Windows 10 nie pozwala mi na nic

[Dominicz3k 0]

Witam, od tygodnia mam problem który wygląda następująco nie mogę włączyć żadnej gry która wymaga uprawnień administratora, zainstalować żadnej aplikacji z tego samego powodu itd, gdy próbuje to zrobić wyskakuje komunikat "system windows nie może uzyskać dostępu do określonego urządzenia ścieżki lub pliku możesz nie mieć". Robiłem skany antywirusem, nic nie znalazł, czyściłem CCleanerem wszystko co się da, usunąłem śmieciowe pliki. Formata z pozycji windowsa nie da się zrobić bo wyskakuje albo wyżej wymieniony błąd, albo jakiś totalnie inny postaram się ogarnać na dniach zbootowanego pendrive i wtedy w ostateczności spróbuje zrobić format. Wracając w trybie awaryjnym nagle wszystkie aplikacje itp da się włączyć i instalować, nie mam już totalnie pomysłu co robić żeby usunąć ten problem.

Dodam też że menadżer urządzeń się nie włącza, czuje się jakby ktoś blokował mi dostęp do wielu funkcji w moim komputerze sądzę, że to może być jakiś wirus bo mój młodszy brat ściągał jakieś modyfikacje do GTA5 ale nie jestem pewien.

Pozdrawiam i liczę na pomoc.

Edytowane 29 Września 2019 przez Dominicz3k

[Gość]

Na początek spróbuj pobrać, uruchomić, przeskanować i usunąć wszystkie ewentualne wpisy znalezione przez adwcleaner. Narzędzie nie wymaga instalacji tylko na koniec usuwania wymagany restart systemu.

Edytowane 29 Września 2019 przez Gość

[Dominicz3k 0]

Wykonałem skan, nic nie pomogło

[Gość]

Ale narzędzie znalazło i usunęło jakieś wpisy? Możesz podać log z usuwania? Katalog z logami (ze skanowania i usuwania) jest w C:\AdwCleaner jakby był problem ze znalezieniem.

Edytowane 29 Września 2019 przez Gość

[daerragh 348]

otworz wiersz polecenia z menu start i uruchom komende: sfc /scannow

Edytowane 29 Września 2019 przez daerragh

[Dominicz3k 0]

Tu jest log z usuwania:

 

 

 

# -------------------------------

# Malwarebytes AdwCleaner 7.4.1.0

# -------------------------------

# Build: 09-04-2019

# Database: 2019-08-27.1 (Local)

# Support: https://www.malwarebytes.com/support

#

# -------------------------------

# Mode: Clean

# -------------------------------

# Start: 09-29-2019

# Duration: 00:00:03

# OS: Windows 10 Enterprise

# Cleaned: 24

# Failed: 0

 

 

***** [ Services ] *****

 

No malicious services cleaned.

 

***** [ Folders ] *****

 

Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion

Deleted C:\ProgramData\ByteFence

Deleted C:\Users\Public\Documents\Downloaded Installers

Deleted C:\Users\domin\AppData\Local\WallpaperSuite

Deleted C:\Users\domin\AppData\Local\slimware utilities inc

Deleted C:\Windows\Installer\{4D0A0750-B034-4DF8-97DE-26F1212AC2FF}

 

***** [ Files ] *****

 

No malicious files cleaned.

 

***** [ DLL ] *****

 

No malicious DLLs cleaned.

 

***** [ WMI ] *****

 

No malicious WMI cleaned.

 

***** [ Shortcuts ] *****

 

No malicious shortcuts cleaned.

 

***** [ Tasks ] *****

 

No malicious tasks cleaned.

 

***** [ Registry ] *****

 

Deleted HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I

Deleted HKCU\Software\Classes\CLSID\{F7B8E2CA-97DF-4974-BDF1-3D93EDC93A5E}

Deleted HKCU\Software\Lavasoft\Web Companion

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|WallpaperSuite

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|WallpaperSuite

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WallpaperSuite

Deleted HKCU\Software\PRODUCTSETUP

Deleted HKCU\Software\SlimWare Utilities Inc

Deleted HKCU\Software\csastats

Deleted HKCU\Software\dobreprogramy

Deleted HKLM\SOFTWARE\Classes\Applications\DriverDocSetup.exe

Deleted HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\ByteFence.exe

Deleted HKLM\Software\ErrorFixKIT

Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ShutdownTime

Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion

Deleted HKLM\Software\Wow6432Node\SlimWare Utilities Inc

Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{80107F16-CB2E-42AB-AB9D-6C11540D5A8B}

 

***** [ Chromium (and derivatives) ] *****

 

No malicious Chromium entries cleaned.

 

***** [ Chromium URLs ] *****

 

No malicious Chromium URLs cleaned.

 

***** [ Firefox (and derivatives) ] *****

 

No malicious Firefox entries cleaned.

 

***** [ Firefox URLs ] *****

 

No malicious Firefox URLs cleaned.

 

***** [ Preinstalled Software ] *****

 

Deleted Preinstalled.HPJumpStartApps Registry HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce|Application Restart #0

 

 

*************************

 

[+] Delete Tracing Keys

[+] Reset Winsock

 

*************************

 

AdwCleaner_Debug.log - [16510 octets] - [29/09/2019 11:52:32]

AdwCleaner[s00].txt - [3417 octets] - [29/09/2019 11:53:18]

 

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

 

Również wpisałem tą komende (sfc /scannow) w wiersz poleceń wyskoczyło mi to: You must be an administrator running a console session in order to

use the sfc utility.

Wpisałem to w internet i były tam wskazówki żeby uruchomić wiersz poleceń jako administrator, ale podczas uruchomienia go wyskakuje mi ten błąd: system windows nie może uzyskać dostępu do określonego urządzenia ścieżki lub pliku możesz nie mieć odpowiednich uprawnień dostępu do elementu.

Edytowane 29 Września 2019 przez Dominicz3k

[rikitiki 4]

Co do wirusów to mozesz jeszcze sprawdzić https://www.emsisoft.com/en/home/emergencykit/

 

Zobacz w ustawieniach konta czy masz Konto lokalne Administrator

Twój brat używa tego samego konta ? Może zmienił typ konta na standartowe

[Gość]

Zrób i podaj logi z narzędzia FRST.

[Dominicz3k 0]

Mam typ konta lokalnego administartora.

 

Nie moge odpalic nawet FRST bo wyskakuje mi ten sam błąd ze system nie moze uzyskac dostepu do ścieżek itp.

 

z tymi wirusami to po pobraniu tego emirsoft z tego linku i odpaleniu niestety jest znow błąd ten sam co przy FRST i innych.

Edytowane 29 Września 2019 przez Dominicz3k

[Gość]

To uruchom FRST i zrób logi w trybie awaryjnym. Powinien działać skoro pisałeś na początku że w awaryjnym można włączać i instalować aplikacje. Zawsze też możesz przeprowadzić sprawdzanie plików systemowych (sfc /scannow) z poziomu trybu awaryjnego.

Edytowane 29 Września 2019 przez Gość

[Dominicz3k 0]

Shortcut:

 

 

Rezultat skanowania skrótów użytkowników (x64) Wersja: 29-09-2019

Uruchomiony przez domin (29-09-2019 23:04:48)

Uruchomiony z C:\Users\domin\Downloads

Tryb startu: Safe Mode (with Networking)

 

==================== Skróty =============================

 

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)

 

 

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\01 - File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\03 - Documents.lnk -> C:\Users\domin\Documents ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\04 - Downloads.lnk -> C:\Users\domin\Downloads ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\05 - Music.lnk -> C:\Users\domin\Music ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\06 - Pictures.lnk -> C:\Users\domin\Pictures ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\07 - Videos.lnk -> C:\Users\domin\Videos ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\08 - Homegroup.lnk -> Microsoft.Windows.Homegroup

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\09 - Network.lnk -> Microsoft.Windows.Network

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\10 - UserProfile.lnk -> C:\Users\domin ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk -> C:\Program Files\BlueStacks\HD-MultiInstanceManager.exe (Brak pliku)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks.lnk -> C:\ProgramData\BlueStacks\Client\Bluestacks.exe (Brak pliku)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Epic Games, Inc.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FACEIT AC.lnk -> C:\Program Files\FACEIT AC\faceitclient.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.8.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk -> C:\Program Files\Google\Google Earth Pro\client\googleearth.exe (Google)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Co nowego w ostatniej wersji.lnk -> C:\Program Files\WinRAR\CoNowego.txt ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> C:\Program Files\WinRAR\Rar.txt ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunnelBear\TunnelBear.lnk -> C:\Program Files (x86)\TunnelBear\TunnelBear.exe (TunnelBear)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHU\SHU.lnk -> C:\Program Files (x86)\SHU\SHU.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHU\Uninstall SHU.lnk -> C:\Program Files (x86)\SHU\unins000.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++\Notepad++.lnk -> C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO don.h@free.fr)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft.lnk -> C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe (Mojang)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kreator raportowania problemów AMD\Uruchom Kreatora raportowania o problemów AMD.lnk -> C:\Program Files\AMD\PRW\amdprw.exe (Advanced Micro Devices, Inc.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files\Java\jre1.8.0_211\bin\javacpl.exe (Oracle Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Highresolution Enterprises\X-Mouse Button Control\Uninstall.lnk -> C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\uninstaller.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Highresolution Enterprises\X-Mouse Button Control\Whats New.lnk -> C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\ChangeLog.txt ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Highresolution Enterprises\X-Mouse Button Control\X-Mouse Button Control User Guide.lnk -> C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\X-Mouse Button Control User Guide.pdf ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\HWMonitor\HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\HWMonitor.exe (CPUID)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\HWMonitor\Uninstall HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\unins000.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings\AMD Settings.lnk -> C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Advanced Micro Devices, Inc.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{2E83FF17-8095-4E84-8528-594169B78AC6}\PlayTasks\2\Uninstall.lnk -> C:\Games\Need for Speed Rivals\Uninstall\unins000.exe (Brak pliku)

Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{2E83FF17-8095-4E84-8528-594169B78AC6}\PlayTasks\1\Launcher settings.lnk -> C:\Games\Need for Speed Rivals\Launcher.exe (Brak pliku)

Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{2E83FF17-8095-4E84-8528-594169B78AC6}\PlayTasks\0\Need for Speed Rivals.lnk -> C:\Games\Need for Speed Rivals\Launcher.exe (Brak pliku)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\domin\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()

Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()

Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)

Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\defaultuser0\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Brak pliku)

Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)

Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)

Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)

Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)

Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)

Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30

Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)

Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)

Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)

Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)

Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)

Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)

Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)

Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)

Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)

Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)

Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)

Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)

Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)

Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()

Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()

Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)

Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)

Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)

Shortcut: C:\Users\domin\Pictures\2017-12-06\IMG_20171206_145922 — skrót .lnk -> C:\Users\domin\Pictures\2017-12-06\IMG_20171206_145922.jpg ()

Shortcut: C:\Users\domin\Links\Desktop.lnk -> C:\Users\domin\Desktop ()

Shortcut: C:\Users\domin\Links\Downloads.lnk -> C:\Users\domin\Downloads ()

Shortcut: C:\Users\domin\Desktop\Electrum.lnk -> C:\Program Files (x86)\Electrum\electrum-3.3.6.exe ()

Shortcut: C:\Users\domin\Desktop\FACEIT.lnk -> C:\Users\domin\AppData\Local\FACEITApp\FACEIT.exe (FACEIT Ltd.)

Shortcut: C:\Users\domin\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)

Shortcut: C:\Users\domin\Desktop\Komputer.lnk -> System Folder

Shortcut: C:\Users\domin\Desktop\Minecraft.lnk -> C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe (Mojang)

Shortcut: C:\Users\domin\Desktop\Need For Speed Most Wanted.lnk -> C:\Users\domin\Desktop\nfs mw\speed.exe ()

Shortcut: C:\Users\domin\Desktop\Pobrane.lnk -> C:\Users\domin\Downloads ()

Shortcut: C:\Users\domin\Desktop\Spotify.lnk -> C:\Users\domin\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)

Shortcut: C:\Users\domin\Desktop\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

Shortcut: C:\Users\domin\Desktop\Tor Browser\Start Tor Browser.lnk -> C:\Users\domin\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\BuzkaaClicker.lnk -> C:\BuzkaaClicker\BuzkaaClicker.exe ()

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\OpenIV.lnk -> C:\Users\domin\AppData\Local\New Technology Studio\Apps\OpenIV\OpenIV.exe (New Technology Studio)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\domin\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk -> C:\Users\domin\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk -> C:\Users\domin\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk -> C:\Users\domin\AppData\Roaming\uTorrent Web\utweb.exe (Brak pliku)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Co nowego w ostatniej wersji.lnk -> C:\Program Files\WinRAR\CoNowego.txt ()

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> C:\Program Files\WinRAR\Rar.txt ()

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3\OpenOffice Base.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sbase.exe (Apache Software Foundation)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3\OpenOffice Calc.lnk -> C:\Program Files (x86)\OpenOffice 4\program\scalc.exe (Apache Software Foundation)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3\OpenOffice Draw.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sdraw.exe (Apache Software Foundation)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3\OpenOffice Impress.lnk -> C:\Program Files (x86)\OpenOffice 4\program\simpress.exe (Apache Software Foundation)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3\OpenOffice Math.lnk -> C:\Program Files (x86)\OpenOffice 4\program\smath.exe (Apache Software Foundation)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3\OpenOffice Writer.lnk -> C:\Program Files (x86)\OpenOffice 4\program\swriter.exe (Apache Software Foundation)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3\OpenOffice.lnk -> C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FACEIT Ltd\FACEIT.lnk -> C:\Users\domin\AppData\Local\FACEITApp\FACEIT.exe (FACEIT Ltd.)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electrum\Electrum.lnk -> C:\Program Files (x86)\Electrum\electrum-3.3.6.exe ()

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electrum\Uninstall.lnk -> C:\Program Files (x86)\Electrum\Uninstall.exe (Electrum)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\internet explorer\iexplore.exe (Microsoft Corporation)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Windows\SendTo\Transfer plików Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)

Shortcut: C:\Users\domin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)

Shortcut: C:\Users\domin\AppData\Roaming\.minecraft\resourcepacks\dziwny txt\assets\minecraft\particles.lnk -> C:\Users\domin\Desktop\particles.png (Brak pliku)

Shortcut: C:\Users\domin\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)

Shortcut: C:\Users\domin\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)

Shortcut: C:\Users\domin\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)

Shortcut: C:\Users\domin\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)

Shortcut: C:\Users\domin\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()

Shortcut: C:\Users\domin\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()

Shortcut: C:\Users\domin\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)

Shortcut: C:\Users\domin\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)

Shortcut: C:\Users\domin\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)

Shortcut: C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)

Shortcut: C:\Users\Public\Desktop\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Epic Games, Inc.)

