Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 13.03.2019 01 Uruchomiony przez PTYLLO (administrator) PTYLLO-RSA (16-03-2019 18:33:46) Uruchomiony z E:\! LOGI Załadowane profile: PTYLLO & _ashbackuppb_ (Dostępne profile: PTYLLO & _ashbackuppb_) Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdservicehost.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Ashampoo GmbH & Co. KG -> ) C:\Program Files\Ashampoo\Ashampoo Backup Pro 12\bin\backupService-abpb.exe (Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (Ashampoo GmbH & Co. KG -> ) C:\Program Files\Ashampoo\Ashampoo Backup Pro 12\bin\oxHelper.exe (Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe () [Brak podpisu cyfrowego] C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (DEVGURU CO LTD -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (ArcSoft, Inc. -> ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\HP Webcam Software Suite\Magic-i Visual Effects 2\uCamMonitor.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Wondershare) [Brak podpisu cyfrowego] C:\Program Files (x86)\Wondershare\WAF\2.3.0.5\WsAppService.exe (Sony) [Brak podpisu cyfrowego] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DiscSoftBusService.exe (Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe (TC UP Team) [Brak podpisu cyfrowego] C:\Program Files (x86)\TC UP\TCUP64.exe (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files (x86)\TC UP\TOTALCMD64.EXE (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Ashampoo GmbH & Co. KG -> ) C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 8\UI8Guard.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM64.EXE [223488 2018-02-24] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9228800 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-3041302494-3532582037-403353021-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4047984 2019-02-10] (Tonec Inc. -> Tonec Inc.) HKU\S-1-5-21-3041302494-3532582037-403353021-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd -> Piriform Ltd) HKU\S-1-5-21-3041302494-3532582037-403353021-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd -> Piriform Ltd) HKU\S-1-5-21-3041302494-3532582037-403353021-1000\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [64672 2019-02-28] (Lamantine Software a.s. -> Lamantine Software a.s.) HKU\S-1-5-21-3041302494-3532582037-403353021-1000\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1708016 2019-03-01] (Google LLC -> Google Inc.) HKU\S-1-5-21-3041302494-3532582037-403353021-1000\...\MountPoints2: {366796ef-1222-11e7-ac90-806e6f6e6963} - D:\Run.exe HKU\S-1-5-21-3041302494-3532582037-403353021-1000\...\MountPoints2: {7adc5fdf-565b-11e7-9421-fcaa14a9ff06} - M:\setup.exe HKU\S-1-5-21-3041302494-3532582037-403353021-1000\...\MountPoints2: {94375505-9414-11e7-857e-fcaa14a9ff06} - K:\Lenovo_Suite.exe HKU\S-1-5-21-3041302494-3532582037-403353021-1000\...\MountPoints2: {b13bff5c-29af-11e7-83c8-fcaa14a9ff06} - J:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-3041302494-3532582037-403353021-1000\...\MountPoints2: {e6f837a3-6086-11e7-88a0-fcaa14a9ff06} - J:\startme.exe HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [Brak podpisu cyfrowego] HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [Brak podpisu cyfrowego] HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [Brak podpisu cyfrowego] HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [Brak podpisu cyfrowego] HKLM\...\Drivers32: [msacm.lame] => C:\Windows\system32\lame.ax [245760 2005-08-01] () [Brak podpisu cyfrowego] HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [Brak podpisu cyfrowego] HKLM\...\Drivers32: [vidc.mpg4] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Brak podpisu cyfrowego] HKLM\...\Drivers32: [vidc.mp42] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Brak podpisu cyfrowego] HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Brak podpisu cyfrowego] HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\system32\xvidvfw.dll [139264 2004-07-03] () [Brak podpisu cyfrowego] HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [Brak podpisu cyfrowego] HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Brak podpisu cyfrowego] HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Brak podpisu cyfrowego] HKLM\...\Drivers32: [vidc.VP62] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Brak podpisu cyfrowego] HKLM\...\Drivers32: [vidc.LAGS] => C:\Windows\system32\lagarith.dll [216064 2011-12-07] ( ) [Brak podpisu cyfrowego] HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-07-17] () [Brak podpisu cyfrowego] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-06] (Google LLC -> Google Inc.) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation) Lsa: [Notification Packages] scecli "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2017-03-26] ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.) [Brak podpisu cyfrowego] GroupPolicy: Ograniczenia ? <==== UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll => Brak pliku Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{2135570E-BAB7-4F1D-9306-26F44F226E14}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{C3913687-94BA-4C6E-90B8-D970B92B3201}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{E5388D4D-62BA-453E-AC96-2E4F60BAE429}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3041302494-3532582037-403353021-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3041302494-3532582037-403353021-1000 -> DefaultScope {B4BE7B63-49BE-492D-BC2A-2A22DA16951F} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\S-1-5-21-3041302494-3532582037-403353021-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3041302494-3532582037-403353021-1000 -> {B4BE7B63-49BE-492D-BC2A-2A22DA16951F} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2018-11-21] (Tonec Inc. -> Internet Download Manager, Tonec Inc.) BHO: Portfel Bitdefender -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2018-09-23] (Bitdefender SRL -> Bitdefender) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2019-01-16] (Microsoft Corporation -> Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2018-11-21] (Tonec Inc. -> Internet Download Manager, Tonec Inc.) