Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 30.01.2019 Uruchomiony przez w (administrator) LAPTOP-87AOFOGT (03-02-2019 12:57:06) Uruchomiony z C:\Users\w\Downloads Załadowane profile: w (Dostępne profile: w) Platform: Windows 10 Home Wersja 1803 17134.472 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxCUIService.exe (Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHDCPSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (BayHubTech/O2Micro International) C:\Windows\System32\drivers\o2flash.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseDCM.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHeciSvc.exe () C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxEM.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe () C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe (CyberLink Corp.) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe (Lenovo) C:\Program Files\Lenovo\QuickOptimizer\QuickOptimizerIcon.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe (Microsoft Corporation) C:\Windows\System32\OpenWith.exe (Microsoft Corporation) C:\Windows\System32\OpenWith.exe (Microsoft Corporation) C:\Windows\System32\OpenWith.exe (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe (Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeApp.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1811.3241.0_x64__8wekyb3d8bbwe\Time.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16482040 2016-07-01] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1427712 2016-07-01] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1427712 2016-07-01] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1427712 2016-07-01] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-27] (Intel Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-12-18] (AVAST Software) HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (Lenovo(beijing) Limited) HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [628736 2015-06-16] () HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110008 2015-07-21] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492472 2015-07-21] (CyberLink Corp.) HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2485904 2016-07-23] (Comodo Security Solutions, Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-12-18] (AVAST Software) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3141920 2019-02-02] (Valve Corporation) HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [6835272 2018-06-14] (GOG.com) HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [PhotoMasterImportAgent] => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe [675608 2016-09-22] (CyberLink Corp.) HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3113768 2019-01-23] (Electronic Arts) HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [Innkeeper] => C:\Users\w\AppData\Local\Innkeeper\Update.exe [1888136 2017-01-23] (Innkeeper) HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [Spotify] => C:\Users\w\AppData\Roaming\Spotify\Spotify.exe [26154216 2019-01-31] (Spotify Ltd) HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Blizzard App\Battle.net.exe [1098728 2019-01-16] (Blizzard Entertainment) HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [SteamServerBrowser] => C:\Program Files (x86)\SteamServerBrowser\SteamServerBrowser.exe [228352 2017-02-26] () HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [TeamSpeak 3 Client] => C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe [12374680 2018-12-15] (TeamSpeak Systems GmbH) HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [7722600 2018-06-04] (Lavasoft) HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [Gaijin.Net Agent] => C:\Users\w\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2125384 2018-10-03] (Gaijin Entertainment) HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [Discord] => C:\Users\w\AppData\Local\Discord\app-0.0.304\Discord.exe [81747288 2019-01-15] (Discord Inc.) HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32973712 2018-09-03] (Epic Games, Inc.) HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\w\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\w\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\RunOnce: [Uninstall 18.222.1104.0007\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\w\AppData\Local\Microsoft\OneDrive\18.222.1104.0007\amd64" HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\RunOnce: [Uninstall 18.222.1104.0007] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\w\AppData\Local\Microsoft\OneDrive\18.222.1104.0007" HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\MountPoints2: {43f2d813-a6ff-11e7-9c49-a434d951f23d} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\MountPoints2: {5ffe095b-c21e-11e8-9c8a-507b9d81087e} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\...