Shortcut: C:\Users\Public\Desktop\FACEIT AC.lnk -> C:\Program Files\FACEIT AC\faceitclient.exe ()

Shortcut: C:\Users\Public\Desktop\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)

Shortcut: C:\Users\Public\Desktop\SHU.lnk -> C:\Program Files (x86)\SHU\SHU.exe ()

Shortcut: C:\Users\Public\Desktop\TunnelBear.lnk -> C:\Program Files (x86)\TunnelBear\TunnelBear.exe (TunnelBear)

 

 

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V\Collector Edition\Uninstall.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{DDB68A90-340C-42B9-B42B-D2CBED1B91DC}\Setup.exe (InstallShield Software Corporation) -> -l0x9

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteelSeries\SteelSeries Engine 3\SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS) -> -dataPath="C:\ProgramData\SteelSeries\SteelSeries Engine 3" -dbEnv=production

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS) -> -dataPath="C:\ProgramData\SteelSeries\SteelSeries Engine 3" -dbEnv=production -auto=true

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kreator raportowania problemów AMD\Odinstaluj Kreatora raportowania o problemów AMD.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {A18CF8D5-9018-DDB5-2D57-88DC2637493D}

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection\Remove Kaspersky Secure Connection.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i{F33C0717-8E04-4EB5-90C8-47221287DB4F} REMOVE=ALL

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Free\Remove Kaspersky Free.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i{5AAE61FF-858E-453E-B8F3-944618149975} REMOVE=ALL

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files\Java\jre1.8.0_211\bin\javacpl.exe (Oracle Corporation) -> -tab about

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files\Java\jre1.8.0_211\bin\javacpl.exe (Oracle Corporation) -> -tab update

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Highresolution Enterprises\X-Mouse Button Control\X-Mouse Button Control.lnk -> C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe (Highresolution Enterprises) -> /notportable

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX

ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo

ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus

ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager

ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo

ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep

ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes

ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}

ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}

ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}

ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0

ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}

ShortcutWithArgument: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo

ShortcutWithArgument: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\SendTo\Odbiorca faksu.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo

ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}

ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus

ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager

ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System

ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo

ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions

ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep

ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes

ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures

ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}

ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}

ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}

ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0

ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}

ShortcutWithArgument: C:\Users\domin\Desktop\Discord.lnk -> C:\Users\domin\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe

ShortcutWithArgument: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc\Discord.lnk -> C:\Users\domin\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe

ShortcutWithArgument: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electrum\Electrum Testnet.lnk -> C:\Program Files (x86)\Electrum\electrum-3.3.6.exe () -> --testnet

ShortcutWithArgument: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc\Discord.lnk -> C:\Users\domin\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe

ShortcutWithArgument: C:\Users\domin\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo

ShortcutWithArgument: C:\Users\domin\AppData\Roaming\Microsoft\Windows\SendTo\Odbiorca faksu.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo

ShortcutWithArgument: C:\Users\domin\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}

ShortcutWithArgument: C:\Users\domin\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus

ShortcutWithArgument: C:\Users\domin\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager

ShortcutWithArgument: C:\Users\domin\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System

ShortcutWithArgument: C:\Users\domin\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo

ShortcutWithArgument: C:\Users\domin\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions

ShortcutWithArgument: C:\Users\domin\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep

ShortcutWithArgument: C:\Users\domin\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes

ShortcutWithArgument: C:\Users\domin\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures

ShortcutWithArgument: C:\Users\domin\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}

ShortcutWithArgument: C:\Users\domin\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}

ShortcutWithArgument: C:\Users\domin\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}

ShortcutWithArgument: C:\Users\domin\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0

ShortcutWithArgument: C:\Users\domin\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}

 

 

InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V\Collector Edition\Links\Developer Web Site.url -> URL: hxxp://www.nival.com/homm5/

InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V\Collector Edition\Links\Game Web Site.url -> URL: hxxp://www.mightandmagicgame.com/

InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V\Collector Edition\Links\Publisher Web Site.url -> URL: hxxp://www.ubisoft.com

InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/

InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.url -> URL: hxxp://java.com/help

InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.url -> URL: hxxp://java.com/

InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> URL: hxxp://www.ccleaner.com/ccleaner

InternetURL: C:\Users\domin\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142

InternetURL: C:\Users\domin\Desktop\Counter-Strike Global Offensive.url -> URL: steam://rungameid/730

InternetURL: C:\Users\domin\Desktop\Fortnite.url -> URL: com.epicgames.launcher://apps/Fortnite?action=launch&silent=true

InternetURL: C:\Users\domin\Desktop\Grand Theft Auto V.url -> URL: steam://rungameid/271590

InternetURL: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Counter-Strike Global Offensive.url -> URL: steam://rungameid/730

InternetURL: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Grand Theft Auto V.url -> URL: steam://rungameid/271590

 

==================== Koniec Shortcut.txt =============================

 

Addition:

 

 

 

Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 29-09-2019

Uruchomiony przez domin (29-09-2019 23:02:55)

Uruchomiony z C:\Users\domin\Downloads

Windows 10 Enterprise Wersja 1803 17134.1006 (X64) (2018-07-12 18:57:53)

Tryb startu: Safe Mode (with Networking)

==========================================================

 

 

==================== Konta użytkowników: =============================

 

Administrator (S-1-5-21-628336397-1476835057-3598675240-500 - Administrator - Disabled)

defaultuser0 (S-1-5-21-628336397-1476835057-3598675240-1000 - Limited - Disabled) => C:\Users\defaultuser0

domin (S-1-5-21-628336397-1476835057-3598675240-1001 - Administrator - Enabled) => C:\Users\domin

Gość (S-1-5-21-628336397-1476835057-3598675240-501 - Limited - Disabled)

Konto domyślne (S-1-5-21-628336397-1476835057-3598675240-503 - Limited - Disabled)

WDAGUtilityAccount (S-1-5-21-628336397-1476835057-3598675240-504 - Limited - Disabled)

 

==================== Centrum zabezpieczeń ========================

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

 

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Zainstalowane programy ======================

 

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

 

AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.)

AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)

Catalyst Control Center Next Localization BR (HKLM\...\{51F85784-6799-5CA3-97B2-2E5904FC3E58}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization BR (HKLM\...\{A16E186C-58C4-3BDC-5CCE-714EFEF5F27F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization CHS (HKLM\...\{8E6F5592-ED7E-9C50-74AC-BF417B1FE291}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization CHS (HKLM\...\{E42911E5-48F8-8557-ED20-D72AD1907D25}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization CHT (HKLM\...\{AD28960A-6190-C991-C964-308B86EAA2E2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization CHT (HKLM\...\{B4C30EF4-B2C5-1395-B534-7B63BCB6E8E4}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization CS (HKLM\...\{62098A5F-E03B-31A3-5F9C-51A7F7D25744}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization CS (HKLM\...\{84C3F2C5-F7B2-2F08-CDF4-79EF7CC55D74}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization DA (HKLM\...\{0E8A3B17-D603-B1B6-C205-1685EBDD23E9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization DA (HKLM\...\{1757AD9B-0E3C-05F9-FE43-4343BED7DA85}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization DE (HKLM\...\{1E7D3072-1D28-E33A-99DF-85D9F7ECD06E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization DE (HKLM\...\{66B06F29-EE4F-9130-D96A-754826093FEA}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization EL (HKLM\...\{821D0A0E-F246-BE40-0D68-93883C14C410}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization EL (HKLM\...\{BA26B70C-3D8C-2D14-4122-211FB3E6F691}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization ES (HKLM\...\{5FEACE78-C338-9AED-FF05-7DE7E273C774}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization ES (HKLM\...\{88BD74C4-23AB-4554-915C-6E1F0C81F6CD}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization FI (HKLM\...\{A3795528-F572-6314-C4E3-EE9DAF0FBF02}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization FI (HKLM\...\{A48E2AB0-0866-7783-9657-E1709EB18D02}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization FR (HKLM\...\{4853A56D-7931-A08B-5BA7-8E2D61043DF9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization FR (HKLM\...\{E61CEF9A-BAC3-EAEE-F735-E257D2354DF2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization HU (HKLM\...\{B28CF677-E2C8-12CA-52BB-19B6F066D36A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization HU (HKLM\...\{DA0326BB-657D-AAFC-752C-363E8FA33755}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization IT (HKLM\...\{43F6D22B-E0E9-EE90-9B62-1C5FC5D15A55}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization IT (HKLM\...\{B873A1FB-5EA0-EE5F-A861-1E38880AD08E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization JA (HKLM\...\{D4490E0F-8E7B-1097-B56A-7643C75F1C28}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization JA (HKLM\...\{EC9DF9FF-9D75-4CDD-1D58-A2E887B0A42E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization KO (HKLM\...\{7ABACA7E-6E59-0EF9-8FA3-6B32E5F58127}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization KO (HKLM\...\{DAB44116-0266-C65B-B643-AC11217C3041}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization NL (HKLM\...\{3AF70346-52C7-0334-606F-118D1C1CB7A2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization NL (HKLM\...\{3E196AAF-F81C-B384-E2AB-28EE2398FE5F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization NO (HKLM\...\{53AE8AC7-5213-67AF-0DC0-CED696B77643}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization NO (HKLM\...\{DAEFFE0C-CD05-1355-6AFC-7B3D4106A820}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization PL (HKLM\...\{DC9DFCBF-87DA-892C-6151-99CC9EF46E3E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization PL (HKLM\...\{E392A425-53A7-DF90-96A0-E287A75DD3B2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization RU (HKLM\...\{C1EFF2A2-DF4A-F6D1-B99C-1ED194AE9E78}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization RU (HKLM\...\{D6F47BB4-700A-F612-0671-5F69EA311BB7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization SV (HKLM\...\{01FD9A26-3F61-9236-B360-BE5D043D82C0}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization SV (HKLM\...\{46EB68BE-8AAC-8C2B-7284-8DEDE6B5CD2A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization TH (HKLM\...\{64D4CCC3-63DF-252D-D29D-03491670225D}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization TH (HKLM\...\{7A6E431B-CF43-EC3E-FD7E-0A0AAB1B25FC}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization TR (HKLM\...\{89A1F076-19B8-A2B1-D5A3-E8247EFAF157}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization TR (HKLM\...\{8DF90937-B869-9F76-5D45-5A8BDA0A33B6}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden

CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)

CPUID HWMonitor 1.39 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.39 - CPUID, Inc.)

Discord (HKU\S-1-5-21-628336397-1476835057-3598675240-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)

Electrum (HKU\S-1-5-21-628336397-1476835057-3598675240-1001\...\Electrum) (Version: 3.3.6 - Electrum Technologies GmbH)

Epic Games Launcher (HKLM-x32\...\{565F3270-F13B-4B2F-91C9-D04BAB404318}) (Version: 1.1.143.0 - Epic Games, Inc.)

Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden

FACEIT (HKU\S-1-5-21-628336397-1476835057-3598675240-1001\...\FACEITApp) (Version: 1.23.0 - FACEIT Ltd.)

FACEIT AC version 1.0 (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 1.0 - FACEIT LTD)

GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)

Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden

Java 8 Update 211 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)

Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden

Microsoft OneDrive (HKU\S-1-5-21-628336397-1476835057-3598675240-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0009 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27027 (HKLM-x32\...\{fd9b6070-d13e-45dc-819b-41806bf45b6b}) (Version: 14.16.27027.1 - Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27027 (HKLM-x32\...\{39e28474-b67b-4209-af1b-e9ad0a83d8ca}) (Version: 14.16.27027.1 - Microsoft Corporation)

Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)

Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.6 - Notepad++ Team)

OpenIV (HKU\S-1-5-21-628336397-1476835057-3598675240-1001\...\OpenIV) (Version: 3.1.1033 - .black/OpenIV Team)

OpenOffice 4.1.3 (HKLM-x32\...\{4D71C348-C964-442D-B2DB-5160E46FB664}) (Version: 4.13.9783 - Apache Software Foundation)

Origin (HKLM-x32\...\Origin) (Version: 10.5.47.29954 - Electronic Arts, Inc.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)

Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)

SHU (HKLM-x32\...\{DF11DD92-DBB8-4F3F-9564-A8BBDBE986F5}_is1) (Version: 1.0 - ScreenShu Software)

Spotify (HKU\S-1-5-21-628336397-1476835057-3598675240-1001\...\Spotify) (Version: 1.1.12.451.gdb77255f - Spotify AB)

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

SteelSeries Engine 3.15.2 (HKLM\...\SteelSeries Engine 3) (Version: 3.15.2 - SteelSeries ApS)

TunnelBear (HKLM-x32\...\{1713CFE6-1661-47A9-91D3-B35C367FE421}) (Version: 3.7.8.0 - TunnelBear) Hidden

TunnelBear (HKLM-x32\...\{a30a854f-0c68-44b5-8173-e370fcf4dc7f}) (Version: 3.7.8.0 - TunnelBear)

UpdateAssistant (HKLM-x32\...\{035FFC43-55D6-4F5C-BCC5-21FED122C8B4}) (Version: 1.11.0.0 - Microsoft Corporation) Hidden

WinRAR 5.40 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

World of Tanks (HKLM-x32\...\World of Tanks) (Version: - )

X-Mouse Button Control 2.14 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.14 - Highresolution Enterprises)

 

Packages:

=========

Dodatek Aparat multimediów dla aplikacji Zdjęcia -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-17] (Microsoft Corporation)

Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-27] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-27] (Microsoft Corporation) [MS Ad]

Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-08-30] (Microsoft Studios) [MS Ad]

MSN Pogoda -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]

Network Speed Test -> C:\Program Files\WindowsApps\Microsoft.NetworkSpeedTest_1.0.0.23_x64__8wekyb3d8bbwe [2018-05-21] (Microsoft Research)

Poczta i Kalendarz -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation) [MS Ad]

Pulpit zdalny Microsoft -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.1.1107.0_x86__8wekyb3d8bbwe [2019-09-05] (Microsoft Corporation)

Telefon Microsoft -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-08] (Microsoft Corporation)

 

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

 

CustomCLSID: HKU\S-1-5-21-628336397-1476835057-3598675240-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [brak podpisu cyfrowego]

CustomCLSID: HKU\S-1-5-21-628336397-1476835057-3598675240-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [brak podpisu cyfrowego]

CustomCLSID: HKU\S-1-5-21-628336397-1476835057-3598675240-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [brak podpisu cyfrowego]

CustomCLSID: HKU\S-1-5-21-628336397-1476835057-3598675240-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) [brak podpisu cyfrowego]

CustomCLSID: HKU\S-1-5-21-628336397-1476835057-3598675240-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) [brak podpisu cyfrowego]

CustomCLSID: HKU\S-1-5-21-628336397-1476835057-3598675240-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [brak podpisu cyfrowego]

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku

ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-08-29] (Notepad++ -> )

ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-09-22] (Advanced Micro Devices, Inc.) [brak podpisu cyfrowego]

 

==================== Skróty & WMI ========================

 

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)

 

 

==================== Załadowane moduły (filtrowane) ==============

 

 

==================== Alternate Data Streams (filtrowane) =========

 

(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)

 

 

==================== Tryb awaryjny (filtrowane) ===================

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

 

==================== Powiązania plików (filtrowane) ===============

 

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)

 

 

==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)

 

 

==================== Hosts - zawartość: ===============================

 

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

 

2017-08-02 21:29 - 2019-09-29 12:03 - 000000529 _____ C:\WINDOWS\system32\drivers\etc\hosts

 

 

==================== Inne obszary ============================

 

(Obecnie brak automatycznej naprawy dla tej sekcji.)