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2019-01-16] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-21] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-21] (Oracle America, Inc. -> Oracle Corporation) Toolbar: HKU\S-1-5-21-3041302494-3532582037-403353021-1000 -> Portfel Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2018-09-23] (Bitdefender SRL -> Bitdefender) Toolbar: HKU\S-1-5-21-3041302494-3532582037-403353021-1000 -> True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - Brak pliku Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-02-14] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-04-10] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-02-14] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-04-10] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF DefaultProfile: ok5qcu0z.default-1535009096060 FF ProfilePath: C:\Users\PTYLLO\AppData\Roaming\Mozilla\Firefox\Profiles\ok5qcu0z.default-1535009096060 [2019-03-16] FF Homepage: Mozilla\Firefox\Profiles\ok5qcu0z.default-1535009096060 -> www.google.pl FF Session Restore: Mozilla\Firefox\Profiles\ok5qcu0z.default-1535009096060 -> [funkcja włączona] FF Extension: (Show me the password!) - C:\Users\PTYLLO\AppData\Roaming\Mozilla\Firefox\Profiles\ok5qcu0z.default-1535009096060\Extensions\showmethepassword@alejandrobrizuela.com.ar.xpi [2019-03-08] FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdwteff.xpi FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2017\bdwteff.xpi [2018-09-23] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2017-03-09] [Przestarzałe] [Brak podpisu cyfrowego] FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdwteff.xpi FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext FF HKU\S-1-5-21-3041302494-3532582037-403353021-1000\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi FF Extension: (IDM Integration Module) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2019-02-10] [UpdateUrl:hxxps://data.internetdownloadmanager.com/idmmzcc3/update.json] FF HKU\S-1-5-21-3041302494-3532582037-403353021-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\PTYLLO\AppData\Roaming\IDM\idmmzcc5 FF Extension: (IDM CC) - C:\Users\PTYLLO\AppData\Roaming\IDM\idmmzcc5 [2017-03-27] [Przestarzałe] [Brak podpisu cyfrowego] FF HKU\S-1-5-21-3041302494-3532582037-403353021-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Przestarzałe] FF HKU\S-1-5-21-3041302494-3532582037-403353021-1000\...\Thunderbird\Extensions: [{2fde55eb-0b64-49fc-8e12-690b07010401}] - C:\Users\PTYLLO\AppData\Roaming\Lamantine\Sticky Password\spAutofillTb FF Extension: (Sticky Password extension) - C:\Users\PTYLLO\AppData\Roaming\Lamantine\Sticky Password\spAutofillTb [2019-03-08] [Przestarzałe] [Brak podpisu cyfrowego] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-10] (Adobe Systems Incorporated -> ) FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-10] (Adobe Systems Incorporated -> ) FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-21] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-21] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-09-11] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-12-13] (Nullsoft, Inc.) [Brak podpisu cyfrowego] FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-23] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Brak podpisu cyfrowego] FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-23] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Brak podpisu cyfrowego] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3041302494-3532582037-403353021-1000: @stickypassword.com/Sticky Password -> C:\Program Files (x86)\Sticky Password\npspAutofill.dll [2019-02-28] (Lamantine Software a.s. -> Lamantine Software a.s.) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://www.google.pl/ CHR NewTab: Default -> Active:"chrome-extension://ocggccaacacpienfcgmgcihoombokbbj/pages/newtab/newtab.html", Active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html" CHR Session Restore: Default -> [funkcja włączona] CHR Profile: C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default [2019-03-16] CHR Extension: (Tłumacz Google) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-20] CHR Extension: (TooManyTabs for Chrome) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp [2018-10-17] CHR Extension: (Połączenia przez Skype) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2017-06-10] CHR Extension: (Sticky Password extension) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnfdmghkeppfadphbnkjcicejfepnbfe [2019-03-08] CHR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-03-16] CHR Extension: (Adblock dla Youtube™) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2019-03-14] CHR Extension: (Tampermonkey) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2019-02-23] CHR Extension: (Java API Search) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\dphfngjamcomlehblpblaacingmaojnm [2017-06-10] CHR Extension: (Adobe Acrobat) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-22] CHR Extension: (Fontface Ninja) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\eljapbgkmlngdpckoiiibecpemleclhh [2018-07-04] CHR Extension: (Booking.com for Chrome™) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgkeilefmpmbamgcejhjpiecahcbipip [2019-02-17] CHR Extension: (Drop a Couple) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkpifnppgcehobegmobenolblnkohpnh [2017-07-23] CHR Extension: (Bitdefender Wallet) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2018-12-04] CHR Extension: (Pulpit zdalny Chrome) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-03-07] CHR Extension: (Dokumenty Google offline) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-23] CHR Extension: (AdBlock) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-03-07] CHR Extension: (Website Blocker (Beta)) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib [2019-03-07] CHR Extension: (Tunnello VPN - Unblock, Ultra-Fast & Secure!) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoapmlpnmpaehilehggglehfdlnoegck [2018-11-12] CHR Extension: (WhatFont) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2017-07-12] CHR Extension: (Powiadomienia dla aplikacji Messenger) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiiinbkdippcknmpfihfmjboojofioel [2018-08-21] CHR Extension: (NoPremium.pl) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfjkakeeljjehllbdjjamgabdjpmdogc [2017-09-29] CHR Extension: (GG Plugin) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmcdkdpeihijgkgmmdkbccccjnonjie [2017-06-10] CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2019-03-16] CHR Extension: (Chomikuj.pl) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\mabmeicndgkgfompmmdkijoamfleoadk [2017-06-10] CHR Extension: (Gumshoe) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\mekpfngodchodemgmkhinohkfjefjeea [2017-09-19] CHR Extension: (Reload All Tabs) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\midkcinmplflbiflboepnahkboeonkam [2018-07-30] CHR Extension: (IDM Integration Module) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2019-03-07] CHR Extension: (Message/Chat Downloader) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkinapjekllgfipphkgpmombekfclghe [2018-02-07] CHR Extension: (Autofill) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmmgnhgdeffjkdckmikfpnddkbbfkkk [2018-10-30] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04] CHR Extension: (Live Start Page - Living Wallpapers) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocggccaacacpienfcgmgcihoombokbbj [2019-03-16] CHR Extension: (Autofill for Chrome by Fillr) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhegjfmbbpahdggoekcbmejnifimeca [2019-03-07] CHR Extension: (TeamViewer) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\oooiobdokpcfdlahlmcddobejikcmkfo [2018-10-25] CHR Extension: (Chrome Media Router) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-20] CHR Profile: C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-01-09] CHR Extension: (Tłumacz Google) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-12-24] CHR Extension: (Prezentacje) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-24] CHR Extension: (Dokumenty) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-24] CHR Extension: (Dysk Google) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-21] CHR Extension: (Połączenia przez Skype) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2017-09-21] CHR Extension: (YouTube) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-21] CHR Extension: (Adblock Plus) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-24] CHR Extension: (Adblock dla Youtube™) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2018-12-24] CHR Extension: (Java API Search) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dphfngjamcomlehblpblaacingmaojnm [2017-09-21] CHR Extension: (Adobe Acrobat) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-09-21] CHR Extension: (Black Menu for Google™) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eignhdfgaldabilaaegmdfbajngjmoke [2018-12-24] CHR Extension: (Fontface Ninja) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eljapbgkmlngdpckoiiibecpemleclhh [2018-12-24] CHR Extension: (Arkusze) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-24] CHR Extension: (Drop a Couple) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fkpifnppgcehobegmobenolblnkohpnh [2017-09-21] CHR Extension: (Bitdefender Wallet) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2018-12-24] CHR Extension: (Pulpit zdalny Chrome) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2018-12-24] CHR Extension: (Dokumenty Google offline) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-24] CHR Extension: (AdBlock) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-24] CHR Extension: (Website Blocker (Beta)) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hclgegipaehbigmbhdpfapmjadbaldib [2017-09-21] CHR Extension: (Tunnello VPN - Unblock, Ultra-Fast & Secure!) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hoapmlpnmpaehilehggglehfdlnoegck [2018-12-24] CHR Extension: (WhatFont) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2017-09-21] CHR Extension: (Powiadomienia dla aplikacji Messenger) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jiiinbkdippcknmpfihfmjboojofioel [2018-12-24] CHR Extension: (NoPremium.pl) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kfjkakeeljjehllbdjjamgabdjpmdogc [2017-10-03] CHR Extension: (GG Plugin) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khmcdkdpeihijgkgmmdkbccccjnonjie [2017-09-21] CHR Extension: (Chomikuj.pl) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mabmeicndgkgfompmmdkijoamfleoadk [2017-09-21] CHR Extension: (Gumshoe) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mekpfngodchodemgmkhinohkfjefjeea [2017-09-21] CHR Extension: (Reload All Tabs) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\midkcinmplflbiflboepnahkboeonkam [2018-12-24] CHR Extension: (IDM Integration Module) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-12-24] CHR Extension: (Message/Chat Downloader) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nkinapjekllgfipphkgpmombekfclghe [2018-12-24] CHR Extension: (Autofill) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nlmmgnhgdeffjkdckmikfpnddkbbfkkk [2018-12-24] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-24] CHR Extension: (Autofill for Chrome by Fillr) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ojhegjfmbbpahdggoekcbmejnifimeca [2018-12-24] CHR Extension: (TeamViewer) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oooiobdokpcfdlahlmcddobejikcmkfo [2018-12-24] CHR Extension: (Gmail) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-21] CHR Extension: (Chrome Media Router) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-24] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2019-02-11] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2019-02-11] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.) S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender 2017\bdservicehost.exe [779152 2018-11-01] (Bitdefender SRL -> Bitdefender) S2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195320 2018-09-23] (Bitdefender SRL -> Bitdefender) S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7356680 2018-11-07] (BattlEye Innovations e.K. -> ) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-09-21] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-09-21] (Dropbox, Inc -> Dropbox, Inc.) S2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-03-04] (Dropbox, Inc -> Dropbox, Inc.) R2 DevMgmtService; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [95520 2019-02-01] (Bitdefender SRL -> Bitdefender) R3 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Pro\DiscSoftBusService.exe [2216208 2014-11-24] (Disc Soft Ltd -> Disc Soft Ltd) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-06] (Disc Soft Ltd -> Disc Soft Ltd) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-03-21] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc. -> HP Inc.) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Brak podpisu cyfrowego] S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation - pGFX -> Intel Corporation) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Brak podpisu cyfrowego] R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1293936 2018-11-15] (Bitdefender SRL -> Bitdefender) R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc) R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (Arvato Digital Services Canada Inc -> arvato digital services llc) R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU CO LTD -> DEVGURU Co., LTD.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11665240 2019-02-26] (TeamViewer GmbH -> TeamViewer GmbH) R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\HP Webcam Software Suite\Magic-i Visual Effects 2\uCamMonitor.exe [145984 2012-01-18] (ArcSoft, Inc. -> ArcSoft, Inc.) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [112144 2018-11-01] (Bitdefender SRL -> Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [804144 2018-11-01] (Bitdefender SRL -> Bitdefender) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.0.5\WsAppService.exe [415232 2016-08-09] (Wondershare) [Brak podpisu cyfrowego] S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DriverInstall.exe [115856 2016-09-21] (Wondershare software CO., LIMITED -> Wondershare) R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2195968 2018-05-29] (Sony) [Brak podpisu cyfrowego] R2 ashbackuppb; "c:\Program Files\Ashampoo\Ashampoo Backup Pro 12\bin\backupService-abpb.exe" "--controlFolder=c:\ProgramData\Ashampoo Backup PB\control" "--id=ashbackuppb" daemon R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2008-04-24] (ArcSoft, Inc. -> ArcSoft, Inc.) R1 atc; C:\Windows\System32\DRIVERS\atc.sys [1292296 2018-10-17] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA) R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1723552 2018-05-22] (Bitdefender SRL -> BitDefender) R2 BdDci; C:\Windows\System32\DRIVERS\bddci.sys [156912 2018-11-01] (Bitdefender SRL -> Bitdefender) R2 bdprivmon; C:\Windows\System32\DRIVERS\bdprivmon.sys [45728 2018-10-17] (Bitdefender SRL -> © Bitdefender SRL) R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [96448 2018-05-22] (Bitdefender SRL -> BitDefender) S3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [303712 2018-12-13] (Bluestack Systems, Inc. -> Bluestack System Inc. ) S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-03-27] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-03-27] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [29864 2017-09-29] (Disc Soft Ltd -> Disc Soft Ltd) S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2017-04-18] (Sony Mobile Communications AB -> Sony Mobile Communications) R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [193184 2018-09-23] (Bitdefender SRL -> BitDefender LLC) S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2018-02-24] (3am.com(Test) -> HTC, Corporation) S3 htcnprot; C:\Windows\System32\DRIVERS\htcnprot.sys [36928 2012-12-07] (HTC Corp. -> Windows (R) Win 7 DDK provider) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [40448 2018-02-24] (Intel(R) Rapid Storage Technology -> Intel Corporation) R0 Ignis; C:\Windows\System32\DRIVERS\ignis.sys [191592 2018-05-22] (Bitdefender SRL -> Bitdefender) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-02-14] (Malwarebytes Corporation -> Malwarebytes) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [201296 2018-02-24] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [2269592 2017-12-24] (MEDIATEK INC. -> MediaTek Inc.) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57976 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation) R1 RsProxy; C:\Windows\system32\drivers\RsProxy.sys [15976 2017-10-21] (Realtek Semiconductor Corp -> ) S3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [420832 2018-02-24] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation) R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [3127552 2018-02-24] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2017-09-29] (Duplex Secure Ltd -> Duplex Secure Ltd.) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206104 2014-12-03] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr)) S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2014-11-05] (OpenVPN Technologies, Inc. -> The OpenVPN Project) R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [609576 2018-08-02] (Bitdefender SRL -> Bitdefender) R2 UI5IFS; C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 8\IFS64.sys [40520 2018-11-30] (Ashampoo GmbH & Co. KG -> ) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Apple, Inc.) [Brak podpisu cyfrowego] S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Windows -> Microsoft Corporation) R1 VD_FileDisk; C:\Windows\System32\Drivers\VD_FileDisk.sys [30312 2011-01-26] (Ghisler Software GmbH -> CaptainFlint Software) S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB) S3 WIMMount; C:\Program Files (x86)\Windows Kits\8.0\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys [40392 2012-07-25] (Microsoft Corporation -> Microsoft Corporation) U3 DfSdkS; Brak ImagePath S3 gdrv; \??