\MountPoints2: {a32798a5-a0ea-11e8-9c87-507b9d81087e} - "F:\HiSuiteDownLoader.exe" HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3642880 2016-05-08] (x264vfw project) HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [309248 2015-12-18] () HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) HKLM\...\Drivers32-x32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) HKLM\...\Drivers32-x32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3621888 2016-05-08] (x264vfw project) HKLM\...\Drivers32-x32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [282112 2015-12-18] () HKLM\...\Drivers32-x32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () HKLM\...\Drivers32-x32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) HKLM\Software\...\AppCompatFlags\Custom\Heroes3.exe: [{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb] -> GOG.com Heroes of Might and Magic 3 HKLM\Software\...\AppCompatFlags\InstalledSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb [2012-11-28] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-14] (Google Inc.) HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2018-10-10] (McAfee, LLC.) Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter" CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 62.179.1.62 62.179.1.63 Tcpip\..\Interfaces\{c558577f-8998-4058-b10a-0a841c27b5ea}: [DhcpNameServer] 150.212.1.2 Tcpip\..\Interfaces\{c7775b1e-e3e6-4c2d-8fb5-12ab209cc77a}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{cb4c9ca4-be0d-48e8-a668-2f195eecf157}: [DhcpNameServer] 62.179.1.62 62.179.1.63 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <==== UWAGA HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://pl.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10454__180604__yaie HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE HKU\S-1-5-21-2780740895-2156724078-2569186773-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com SearchScopes: HKU\S-1-5-21-2780740895-2156724078-2569186773-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://pl.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10454__180604__yaie&p={searchTerms} BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (Intel Security) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-01-10] (Microsoft Corporation) BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (Intel Security) Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (Intel Security) Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (Intel Security) Toolbar: HKU\S-1-5-21-2780740895-2156724078-2569186773-1001 -> True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (Intel Security) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-03] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-03] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-03] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-03] (Microsoft Corporation) FireFox: ======== FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-07] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.) Chrome: ======= CHR DefaultProfile: Default CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms} CHR DefaultSearchKeyword: Default -> Default Search CHR Profile: C:\Users\w\AppData\Local\Google\Chrome\User Data\Default [2019-02-03] CHR Extension: (Prezentacje) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-04] CHR Extension: (Dokumenty) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-04] CHR Extension: (Dysk Google) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-01] CHR Extension: (YouTube) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-01] CHR Extension: (Video Downloader professional) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2018-08-12] CHR Extension: (Avast SafePrice | Porównania, promocje, kupony) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-12-20] CHR Extension: (Arkusze) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-04] CHR Extension: (Dokumenty Google offline) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-15] CHR Extension: (Avast Online Security) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-09-26] CHR Extension: (Youtube to