 

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\

HKU\S-1-5-21-628336397-1476835057-3598675240-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\domin\Desktop\fd8f8da060afe72035e078e5fe661452.png

DNS Servers: 8.8.8.8 - 80.51.181.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)

Zapora systemu Windows [funkcja włączona]

 

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==

 

Załączenie wejścia w fixlist spowoduje jego usunięcie.

 

MSCONFIG\Services: gupdate => 2

MSCONFIG\Services: gupdatem => 3

MSCONFIG\Services: Steam Client Service => 3

HKLM\...\StartupApproved\Run: => "SecurityHealth"

HKLM\...\StartupApproved\Run32: => "WindowsDefender"

HKLM\...\StartupApproved\Run32: => "SecurityHealth"

HKU\S-1-5-21-628336397-1476835057-3598675240-1001\...\StartupApproved\Run: => "Gyazo"

HKU\S-1-5-21-628336397-1476835057-3598675240-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

HKU\S-1-5-21-628336397-1476835057-3598675240-1001\...\StartupApproved\Run: => "Spotify Web Helper"

HKU\S-1-5-21-628336397-1476835057-3598675240-1001\...\StartupApproved\Run: => "Spotify"

HKU\S-1-5-21-628336397-1476835057-3598675240-1001\...\StartupApproved\Run: => "EpicGamesLauncher"

HKU\S-1-5-21-628336397-1476835057-3598675240-1001\...\StartupApproved\Run: => "uTorrent"

HKU\S-1-5-21-628336397-1476835057-3598675240-1001\...\StartupApproved\Run: => "EADM"

 

==================== Reguły Zapory systemu Windows (filtrowane) ===============

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

 

FirewallRules: [{39E4E164-93E3-4580-A679-BF3EE7A84974}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)

FirewallRules: [{F120C884-1EE2-4FC5-9DCC-AE30321D5BD1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)

FirewallRules: [uDP Query User{1C58EF27-7C8D-41EC-947A-C3E63E71ED8B}C:\users\domin\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\domin\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [TCP Query User{0BA09510-BD21-45AF-A7D8-8E60A51C1B29}C:\users\domin\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\domin\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [uDP Query User{39AC889B-28A4-4D1B-BAA7-A46E806EF6BF}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)

FirewallRules: [TCP Query User{F907E230-E9A1-45FF-B87B-AE5B9F1DF714}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)

FirewallRules: [uDP Query User{F2BA0524-76CC-44CC-9BDC-9FE3ACBDA71C}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)

FirewallRules: [TCP Query User{C26F6F0B-0BBC-427A-8218-612E1978F433}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)

FirewallRules: [{5772AA55-BBB9-4E6C-A6A6-E29EC47E30F1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)

FirewallRules: [{A7720286-6FAE-4137-A2B6-4DB3751B8C3E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)

FirewallRules: [{DF41E938-202F-41D0-B6E4-C708335CF95E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )

FirewallRules: [{3EB1DA98-3D75-41A5-9303-C75D43FFCA8C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )

FirewallRules: [TCP Query User{1F5D0B0F-7D4A-4CDF-B925-C94319E2E996}C:\users\domin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\domin\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [uDP Query User{81704F82-5662-43A7-984C-E4FD4F87BF37}C:\users\domin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\domin\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{1D2973C9-3152-4544-A497-8F8DEF8EEBE7}] => (Allow) C:\WINDOWS\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{706602A4-604E-4CA3-82BC-7C5E18A90AF1}] => (Allow) C:\WINDOWS\SysWOW64\osEvjubay.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{8936E6D1-AD00-4F61-B08E-3E6B816EEAC1}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{2D65F69C-F6D1-4A33-A920-20FDE9E07A0D}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{9A2D3587-4F7C-447D-B00C-A083FC38C917}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{F1CCF08C-0292-4375-830A-2167CB40FD21}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)

FirewallRules: [{24C54E26-1E7C-4FBB-9C6B-C4775FBFEEEF}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)

FirewallRules: [{2F53EECB-CE74-48AB-AB4B-2D842E2BAD86}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)

FirewallRules: [{CDED05B1-35AC-4727-A598-ACD9A4F4B3B8}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)

FirewallRules: [{FE5D8A83-6ED3-472D-940E-F3D39B152B6C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [{35180F66-4AFC-4E72-9939-20998AD4999E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [TCP Query User{06443E3C-7047-4E2E-86C8-91765C2421B8}C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe

FirewallRules: [uDP Query User{B55973E3-9C83-4DEF-9F3E-078249789E08}C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe

FirewallRules: [{BF3ADD46-53F0-4837-B002-EC255545FF9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [{E7E62E0E-74D2-4BA2-87D1-A771FFED22A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [{E8032848-40E5-4831-BE39-99B331AF64CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [{30B33420-297B-4EE1-9047-A1E49FBD479D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [TCP Query User{6C8828C2-4EE5-4D78-9E17-0E6F25964C07}C:\users\domin\desktop\fivem.exe] => (Block) C:\users\domin\desktop\fivem.exe (cfx-collective) [brak podpisu cyfrowego]

FirewallRules: [uDP Query User{F8B44C33-BF9E-4830-AADB-2E8F8EC7DB21}C:\users\domin\desktop\fivem.exe] => (Block) C:\users\domin\desktop\fivem.exe (cfx-collective) [brak podpisu cyfrowego]

FirewallRules: [TCP Query User{779EC021-7BDF-443E-924B-79A04D9A1FBB}C:\program files (x86)\origin games\apex\r5apex.exe] => (Block) C:\program files (x86)\origin games\apex\r5apex.exe Brak pliku

FirewallRules: [uDP Query User{E18659CF-6A63-4035-80D3-CBA5F8B2DD60}C:\program files (x86)\origin games\apex\r5apex.exe] => (Block) C:\program files (x86)\origin games\apex\r5apex.exe Brak pliku

FirewallRules: [{3B11E242-3AE8-4215-8B8A-035304C532AC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

 

==================== Codecs (filtrowane) ==================

 

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

 

HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [105984 2018-09-26] (Beepa P/L) [brak podpisu cyfrowego]

HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2018-09-26] (Beepa P/L) [brak podpisu cyfrowego]

HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)

HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)

 

==================== Punkty Przywracania systemu =========================

 

16-09-2019 11:24:23 Zaplanowany punkt kontrolny

23-09-2019 23:20:34 Zaplanowany punkt kontrolny

28-09-2019 23:33:31 Usunięto: Update for Windows 10 for x64-based Systems (KB4023057)

 

==================== Wadliwe urządzenia w Menedżerze urządzeń =============

 

Name: SteelSeries Arctis 7 Game

Description: SteelSeries Arctis 7 Game

Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}

Manufacturer: SteelSeries ApS

Service: usbaudio

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver

 

Name: AMD High Definition Audio Device

Description: AMD High Definition Audio Device

Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}

Manufacturer: Advanced Micro Devices

Service: AtiHDAudioService

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver

 

Name: Arctis 7 Chat

Description: Urządzenie audio USB

Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}

Manufacturer: (Rodzajowe audio USB)

Service: usbaudio

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver

 

Name: Urządzenie zgodne ze standardem High Definition Audio

Description: Urządzenie zgodne ze standardem High Definition Audio

Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: HdAudAddService

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver

 

 

==================== Błędy w Dzienniku zdarzeń: =========================

 

Dziennik Aplikacja:

==================

Error: (09/29/2019 11:03:39 PM) (Source: PerfNet) (EventID: 2004) (User: )

Description: Nie można otworzyć obiektu wydajności usługi Server. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod stanu.

 

Error: (09/29/2019 10:57:39 PM) (Source: PerfNet) (EventID: 2004) (User: )

Description: Nie można otworzyć obiektu wydajności usługi Server. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod stanu.

 

Error: (09/29/2019 10:57:39 PM) (Source: PerfNet) (EventID: 2004) (User: )

Description: Nie można otworzyć obiektu wydajności usługi Server. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod stanu.

 

Error: (09/29/2019 10:55:38 PM) (Source: Perflib) (EventID: 1008) (User: )

Description: Nie powiodło się wykonanie procedury otwierania dla usługi „WmiApRpl” w bibliotece DLL „C:\WINDOWS\system32\wbem\wmiaprpl.dll”. Dane wydajności dla tej usługi nie będą dostępne. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod błędu.

 

Error: (09/29/2019 10:55:37 PM) (Source: Perflib) (EventID: 1010) (User: )

Description: Procedura zbierania danych dla usługi „C:\Windows\System32\winspool.drv” w bibliotece DLL „Spooler” wygenerowała wyjątek lub zwróciła nieprawidłowy stan. Dane o wydajności zwrócone przez bibliotekę DLL licznika nie będą zwracane w bloku danych Perf Data. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod wyjątku lub kod stanu.

 

Error: (09/29/2019 10:55:37 PM) (Source: PerfNet) (EventID: 2004) (User: )

Description: Nie można otworzyć obiektu wydajności usługi Server. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod stanu.

 

Error: (09/29/2019 10:55:36 PM) (Source: Perflib) (EventID: 1008) (User: )

Description: Nie powiodło się wykonanie procedury otwierania dla usługi „BITS” w bibliotece DLL „C:\Windows\System32\bitsperf.dll”. Dane wydajności dla tej usługi nie będą dostępne. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod błędu.

 

Error: (09/29/2019 12:02:54 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nazwa aplikacji powodującej błąd: svchost.exe_gpsvc, wersja: 10.0.17134.556, sygnatura czasowa: 0xf23cada5

Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.17134.799, sygnatura czasowa: 0x7f828745

Kod wyjątku: 0xc0000409

Przesunięcie błędu: 0x00000000000a1a58

Identyfikator procesu powodującego błąd: 0x4e4

Godzina uruchomienia aplikacji powodującej błąd: 0x01d576ad0f86a20a

Ścieżka aplikacji powodującej błąd: c:\windows\system32\svchost.exe

Ścieżka modułu powodującego błąd: C:\WINDOWS\SYSTEM32\ntdll.dll

Identyfikator raportu: 5fa01ef6-2ef9-4f95-be9b-9ba24f58aac0

Pełna nazwa pakietu powodującego błąd:

Identyfikator aplikacji względem pakietu powodującego błąd:

 

 

Dziennik System:

=============

Error: (09/29/2019 11:04:18 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-4BKG2L8)

Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi ShellHWDetection z argumentami Niedostępny w celu uruchomienia serwera:

{DD522ACC-F821-461A-A407-50B198B896DC}

 

Error: (09/29/2019 11:04:17 PM) (Source: DCOM) (EventID: 10005) (User: ZARZĄDZANIE NT)

Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi EventSystem z argumentami Niedostępny w celu uruchomienia serwera:

{1BE1F766-5536-11D1-B726-00C04FB926AF}

 

Error: (09/29/2019 11:04:17 PM) (Source: DCOM) (EventID: 10005) (User: ZARZĄDZANIE NT)

Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi wuauserv z argumentami Niedostępny w celu uruchomienia serwera:

{E60687F7-01A1-40AA-86AC-DB1CBF673334}

 

Error: (09/29/2019 11:04:17 PM) (Source: DCOM) (EventID: 10005) (User: ZARZĄDZANIE NT)

Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi wuauserv z argumentami Niedostępny w celu uruchomienia serwera:

{E60687F7-01A1-40AA-86AC-DB1CBF673334}

 

Error: (09/29/2019 11:02:54 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-4BKG2L8)

Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi ShellHWDetection z argumentami Niedostępny w celu uruchomienia serwera:

{DD522ACC-F821-461A-A407-50B198B896DC}

 

Error: (09/29/2019 11:01:56 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-4BKG2L8)

Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi ShellHWDetection z argumentami Niedostępny w celu uruchomienia serwera:

{DD522ACC-F821-461A-A407-50B198B896DC}

 

Error: (09/29/2019 11:01:12 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-4BKG2L8)

Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi BITS z argumentami Niedostępny w celu uruchomienia serwera:

{4991D34B-80A1-4291-83B6-3328366B9097}

 

Error: (09/29/2019 11:01:12 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-4BKG2L8)

Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi BITS z argumentami Niedostępny w celu uruchomienia serwera:

{4991D34B-80A1-4291-83B6-3328366B9097}

 

 

Windows Defender:

===================================

Date: 2019-09-23 12:57:06.236

Description:

Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem.

Identyfikator skanowania: {C67C603F-3FF6-4DF1-ABD7-E656E6F05223}

Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem

Parametry skanowania: Szybkie skanowanie

Użytkownik: ZARZĄDZANIE NT\SYSTEM

 

Date: 2019-09-23 11:37:45.306

Description:

Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem.

Identyfikator skanowania: {529E516E-F891-4833-9FDD-BA7D995B6A90}

Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem

Parametry skanowania: Szybkie skanowanie

Użytkownik: ZARZĄDZANIE NT\SYSTEM

 

Date: 2019-09-22 13:18:39.550

Description:

Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem.

Identyfikator skanowania: {C792A031-0ACD-4BE8-AB35-5CD02FAA47E5}

Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem

Parametry skanowania: Szybkie skanowanie

Użytkownik: ZARZĄDZANIE NT\SYSTEM

 

Date: 2019-09-21 19:23:14.367

Description:

Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem.

Identyfikator skanowania: {017C7EB8-03BD-46A8-A919-59220FD2FAE4}

Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem

Parametry skanowania: Szybkie skanowanie

Użytkownik: ZARZĄDZANIE NT\SYSTEM

 

Date: 2019-09-19 18:13:46.811

Description:

Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem.

Identyfikator skanowania: {3E6AAE58-A810-49F9-807C-BB60AE8CE8DF}

Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem

Parametry skanowania: Szybkie skanowanie

Użytkownik: ZARZĄDZANIE NT\SYSTEM

 

Date: 2019-09-29 23:04:17.808

Description:

Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby aktualizacji podpisów.

Nowa wersja podpisu:

Poprzednia wersja podpisu: 1.303.467.0

Źródło aktualizacji: Serwer usługi Microsoft Update

Typ podpisu: Oprogramowanie antywirusowe

Typ aktualizacji: Pełne

Użytkownik: ZARZĄDZANIE NT\SYSTEM

Bieżąca wersja aparatu:

Poprzednia wersja aparatu: 1.1.16400.2

Kod błędu: 0x8007043c

Opis błędu: Tej usługi nie można uruchomić w trybie awaryjnym

 

Date: 2019-09-29 22:54:09.908

Description:

Agent ochrony w czasie rzeczywistym produktu Program antywirusowy Windows Defender wykrył błąd i jego uruchomienie nie powiodło się.

Funkcja: Przy dostępie

Kod błędu: 0x8007043c

Opis błędu: Tej usługi nie można uruchomić w trybie awaryjnym

Przyczyna: Ochrona przed złośliwym kodem przestała działać z nieznanej przyczyny. W niektórych przypadkach problem można rozwiązać, uruchamiając ponownie usługę.

 

Date: 2019-09-29 11:52:13.980

Description:

Agent ochrony w czasie rzeczywistym produktu Program antywirusowy Windows Defender wykrył błąd i jego uruchomienie nie powiodło się.