\C:\Windows\gdrv.sys [X] S2 memudrv; \??\D:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-03-16 18:31 - 2019-03-16 18:33 - 000000000 ____D C:\FRST 2019-03-16 18:11 - 2019-03-16 18:11 - 000007605 _____ C:\Users\PTYLLO\AppData\Local\Resmon.ResmonCfg 2019-03-16 11:24 - 2019-03-16 11:26 - 000000000 _____ C:\Users\PTYLLO\AppData\Local\{0D260AE0-6ED1-40BD-B86C-229E6B3A8A88} 2019-03-16 11:01 - 2019-03-16 11:01 - 000003072 _____ C:\Users\Public\Desktop\Corel CAPTURE 2018 (64-Bit).lnk 2019-03-16 11:01 - 2019-03-16 11:01 - 000002403 _____ C:\Users\Public\Desktop\Corel CONNECT 2018 (64-Bit).lnk 2019-03-16 11:01 - 2019-03-16 11:00 - 000003075 _____ C:\Users\Public\Desktop\Corel PHOTO-PAINT 2018 (64-Bit).lnk 2019-03-16 11:01 - 2019-03-16 11:00 - 000003027 _____ C:\Users\Public\Desktop\CorelDRAW 2018 (64-Bit).lnk 2019-03-16 11:01 - 2019-03-16 11:00 - 000002312 _____ C:\Users\Public\Desktop\Corel Font Manager 2018 (64-Bit).lnk 2019-03-16 11:00 - 2019-03-16 11:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite 2018 (64-bit) 2019-03-16 10:38 - 2019-03-16 10:38 - 000000000 ____D C:\Users\PTYLLO\Documents\Working Files 2019-03-16 10:14 - 2019-03-16 10:14 - 000000000 ____D C:\Users\PTYLLO\Documents\My Palettes 2019-03-16 10:10 - 2019-03-16 10:10 - 000000000 ____D C:\Program Files (x86)\gs 2019-03-16 10:04 - 2019-03-16 10:04 - 000000000 ____D C:\ProgramData\UniqueId 2019-03-16 09:20 - 2019-03-16 09:20 - 000002174 _____ C:\Users\Public\Desktop\Corel PDF Fusion.lnk 2019-03-13 15:53 - 2019-03-13 15:53 - 000000000 ____D C:\Users\PTYLLO\AppData\Roaming\Ashampoo 2019-03-13 14:14 - 2019-02-16 05:32 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2019-03-13 14:14 - 2019-02-16 05:30 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2019-03-13 14:13 - 2019-02-21 04:12 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2019-03-13 14:13 - 2019-02-21 04:10 - 005552360 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2019-03-13 14:13 - 2019-02-21 04:10 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2019-03-13 14:13 - 2019-02-21 04:09 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2019-03-13 14:13 - 2019-02-21 04:09 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2019-03-13 14:13 - 2019-02-21 04:09 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2019-03-13 14:13 - 2019-02-21 04:08 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2019-03-13 14:13 - 2019-02-21 04:07 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2019-03-13 14:13 - 2019-02-21 04:07 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2019-03-13 14:13 - 2019-02-21 04:07 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2019-03-13 14:13 - 2019-02-21 04:07 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2019-03-13 14:13 - 2019-02-21 04:07 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2019-03-13 14:13 - 2019-02-21 04:07 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2019-03-13 14:13 - 2019-02-21 04:07 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2019-03-13 14:13 - 2019-02-21 04:07 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll 2019-03-13 14:13 - 2019-02-21 04:07 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2019-03-13 14:13 - 2019-02-21 04:07 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2019-03-13 14:13 - 2019-02-21 04:07 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2019-03-13 14:13 - 2019-02-21 04:07 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2019-03-13 14:13 - 2019-02-21 04:07 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2019-03-13 14:13 - 2019-02-21 04:07 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2019-03-13 14:13 - 2019-02-21 04:07 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2019-03-13 14:13 - 2019-02-21 04:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2019-03-13 14:13 - 2019-02-21 04:07 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2019-03-13 14:13 - 2019-02-21 04:07 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2019-03-13 14:13 - 2019-02-21 04:07 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2019-03-13 14:13 - 2019-02-21 04:07 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2019-03-13 14:13 - 2019-02-21 04:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2019-03-13 14:13 - 2019-02-21 04:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:59 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2019-03-13 14:13 - 2019-02-21 03:58 - 004055784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2019-03-13 14:13 - 2019-02-21 03:58 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2019-03-13 14:13 - 2019-02-21 03:56 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:42 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2019-03-13 14:13 - 2019-02-21 03:42 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2019-03-13 14:13 - 2019-02-21 03:42 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2019-03-13 14:13 - 2019-02-21 03:41 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2019-03-13 14:13 - 2019-02-21 03:39 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2019-03-13 14:13 - 2019-02-21 03:39 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys 2019-03-13 14:13 - 2019-02-21 03:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2019-03-13 14:13 - 2019-02-21 03:38 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2019-03-13 14:13 - 2019-02-21 03:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll 2019-03-13 14:13 - 2019-02-21 03:36 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2019-03-13 14:13 - 2019-02-21 03:36 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2019-03-13 14:13 - 2019-02-21 03:36 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2019-03-13 14:13 - 2019-02-21 03:36 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2019-03-13 14:13 - 2019-02-21 03:36 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2019-03-13 14:13 - 2019-02-21 