MP3) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgfahbjckdlmmfebdmpgfjbedmkgbghe [2018-07-05] CHR Extension: (Auto Replay for YouTube™) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb [2018-10-16] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-04] CHR Extension: (e-pity - dodatek) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofoeigeaodhbjogdigckajfhjbonaofg [2018-05-04] CHR Extension: (uBlock Plus Adblocker) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\oofnbdifeelbaidfgpikinijekkjcicg [2018-05-04] CHR Extension: (Gmail) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-01] CHR Extension: (Chrome Media Router) - C:\Users\w\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-14] CHR Profile: C:\Users\w\AppData\Local\Google\Chrome\User Data\System Profile [2018-05-04] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-12-18] (AVAST Software) S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-12-18] (AVAST Software) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8352184 2019-01-14] () S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [650680 2015-07-29] (Lenovo) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11013496 2019-01-28] (Microsoft Corporation) R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [76952 2016-07-23] (Comodo Security Solutions, Inc.) R2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [163328 2016-01-27] () [Brak podpisu cyfrowego] S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-07-04] (EasyAntiCheat Ltd) S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [682056 2018-06-14] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8174664 2018-06-07] (GOG.com) S2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-29] (Lenovo) R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2485904 2016-07-23] (Comodo Security Solutions, Inc.) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-15] (NVIDIA Corporation) S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-06-11] (Hi-Rez Studios) [Brak podpisu cyfrowego] R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-08-23] () [Brak podpisu cyfrowego] R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-27] (Intel Corporation) R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [71040 2018-11-16] (Lenovo Group Ltd.) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Brak podpisu cyfrowego] S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Brak podpisu cyfrowego] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation) S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [271296 2015-07-17] (Lenovo) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6440736 2018-03-03] (Malwarebytes) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-08-13] () R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation) R2 O2FLASH; C:\WINDOWS\System32\drivers\o2flash.exe [82096 2015-05-21] (BayHubTech/O2Micro International) R2 O2FLASH; C:\WINDOWS\SysWOW64\drivers\o2flash.exe [82096 2015-05-21] (BayHubTech/O2Micro International) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2298688 2019-01-23] (Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3171144 2019-01-23] (Electronic Arts) S2 PLAY ONLINE. RunOuc; C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe [246112 2016-08-22] () R2 RealSenseDCM; C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseDCM.exe [3663512 2015-10-15] (Intel(R) Corporation) S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] () R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [267328 2017-12-10] (Synaptics Incorporated) S2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [355280 2018-10-10] (McAfee, LLC.) S2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [355280 2018-10-10] (McAfee, LLC.) R2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe [193656 2018-10-10] (McAfee, LLC.) S2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25704 2018-06-04] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-08-13] (Intel® Corporation) S3 aswbIDSAgent; "C:\Program Files\AVAST Software\Avast\aswidsagent.exe" [X] R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (Apple Inc.) S0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37304 2019-01-09] (AVAST Software) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [203488 2019-01-09] (AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [220688 2019-01-09] (AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196264 2019-01-09] (AVAST Software) R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320888 