01-07 23:02 - 2019-01-07 23:39 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy 2019-01-07 23:01 - 2019-01-07 23:01 - 069910960 _____ (Safer-Networking Ltd. ) C:\Users\PiotriPawel\Downloads\spybotsd-2.7.64.0.exe 2019-01-07 22:57 - 2019-01-07 22:57 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys 2019-01-07 22:57 - 2019-01-07 22:57 - 000000000 ____D C:\Users\PiotriPawel\AppData\Local\Zemana 2019-01-07 22:56 - 2019-01-07 22:56 - 006624296 _____ (Zemana Ltd. ) C:\Users\PiotriPawel\Downloads\Zemana.AntiMalware.Setup.exe 2019-01-07 20:44 - 2019-01-07 20:49 - 000000000 ____D C:\Users\PiotriPawel\AppData\Local\FSDART 2019-01-07 20:44 - 2019-01-07 20:45 - 000000000 ____D C:\ProgramData\F-Secure 2019-01-07 20:44 - 2019-01-07 20:44 - 000000000 ____D C:\Users\PiotriPawel\AppData\Local\F-Secure 2019-01-05 22:47 - 2019-01-05 22:47 - 006161408 _____ C:\Users\PiotriPawel\AppData\Local\dump007.dat 2019-01-05 22:47 - 2019-01-05 22:47 - 000000009 _____ C:\Users\PiotriPawel\rstr2.ini 2019-01-05 22:28 - 2019-01-05 22:28 - 000000000 ____D C:\Users\PiotriPawel\AppData\LocalLow\HFM Games 2019-01-05 22:21 - 2019-01-05 22:21 - 000000222 _____ C:\Users\PiotriPawel\Desktop\Hand Simulator.url 2019-01-05 21:31 - 2019-01-05 21:32 - 000000000 ____D C:\Users\PiotriPawel\AppData\Roaming\GlarySoft 2019-01-05 18:36 - 2019-01-05 18:36 - 000000000 ____D C:\Users\PiotriPawel\AppData\LocalLow\Unity 2019-01-05 18:35 - 2019-01-05 18:35 - 000000000 ____D C:\Users\PiotriPawel\AppData\LocalLow\Facepunch Studios LTD 2019-01-05 18:35 - 2019-01-05 18:35 - 000000000 ____D C:\Users\PiotriPawel\AppData\Local\GameAnalytics 2019-01-05 18:30 - 2019-01-05 19:14 - 000000005 _____ C:\WINDOWS\system32\outsys.dll 2019-01-05 18:30 - 2019-01-05 18:30 - 000000032 _____ C:\WINDOWS\system32\noreshell.dll 2019-01-05 11:09 - 2019-01-05 11:09 - 000000000 ___RD C:\Users\PiotriPawel\Documents\Scanned Documents 2019-01-05 11:09 - 2019-01-05 11:09 - 000000000 ____D C:\Users\PiotriPawel\Documents\Fax 2019-01-05 11:06 - 2019-01-15 21:22 - 000000000 ____D C:\Users\PiotriPawel\AppData\LocalLow\Temp 2019-01-03 22:19 - 2019-01-15 21:14 - 000000000 ____D C:\Users\PiotriPawel\AppData\Roaming\Blitz 2019-01-03 22:19 - 2019-01-15 20:38 - 000000000 ____D C:\Users\PiotriPawel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitz Esports 2019-01-03 22:19 - 2019-01-15 20:38 - 000000000 ____D C:\Users\PiotriPawel\AppData\Local\Blitz 2019-01-03 18:07 - 2019-01-03 18:07 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-01-03 18:07 - 2019-01-03 18:07 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-01-03 18:07 - 2019-01-03 18:07 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-01-03 18:07 - 2019-01-03 18:07 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-01-03 18:07 - 2019-01-03 18:07 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-01-03 18:07 - 2019-01-03 18:07 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-01-03 18:07 - 2019-01-03 18:07 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-01-03 18:07 - 2018-12-11 08:32 - 000133616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2019-01-03 18:06 - 2018-12-17 07:18 - 000978128 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2019-01-03 18:06 - 2018-12-17 07:18 - 000978128 _____ C:\WINDOWS\system32\vulkan-1.dll 2019-01-03 18:06 - 2018-12-17 07:18 - 000845008 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2019-01-03 18:06 - 2018-12-17 07:18 - 000845008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2019-01-03 18:06 - 2018-12-17 07:18 - 000552032 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2019-01-03 18:06 - 2018-12-17 07:18 - 000456800 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2019-01-03 18:06 - 2018-12-17 07:18 - 000267984 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2019-01-03 18:06 - 2018-12-17 07:18 - 000267984 _____ C:\WINDOWS\system32\vulkaninfo.exe 2019-01-03 18:06 - 2018-12-17 07:18 - 000243408 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2019-01-03 18:06 - 2018-12-17 07:18 - 000243408 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2019-01-03 18:06 - 2018-12-17 07:16 - 002003600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2019-01-03 18:06 - 2018-12-17 07:16 - 001512080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2019-01-03 18:06 - 2018-12-17 07:16 - 001461024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2019-01-03 18:06 - 2018-12-17 07:16 - 001126144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2019-01-03 18:06 - 2018-12-17 07:16 - 000631232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2019-01-03 18:06 - 2018-12-17 07:16 - 000521472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2019-01-03 18:06 - 2018-12-17 07:15 - 040261192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2019-01-03 18:06 - 2018-12-17 07:15 - 035157064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll 2019-01-03 18:06 - 2018-12-17 07:15 - 004946336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2019-01-03 18:06 - 2018-12-17 07:15 - 004316760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2019-01-03 18:06 - 2018-12-17 07:15 - 002017752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441735.dll 2019-01-03 18:06 - 2018-12-17 07:15 - 001468504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441735.dll 2019-01-03 18:06 - 2018-12-17 07:15 - 000750488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll 2019-01-03 18:06 - 2018-12-17 07:15 - 000609368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll 2019-01-03 18:06 - 2018-12-17 07:13 - 015909552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll 2019-01-03 18:06 - 2018-12-17 07:13 - 013204120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2019-01-03 18:06 - 2018-12-17 07:13 - 001471608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll 2019-01-03 18:06 - 2018-12-17 07:13 - 001462024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2019-01-03 18:06 - 2018-12-17 07:13 - 001167400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll 2019-01-03 18:06 - 2018-12-17 07:13 - 001151984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll 2019-01-03 18:06 - 2018-12-17 07:13 - 001145536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2019-01-03 18:06 - 2018-12-17 07:13 - 000914400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2019-01-03 18:06 - 2018-12-17 07:13 - 000822576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll 2019-01-03 18:06 - 2018-12-17 07:13 - 000794632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2019-01-03 18:06 - 2018-12-17 07:13 - 000637480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2019-01-03 18:06 - 2018-12-17 07:12 - 019714256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2019-01-03 18:06 - 2018-12-17 07:12 - 016990072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2019-01-03 18:06 - 2018-12-17 07:12 - 004999920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2019-01-03 18:06 - 2018-12-17 07:12 - 004258800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2019-01-03 