03:36 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2019-03-13 14:13 - 2019-02-21 03:35 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2019-03-13 14:13 - 2019-02-21 03:35 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys 2019-03-13 14:13 - 2019-02-21 03:35 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys 2019-03-13 14:13 - 2019-02-21 03:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys 2019-03-13 14:13 - 2019-02-21 03:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys 2019-03-13 14:13 - 2019-02-21 03:35 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys 2019-03-13 14:13 - 2019-02-21 03:35 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2019-03-13 14:13 - 2019-02-21 03:34 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2019-03-13 14:13 - 2019-02-21 03:34 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2019-03-13 14:13 - 2019-02-21 03:34 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2019-03-13 14:13 - 2019-02-21 03:34 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2019-03-13 14:13 - 2019-02-21 03:34 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:34 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2019-03-13 14:13 - 2019-02-21 03:34 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2019-03-13 14:13 - 2019-02-10 16:41 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2019-03-13 14:13 - 2019-02-10 16:41 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2019-03-13 14:13 - 2019-02-10 16:41 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2019-03-13 14:13 - 2019-02-10 16:41 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2019-03-13 14:13 - 2019-02-10 16:41 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2019-03-13 14:13 - 2019-02-10 16:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2019-03-13 14:13 - 2019-02-10 16:41 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll 2019-03-13 14:13 - 2019-02-10 16:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll 2019-03-13 14:13 - 2019-02-10 16:41 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2019-03-13 14:13 - 2019-02-10 16:41 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2019-03-13 14:13 - 2019-02-10 16:41 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll 2019-03-13 14:13 - 2019-02-10 16:41 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2019-03-13 14:13 - 2019-02-10 16:41 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2019-03-13 14:13 - 2019-02-10 16:41 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll 2019-03-13 14:13 - 2019-02-10 16:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2019-03-13 14:13 - 2019-02-10 16:41 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2019-03-13 14:13 - 2019-02-10 16:41 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll 2019-03-13 14:13 - 2019-02-10 16:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2019-03-13 14:13 - 2019-02-10 16:41 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2019-03-13 14:13 - 2019-02-10 16:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2019-03-13 14:13 - 2019-02-10 16:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2019-03-13 14:13 - 2019-02-10 16:41 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2019-03-13 14:13 - 2019-02-10 16:41 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll 2019-03-13 14:13 - 2019-02-10 16:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll 2019-03-13 14:13 - 2019-02-10 16:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2019-03-13 14:13 - 2019-02-10 16:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2019-03-13 14:13 - 2019-02-10 16:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2019-03-13 14:13 - 2019-02-10 16:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2019-03-13 14:13 - 2019-02-10 16:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2019-03-13 14:13 - 2019-02-10 16:28 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2019-03-13 14:13 - 2019-02-10 16:10 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2019-03-13 14:13 - 2019-02-10 16:09 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2019-03-13 14:13 - 2019-02-10 16:09 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2019-03-13 14:13 - 2019-02-10 16:09 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2019-03-13 14:13 - 2019-02-10 16:09 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2019-03-13 14:13 - 2019-02-10 16:09 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2019-03-13 14:13 - 2019-02-10 16:09 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2019-03-13 14:13 - 2019-02-10 16:09 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2019-03-13 14:13 - 2019-02-10 16:09 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2019-03-13 14:13 - 2019-02-10 16:09 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2019-03-13 14:13 - 2019-02-10 16:09 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2019-03-13 14:13 - 2019-02-10 16:09 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2019-03-13 14:13 - 2019-02-10 16:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2019-03-13 14:13 - 2019-02-10 16:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2019-03-13 14:13 - 2019-02-10 16:08 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2019-03-13 14:13 - 2019-02-10 16:08 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2019-03-13 14:13 - 2019-02-10 16:08 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2019-03-13 14:13 - 2019-02-10 16:08 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2019-03-13 14:13 - 2019-02-10 16:08 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2019-03-13 14:13 - 2019-02-10 16:08 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2019-03-13 14:13 - 2019-02-10 16:08 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2019-03-13 14:13 - 2019-02-10 16:08 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2019-03-13 14:13 - 2019-02-10 16:08 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2019-03-13 14:13 - 2019-02-10 16:08 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2019-03-13 14:13 - 2019-02-10 16:08 