2019-01-09] (AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [58160 2019-01-09] (AVAST Software) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-09] (AVAST Software) R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239808 2019-01-09] (AVAST Software) S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46584 2019-01-09] (AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42488 2019-01-09] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166472 2019-01-09] (AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111992 2019-01-09] (AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88144 2019-01-09] (AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034056 2019-01-09] (AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474648 2019-01-09] (AVAST Software) R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [218056 2019-01-09] (AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380144 2019-01-09] (AVAST Software) R1 CFRMD; C:\WINDOWS\System32\DRIVERS\CFRMD.sys [40224 2016-07-01] (Windows (R) Win 7 DDK provider) R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-12-02] (Disc Soft Ltd) S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-12-02] (Disc Soft Ltd) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-08-23] (Huawei Technologies Co., Ltd.) R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [122120 2015-09-17] (Intel Corporation) R3 IntelDFUACPI; C:\WINDOWS\System32\drivers\IntelDFUACPI.sys [36352 2015-10-15] (Intel(R) Corporation) R3 IXCamera; C:\WINDOWS\system32\DRIVERS\RealSenseDCM.sys [72704 2015-10-15] (Intel(R) Corporation) R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2018-04-12] (Intel Corporation) R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-01-03] (Riverbed Technology, Inc.) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_dc8ffafad3ea7ddd\nvlddmkm.sys [14190520 2017-02-10] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation) R3 O2FJ2RDR; C:\WINDOWS\System32\drivers\O2FJ2x64.sys [201240 2015-05-21] (BayHubTech/O2Micro ) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-16] (Realtek ) R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [72768 2017-12-10] (Synaptics Incorporated) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-12] (Microsoft Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation) S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation) S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) S3 xhunter1; C:\WINDOWS\xhunter1.sys [37344 2017-08-11] (Wellbia.com Co., Ltd.) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-02-03 12:57 - 2019-02-03 12:57 - 000033205 _____ C:\Users\w\Downloads\FRST.txt 2019-02-03 12:47 - 2019-02-03 12:47 - 002428928 _____ (Farbar) C:\Users\w\Downloads\FRST64.exe 2019-02-03 09:13 - 2019-02-03 09:13 - 000002520 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2019-02-03 09:13 - 2019-02-03 09:13 - 000002508 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2019-02-03 09:13 - 2019-02-03 09:13 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2019-02-03 09:13 - 2019-02-03 09:13 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2019-02-03 09:13 - 2019-02-03 09:13 - 000002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2019-02-03 09:13 - 2019-02-03 09:13 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2019-02-03 09:13 - 2019-02-03 09:13 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk 2019-02-03 09:13 - 2019-02-03 09:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Narzędzia pakietu Microsoft Office 2019-02-02 02:48 - 2019-02-02 02:48 - 000000000 ____D C:\Users\w\Downloads\nerwia-1.0-04-12-18 2019-02-02 02:47 - 2019-02-02 02:48 - 1459980780 _____ C:\Users\w\Downloads\nerwia-1.0-04-12-18.rar 2019-02-01 20:00 - 2019-02-01 20:00 - 000003220 _____ C:\Users\w\Downloads\Damian Zych_chattranscript_2019-02-1 20-00-25.txt 2019-02-01 19:44 - 2019-02-01 19:44 - 000000395 _____ C:\Users\w\Downloads\Damian Zych_chattranscript_2019-02-1 19-44-24.txt 2019-01-31 19:31 - 2019-01-31 19:31 - 000007334 _____ C:\Users\w\Desktop\Nowy OpenDocument Dokument tekstowy.odt 2019-01-31 12:45 - 2019-01-31 12:45 - 000019295 _____ C:\Users\w\Downloads\22czerwca-egzamin-z-rozwojówki.odt 2019-01-30 13:25 - 2019-01-30 13:25 - 000184163 _____ C:\Users\w\Downloads\UMOWA_20190130132308631.pdf 2019-01-29 23:45 - 2019-01-29 23:48 - 039054676 _____ C:\Users\w\Downloads\Kopia Pervin, L. A., John, O. P. - Osobowość - teorie i badania.pdf 2019-01-28 18:40 - 2019-01-28 18:40 - 000190301 _____ C:\Users\w\Desktop\metodologia