Funkcja: Przy dostępie

Kod błędu: 0x8007043c

Opis błędu: Tej usługi nie można uruchomić w trybie awaryjnym

Przyczyna: Ochrona przed złośliwym kodem przestała działać z nieznanej przyczyny. W niektórych przypadkach problem można rozwiązać, uruchamiając ponownie usługę.

 

Date: 2019-09-24 13:45:30.902

Description:

Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby aktualizacji podpisów.

Nowa wersja podpisu:

Poprzednia wersja podpisu: 1.301.2122.0

Źródło aktualizacji: Serwer usługi Microsoft Update

Typ podpisu: Oprogramowanie antywirusowe

Typ aktualizacji: Pełne

Użytkownik: ZARZĄDZANIE NT\SYSTEM

Bieżąca wersja aparatu:

Poprzednia wersja aparatu: 1.1.16300.1

Kod błędu: 0x8007043c

Opis błędu: Tej usługi nie można uruchomić w trybie awaryjnym

 

Date: 2019-09-24 13:35:23.624

Description:

Agent ochrony w czasie rzeczywistym produktu Program antywirusowy Windows Defender wykrył błąd i jego uruchomienie nie powiodło się.

Funkcja: Przy dostępie

Kod błędu: 0x8007043c

Opis błędu: Tej usługi nie można uruchomić w trybie awaryjnym

Przyczyna: Ochrona przed złośliwym kodem przestała działać z nieznanej przyczyny. W niektórych przypadkach problem można rozwiązać, uruchamiając ponownie usługę.

 

CodeIntegrity:

===================================

 

Date: 2019-09-29 17:44:55.819

Description:

Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

 

Date: 2019-09-26 17:19:42.175

Description:

Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

 

Date: 2019-09-26 17:19:41.134

Description:

Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

 

Date: 2019-09-25 09:31:05.491

Description:

Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

 

Date: 2019-09-24 22:47:26.346

Description:

Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

 

Date: 2019-09-24 12:14:30.318

Description:

Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftPdfReader.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

 

Date: 2019-09-24 12:14:29.855

Description:

Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

 

Date: 2019-09-24 12:14:29.193

Description:

Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

 

==================== Statystyki pamięci ===========================

 

BIOS: American Megatrends Inc. 1302 04/25/2011

Motherboard: ASUSTeK Computer INC. P7H55-M

Procesor: Intel® Core i5 CPU 760 @ 2.80GHz

Procent pamięci w użyciu: 23%

Całkowita pamięć fizyczna: 8157.99 MB

Dostępna pamięć fizyczna: 6243.13 MB

Całkowita pamięć wirtualna: 8157.99 MB

Dostępna pamięć wirtualna: 6376.08 MB

 

==================== Dyski ================================

 

Drive c: () (Fixed) (Total:464.25 GB) (Free:219.19 GB) NTFS

 

\\?\Volume{16fd2a28-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS

\\?\Volume{16fd2a28-0000-0000-0000-a05474000000}\ () (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS

 

==================== MBR & Tablica partycji ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 16FD2A28)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=464.2 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=1000 MB) - (Type=0F Extended)

Partition 4: (Not Active) - (Size=449 MB) - (Type=27)

 

==================== Koniec Addition.txt ============================

Edytowane 29 Września 2019 przez Dominicz3k

[Gość]

Nie podałeś najważniejszego loga, FRST.txt. W powyższych nie widać nic szkodliwego. I uruchom tą weryfikację plików systemowych jak jeszcze tego nie robiłeś.

Edytowane 29 Września 2019 przez Gość

[Dominicz3k 0]

po zrobieniu skana sfc /scannow wyskoczyło mi to: Windows Resource Protection found corrupt files but was unable to fix some of them.

For online repairs, details are included in the CBS log file located at

windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline

repairs, details are included in the log file provided by the /OFFLOGFILE flag.

 

Log z FRST:

 

 

 

 

Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 29-09-2019

Uruchomiony przez domin (administrator) DESKTOP-4BKG2L8 (29-09-2019 22:59:41)

Uruchomiony z C:\Users\domin\Downloads

Załadowane profile: domin (Dostępne profile: defaultuser0 & domin)

Platform: Windows 10 Enterprise Wersja 1803 17134.1006 (X64) Język: Polski (Polska)

Domyślna przeglądarka: Chrome

Tryb startu: Safe Mode (with Networking)

Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

 

==================== Procesy (filtrowane) =================

 

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

 

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1908.7-0\MsMpEng.exe

(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe

 

==================== Rejestr (filtrowane) ===========================

 

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

 

HKLM\...\Run: [securityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)

HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1452056 2016-09-25] (Open Source Developer, Phillip Gibbons -> Highresolution Enterprises)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)

HKLM\...\RunOnce: [AvRepair] => "C:\Program Files\AVAST Software\Avast\setup\instup.exe" /instop:repair /wait

HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)

HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)

HKU\S-1-5-21-628336397-1476835057-3598675240-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd -> Piriform Ltd)

HKU\S-1-5-21-628336397-1476835057-3598675240-1001\...\Run: [spotify] => C:\Users\domin\AppData\Roaming\Spotify\Spotify.exe [25932192 2019-08-25] (Spotify AB -> Spotify Ltd)

HKU\S-1-5-21-628336397-1476835057-3598675240-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35940240 2019-09-15] (Epic Games Inc. -> Epic Games, Inc.)

HKU\S-1-5-21-628336397-1476835057-3598675240-1001\...\RunOnce: [Application Restart #0] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8793480 2017-09-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

HKU\S-1-5-21-628336397-1476835057-3598675240-1001\...\MountPoints2: {9a9922ea-8a63-11e8-9898-485b390345fa} - "D:\HiSuiteDownLoader.exe"

HKU\S-1-5-21-628336397-1476835057-3598675240-1001\...\MountPoints2: {9b2b2626-1943-11e8-9861-485b390345fa} - "D:\HiSuiteDownLoader.exe"

HKU\S-1-5-18\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd -> Piriform Ltd)

HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-09-25] (Google LLC -> Google LLC)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2019-08-21]

ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)

GroupPolicy: Ograniczenia ? <==== UWAGA

FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA

 

==================== Zaplanowane zadania (filtrowane) =============

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

 

Task: {00D1486A-E96C-478C-8475-B4C710F22BAA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MpCmdRun.exe [467880 2019-09-16] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {049F1E1C-5276-4029-B777-FF4CBBBE7AA1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MpCmdRun.exe [467880 2019-09-16] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {07EAC1CD-348E-4A06-8770-1DF583EABB89} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-06] (Piriform Software Ltd -> Piriform Software Ltd)

Task: {17640DFC-6540-4931-BDAC-924E11BFB12E} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-09-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

Task: {2200D5C5-FAC1-412B-853C-55B374E4A75F} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\avg\overseer\overseer.exe [1905072 2019-09-18] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)

Task: {4B7ACCD7-0526-4165-ACBA-8E2BBDE25B36} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MpCmdRun.exe [467880 2019-09-16] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {5B0D1A0D-A2B3-4984-832B-BEB5AEFDCFD0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-10] (Google Inc -> Google Inc.)

Task: {A283773C-6C0C-4B87-9BA4-ADB74C9F6DF9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MpCmdRun.exe [467880 2019-09-16] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {B7990F06-CC84-4CFE-9F1C-3A9AD3E50F8A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-10] (Google Inc -> Google Inc.)

Task: {DCCA0786-06F7-4652-AA1D-54C17A9B821C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13594584 2018-06-24] (Piriform Ltd -> Piriform Ltd)

 

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)

 

Task: C:\WINDOWS\Tasks\Avast Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

 

==================== Internet (filtrowane) ====================

 

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

 

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 80.51.181.1 8.8.8.8 192.168.1.1

Tcpip\..\Interfaces\{0eb943b4-6aed-11e7-980c-806e6f6e6963}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{20a59a3a-a6d5-47b2-b028-ad59a1df3b84}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{22f151ac-8462-4137-9051-1a086812386f}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{463521c1-1bfb-4716-b6df-c15dd142f1d0}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{463521c1-1bfb-4716-b6df-c15dd142f1d0}: [DhcpNameServer] 192.168.43.1

Tcpip\..\Interfaces\{5cf97689-8248-427d-8964-86e2e5d66aa0}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{5cf97689-8248-427d-8964-86e2e5d66aa0}: [DhcpNameServer] 8.8.8.8

Tcpip\..\Interfaces\{97b9a811-cd4c-4881-9308-5cfd127602a5}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{97b9a811-cd4c-4881-9308-5cfd127602a5}: [DhcpNameServer] 192.168.43.1

Tcpip\..\Interfaces\{9AECAA3D-85B3-4EF9-AF91-403C57781F8A}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{9e4d060e-8932-4497-bbb1-487828692023}: [DhcpNameServer] 172.18.11.1

Tcpip\..\Interfaces\{bd0fd6a1-1d7b-11e8-8893-806e6f6e6963}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{f733198c-239c-448b-95c6-0170a6b9bfb3}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{fd3f766e-dfbf-4988-96ee-2752ff685eaf}: [DhcpNameServer] 8.8.8.8 80.51.181.1 8.8.8.8 192.168.1.1

 

Internet Explorer:

==================

BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll [2019-04-26] (Oracle America, Inc. -> Oracle Corporation)

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-04-26] (Oracle America, Inc. -> Oracle Corporation)

 

FireFox:

========

FF Plugin: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-04-26] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-04-26] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2019-09-24] (bookingDesktopApp.) [brak podpisu cyfrowego]

FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2019-09-24] (bookingDesktopApp.) [brak podpisu cyfrowego]

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

 

Chrome:

=======

CHR HomePage: Default -> hxxps://www.google.com/

CHR StartupUrls: Default -> "hxxps://www.google.pl/"

CHR Profile: C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default [2019-09-29]

CHR Extension: (Just Black) - C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2019-04-11]

CHR Extension: (Video Downloader PLUS) - C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2019-09-14]

CHR Extension: (AdBlock) - C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-09-18]

CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]

CHR Extension: (Chrome Media Router) - C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-25]

CHR Profile: C:\Users\domin\AppData\Local\Google\Chrome\User Data\System Profile [2019-09-19]

 

Opera:

=======

OPR Extension: (Tampermonkey) - C:\Users\domin\AppData\Roaming\Opera Software\Opera Stable\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-08-04]

OPR Extension: (ScriptMonkey) - C:\Users\domin\AppData\Roaming\Opera Software\Opera Stable\Extensions\lblbnlfhhblmfconjalikamamlgoobbe [2018-08-04]

 

==================== Usługi (filtrowane) ====================

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

 

S2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [560544 2017-10-13] (Advanced Micro Devices, Inc. -> AMD)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-03-28] (BattlEye Innovations e.K. -> )

S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-09-24] (bookingDesktopApp.) [brak podpisu cyfrowego]

S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-09-24] (bookingDesktopApp.) [brak podpisu cyfrowego]

S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2019-05-21] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2347824 2019-09-04] (Electronic Arts, Inc. -> Electronic Arts)

S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3222320 2019-09-04] (Electronic Arts, Inc. -> Electronic Arts)

S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5075696 2019-08-13] (Microsoft Windows Publisher -> Microsoft Corporation)

S2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [139896 2019-04-11] (TunnelBear -> TunnelBear)

S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\NisSrv.exe [3630832 2019-09-16] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MsMpEng.exe [103168 2019-09-16] (Microsoft Windows Publisher -> Microsoft Corporation)

 

===================== Sterowniki (filtrowane) ======================

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

 

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

S3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmdag.sys [38774688 2017-10-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

S3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmpag.sys [549792 2017-10-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

S3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2017-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)

R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (Kaspersky Lab -> AO Kaspersky Lab)

S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-02-16] (AVB Disc Soft, SIA -> Disc Soft Ltd)

S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-02-16] (AVB Disc Soft, SIA -> Disc Soft Ltd)

S0 FACEIT; C:\WINDOWS\System32\Drivers\FACEIT.sys [16650824 2019-07-15] (FACE IT LIMITED -> )

R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554408 2016-10-01] (Kaspersky Lab -> AO Kaspersky Lab)

S0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [70880 2017-12-25] (Kaspersky Lab -> AO Kaspersky Lab)

S1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [120008 2018-03-11] (Kaspersky Lab -> AO Kaspersky Lab)

S2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-06-01] (Kaspersky Lab -> AO Kaspersky Lab)

S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29816 2016-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)

R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [207576 2018-03-11] (Kaspersky Lab -> AO Kaspersky Lab)

S1 KLHK; C:\WINDOWS\System32\drivers\klhk.sys [594144 2018-03-11] (Kaspersky Lab -> AO Kaspersky Lab)

S1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1055944 2018-03-11] (Kaspersky Lab -> AO Kaspersky Lab)

R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-10-12] (Kaspersky Lab -> AO Kaspersky Lab)

S3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [57056 2016-12-23] (Kaspersky Lab -> AO Kaspersky Lab)

S3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [58592 2016-12-07] (Kaspersky Lab -> AO Kaspersky Lab)

S1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50672 2017-12-25] (Kaspersky Lab -> AO Kaspersky Lab)

S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [44768 2017-01-20] (Kaspersky Lab -> AO Kaspersky Lab)

S4 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [93888 2018-03-11] (Kaspersky Lab -> AO Kaspersky Lab)

R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [135904 2017-12-25] (Kaspersky Lab -> AO Kaspersky Lab)

S1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-12-25] (Kaspersky Lab -> AO Kaspersky Lab)

R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )

S3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2224128 2018-04-12] (Microsoft Windows -> MediaTek Inc.)