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2019-03-13 14:13 - 2019-02-10 16:08 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2019-03-13 14:13 - 2019-02-10 16:08 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2019-03-13 14:13 - 2019-02-10 16:08 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2019-03-13 14:13 - 2019-02-10 16:08 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll 2019-03-13 14:13 - 2019-02-10 16:08 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2019-03-13 14:13 - 2019-02-10 16:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2019-03-13 14:13 - 2019-02-10 16:07 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2019-03-13 14:13 - 2019-02-10 16:07 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2019-03-13 14:13 - 2019-02-10 16:07 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2019-03-13 14:13 - 2019-02-10 16:07 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2019-03-13 14:13 - 2019-02-10 16:02 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2019-03-13 14:13 - 2019-02-10 15:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2019-03-13 14:13 - 2019-02-10 15:49 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2019-03-13 14:13 - 2019-02-10 15:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2019-03-13 14:13 - 2019-02-10 15:38 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2019-03-13 14:13 - 2019-02-10 15:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2019-03-08 10:48 - 2019-03-08 10:48 - 000000000 ____D C:\Users\PTYLLO\AppData\Roaming\Lamantine 2019-03-08 10:35 - 2019-03-16 10:30 - 000000000 ___SD C:\Users\PTYLLO\Documents\Sticky Passwords 2019-03-08 10:35 - 2019-03-08 10:35 - 000001134 _____ C:\Users\Public\Desktop\Sticky Password.lnk 2019-03-08 10:35 - 2019-03-08 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Password 2019-03-08 10:35 - 2019-03-08 10:35 - 000000000 ____D C:\Program Files (x86)\Sticky Password 2019-03-07 00:16 - 2019-03-07 00:16 - 000000000 ____D C:\ProgramData\dbg 2019-03-07 00:12 - 2019-03-07 00:12 - 000073965 _____ C:\ProgramData\dm.update.1551917520.bdinstall.bin 2019-03-07 00:12 - 2019-03-07 00:12 - 000034898 _____ C:\ProgramData\dm.uninstall.1551917524.bdinstall.bin 2019-03-07 00:10 - 2019-03-07 00:10 - 000262144 ____N C:\Windows\Minidump\030719-22744-01.dmp 2019-03-06 00:45 - 2019-03-06 00:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2019-03-04 13:17 - 2019-03-04 13:17 - 000047800 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys 2019-03-04 13:17 - 2019-03-04 13:17 - 000047800 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys 2019-03-04 13:17 - 2019-03-04 13:17 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys 2019-02-19 23:19 - 2019-03-04 13:17 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe 2019-02-14 21:46 - 2019-02-14 21:46 - 000000000 ____D C:\Users\PTYLLO\AppData\Roaming\dvdcss 2019-02-14 05:38 - 2019-02-14 05:38 - 000198512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2019-02-14 05:38 - 2019-02-14 05:38 - 000001909 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-02-14 05:38 - 2019-02-14 05:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-02-14 05:38 - 2019-01-08 15:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys ==================== Jeden miesiąc (zmodyfikowane) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-03-16 18:32 - 2017-10-06 10:35 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2019-03-16 18:32 - 2009-07-14 17:55 - 000740098 _____ C:\Windows\system32\perfh015.dat 2019-03-16 18:32 - 2009-07-14 17:55 - 000155672 _____ C:\Windows\system32\perfc015.dat 2019-03-16 18:32 - 2009-07-14 05:13 - 001669190 _____ C:\Windows\system32\PerfStringBackup.INI 2019-03-16 18:32 - 2009-07-14 03:20 - 000000000 ____D C:\Windows\inf 2019-03-16 18:13 - 2017-03-28 08:37 - 000000000 ____D C:\Users\PTYLLO\AppData\Local\CrashDumps 2019-03-16 18:08 - 2009-07-14 04:45 - 000014832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-03-16 18:08 - 2009-07-14 04:45 - 000014832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-03-16 18:05 - 2009-07-14 03:20 - 000000000 ____D C:\Windows\system32\NDF 2019-03-16 18:03 - 2017-03-26 19:05 - 000000000 ____D C:\! ! ! DOWNLOADS 2019-03-16 17:58 - 2017-03-26 15:54 - 000000000 ____D C:\ProgramData\NVIDIA 2019-03-16 11:50 - 2018-10-28 05:28 - 000017463 _____ C:\bdlog.txt 2019-03-16 11:50 - 2017-03-27 08:02 - 000000000 ____D C:\Users\PTYLLO\AppData\Roaming\DMCache 2019-03-16 11:50 - 2017-03-27 07:52 - 000000000 ____D C:\Users\PTYLLO\AppData\LocalLow\Mozilla 2019-03-16 11:25 - 2017-10-06 10:35 - 000000000 ____D C:\Users\PTYLLO\AppData\Roaming\TeamViewer 2019-03-16 11:18 - 2018-10-22 17:41 - 000000000 ____D C:\Users\_ashbackuppb_ 2019-03-16 11:16 - 2018-09-23 18:12 - 000000000 ____D C:\Program Files\Bonjour 2019-03-16 11:16 - 2018-09-23 18:12 - 000000000 ____D C:\Program Files (x86)\Bonjour 2019-03-16 11:02 - 2017-04-16 03:20 - 000000000 ____D C:\Users\PTYLLO\AppData\Roaming\Corel 2019-03-16 11:01 - 2017-04-16 03:16 - 000000000 ____D C:\Users\Public\Documents\Corel 2019-03-16 11:01 - 2017-04-16 03:16 - 000000000 ____D C:\Program Files\Corel 2019-03-16 11:01 - 2017-04-03 10:51 - 000000000 ____D C:\Program Files (x86)\Corel 2019-03-16 10:46 - 2017-04-12 09:28 - 000000000 ____D C:\Users\PTYLLO\Documents\Corel 2019-03-16 10:40 - 2017-09-21 12:07 - 000001152 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2019-03-16 10:10 - 2017-03-26 14:11 - 000000000 ____D C:\ProgramData\Package Cache 2019-03-16 10:10 - 2009-07-14 03:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared 2019-03-16 10:09 - 2017-04-03 10:51 - 000000000 ____D C:\ProgramData\Corel 2019-03-16 09:34 - 2017-04-16 03:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Silhouette America 2019-03-16 09:34 - 2017-04-16 03:42 - 000000000 ____D C:\Program Files (x86)\Silhouette America 2019-03-16 09:31 - 2018-09-23 18:12 - 000000000 ____D C:\Program Files\Common Files\Apple 2019-03-16 09:31 - 2017-04-18 18:00 - 000000000 ____D C:\ProgramData\Apple 2019-03-16 09:20 - 2017-04-03 10:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PDF