prezentacja.odp 2019-01-28 18:39 - 2019-01-28 18:39 - 000010579 _____ C:\Users\w\Desktop\badania-psychologiczne.html 2019-01-28 17:01 - 2019-01-28 17:01 - 000050703 _____ C:\Users\w\Desktop\a419b8.html 2019-01-28 16:52 - 2019-01-28 16:52 - 002893736 _____ C:\Users\w\Downloads\07. Rodzaje eksperymentów.pptx 2019-01-28 16:49 - 2019-01-28 16:49 - 005905920 _____ C:\Users\w\Downloads\04. Etyka w psychologii i badaniach psychologicznych2.ppt 2019-01-28 16:46 - 2019-01-28 16:46 - 000009026 _____ C:\Users\w\Desktop\Nowy OpenDocument Prezentacja.odp 2019-01-26 18:02 - 2019-02-01 20:43 - 000000000 ____D C:\Users\w\Downloads\Shivia.pl - Klient Gry 2019-01-26 18:01 - 2019-01-26 18:02 - 1206212446 _____ C:\Users\w\Downloads\Shivia.pl - Klient Gry.rar 2019-01-25 22:53 - 2019-01-25 22:53 - 000527492 _____ C:\Users\w\Downloads\notatek-pl-statystyka-dla-opornych.pdf 2019-01-25 22:53 - 2019-01-25 22:53 - 000527492 _____ C:\Users\w\Downloads\notatek-pl-statystyka-dla-opornych (1).pdf 2019-01-22 18:59 - 2019-01-22 18:59 - 000229330 _____ C:\Users\w\Downloads\Patcher.zip 2019-01-22 18:58 - 2019-01-22 18:59 - 1446170957 _____ C:\Users\w\Downloads\iveya.rar 2019-01-22 14:13 - 2019-01-22 14:13 - 000000222 _____ C:\Users\w\Desktop\The Binding of Isaac Rebirth.url 2019-01-21 23:02 - 2019-01-22 12:56 - 000027919 _____ C:\Users\w\Downloads\praca badawcza poprawiona (1).odt 2019-01-21 22:55 - 2019-01-21 22:55 - 000023184 _____ C:\Users\w\Downloads\praca badawcza poprawiona 2019-01-19 11:59 - 2019-01-19 12:01 - 1882997722 _____ C:\Users\w\Downloads\asgard_official_18_01_mega.rar 2019-01-18 11:18 - 2019-01-18 11:18 - 000001577 _____ C:\Users\w\Desktop\rbclient.exe — skrót .lnk 2019-01-17 16:43 - 2019-01-17 16:45 - 335319935 _____ C:\Users\w\Downloads\Psychologia rozwoju człowieka - Helen Bee, Denise Boyd.pdf 2019-01-16 20:34 - 2019-01-16 20:34 - 000000000 ____D C:\Users\w\AppData\Local\BattlEye 2019-01-16 10:04 - 2019-01-16 10:13 - 000000000 ____D C:\Users\w\Downloads\RubinumClient_21.12.2018 2019-01-15 22:55 - 2019-01-15 23:03 - 000000136 _____ C:\Users\w\Desktop\Pangea KONTA.txt 2019-01-14 17:06 - 2019-01-14 17:06 - 000344580 _____ C:\Users\w\Downloads\SE_36_2015__Kacprzak.pdf 2019-01-14 15:36 - 2019-01-21 18:49 - 000023658 _____ C:\Users\w\Desktop\praca badawcza-niedokończone.odt 2019-01-14 15:30 - 2019-01-14 15:30 - 007902208 _____ C:\Users\w\Downloads\08. Raport z badań.ppt 2019-01-14 15:29 - 2019-01-14 15:30 - 016465408 _____ C:\Users\w\Downloads\02. Badanie naukowe.ppt 2019-01-14 15:29 - 2019-01-14 15:30 - 003526829 _____ C:\Users\w\Downloads\03. METODOLOGIA - Zmienne.pptx 2019-01-14 15:29 - 2019-01-14 15:29 - 033201664 _____ C:\Users\w\Downloads\01. Metoda naukowa.ppt 2019-01-13 21:07 - 2019-01-16 09:25 - 000000770 _____ C:\Users\w\Desktop\DRR6KKT7QfNX010509130119.txt 2019-01-13 07:46 - 2019-01-13 07:46 - 000000000 ____D C:\Users\w\Downloads\PangeaYt2 ver 0.4.6 2019-01-09 07:40 - 2019-01-09 07:38 - 000320888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys 2019-01-09 07:40 - 2019-01-09 07:38 - 000220688 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys 2019-01-09 07:40 - 2019-01-09 07:38 - 000196264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys 2019-01-09 07:40 - 2019-01-09 07:38 - 000058160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys 2019-01-09 07:40 - 2019-01-09 07:38 - 000037304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys 2019-01-09 07:39 - 2019-01-09 07:38 - 000361352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2019-01-08 14:47 - 2019-01-08 14:47 - 000322920 _____ C:\Users\w\Downloads\UmowaPozyczkiOnawialnej (1).pdf 2019-01-08 14:47 - 2019-01-08 14:47 - 000137935 _____ C:\Users\w\Downloads\Esis.pdf ==================== Jeden miesiąc (zmodyfikowane) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-02-03 12:57 - 2018-04-29 11:33 - 000000000 ____D C:\FRST 2019-02-03 12:57 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-02-03 12:45 - 2016-07-25 23:57 - 000000000 ____D C:\Program Files (x86)\Steam 2019-02-03 12:41 - 2018-07-09 02:30 - 000003496 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2019-02-03 12:41 - 2018-07-09 02:30 - 000003272 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2019-02-03 12:41 - 2018-07-09 02:30 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2780740895-2156724078-2569186773-1001 2019-02-03 12:41 - 2018-07-09 02:30 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software 2019-02-03 12:40 - 2017-06-25 14:13 - 000000000 ____D C:\Users\w\AppData\Local\Battle.net 