18:06 - 2018-12-11 12:00 - 000048148 _____ C:\WINDOWS\system32\nvinfo.pb 2019-01-01 17:22 - 2019-01-01 17:22 - 000000000 ____D C:\Users\PiotriPawel\AppData\Roaming\11bitstudios 2019-01-01 17:06 - 2019-01-01 17:06 - 000000222 _____ C:\Users\PiotriPawel\Desktop\This War of Mine.url 2018-12-29 12:46 - 2019-01-15 21:23 - 089915392 _____ C:\WINDOWS\system32\config\SOFTWARE 2018-12-29 12:40 - 2018-12-29 12:46 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware 2018-12-28 19:04 - 2018-12-28 23:24 - 000000358 _____ C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job 2018-12-28 19:04 - 2018-12-28 19:04 - 000003842 _____ C:\WINDOWS\System32\Tasks\Driver Easy Scheduled Scan 2018-12-28 17:00 - 2018-12-28 17:00 - 000000000 ____D C:\Users\PiotriPawel\AppData\Roaming\Warner Bros. Interactive Entertainment 2018-12-28 16:52 - 2018-12-28 16:52 - 000000222 _____ C:\Users\PiotriPawel\Desktop\LEGO The Hobbit.url 2018-12-28 00:28 - 2018-12-28 00:28 - 000000654 _____ C:\Users\PiotriPawel\Desktop\MSI Afterburner.lnk 2018-12-28 00:28 - 2018-12-28 00:28 - 000000000 ____D C:\Users\PiotriPawel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner 2018-12-28 00:11 - 2018-12-28 00:11 - 000000000 ____D C:\WINDOWS\SysWOW64\directx 2018-12-28 00:11 - 2018-12-28 00:11 - 000000000 ____D C:\Users\PiotriPawel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server 2018-12-27 22:35 - 2018-12-27 22:35 - 000000000 ____D C:\WINDOWS\Minidump 2018-12-27 04:35 - 2018-12-27 04:35 - 006532104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys 2018-12-27 00:26 - 2018-12-27 00:26 - 025510835 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT 2018-12-26 17:49 - 2018-12-21 19:01 - 000048032 _____ (SteelSeries ApS) C:\WINDOWS\system32\Drivers\sshid.sys 2018-12-26 17:49 - 2018-12-21 19:01 - 000046776 _____ C:\WINDOWS\system32\Drivers\ssdevfactory.sys 2018-12-25 23:30 - 2018-12-25 23:30 - 000000000 ____D C:\Users\PiotriPawel\AppData\Roaming\Microsoft Visual Studio 2018-12-25 12:52 - 2018-12-25 12:52 - 000000038 _____ C:\Users\PiotriPawel\Documents\exercise bow tibia XD.txt 2018-12-23 14:39 - 2018-12-23 14:39 - 000001131 _____ C:\Users\PiotriPawel\Documents\5.2 kk w 1h10min solo.txt 2018-12-20 20:57 - 2018-12-20 20:57 - 000007160 _____ C:\Users\PiotriPawel\Documents\strzaly.rec 2018-12-19 20:55 - 2018-12-19 20:55 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2018-12-19 20:55 - 2018-12-19 20:55 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2018-12-19 15:32 - 2018-12-19 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate 2018-12-17 20:55 - 2018-12-17 20:55 - 008318088 _____ (Abstradrome ) C:\Users\PiotriPawel\Downloads\hr.exe 2018-12-17 17:04 - 2018-12-19 21:55 - 000000000 ____D C:\Users\PiotriPawel\AppData\Roaming\HD Tune Pro 2018-12-17 17:01 - 2018-12-17 17:01 - 000000738 _____ C:\Users\PiotriPawel\Desktop\CrystalDiskInfo.lnk 2018-12-17 16:43 - 2018-12-19 22:29 - 000000000 ____D C:\ProgramData\TEMP 2018-12-17 16:42 - 2018-12-17 20:55 - 000000000 ____D C:\Users\PiotriPawel\AppData\Local\Downloaded Installations ==================== Jeden miesiąc (zmodyfikowane) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-01-15 21:23 - 2018-12-14 01:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-01-15 21:23 - 2018-11-30 00:09 - 000000000 ____D C:\Users\PiotriPawel\AppData\LocalLow\Mozilla 2019-01-15 21:23 - 2018-11-16 20:09 - 000000000 ____D C:\Users\PiotriPawel\AppData\Roaming\stickies 2019-01-15 21:23 - 2018-10-25 16:22 - 