Fusion 2019-03-16 08:39 - 2017-12-25 13:29 - 000000000 ____D C:\Users\PTYLLO\AppData\Roaming\vlc 2019-03-16 05:33 - 2017-03-27 07:36 - 000003758 _____ C:\Windows\System32\Tasks\AutoKMS 2019-03-16 02:00 - 2017-03-27 08:06 - 000000000 ____D C:\Users\PTYLLO\AppData\Local\Adobe 2019-03-15 11:40 - 2017-09-21 12:07 - 000001148 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2019-03-14 05:38 - 2018-09-23 12:07 - 004272392 _____ C:\Users\PTYLLO\AppData\Local\GDIPFONTCACHEV1.DAT 2019-03-14 05:36 - 2017-03-27 08:02 - 000000000 ____D C:\Users\PTYLLO\AppData\Roaming\IDM 2019-03-14 05:34 - 2017-03-27 10:55 - 000003648 _____ C:\Windows\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 2019-03-14 05:32 - 2018-10-27 18:36 - 000000000 __SHD C:\Users\PTYLLO\IntelGraphicsProfiles 2019-03-14 04:09 - 2009-07-14 03:20 - 000000000 ____D C:\Windows\rescache 2019-03-14 03:32 - 2009-07-14 05:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-03-14 03:31 - 2018-12-23 12:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2019-03-14 03:31 - 2018-12-23 12:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-03-14 03:31 - 2018-09-26 20:42 - 009854032 _____ C:\Windows\system32\FNTCACHE.DAT 2019-03-14 03:31 - 2018-08-23 07:24 - 000000000 ____D C:\Program Files\Mozilla Firefox 2019-03-14 03:30 - 2009-07-14 03:20 - 000000000 ____D C:\Windows\SysWOW64\Dism 2019-03-14 03:30 - 2009-07-14 03:20 - 000000000 ____D C:\Windows\system32\Dism 2019-03-14 03:11 - 2017-03-27 06:39 - 000000000 ____D C:\Windows\system32\MRT 2019-03-14 03:00 - 2017-03-27 06:39 - 127411920 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2019-03-13 03:00 - 2009-07-14 02:34 - 000000478 _____ C:\Windows\win.ini 2019-03-12 22:04 - 2018-10-22 17:40 - 000000000 ____D C:\Program Files\Ashampoo 2019-03-12 22:04 - 2017-10-21 12:05 - 000000000 ____D C:\Windows\pss 2019-03-12 22:03 - 2017-04-16 02:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo 2019-03-11 14:32 - 2019-01-12 12:44 - 000003870 _____ C:\Windows\System32\Tasks\BlueStacksHelper 2019-03-07 08:12 - 2017-03-27 12:23 - 000000000 ____D C:\Program Files\CCleaner 2019-03-07 07:57 - 2017-09-30 07:57 - 000004424 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2019-03-07 07:57 - 2017-07-01 12:13 - 000004580 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2019-03-07 07:57 - 2017-03-27 08:07 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2019-03-07 07:57 - 2017-03-27 08:07 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2019-03-07 07:57 - 2017-03-27 08:07 - 000000000 ____D C:\Windows\system32\Macromed 2019-03-07 07:57 - 2017-03-27 08:06 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2019-03-07 00:12 - 2017-09-21 12:10 - 000000000 ___RD C:\Users\PTYLLO\Dropbox 2019-03-07 00:10 - 2017-05-31 21:25 - 000000000 ____D C:\Windows\Minidump 2019-03-06 20:56 - 2017-03-26 14:10 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-03-06 00:45 - 2017-09-21 12:07 - 000000000 ____D C:\Program Files (x86)\Dropbox 2019-03-04 08:37 - 2017-04-19 08:29 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2019-03-04 08:21 - 2018-11-22 05:43 - 000001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk 2019-03-04 08:21 - 2018-11-22 05:43 - 000001001 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk 2019-03-04 08:06 - 2017-03-27 08:02 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager 2019-02-24 03:58 - 2017-09-12 17:05 - 000000000 ____D C:\Program Files (x86)\HideIPVPN 2019-02-20 07:44 - 2019-01-13 21:51 - 000000000 ____D C:\Users\PTYLLO\Desktop\APK 2019-02-19 09:42 - 2017-12-25 13:29 - 000001108 _____ C:\Users\Public\Desktop\VLC media player.lnk 2019-02-19 00:08 - 2017-04-21 11:08 - 000000000 ____D C:\Users\PTYLLO\.gimp-2.8 2019-02-16 13:16 - 2017-05-14 16:22 - 000000000 ____D C:\Users\PTYLLO\Desktop\Gosia 2019-02-16 13:09 - 2017-06-19 17:20 - 000000000 ____D C:\Users\PTYLLO\Documents\Camtasia Studio 2019-02-14 11:35 - 2017-09-21 12:07 - 000004148 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA 2019-02-14 11:35 - 2017-09-21 12:07 - 000003896 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore 2019-02-14 06:38 - 2017-03-27 19:11 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task ==================== Pliki w katalogu głównym wybranych folderów ======= 2017-04-18 16:19 - 2017-04-18 16:19 - 000000008 _____ () C:\Users\PTYLLO\AppData\Roaming\com.silhouettesoftware.id 2017-05-29 23:47 - 2017-09-13 06:49 - 000015904 _____ () C:\Users\PTYLLO\AppData\Roaming\downloads.json 2017-04-21 10:30 - 2017-12-08 00:15 - 000006144 _____ () C:\Users\PTYLLO\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2018-09-28 23:57 - 2018-09-28 23:57 - 000000000 _____ () C:\Users\PTYLLO\AppData\Local\oobelibMkey.log 2017-04-14 13:50 - 2017-07-05 14:38 - 049979264 _____ (Sony) C:\Users\PTYLLO\AppData\Local\pcc.exe 2018-09-15 11:17 - 2018-09-15 11:17 - 000003127 _____ () C:\Users\PTYLLO\AppData\Local\recently-used.xbel 2019-03-16 18:11 - 2019-03-16 18:11 - 000007605 _____ () C:\Users\PTYLLO\AppData\Local\Resmon.ResmonCfg 2019-03-16 11:24 - 2019-03-16 11:26 - 000000000 _____ () C:\Users\PTYLLO\AppData\Local\{0D260AE0-6ED1-40BD-B86C-229E6B3A8A88} 2018-10-25 01:43 - 2018-10-25 01:43 - 000000000 _____ () C:\Users\PTYLLO\AppData\Local\{FA83F0F7-9EF4-49DE-8D77-8267E63E89E2} Niektóre pliki w TEMP: ==================== 2019-03-14 05:38 - 2018-06-13 08:35 - 000046480 _____ () C:\Users\PTYLLO\AppData\Local\Temp\ash_update_d050c95d_dl.exe 2019-03-16 09:15 - 2018-11-19 09:26 - 000046488 _____ () C:\Users\PTYLLO\AppData\Local\Temp\ash_update_dea3059b_dl.exe 2019-03-16 09:15 - 2019-03-16 09:15 - 005808016 _____ (Ashampoo GmbH & Co. KG ) C:\Users\PTYLLO\AppData\Local\Temp\ash_update_dea3059b_installer.exe Niektóre zerobajtowe pliki/foldery: ========================== C:\Windows\System32\Drivers\7773108C.sys ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\dllhost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\dllhost.exe => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2019-03-14 00:59 ==================== Koniec FRST.txt ============================