R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [889584 2015-08-31] (Realtek Semiconductor Corp -> Realtek )

R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46776 2019-05-24] (SteelSeries ApS -> )

R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [47824 2019-05-24] (SteelSeries ApS -> SteelSeries ApS)

S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))

S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))

S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))

S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [57648 2015-12-08] (DEVGURU CO LTD -> QUALCOMM Incorporated)

S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)

S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))

S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)

S3 STTub30; C:\WINDOWS\System32\Drivers\STTub30.sys [54104 2017-12-15] (STMicroelectronics -> STMicroelectronics)

R3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2017-09-06] (TunnelBear, Inc. -> The OpenVPN Project)

S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)

S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-12] (Microsoft Windows -> Microsoft Corporation)

S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [45408 2018-11-22] (Voicemod Sociedad Limitada -> Windows ® Win 7 DDK provider)

S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-09-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [346336 2019-09-16] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-09-16] (Microsoft Windows -> Microsoft Corporation)

 

==================== NetSvcs (filtrowane) ===================

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

 

 

==================== Jeden miesiąc (utworzone) ========

 

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

 

2019-09-29 22:59 - 2019-09-29 23:01 - 000020509 _____ C:\Users\domin\Downloads\FRST.txt

2019-09-29 22:55 - 2019-09-29 22:56 - 001615360 _____ (Farbar) C:\Users\domin\Downloads\FRST64.exe

2019-09-29 22:11 - 2019-09-29 22:27 - 350515208 _____ C:\Users\domin\Downloads\EmsisoftEmergencyKit.exe

2019-09-29 11:52 - 2019-09-29 12:01 - 000000000 ____D C:\AdwCleaner

2019-09-29 11:35 - 2019-09-29 11:36 - 005659678 _____ (Swearware) C:\Users\domin\Downloads\ComboFix.exe

2019-09-29 11:35 - 2019-09-29 11:35 - 007622344 _____ (Malwarebytes) C:\Users\domin\Downloads\AdwCleaner.exe

2019-09-25 13:03 - 2019-09-29 22:50 - 000000068 __RSH C:\WINDOWS\system32\Drivers\winverbs.winsecurity

2019-09-24 21:43 - 2019-09-24 21:43 - 000077824 _____ ( ) C:\Users\domin\Downloads\guiformat.exe

2019-09-24 20:17 - 2019-09-24 20:17 - 000000000 ___HD C:\$SysReset

2019-09-24 19:27 - 2019-09-24 19:28 - 019256968 _____ (Microsoft Corporation) C:\Users\domin\Downloads\MediaCreationTool1903.exe

2019-09-24 14:08 - 2019-09-24 20:24 - 000000408 __RSH C:\ProgramData\ntuser.pol

2019-09-24 13:53 - 2019-09-24 22:19 - 000000000 ____D C:\ESD

2019-09-24 13:46 - 2019-09-24 13:46 - 000000000 ____D C:\Program Files (x86)\bookingDesktopApp

2019-09-24 13:40 - 2019-09-24 13:40 - 000000342 ____H C:\WINDOWS\Tasks\Avast Emergency Update.job

2019-09-24 13:38 - 2019-09-28 23:46 - 000000000 ____D C:\ProgramData\AVAST Software

2019-09-24 13:38 - 2019-09-24 13:38 - 001138744 _____ (Akeo Consulting) C:\Users\domin\Downloads\rufus-3.8.exe

2019-09-24 13:24 - 2019-09-24 13:24 - 002515160 _____ ( ) C:\Users\domin\Desktop\Rufus-41921-AsystentPobierania_1879116183.exe

2019-09-24 12:04 - 2019-09-24 12:07 - 000000000 ____D C:\Users\domin\Desktop\pendrive

2019-09-23 22:52 - 2019-09-24 09:04 - 000000000 ___RD C:\Users\domin\Desktop\filmy #2

2019-09-23 14:29 - 2019-09-23 22:53 - 000000000 ___RD C:\Users\domin\Desktop\filmy

2019-09-22 15:42 - 2019-09-22 15:43 - 019256968 _____ (Microsoft Corporation) C:\Users\domin\Desktop\MediaCreationTool1903.exe

2019-09-22 15:16 - 2019-09-22 15:16 - 000000000 ____D C:\Users\domin\Desktop\k

2019-09-21 18:46 - 2019-09-21 18:47 - 027908264 _____ (Audacity Team ) C:\Users\domin\Downloads\audacity-win-2.3.2.exe

2019-09-21 08:51 - 2019-09-22 15:07 - 000000000 ____D C:\Users\domin\Desktop\Nowy folder

2019-09-21 00:06 - 2019-09-29 22:53 - 002018296 _____ C:\WINDOWS\ntbtlog.txt

2019-09-21 00:06 - 2019-09-29 22:53 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job

2019-09-17 22:57 - 2019-09-17 23:00 - 000000000 ____D C:\Users\domin\Desktop\Wszystko z PS

2019-09-16 22:40 - 2019-09-16 22:43 - 088060112 _____ (TeamSpeak Systems GmbH) C:\Users\domin\Desktop\TeamSpeak3-Client-win64-3.3.2.exe

2019-09-15 13:10 - 2019-09-15 13:10 - 000000000 ____D C:\Users\domin\Documents\OpenIV

2019-09-15 12:54 - 2019-09-15 12:54 - 000001302 _____ C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\OpenIV.lnk

2019-09-15 12:54 - 2019-09-15 12:54 - 000000000 ____D C:\Users\domin\AppData\Local\New Technology Studio

2019-09-11 22:35 - 2019-09-18 17:37 - 000000000 ____D C:\Program Files (x86)\Origin

2019-09-11 22:35 - 2019-09-11 22:35 - 000001062 _____ C:\Users\Public\Desktop\Origin.lnk

2019-09-11 22:35 - 2019-09-11 22:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin

2019-09-11 22:29 - 2019-09-19 17:31 - 000000000 ____D C:\Users\domin\AppData\Roaming\Origin

2019-09-11 22:29 - 2019-09-12 15:48 - 000000000 ____D C:\Users\domin\AppData\Local\Origin

2019-09-11 18:20 - 2019-09-04 12:16 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe

2019-09-11 18:20 - 2019-09-04 12:16 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2019-09-11 18:20 - 2019-09-04 12:16 - 000810808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2019-09-11 18:20 - 2019-09-04 12:16 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2019-09-11 18:20 - 2019-09-04 12:16 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2019-09-11 18:20 - 2019-09-04 12:15 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2019-09-11 18:20 - 2019-09-04 12:15 - 000464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2019-09-11 18:20 - 2019-09-04 12:15 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe

2019-09-11 18:20 - 2019-09-04 12:15 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll

2019-09-11 18:20 - 2019-09-04 12:06 - 000581016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll

2019-09-11 18:20 - 2019-09-04 12:06 - 000541200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll

2019-09-11 18:20 - 2019-09-04 12:01 - 004527800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe

2019-09-11 18:20 - 2019-09-04 12:01 - 001516632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll

2019-09-11 18:20 - 2019-09-04 12:01 - 000790936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe

2019-09-11 18:20 - 2019-09-04 12:01 - 000396088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll

2019-09-11 18:20 - 2019-09-04 12:00 - 021399576 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2019-09-11 18:20 - 2019-09-04 12:00 - 001632112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll

2019-09-11 18:20 - 2019-09-04 12:00 - 001616840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll

2019-09-11 18:20 - 2019-09-04 11:46 - 012838400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2019-09-11 18:20 - 2019-09-04 11:45 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll

2019-09-11 18:20 - 2019-09-04 11:43 - 008627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll

2019-09-11 18:20 - 2019-09-04 11:41 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe

2019-09-11 18:20 - 2019-09-04 11:40 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2019-09-11 18:20 - 2019-09-04 11:40 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll

2019-09-11 18:20 - 2019-09-04 11:40 - 000957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll

2019-09-11 18:20 - 2019-09-04 11:40 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll

2019-09-11 18:20 - 2019-09-04 11:39 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe

2019-09-11 18:20 - 2019-09-04 10:52 - 001453624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll

2019-09-11 18:20 - 2019-09-04 10:50 - 001320344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll

2019-09-11 18:20 - 2019-09-04 10:48 - 020393120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2019-09-11 18:20 - 2019-09-04 10:38 - 012039680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2019-09-11 18:20 - 2019-09-04 10:38 - 007990784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll

2019-09-11 18:20 - 2019-09-04 10:33 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys

2019-09-11 18:20 - 2019-09-04 07:25 - 003180080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll

2019-09-11 18:20 - 2019-09-04 07:25 - 001613096 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll

2019-09-11 18:20 - 2019-09-04 07:24 - 002417744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll

2019-09-11 18:20 - 2019-09-04 07:24 - 000705336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys

2019-09-11 18:20 - 2019-09-04 07:19 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll

2019-09-11 18:20 - 2019-09-04 07:19 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll

2019-09-11 18:20 - 2019-09-04 07:19 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe

2019-09-11 18:20 - 2019-09-04 07:17 - 001213264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe

2019-09-11 18:20 - 2019-09-04 07:17 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe

2019-09-11 18:20 - 2019-09-04 07:15 - 005627280 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll

2019-09-11 18:20 - 2019-09-04 07:15 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe

2019-09-11 18:20 - 2019-09-04 07:15 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe

2019-09-11 18:20 - 2019-09-04 07:15 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe

2019-09-11 18:20 - 2019-09-04 07:15 - 000500744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys

2019-09-11 18:20 - 2019-09-04 07:15 - 000491208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll

2019-09-11 18:20 - 2019-09-04 07:14 - 007437592 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll

2019-09-11 18:20 - 2019-09-04 07:14 - 003290584 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll

2019-09-11 18:20 - 2019-09-04 07:14 - 002469920 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll

2019-09-11 18:20 - 2019-09-04 07:14 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll

2019-09-11 18:20 - 2019-09-04 07:14 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll

2019-09-11 18:20 - 2019-09-04 07:14 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll

2019-09-11 18:20 - 2019-09-04 07:14 - 000594032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe

2019-09-11 18:20 - 2019-09-04 07:13 - 009084424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2019-09-11 18:20 - 2019-09-04 07:13 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll

2019-09-11 18:20 - 2019-09-04 07:13 - 004405232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2019-09-11 18:20 - 2019-09-04 07:13 - 002773816 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2019-09-11 18:20 - 2019-09-04 07:13 - 002571848 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2019-09-11 18:20 - 2019-09-04 07:13 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll

2019-09-11 18:20 - 2019-09-04 07:13 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll

2019-09-11 18:20 - 2019-09-04 07:13 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll

2019-09-11 18:20 - 2019-09-04 07:13 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll

2019-09-11 18:20 - 2019-09-04 07:13 - 000335672 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll

2019-09-11 18:20 - 2019-09-04 07:13 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll

2019-09-11 18:20 - 2019-09-04 07:13 - 000129040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys

2019-09-11 18:20 - 2019-09-04 07:10 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll

2019-09-11 18:20 - 2019-09-04 07:03 - 006046096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll

2019-09-11 18:20 - 2019-09-04 07:03 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll

2019-09-11 18:20 - 2019-09-04 07:03 - 002331696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll

2019-09-11 18:20 - 2019-09-04 07:03 - 002261448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2019-09-11 18:20 - 2019-09-04 07:03 - 001993136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll

2019-09-11 18:20 - 2019-09-04 07:03 - 001980264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2019-09-11 18:20 - 2019-09-04 07:02 - 006568280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll

2019-09-11 18:20 - 2019-09-04 07:02 - 004790160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

2019-09-11 18:20 - 2019-09-04 06:55 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2019-09-11 18:20 - 2019-09-04 06:54 - 022017024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2019-09-11 18:20 - 2019-09-04 06:48 - 019385344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2019-09-11 18:20 - 2019-09-04 06:48 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll

2019-09-11 18:20 - 2019-09-04 06:46 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll

2019-09-11 18:20 - 2019-09-04 06:45 - 022734336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2019-09-11 18:20 - 2019-09-04 06:45 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll

2019-09-11 18:20 - 2019-09-04 06:45 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys

2019-09-11 18:20 - 2019-09-04 06:44 - 004388864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll

2019-09-11 18:20 - 2019-09-04 06:44 - 003687424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2019-09-11 18:20 - 2019-09-04 06:43 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll

2019-09-11 18:20 - 2019-09-04 06:43 - 004849664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2019-09-11 18:20 - 2019-09-04 06:43 - 003402240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2019-09-11 18:20 - 2019-09-04 06:43 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll

2019-09-11 18:20 - 2019-09-04 06:43 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll

2019-09-11 18:20 - 2019-09-04 06:43 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll

2019-09-11 18:20 - 2019-09-04 06:43 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll

2019-09-11 18:20 - 2019-09-04 06:42 - 007572992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2019-09-11 18:20 - 2019-09-04 06:42 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll

2019-09-11 18:20 - 2019-09-04 06:42 - 005769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2019-09-11 18:20 - 2019-09-04 06:42 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll

2019-09-11 18:20 - 2019-09-04 06:42 - 001765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2019-09-11 18:20 - 2019-09-04 06:42 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll

2019-09-11 18:20 - 2019-09-04 06:42 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll

2019-09-11 18:20 - 2019-09-04 06:41 - 002373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll

2019-09-11 18:20 - 2019-09-04 06:41 - 001634304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2019-09-11 18:20 - 2019-09-04 06:41 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2019-09-11 18:20 - 2019-09-04 06:40 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2019-09-11 18:20 - 2019-09-04 06:40 - 002602496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll

2019-09-11 18:20 - 2019-09-04 06:40 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll

2019-09-11 18:20 - 2019-09-04 06:40 - 002179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll

2019-09-11 18:20 - 2019-09-04 06:40 - 001808896 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2019-09-11 18:20 - 2019-09-04 06:40 - 001563648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll

2019-09-11 18:20 - 2019-09-04 06:40 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll

2019-09-11 18:20 - 2019-09-04 06:40 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll

2019-09-11 18:20 - 2019-09-04 06:39 - 003203072 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll

2019-09-11 18:20 - 2019-09-04 06:39 - 002166272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2019-09-11 18:20 - 2019-09-04 06:39 - 001920512 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll

2019-09-11 18:20 - 2019-09-04 06:39 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll

2019-09-11 18:20 - 2019-09-04 06:39 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll

2019-09-11 18:20 - 2019-09-04 06:39 - 000961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll

2019-09-11 18:20 - 2019-09-04 06:39 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll

2019-09-11 18:20 - 2019-09-04 06:39 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll

2019-09-11 18:20 - 2019-09-04 06:38 - 001398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll

2019-09-11 18:20 - 2019-09-04 06:38 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll

2019-09-11 18:20 - 2019-09-04 06:38 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll

2019-09-11 18:20 - 2019-09-04 06:38 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2019-09-11 18:20 - 2019-09-04 06:38 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll

2019-09-11 18:20 - 2019-08-16 00:55 - 000786072 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll

2019-09-11 18:20 - 2019-08-16 00:55 - 000604000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll

2019-09-11 18:20 - 2019-08-15 11:59 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll

2019-09-11 18:20 - 2019-08-13 20:20 - 003701184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2019-09-11 18:20 - 2019-08-13 20:06 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll

2019-09-11 18:20 - 2019-08-13 17:04 - 001651040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll

2019-09-11 18:20 - 2019-08-13 16:46 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll

2019-09-11 18:20 - 2019-08-13 16:45 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll

2019-09-11 18:20 - 2019-08-13 12:15 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll

2019-09-11 18:20 - 2019-08-13 12:14 - 004040008 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2019-09-11 18:20 - 2019-08-13 12:09 - 000771384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll

2019-09-11 18:20 - 2019-08-13 12:09 - 000571688 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe

2019-09-11 18:20 - 2019-08-13 11:51 - 004853248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll

2019-09-11 18:20 - 2019-08-13 11:51 - 000905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe

2019-09-11 18:20 - 2019-08-13 11:50 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll

2019-09-11 18:20 - 2019-08-13 11:47 - 001262080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll

2019-09-11 18:20 - 2019-08-13 11:46 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2019-09-11 18:20 - 2019-08-13 11:46 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2019-09-11 18:20 - 2019-08-13 06:46 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys

2019-09-11 18:20 - 2019-08-13 06:46 - 000510288 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll

2019-09-11 18:20 - 2019-08-13 06:45 - 002718736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2019-09-11 18:20 - 2019-08-13 06:45 - 000723216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll

2019-09-11 18:20 - 2019-08-13 06:45 - 000722960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll

2019-09-11 18:20 - 2019-08-13 06:44 - 002161288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll

2019-09-11 18:20 - 2019-08-13 06:17 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll

2019-09-11 18:20 - 2019-08-13 06:16 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll

2019-09-11 18:20 - 2019-08-13 06:16 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll

2019-09-11 18:20 - 2019-08-13 06:15 - 001626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll

2019-09-11 18:20 - 2019-08-13 06:14 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll

2019-09-11 18:20 - 2019-08-13 06:13 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll

2019-09-11 18:20 - 2019-08-13 06:12 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll

2019-09-11 18:20 - 2019-08-13 06:11 - 000737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll

2019-09-11 18:20 - 2019-08-13 06:11 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2019-09-11 18:20 - 2019-08-13 06:08 - 001221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll

2019-09-11 18:20 - 2019-08-13 06:08 - 000662016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll

2019-09-11 18:20 - 2019-08-13 04:51 - 000421376 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe

2019-09-11 18:20 - 2019-08-13 02:57 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll

2019-09-11 18:19 - 2019-09-04 12:06 - 000402016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll

2019-09-11 18:19 - 2019-09-04 11:45 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll

2019-09-11 18:19 - 2019-09-04 11:45 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll

2019-09-11 18:19 - 2019-09-04 11:44 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll

2019-09-11 18:19 - 2019-09-04 11:44 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys

2019-09-11 18:19 - 2019-09-04 11:44 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll

2019-09-11 18:19 - 2019-09-04 11:42 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll

2019-09-11 18:19 - 2019-09-04 10:52 - 000467400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll

2019-09-11 18:19 - 2019-09-04 10:51 - 000662328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe

2019-09-11 18:19 - 2019-09-04 10:51 - 000322360 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll

2019-09-11 18:19 - 2019-09-04 10:50 - 000356896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll

2019-09-11 18:19 - 2019-09-04 10:35 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll

2019-09-11 18:19 - 2019-09-04 07:24 - 001298960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll

2019-09-11 18:19 - 2019-09-04 07:15 - 000323904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll

2019-09-11 18:19 - 2019-09-04 07:14 - 000420984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xbgmengine.dll

2019-09-11 18:19 - 2019-09-04 07:14 - 000361752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll

2019-09-11 18:19 - 2019-09-04 07:13 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2019-09-11 18:19 - 2019-09-04 07:13 - 001260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2019-09-11 18:19 - 2019-09-04 07:13 - 001141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2019-09-11 18:19 - 2019-09-04 07:13 - 000983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe

2019-09-11 18:19 - 2019-09-04 07:13 - 000735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll

2019-09-11 18:19 - 2019-09-04 07:13 - 000692352 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll

2019-09-11 18:19 - 2019-09-04 07:13 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys

2019-09-11 18:19 - 2019-09-04 07:05 - 000550520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll

2019-09-11 18:19 - 2019-09-04 07:04 - 000286616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll

2019-09-11 18:19 - 2019-09-04 07:03 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll

2019-09-11 18:19 - 2019-09-04 07:03 - 000581264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll

2019-09-11 18:19 - 2019-09-04 07:03 - 000538192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll

2019-09-11 18:19 - 2019-09-04 07:02 - 001805872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll

2019-09-11 18:19 - 2019-09-04 07:02 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll

2019-09-11 18:19 - 2019-09-04 07:02 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll

2019-09-11 18:19 - 2019-09-04 06:46 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll

2019-09-11 18:19 - 2019-09-04 06:45 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll

2019-09-11 18:19 - 2019-09-04 06:45 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll

2019-09-11 18:19 - 2019-09-04 06:44 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll

2019-09-11 18:19 - 2019-09-04 06:43 - 000436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys

2019-09-11 18:19 - 2019-09-04 06:43 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll

2019-09-11 18:19 - 2019-09-04 06:43 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll

2019-09-11 18:19 - 2019-09-04 06:42 - 002929152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll

2019-09-11 18:19 - 2019-09-04 06:42 - 001862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll

2019-09-11 18:19 - 2019-09-04 06:42 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll

2019-09-11 18:19 - 2019-09-04 06:42 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll

2019-09-11 18:19 - 2019-09-04 06:42 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll

2019-09-11 18:19 - 2019-09-04 06:42 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll

2019-09-11 18:19 - 2019-09-04 06:42 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll

2019-09-11 18:19 - 2019-09-04 06:41 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll

2019-09-11 18:19 - 2019-09-04 06:41 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll

2019-09-11 18:19 - 2019-09-04 06:41 - 001347584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll

2019-09-11 18:19 - 2019-09-04 06:41 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll

2019-09-11 18:19 - 2019-09-04 06:40 - 001232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll

2019-09-11 18:19 - 2019-09-04 06:40 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll

2019-09-11 18:19 - 2019-09-04 06:40 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll

2019-09-11 18:19 - 2019-09-04 06:39 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll

2019-09-11 18:19 - 2019-09-04 06:39 - 000927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll

2019-09-11 18:19 - 2019-09-04 06:39 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll

2019-09-11 18:19 - 2019-09-04 06:39 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll

2019-09-11 18:19 - 2019-09-04 06:39 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2019-09-11 18:19 - 2019-09-04 06:39 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll

2019-09-11 18:19 - 2019-09-04 06:38 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll

2019-09-11 18:19 - 2019-09-04 05:22 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim

2019-09-11 18:19 - 2019-08-13 20:21 - 000665400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll

2019-09-11 18:19 - 2019-08-13 20:21 - 000221016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll

2019-09-11 18:19 - 2019-08-13 20:20 - 000106560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe

2019-09-11 18:19 - 2019-08-13 20:06 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2019-09-11 18:19 - 2019-08-13 20:06 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComputerDefaults.exe

2019-09-11 18:19 - 2019-08-13 20:05 - 002017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2019-09-11 18:19 - 2019-08-13 17:06 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll

2019-09-11 18:19 - 2019-08-13 17:04 - 001585304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll

2019-09-11 18:19 - 2019-08-13 16:44 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll

2019-09-11 18:19 - 2019-08-13 16:43 - 001295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll

2019-09-11 18:19 - 2019-08-13 16:43 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll

2019-09-11 18:19 - 2019-08-13 16:43 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll

2019-09-11 18:19 - 2019-08-13 16:42 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2019-09-11 18:19 - 2019-08-13 16:40 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll

2019-09-11 18:19 - 2019-08-13 16:39 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll

2019-09-11 18:19 - 2019-08-13 12:08 - 000117240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe

2019-09-11 18:19 - 2019-08-13 11:49 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe

2019-09-11 18:19 - 2019-08-13 11:49 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe

2019-09-11 18:19 - 2019-08-13 08:37 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll

2019-09-11 18:19 - 2019-08-13 06:54 - 000790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll

2019-09-11 18:19 - 2019-08-13 06:46 - 000194360 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll

2019-09-11 18:19 - 2019-08-13 06:44 - 001793472 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll

2019-09-11 18:19 - 2019-08-13 06:13 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll

2019-09-11 18:19 - 2019-08-13 06:12 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll

2019-09-11 18:19 - 2019-08-13 06:12 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll

2019-09-11 18:19 - 2019-08-13 06:12 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll

2019-09-11 18:19 - 2019-08-13 06:12 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll

2019-09-11 18:19 - 2019-08-13 06:11 - 000302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll

2019-09-11 18:19 - 2019-08-13 06:08 - 000320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2019-09-11 18:19 - 2019-08-13 04:49 - 000806328 _____ C:\WINDOWS\SysWOW64\locale.nls

2019-09-11 18:19 - 2019-08-13 04:49 - 000806328 _____ C:\WINDOWS\system32\locale.nls

2019-09-11 18:19 - 2019-08-13 02:57 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll

2019-09-11 18:19 - 2019-08-13 02:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll

2019-09-11 18:19 - 2019-08-13 02:57 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll

2019-09-08 14:04 - 2019-09-08 14:04 - 000000100 _____ C:\Users\domin\Documents\Zapisy TinyTask.rec

2019-09-08 13:37 - 2019-09-08 13:37 - 000036352 _____ () C:\Users\domin\Desktop\TinyTask.exe

2019-09-07 20:13 - 2019-09-07 20:13 - 000057344 _____ C:\Users\domin\Desktop\Clicker.exe

2019-09-07 20:11 - 2019-09-07 20:11 - 000000000 ____D C:\Users\domin\AppData\Roaming\Highresolution Enterprises

2019-09-07 20:11 - 2019-09-07 20:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Highresolution Enterprises

2019-09-07 20:11 - 2019-09-07 20:11 - 000000000 ____D C:\Program Files\Highresolution Enterprises

2019-09-06 23:50 - 2019-06-29 06:07 - 000002032 _____ C:\Users\domin\Desktop\Electrum.lnk

2019-08-31 20:49 - 2019-03-28 11:11 - 000029232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll

2019-08-31 20:49 - 2019-03-28 11:11 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll

2019-08-31 20:49 - 2019-03-28 11:09 - 000032816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll

2019-08-31 20:49 - 2019-03-28 11:09 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll

2019-08-31 20:49 - 2019-03-28 08:35 - 000772176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_clr0400.dll

2019-08-31 20:49 - 2019-03-28 08:35 - 000702400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase_clr0400.dll

2019-08-31 20:49 - 2019-03-28 08:35 - 000622832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_clr0400.dll

2019-08-31 20:49 - 2019-03-28 08:35 - 000433448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140_clr0400.dll

2019-08-31 20:49 - 2019-03-28 08:35 - 000087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140_clr0400.dll

2019-08-31 20:49 - 2019-03-28 08:35 - 000083768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140_clr0400.dll

 

==================== Jeden miesiąc (zmodyfikowane) ========

 

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

 

2019-09-29 23:00 - 2018-06-29 14:11 - 000000000 ____D C:\FRST

2019-09-29 22:50 - 2018-07-12 20:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2019-09-29 22:50 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI

2019-09-29 22:50 - 2017-07-17 13:49 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin

2019-09-29 22:47 - 2018-08-16 23:08 - 000000068 __RSH C:\WINDOWS\system32\Drivers\winhv.winsecurity

2019-09-29 21:53 - 2017-07-31 13:26 - 000000000 ____D C:\Users\domin\AppData\Roaming\.minecraft

2019-09-29 19:54 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2019-09-29 19:12 - 2018-07-12 20:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2019-09-29 17:35 - 2018-07-12 20:56 - 000004224 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{DF88AB34-9852-465D-90FC-1A87ACB200DE}

2019-09-29 12:03 - 2019-05-25 23:08 - 000000000 ____D C:\Program Files (x86)\TunnelBear

2019-09-29 11:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness

2019-09-28 23:38 - 2018-06-29 14:15 - 000000000 ____D C:\ProgramData\Malwarebytes

2019-09-28 23:37 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP

2019-09-28 21:40 - 2018-07-23 22:52 - 000000000 ____D C:\Users\domin\AppData\Roaming\discord

2019-09-28 20:44 - 2018-07-12 20:56 - 000003496 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA

2019-09-28 20:44 - 2018-07-12 20:56 - 000003272 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

2019-09-28 20:44 - 2018-07-12 20:56 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update

2019-09-28 20:44 - 2018-07-12 20:56 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-628336397-1476835057-3598675240-1001

2019-09-28 20:44 - 2018-07-12 20:56 - 000002856 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-628336397-1476835057-3598675240-1002

2019-09-28 20:44 - 2018-07-12 20:56 - 000002218 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC

2019-09-28 20:44 - 2018-07-12 20:56 - 000002146 _____ C:\WINDOWS\system32\Tasks\StartCN

2019-09-27 18:07 - 2018-07-12 20:34 - 000002407 _____ C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2019-09-27 18:07 - 2017-07-17 05:17 - 000000000 ___RD C:\Users\domin\OneDrive

2019-09-25 22:26 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps

2019-09-25 14:20 - 2017-09-10 11:34 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2019-09-24 22:18 - 2018-08-14 21:40 - 000000000 ____D C:\WINDOWS\Panther

2019-09-24 22:18 - 2018-07-12 20:55 - 000037932 _____ C:\WINDOWS\diagwrn.xml

2019-09-24 22:18 - 2018-07-12 20:55 - 000022863 _____ C:\WINDOWS\diagerr.xml

2019-09-24 21:53 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp

2019-09-24 21:52 - 2018-09-15 16:37 - 000000000 ____D C:\Users\domin\AppData\Local\CrashDumps

2019-09-24 20:55 - 2018-07-12 20:34 - 000000000 ____D C:\Users\domin

2019-09-24 13:41 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy

2019-09-24 13:41 - 2017-07-17 05:02 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy

2019-09-23 14:48 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF

2019-09-23 14:26 - 2019-05-19 14:13 - 000000000 ____D C:\Users\domin\Desktop\zdjecia

2019-09-22 13:55 - 2018-01-28 01:32 - 000000000 ____D C:\Users\domin\AppData\LocalLow\Mozilla

2019-09-20 23:49 - 2017-08-02 18:51 - 000000000 ____D C:\Users\domin\AppData\Roaming\steelseries-engine-3-client

2019-09-19 20:27 - 2019-07-12 16:19 - 008547636 _____ (cfx-collective) C:\Users\domin\Desktop\FiveM.exe

2019-09-19 17:31 - 2018-06-16 14:39 - 000000000 ____D C:\ProgramData\Origin

2019-09-17 23:44 - 2018-04-01 13:03 - 000000000 ____D C:\Users\domin\AppData\Local\PlaceholderTileLogoFolder

2019-09-17 23:32 - 2018-03-01 20:17 - 000000000 ____D C:\Users\domin\AppData\Local\Packages

2019-09-16 22:39 - 2017-07-31 00:11 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client

2019-09-16 22:24 - 2017-07-31 00:14 - 000000000 ____D C:\Users\domin\AppData\Roaming\TS3Client

2019-09-16 22:24 - 2017-07-17 12:11 - 000000000 ____D C:\Program Files (x86)\Steam

2019-09-16 22:09 - 2018-03-02 22:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

2019-09-16 14:11 - 2017-12-26 00:09 - 000000000 ____D C:\Users\domin\AppData\Local\Spotify

2019-09-16 14:05 - 2017-12-26 00:06 - 000000000 ____D C:\Users\domin\AppData\Roaming\Spotify

2019-09-15 13:01 - 2017-11-05 16:45 - 000000000 ____D C:\Users\domin\Documents\Rockstar Games

2019-09-13 15:05 - 2018-03-25 13:22 - 000000000 ____D C:\Users\domin\AppData\Roaming\EasyAntiCheat

2019-09-13 02:51 - 2017-07-17 13:49 - 000000000 ____D C:\ProgramData\Package Cache

2019-09-11 21:03 - 2018-07-12 20:46 - 001763504 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2019-09-11 21:03 - 2018-04-12 17:54 - 000782334 _____ C:\WINDOWS\system32\perfh015.dat