000000000 ____D C:\ProgramData\NVIDIA 2019-01-15 21:23 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2019-01-15 21:22 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2019-01-15 20:43 - 2018-12-01 15:31 - 000000000 ____D C:\Program Files (x86)\Steam 2019-01-15 20:38 - 2018-11-08 19:20 - 000000000 ____D C:\Users\PiotriPawel\AppData\Local\SquirrelTemp 2019-01-15 19:41 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-01-15 19:29 - 2018-12-14 00:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-01-15 19:27 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-01-15 19:19 - 2018-11-03 08:37 - 000000000 ____D C:\Users\PiotriPawel\AppData\Local\CrashDumps 2019-01-15 19:06 - 2018-10-25 19:52 - 000000000 ____D C:\Users\PiotriPawel\AppData\Roaming\steelseries-engine-3-client 2019-01-15 16:02 - 2018-12-14 10:13 - 001768480 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-01-15 16:02 - 2018-09-15 17:43 - 000784346 _____ C:\WINDOWS\system32\perfh015.dat 2019-01-15 16:02 - 2018-09-15 17:43 - 000152144 _____ C:\WINDOWS\system32\perfc015.dat 2019-01-15 16:02 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF 2019-01-15 14:37 - 2018-12-14 01:00 - 000000000 ____D C:\Users\PiotriPawel 2019-01-14 18:32 - 2018-10-25 17:03 - 000000000 ____D C:\Users\PiotriPawel\AppData\Roaming\vlc 2019-01-14 12:59 - 2018-10-25 17:22 - 000000000 ____D C:\ProgramData\Origin 2019-01-14 12:44 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps 2019-01-14 12:42 - 2018-11-01 19:30 - 000000000 ____D C:\Users\PiotriPawel\AppData\Roaming\Origin 2019-01-14 12:42 - 2018-10-25 17:25 - 000000000 ____D C:\Program Files (x86)\Origin Games 2019-01-11 21:41 - 2018-11-22 16:50 - 000000000 ____D C:\Program Files\CCleaner 2019-01-11 20:08 - 2018-11-03 10:37 - 000000000 ____D C:\Users\PiotriPawel\Documents\Lightshot 2019-01-11 20:03 - 2018-09-15 08:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2019-01-11 10:36 - 2018-09-15 07:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2019-01-11 01:14 - 2018-10-25 17:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-01-11 01:13 - 2018-10-25 17:00 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2019-01-11 01:13 - 2018-10-25 17:00 - 000000000 ____D C:\Program Files\Mozilla Firefox 2019-01-10 21:06 - 2018-10-25 17:34 - 000000000 ____D C:\Users\PiotriPawel\AppData\Roaming\obs-studio 2019-01-10 12:31 - 2018-10-25 18:23 - 000000000 ____D C:\Users\PiotriPawel\AppData\Local\ElevatedDiagnostics 2019-01-09 23:55 - 2018-09-15 17:45 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2019-01-09 23:55 - 2018-09-15 17:45 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2019-01-09 23:55 - 2018-09-15 17:45 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2019-01-09 23:55 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-01-09 21:51 - 2018-10-25 17:53 - 000000000 ____D C:\Users\PiotriPawel\AppData\Roaming\CodeBlocks 2019-01-09 16:34 - 2018-10-25 16:32 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-01-09 16:34 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-01-09 16:33 - 2018-10-25 16:31 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-01-07 23:34 - 2018-10-25 16:26 - 000000000 ____D C:\Users\PiotriPawel\AppData\Local\D3DSCache 2019-01-07 23:09 - 2018-11-14 00:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID 2019-01-07 23:09 - 2018-10-25 16:23 - 000000000 ____D C:\Users\PiotriPawel\AppData\Local\Packages 2019-01-07 23:07 - 2018-11-30 00:09 - 000000000 ____D C:\Users\PiotriPawel\AppData\Roaming\Wireshark 