2019-02-03 12:24 - 2018-07-09 01:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-02-03 09:11 - 2015-12-18 04:04 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2019-02-02 23:36 - 2017-01-16 02:37 - 000000000 ____D C:\Users\w\AppData\Local\Spotify 2019-02-02 23:32 - 2017-01-16 02:37 - 000000000 ____D C:\Users\w\AppData\Roaming\Spotify 2019-02-02 21:26 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-02-02 20:13 - 2017-11-14 23:01 - 000000000 ____D C:\Users\w\AppData\Roaming\TS3Client 2019-02-02 01:58 - 2016-11-16 23:51 - 000000000 ____D C:\Users\w\AppData\Local\CrashDumps 2019-02-02 00:48 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps 2019-02-01 20:25 - 2018-12-27 15:02 - 000000000 ____D C:\Program Files (x86)\Heroes of the Storm 2019-01-30 10:02 - 2017-06-25 14:39 - 000000000 ____D C:\Program Files (x86)\Hearthstone 2019-01-29 10:13 - 2018-07-09 04:11 - 000000000 ____D C:\ProgramData\Packages 2019-01-29 10:09 - 2018-07-09 02:30 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update 2019-01-28 19:22 - 2017-12-09 23:30 - 000000000 ____D C:\Users\w\AppData\Local\Packages 2019-01-24 00:31 - 2016-12-10 22:44 - 000000000 ____D C:\Program Files (x86)\Origin 2019-01-23 22:06 - 2018-07-09 02:03 - 000002406 _____ C:\Users\w\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-01-23 22:06 - 2016-06-01 15:01 - 000000000 ___RD C:\Users\w\OneDrive 2019-01-22 17:24 - 2018-08-30 12:43 - 000000000 ____D C:\Users\w\AppData\Roaming\discord 2019-01-22 14:13 - 2016-07-26 12:25 - 000000000 ____D C:\Users\w\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2019-01-18 20:26 - 2017-09-29 11:50 - 000000000 ____D C:\Program Files\rempl 2019-01-18 14:28 - 2017-06-25 14:14 - 000000000 ____D C:\Program Files (x86)\Blizzard App 2019-01-18 05:06 - 2018-07-17 12:26 - 000000000 ____D C:\Users\w\AppData\Local\D3DSCache 2019-01-17 19:57 - 2018-08-30 12:43 - 000002224 _____ C:\Users\w\Desktop\Discord.lnk 2019-01-17 19:57 - 2018-08-30 12:43 - 000000000 ____D C:\Users\w\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2019-01-17 19:57 - 2018-08-30 12:43 - 000000000 ____D C:\Users\w\AppData\Local\Discord 2019-01-11 18:29 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-01-09 19:34 - 2016-07-01 22:59 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-01-09 19:30 - 2016-07-01 22:59 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-01-09 07:39 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2019-01-09 07:38 - 2018-10-24 02:35 - 000042488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2019-01-09 07:38 - 2018-06-25 22:02 - 000015488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys 2019-01-09 07:38 - 2017-12-17 10:56 - 000239808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys 2019-01-09 07:38 - 2017-11-22 00:33 - 000203488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys 2019-01-09 07:38 - 2016-10-03 23:09 - 001034056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2019-01-09 07:38 - 2016-10-03 23:09 - 000474648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2019-01-09 07:38 - 2016-10-03 23:09 - 000380144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2019-01-09 07:38 - 2016-10-03 23:09 - 000218056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2019-01-09 07:38 - 2016-10-03 23:09 - 000166472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2019-01-09 07:38 - 2016-10-03 23:09 - 000111992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2019-01-09 07:38 - 2016-10-03 23:09 - 000088144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2019-01-09 07:38 - 2016-10-03 23:09 - 000046584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2019-01-05 15:37 - 2018-08-31 18:05 - 000000445 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics ==================== Pliki w katalogu głównym wybranych folderów ======= 2018-05-04 08:24 - 2016-10-04 09:56 - 003604152 _____ (COMODO) C:\ProgramData\cis2D60.exe 2017-08-23 22:25 - 2017-08-23 22:25 - 000155674 _____ () C:\Users\w\AppData\Roaming\DMGR_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt 2016-08-22 20:58 - 2016-08-22 20:58 - 000000000 _____ () C:\Users\w\AppData\Roaming\fastboot.log 2017-10-29 18:54 - 2017-10-29 18:54 - 000000000 ___SH () C:\Users\w\AppData\Local\LumaEmu ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dllhost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dllhost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2018-07-09 01:53 ==================== Koniec FRST.txt ============================