2019-09-11 21:03 - 2018-04-12 17:54 - 000151496 _____ C:\WINDOWS\system32\perfc015.dat

2019-09-11 20:58 - 2018-03-01 20:39 - 000000000 ___RD C:\Users\domin\3D Objects

2019-09-11 20:58 - 2017-07-17 05:15 - 000000000 __RHD C:\Users\Public\AccountPictures

2019-09-11 20:56 - 2018-07-12 20:29 - 000299408 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2019-09-11 18:38 - 2018-04-12 17:56 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection

2019-09-11 18:38 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs

2019-09-11 18:38 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel

2019-09-11 18:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput

2019-09-11 18:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism

2019-09-11 18:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe

2019-09-11 18:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences

2019-09-11 18:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellComponents

2019-09-11 18:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions

2019-09-11 18:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr

2019-09-11 18:38 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism

2019-09-08 17:47 - 2018-08-11 15:41 - 000000000 ____D C:\Users\domin\AppData\Roaming\Electrum

2019-09-08 10:23 - 2017-07-31 09:56 - 000000000 ____D C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2019-09-08 10:22 - 2019-04-29 16:55 - 000000000 ____D C:\Users\domin\AppData\Roaming\DVDVideoSoft

2019-09-08 10:22 - 2017-07-17 13:40 - 000000000 ____D C:\Fraps

2019-09-08 10:13 - 2019-06-29 13:32 - 000000000 ____D C:\Users\domin\AppData\Local\cache

2019-09-01 05:57 - 2018-11-15 16:01 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2019-09-01 05:57 - 2018-11-15 16:01 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2019-08-31 13:33 - 2019-07-12 17:07 - 000000000 ____D C:\Users\domin\AppData\Local\DigitalEntitlements

2019-08-30 10:35 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF

 

==================== Pliki w katalogu głównym wybranych folderów ================

 

2019-05-24 10:11 - 2019-05-24 10:11 - 000007676 _____ () C:\Users\domin\AppData\Local\recently-used.xbel

2019-02-16 17:50 - 2019-02-16 17:50 - 000007603 _____ () C:\Users\domin\AppData\Local\Resmon.ResmonCfg

 

==================== SigCheck ===============================

 

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

 

==================== Koniec FRST.txt ============================

[Gość]

Nie pobieraj plików za pomocą asystenta pobierania "dobrych programów".

Widać pełno pozostałości po Kasperskim oraz Avaście i coś mogą bruździć w trybie normalnym systemu.

 

1. Zastosuj firmowy deinstalator od Kasperskiego Mój link, oczywiście z poziomu trybu awaryjnego systemu.

 

2. W trybie awaryjnym systemu uruchom FRST a następnie (poprzez skrót klawiszowy CTRL + Y) otwórz notatnik systemowy. Wklej w nim poniższą zawartość:

 

CloseProcesses:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
FirewallRules: [TCP Query User{779EC021-7BDF-443E-924B-79A04D9A1FBB}C:\program files (x86)\origin games\apex\r5apex.exe] => (Block) C:\program files (x86)\origin games\apex\r5apex.exe Brak pliku
FirewallRules: [uDP Query User{E18659CF-6A63-4035-80D3-CBA5F8B2DD60}C:\program files (x86)\origin games\apex\r5apex.exe] => (Block) C:\program files (x86)\origin games\apex\r5apex.exe Brak pliku
HKU\S-1-5-21-628336397-1476835057-3598675240-1001\...\StartupApproved\Run: => "Gyazo"
HKLM\...\RunOnce: [AvRepair] => "C:\Program Files\AVAST Software\Avast\setup\instup.exe" /instop:repair /wait
HKU\S-1-5-21-628336397-1476835057-3598675240-1001\...\MountPoints2: {9a9922ea-8a63-11e8-9898-485b390345fa} - "D:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-628336397-1476835057-3598675240-1001\...\MountPoints2: {9b2b2626-1943-11e8-9861-485b390345fa} - "D:\HiSuiteDownLoader.exe" 
GroupPolicy: Ograniczenia ? <==== UWAGA
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA
Task: {2200D5C5-FAC1-412B-853C-55B374E4A75F} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\avg\overseer\overseer.exe [1905072 2019-09-18] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: C:\WINDOWS\Tasks\Avast Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
2019-09-24 13:38 - 2019-09-28 23:46 - 000000000 ____D C:\ProgramData\AVAST Software
2019-09-24 13:24 - 2019-09-24 13:24 - 002515160 _____ ( ) C:\Users\domin\Desktop\Rufus-41921-AsystentPobierania_1879116183.exe
EmptyTemp:

Poprzez skrót klawiszowy CTRL + S (albo przez Plik -> Zapisz) zapisz zmiany w notatniku a następnie w FRST kliknij na Napraw. Na zakończenie naprawy FRST poprosi o restart systemu.

 

Po tych czynnościach sprawdź jak wygląda sytuacja z systemem w trybie normalnym.

Jeśli nadal będzie problem, zrób i podaj nowy log z FRST (tylko FRST.txt). Usuniemy pozostałości po Kasperskim (głównie sterowniki) za pomocą FRST. Po usunięciu pozostałości po antywirusach, system powinien odzyskać "sprawność" w trybie normalnym bo infekcji jako takiej nie widać.

Edytowane 29 Września 2019 przez Gość

[Dominicz3k 0]

System nadal nie działał a to jest Log FRST.txt po wskazówkach:

 

 

 

 

Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 29-09-2019

Uruchomiony przez domin (administrator) DESKTOP-4BKG2L8 (30-09-2019 15:46:30)

Uruchomiony z C:\Users\domin\Desktop\FRST

Załadowane profile: domin (Dostępne profile: defaultuser0 & domin)

Platform: Windows 10 Enterprise Wersja 1803 17134.1006 (X64) Język: Polski (Polska)

Domyślna przeglądarka: Chrome

Tryb startu: Safe Mode (with Networking)

Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

 

==================== Procesy (filtrowane) =================

 

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

 

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1908.7-0\MsMpEng.exe

(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe

 

==================== Rejestr (filtrowane) ===========================

 

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

 

HKLM\...\Run: [securityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)

HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1452056 2016-09-25] (Open Source Developer, Phillip Gibbons -> Highresolution Enterprises)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)

HKLM-x32\...\RunOnce: [unKIS] => wscript.exe //b C:\Users\domin\AppData\Local\Temp\UnKIS.vbs <==== UWAGA

HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)

HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)

HKU\S-1-5-21-628336397-1476835057-3598675240-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd -> Piriform Ltd)

HKU\S-1-5-21-628336397-1476835057-3598675240-1001\...\Run: [spotify] => C:\Users\domin\AppData\Roaming\Spotify\Spotify.exe [25932192 2019-08-25] (Spotify AB -> Spotify Ltd)

HKU\S-1-5-21-628336397-1476835057-3598675240-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35940240 2019-09-15] (Epic Games Inc. -> Epic Games, Inc.)

HKU\S-1-5-21-628336397-1476835057-3598675240-1001\...\RunOnce: [Application Restart #0] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8793480 2017-09-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

HKU\S-1-5-21-628336397-1476835057-3598675240-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1694704 2019-09-18] (Google LLC -> Google LLC)

HKU\S-1-5-18\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd -> Piriform Ltd)

HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-09-25] (Google LLC -> Google LLC)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2019-08-21]

ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)

 

==================== Zaplanowane zadania (filtrowane) =============

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

 

Task: {00D1486A-E96C-478C-8475-B4C710F22BAA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MpCmdRun.exe [467880 2019-09-16] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {049F1E1C-5276-4029-B777-FF4CBBBE7AA1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MpCmdRun.exe [467880 2019-09-16] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {07EAC1CD-348E-4A06-8770-1DF583EABB89} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-06] (Piriform Software Ltd -> Piriform Software Ltd)

Task: {17640DFC-6540-4931-BDAC-924E11BFB12E} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-09-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

Task: {4B7ACCD7-0526-4165-ACBA-8E2BBDE25B36} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MpCmdRun.exe [467880 2019-09-16] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {5B0D1A0D-A2B3-4984-832B-BEB5AEFDCFD0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-10] (Google Inc -> Google Inc.)

Task: {A283773C-6C0C-4B87-9BA4-ADB74C9F6DF9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MpCmdRun.exe [467880 2019-09-16] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {B7990F06-CC84-4CFE-9F1C-3A9AD3E50F8A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-10] (Google Inc -> Google Inc.)

Task: {DCCA0786-06F7-4652-AA1D-54C17A9B821C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13594584 2018-06-24] (Piriform Ltd -> Piriform Ltd)

 

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)

 

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

 

==================== Internet (filtrowane) ====================

 

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

 

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 80.51.181.1 8.8.8.8 192.168.1.1

Tcpip\..\Interfaces\{0eb943b4-6aed-11e7-980c-806e6f6e6963}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{20a59a3a-a6d5-47b2-b028-ad59a1df3b84}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{22f151ac-8462-4137-9051-1a086812386f}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{463521c1-1bfb-4716-b6df-c15dd142f1d0}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{463521c1-1bfb-4716-b6df-c15dd142f1d0}: [DhcpNameServer] 192.168.43.1

Tcpip\..\Interfaces\{5cf97689-8248-427d-8964-86e2e5d66aa0}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{5cf97689-8248-427d-8964-86e2e5d66aa0}: [DhcpNameServer] 8.8.8.8

Tcpip\..\Interfaces\{97b9a811-cd4c-4881-9308-5cfd127602a5}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{97b9a811-cd4c-4881-9308-5cfd127602a5}: [DhcpNameServer] 192.168.43.1

Tcpip\..\Interfaces\{9AECAA3D-85B3-4EF9-AF91-403C57781F8A}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{9e4d060e-8932-4497-bbb1-487828692023}: [DhcpNameServer] 172.18.11.1

Tcpip\..\Interfaces\{bd0fd6a1-1d7b-11e8-8893-806e6f6e6963}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{f733198c-239c-448b-95c6-0170a6b9bfb3}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{fd3f766e-dfbf-4988-96ee-2752ff685eaf}: [DhcpNameServer] 8.8.8.8 80.51.181.1 8.8.8.8 192.168.1.1

 

Internet Explorer:

==================

BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll [2019-04-26] (Oracle America, Inc. -> Oracle Corporation)

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-04-26] (Oracle America, Inc. -> Oracle Corporation)

 

FireFox:

========

FF Plugin: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-04-26] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-04-26] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2019-09-24] (bookingDesktopApp.) [brak podpisu cyfrowego]

FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2019-09-24] (bookingDesktopApp.) [brak podpisu cyfrowego]

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

 

Chrome:

=======

CHR HomePage: Default -> hxxps://www.google.com/

CHR StartupUrls: Default -> "hxxps://www.google.pl/"

CHR Profile: C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default [2019-09-30]

CHR Extension: (Just Black) - C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2019-04-11]

CHR Extension: (Video Downloader PLUS) - C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2019-09-14]

CHR Extension: (AdBlock) - C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-09-18]

CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]

CHR Extension: (Chrome Media Router) - C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-25]

CHR Profile: C:\Users\domin\AppData\Local\Google\Chrome\User Data\System Profile [2019-09-19]

 

Opera:

=======

OPR Extension: (Tampermonkey) - C:\Users\domin\AppData\Roaming\Opera Software\Opera Stable\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-08-04]

OPR Extension: (ScriptMonkey) - C:\Users\domin\AppData\Roaming\Opera Software\Opera Stable\Extensions\lblbnlfhhblmfconjalikamamlgoobbe [2018-08-04]

 

==================== Usługi (filtrowane) ====================

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

 

S2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [560544 2017-10-13] (Advanced Micro Devices, Inc. -> AMD)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-03-28] (BattlEye Innovations e.K. -> )

S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-09-24] (bookingDesktopApp.) [brak podpisu cyfrowego]

S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-09-24] (bookingDesktopApp.) [brak podpisu cyfrowego]

S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2019-05-21] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2347824 2019-09-04] (Electronic Arts, Inc. -> Electronic Arts)

S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3222320 2019-09-04] (Electronic Arts, Inc. -> Electronic Arts)

S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5075696 2019-08-13] (Microsoft Windows Publisher -> Microsoft Corporation)

S2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [139896 2019-04-11] (TunnelBear -> TunnelBear)

S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\NisSrv.exe [3630832 2019-09-16] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MsMpEng.exe [103168 2019-09-16] (Microsoft Windows Publisher -> Microsoft Corporation)

 

===================== Sterowniki (filtrowane) ======================

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

 

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

S3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmdag.sys [38774688 2017-10-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

S3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmpag.sys [549792 2017-10-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

S3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2017-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)

S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-02-16] (AVB Disc Soft, SIA -> Disc Soft Ltd)

S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-02-16] (AVB Disc Soft, SIA -> Disc Soft Ltd)

S0 FACEIT; C:\WINDOWS\System32\Drivers\FACEIT.sys [16650824 2019-07-15] (FACE IT LIMITED -> )

R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )

S3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2224128 2018-04-12] (Microsoft Windows -> MediaTek Inc.)