2019-01-05 21:57 - 2018-10-25 17:18 - 000000000 ____D C:\Users\PiotriPawel\AppData\Local\ESET 2019-01-05 21:56 - 2018-12-12 23:54 - 000000000 ___DC C:\WINDOWS\Panther 2019-01-05 21:56 - 2018-12-09 20:42 - 000000000 ____D C:\Users\PiotriPawel\AppData\Roaming\uTorrent 2019-01-05 21:56 - 2018-11-08 18:41 - 000000000 ____D C:\ProgramData\Microsoft Visual Studio 2019-01-05 21:37 - 2018-11-22 17:36 - 000000000 ____D C:\ProgramData\Ashampoo 2019-01-05 18:30 - 2018-10-25 17:23 - 000000000 ____D C:\ProgramData\Package Cache 2019-01-05 18:00 - 2018-10-25 16:25 - 000000000 ____D C:\Users\PiotriPawel\AppData\Local\Comms 2019-01-03 19:53 - 2018-10-25 17:47 - 000000000 ____D C:\Users\PiotriPawel\AppData\Local\NVIDIA 2019-01-03 18:07 - 2018-10-25 16:22 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2019-01-03 18:07 - 2018-10-25 16:22 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2018-12-29 00:56 - 2018-11-30 19:56 - 000000000 ____D C:\Users\PiotriPawel\Documents\temp 2018-12-28 00:37 - 2018-12-14 00:59 - 000477448 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2018-12-25 23:40 - 2018-11-08 18:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2018.1.6f1 (64-bit) 2018-12-25 23:38 - 2018-12-14 00:49 - 000000000 ____D C:\Program Files (x86)\MSBuild 2018-12-25 23:38 - 2018-11-08 18:46 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2018-12-25 23:38 - 2018-11-08 18:45 - 000000000 ____D C:\Program Files (x86)\Windows Kits 2018-12-25 23:38 - 2018-11-08 18:45 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs 2018-12-25 23:38 - 2018-11-08 18:41 - 000000000 ____D C:\Users\PiotriPawel\AppData\Roaming\Visual Studio Setup 2018-12-25 23:38 - 2018-11-08 18:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 2018-12-25 23:38 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2018-12-25 23:37 - 2018-11-08 18:46 - 000000000 ____D C:\WINDOWS\SysWOW64\1033 2018-12-25 23:37 - 2018-11-08 18:46 - 000000000 ____D C:\WINDOWS\system32\1033 2018-12-22 18:44 - 2018-11-01 19:31 - 000000000 ____D C:\Program Files (x86)\Origin 2018-12-21 10:36 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\servicing 2018-12-19 18:51 - 2018-11-03 16:14 - 000000000 ____D C:\Program Files (x86)\Battle.net 2018-12-19 18:50 - 2018-10-25 17:09 - 000000000 ____D C:\Users\PiotriPawel\AppData\Local\Battle.net 2018-12-16 13:21 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports ==================== Pliki w katalogu głównym wybranych folderów ======= 2018-11-29 19:20 - 2018-11-29 19:20 - 000000022 ___SH () C:\Users\PiotriPawel\AppData\Roaming\0D1F232318793359.xrd 2018-09-15 08:29 - 2018-09-15 08:29 - 000078336 ____N (Microsoft Corporation) C:\Users\PiotriPawel\AppData\Roaming\EuJMNAIjKB.exe 2018-11-29 19:20 - 2018-11-29 19:20 - 000000022 ___SH () C:\Users\PiotriPawel\AppData\Roaming\Win1935.DataCollection.dat 2019-01-05 22:47 - 2019-01-05 22:47 - 006161408 _____ () C:\Users\PiotriPawel\AppData\Local\dump007.dat 2018-11-13 23:36 - 2018-11-13 23:36 - 001065984 _____ () C:\Users\PiotriPawel\AppData\Local\file__0.localstorage 2018-11-22 21:23 - 2018-12-02 15:58 - 000007606 _____ () C:\Users\PiotriPawel\AppData\Local\Resmon.ResmonCfg 2018-11-02 14:46 - 2018-11-02 14:46 - 000000003 _____ () C:\Users\PiotriPawel\AppData\Local\updater.log 2018-11-02 14:46 - 2018-11-02 14:47 - 000000425 _____ () C:\Users\PiotriPawel\AppData\Local\UserProducts.xml ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo ==================== Koniec FRST.txt ============================