R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [889584 2015-08-31] (Realtek Semiconductor Corp -> Realtek )

R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46776 2019-05-24] (SteelSeries ApS -> )

R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [47824 2019-05-24] (SteelSeries ApS -> SteelSeries ApS)

S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))

S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))

S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))

S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [57648 2015-12-08] (DEVGURU CO LTD -> QUALCOMM Incorporated)

S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)

S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))

S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)

S3 STTub30; C:\WINDOWS\System32\Drivers\STTub30.sys [54104 2017-12-15] (STMicroelectronics -> STMicroelectronics)

R3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2017-09-06] (TunnelBear, Inc. -> The OpenVPN Project)

S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)

S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-12] (Microsoft Windows -> Microsoft Corporation)

S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [45408 2018-11-22] (Voicemod Sociedad Limitada -> Windows ® Win 7 DDK provider)

S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-09-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [346336 2019-09-16] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-09-16] (Microsoft Windows -> Microsoft Corporation)

 

==================== NetSvcs (filtrowane) ===================

 

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

 

 

==================== Jeden miesiąc (utworzone) ========

 

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

 

2019-09-30 15:43 - 2019-09-30 15:44 - 000000000 ____D C:\Users\domin\Desktop\FRST #2

2019-09-30 15:42 - 2019-09-30 15:42 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job

2019-09-30 15:30 - 2019-09-30 15:46 - 000000000 ____D C:\Users\domin\Desktop\FRST

2019-09-30 14:33 - 2019-09-30 15:12 - 000000000 ___HD C:\kleaner.tmp

2019-09-29 22:11 - 2019-09-29 22:27 - 350515208 _____ C:\Users\domin\Downloads\EmsisoftEmergencyKit.exe

2019-09-29 11:52 - 2019-09-29 12:01 - 000000000 ____D C:\AdwCleaner

2019-09-29 11:35 - 2019-09-29 11:36 - 005659678 _____ (Swearware) C:\Users\domin\Downloads\ComboFix.exe

2019-09-29 11:35 - 2019-09-29 11:35 - 007622344 _____ (Malwarebytes) C:\Users\domin\Downloads\AdwCleaner.exe

2019-09-25 13:03 - 2019-09-30 15:40 - 000000068 __RSH C:\WINDOWS\system32\Drivers\winverbs.winsecurity

2019-09-24 21:43 - 2019-09-24 21:43 - 000077824 _____ ( ) C:\Users\domin\Downloads\guiformat.exe

2019-09-24 20:17 - 2019-09-24 20:17 - 000000000 ___HD C:\$SysReset

2019-09-24 19:27 - 2019-09-24 19:28 - 019256968 _____ (Microsoft Corporation) C:\Users\domin\Downloads\MediaCreationTool1903.exe

2019-09-24 14:08 - 2019-09-30 15:32 - 000000008 __RSH C:\ProgramData\ntuser.pol

2019-09-24 13:53 - 2019-09-24 22:19 - 000000000 ____D C:\ESD

2019-09-24 13:46 - 2019-09-24 13:46 - 000000000 ____D C:\Program Files (x86)\bookingDesktopApp

2019-09-24 13:38 - 2019-09-24 13:38 - 001138744 _____ (Akeo Consulting) C:\Users\domin\Downloads\rufus-3.8.exe

2019-09-24 13:24 - 2019-09-24 13:24 - 002515160 _____ ( ) C:\Users\domin\Desktop\Rufus-41921-AsystentPobierania_1879116183.exe

2019-09-24 12:04 - 2019-09-24 12:07 - 000000000 ____D C:\Users\domin\Desktop\pendrive

2019-09-23 22:52 - 2019-09-24 09:04 - 000000000 ___RD C:\Users\domin\Desktop\filmy #2

2019-09-23 14:29 - 2019-09-23 22:53 - 000000000 ___RD C:\Users\domin\Desktop\filmy

2019-09-22 15:42 - 2019-09-22 15:43 - 019256968 _____ (Microsoft Corporation) C:\Users\domin\Desktop\MediaCreationTool1903.exe

2019-09-22 15:16 - 2019-09-22 15:16 - 000000000 ____D C:\Users\domin\Desktop\k

2019-09-21 18:46 - 2019-09-21 18:47 - 027908264 _____ (Audacity Team ) C:\Users\domin\Downloads\audacity-win-2.3.2.exe

2019-09-21 08:51 - 2019-09-22 15:07 - 000000000 ____D C:\Users\domin\Desktop\Nowy folder

2019-09-21 00:06 - 2019-09-30 15:42 - 002707878 _____ C:\WINDOWS\ntbtlog.txt

2019-09-17 22:57 - 2019-09-17 23:00 - 000000000 ____D C:\Users\domin\Desktop\Wszystko z PS

2019-09-16 22:40 - 2019-09-16 22:43 - 088060112 _____ (TeamSpeak Systems GmbH) C:\Users\domin\Desktop\TeamSpeak3-Client-win64-3.3.2.exe

2019-09-15 13:10 - 2019-09-15 13:10 - 000000000 ____D C:\Users\domin\Documents\OpenIV

2019-09-15 12:54 - 2019-09-15 12:54 - 000001302 _____ C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\OpenIV.lnk

2019-09-15 12:54 - 2019-09-15 12:54 - 000000000 ____D C:\Users\domin\AppData\Local\New Technology Studio

2019-09-11 22:35 - 2019-09-18 17:37 - 000000000 ____D C:\Program Files (x86)\Origin

2019-09-11 22:35 - 2019-09-11 22:35 - 000001062 _____ C:\Users\Public\Desktop\Origin.lnk

2019-09-11 22:35 - 2019-09-11 22:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin

2019-09-11 22:29 - 2019-09-19 17:31 - 000000000 ____D C:\Users\domin\AppData\Roaming\Origin

2019-09-11 22:29 - 2019-09-12 15:48 - 000000000 ____D C:\Users\domin\AppData\Local\Origin

2019-09-11 18:20 - 2019-09-04 12:16 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe

2019-09-11 18:20 - 2019-09-04 12:16 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2019-09-11 18:20 - 2019-09-04 12:16 - 000810808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2019-09-11 18:20 - 2019-09-04 12:16 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2019-09-11 18:20 - 2019-09-04 12:16 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2019-09-11 18:20 - 2019-09-04 12:15 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2019-09-11 18:20 - 2019-09-04 12:15 - 000464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2019-09-11 18:20 - 2019-09-04 12:15 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe

2019-09-11 18:20 - 2019-09-04 12:15 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll

2019-09-11 18:20 - 2019-09-04 12:06 - 000581016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll

2019-09-11 18:20 - 2019-09-04 12:06 - 000541200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll

2019-09-11 18:20 - 2019-09-04 12:01 - 004527800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe

2019-09-11 18:20 - 2019-09-04 12:01 - 001516632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll

2019-09-11 18:20 - 2019-09-04 12:01 - 000790936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe

2019-09-11 18:20 - 2019-09-04 12:01 - 000396088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll

2019-09-11 18:20 - 2019-09-04 12:00 - 021399576 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2019-09-11 18:20 - 2019-09-04 12:00 - 001632112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll

2019-09-11 18:20 - 2019-09-04 12:00 - 001616840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll

2019-09-11 18:20 - 2019-09-04 11:46 - 012838400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2019-09-11 18:20 - 2019-09-04 11:45 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll

2019-09-11 18:20 - 2019-09-04 11:43 - 008627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll

2019-09-11 18:20 - 2019-09-04 11:41 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe

2019-09-11 18:20 - 2019-09-04 11:40 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2019-09-11 18:20 - 2019-09-04 11:40 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll

2019-09-11 18:20 - 2019-09-04 11:40 - 000957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll

2019-09-11 18:20 - 2019-09-04 11:40 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll

2019-09-11 18:20 - 2019-09-04 11:39 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe

2019-09-11 18:20 - 2019-09-04 10:52 - 001453624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll

2019-09-11 18:20 - 2019-09-04 10:50 - 001320344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll

2019-09-11 18:20 - 2019-09-04 10:48 - 020393120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2019-09-11 18:20 - 2019-09-04 10:38 - 012039680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2019-09-11 18:20 - 2019-09-04 10:38 - 007990784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll

2019-09-11 18:20 - 2019-09-04 10:33 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys

2019-09-11 18:20 - 2019-09-04 07:25 - 003180080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll

2019-09-11 18:20 - 2019-09-04 07:25 - 001613096 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll

2019-09-11 18:20 - 2019-09-04 07:24 - 002417744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll

2019-09-11 18:20 - 2019-09-04 07:24 - 000705336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys

2019-09-11 18:20 - 2019-09-04 07:19 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll

2019-09-11 18:20 - 2019-09-04 07:19 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll

2019-09-11 18:20 - 2019-09-04 07:19 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe

2019-09-11 18:20 - 2019-09-04 07:17 - 001213264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe

2019-09-11 18:20 - 2019-09-04 07:17 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe

2019-09-11 18:20 - 2019-09-04 07:15 - 005627280 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll

2019-09-11 18:20 - 2019-09-04 07:15 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe

2019-09-11 18:20 - 2019-09-04 07:15 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe

2019-09-11 18:20 - 2019-09-04 07:15 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe

2019-09-11 18:20 - 2019-09-04 07:15 - 000500744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys

2019-09-11 18:20 - 2019-09-04 07:15 - 000491208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll

2019-09-11 18:20 - 2019-09-04 07:14 - 007437592 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll

2019-09-11 18:20 - 2019-09-04 07:14 - 003290584 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll

2019-09-11 18:20 - 2019-09-04 07:14 - 002469920 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll

2019-09-11 18:20 - 2019-09-04 07:14 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll

2019-09-11 18:20 - 2019-09-04 07:14 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll

2019-09-11 18:20 - 2019-09-04 07:14 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll

2019-09-11 18:20 - 2019-09-04 07:14 - 000594032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe

2019-09-11 18:20 - 2019-09-04 07:13 - 009084424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2019-09-11 18:20 - 2019-09-04 07:13 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll

2019-09-11 18:20 - 2019-09-04 07:13 - 004405232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2019-09-11 18:20 - 2019-09-04 07:13 - 002773816 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2019-09-11 18:20 - 2019-09-04 07:13 - 002571848 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2019-09-11 18:20 - 2019-09-04 07:13 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll

2019-09-11 18:20 - 2019-09-04 07:13 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll

2019-09-11 18:20 - 2019-09-04 07:13 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll

2019-09-11 18:20 - 2019-09-04 07:13 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll

2019-09-11 18:20 - 2019-09-04 07:13 - 000335672 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll

2019-09-11 18:20 - 2019-09-04 07:13 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll

2019-09-11 18:20 - 2019-09-04 07:13 - 000129040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys

2019-09-11 18:20 - 2019-09-04 07:10 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll

2019-09-11 18:20 - 2019-09-04 07:03 - 006046096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll

2019-09-11 18:20 - 2019-09-04 07:03 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll

2019-09-11 18:20 - 2019-09-04 07:03 - 002331696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll

2019-09-11 18:20 - 2019-09-04 07:03 - 002261448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2019-09-11 18:20 - 2019-09-04 07:03 - 001993136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll

2019-09-11 18:20 - 2019-09-04 07:03 - 001980264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2019-09-11 18:20 - 2019-09-04 07:02 - 006568280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll

2019-09-11 18:20 - 2019-09-04 07:02 - 004790160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

2019-09-11 18:20 - 2019-09-04 06:55 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2019-09-11 18:20 - 2019-09-04 06:54 - 022017024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2019-09-11 18:20 - 2019-09-04 06:48 - 019385344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2019-09-11 18:20 - 2019-09-04 06:48 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll

2019-09-11 18:20 - 2019-09-04 06:46 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll

2019-09-11 18:20 - 2019-09-04 06:45 - 022734336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2019-09-11 18:20 - 2019-09-04 06:45 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll

2019-09-11 18:20 - 2019-09-04 06:45 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys

2019-09-11 18:20 - 2019-09-04 06:44 - 004388864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll

2019-09-11 18:20 - 2019-09-04 06:44 - 003687424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2019-09-11 18:20 - 2019-09-04 06:43 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll

2019-09-11 18:20 - 2019-09-04 06:43 - 004849664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2019-09-11 18:20 - 2019-09-04 06:43 - 003402240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2019-09-11 18:20 - 2019-09-04 06:43 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll

2019-09-11 18:20 - 2019-09-04 06:43 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll

2019-09-11 18:20 - 2019-09-04 06:43 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll

2019-09-11 18:20 - 2019-09-04 06:43 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll

2019-09-11 18:20 - 2019-09-04 06:42 - 007572992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2019-09-11 18:20 - 2019-09-04 06:42 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll

2019-09-11 18:20 - 2019-09-04 06:42 - 005769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2019-09-11 18:20 - 2019-09-04 06:42 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll

2019-09-11 18:20 - 2019-09-04 06:42 - 001765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2019-09-11 18:20 - 2019-09-04 06:42 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll

2019-09-11 18:20 - 2019-09-04 06:42 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll

2019-09-11 18:20 - 2019-09-04 06:41 - 002373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll

2019-09-11 18:20 - 2019-09-04 06:41 - 001634304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2019-09-11 18:20 - 2019-09-04 06:41 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2019-09-11 18:20 - 2019-09-04 06:40 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2019-09-11 18:20 - 2019-09-04 06:40 - 002602496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll

2019-09-11 18:20 - 2019-09-04 06:40 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll

2019-09-11 18:20 - 2019-09-04 06:40 - 002179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll

2019-09-11 18:20 - 2019-09-04 06:40 - 001808896 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2019-09-11 18:20 - 2019-09-04 06:40 - 001563648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll

2019-09-11 18:20 - 2019-09-04 06:40 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll

2019-09-11 18:20 - 2019-09-04 06:40 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll

2019-09-11 18:20 - 2019-09-04 06:39 - 003203072 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll

2019-09-11 18:20 - 2019-09-04 06:39 - 002166272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2019-09-11 18:20 - 2019-09-04 06:39 - 001920512 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll

2019-09-11 18:20 - 2019-09-04 06:39 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll

2019-09-11 18:20 - 2019-09-04 06:39 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll

2019-09-11 18:20 - 2019-09-04 06:39 - 000961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll

2019-09-11 18:20 - 2019-09-04 06:39 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll

2019-09-11 18:20 - 2019-09-04 06:39 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll

2019-09-11 18:20 - 2019-09-04 06:38 - 001398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll

2019-09-11 18:20 - 2019-09-04 06:38 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll

2019-09-11 18:20 - 2019-09-04 06:38 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll

2019-09-11 18:20 - 2019-09-04 06:38 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2019-09-11 18:20 - 2019-09-04 06:38 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll

2019-09-11 18:20 - 2019-08-16 00:55 - 000786072 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll

2019-09-11 18:20 - 2019-08-16 00:55 - 000604000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll

2019-09-11 18:20 - 2019-08-15 11:59 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll

2019-09-11 18:20 - 2019-08-13 20:20 - 003701184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2019-09-11 18:20 - 2019-08-13 20:06 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll

2019-09-11 18:20 - 2019-08-13 17:04 - 001651040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll

2019-09-11 18:20 - 2019-08-13 16:46 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll

2019-09-11 18:20 - 2019-08-13 16:45 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll

2019-09-11 18:20 - 2019-08-13 12:15 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll

2019-09-11 18:20 - 2019-08-13 12:14 - 004040008 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2019-09-11 18:20 - 2019-08-13 12:09 - 000771384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll

2019-09-11 18:20 - 2019-08-13 12:09 - 000571688 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe

2019-09-11 18:20 - 2019-08-13 11:51 - 004853248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll

2019-09-11 18:20 - 2019-08-13 11:51 - 000905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe

2019-09-11 18:20 - 2019-08-13 11:50 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll

2019-09-11 18:20 - 2019-08-13 11:47 - 001262080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll

2019-09-11 18:20 - 2019-08-13 11:46 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2019-09-11 18:20 - 2019-08-13 11:46 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2019-09-11 18:20 - 2019-08-13 06:46 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys

2019-09-11 18:20 - 2019-08-13 06:46 - 000510288 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll

2019-09-11 18:20 - 2019-08-13 06:45 - 002718736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2019-09-11 18:20 - 2019-08-13 06:45 - 000723216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll

2019-09-11 18:20 - 2019-08-13 06:45 - 000722960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll

2019-09-11 18:20 - 2019-08-13 06:44 - 002161288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll

2019-09-11 18:20 - 2019-08-13 06:17 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll

2019-09-11 18:20 - 2019-08-13 06:16 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll

2019-09-11 18:20 - 2019-08-13 06:16 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll

2019-09-11 18:20 - 2019-08-13 06:15 - 001626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll

2019-09-11 18:20 - 2019-08-13 06:14 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll

2019-09-11 18:20 - 2019-08-13 06:13 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll

2019-09-11 18:20 - 2019-08-13 06:12 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll

2019-09-11 18:20 - 2019-08-13 06:11 - 000737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll

2019-09-11 18:20 - 2019-08-13 06:11 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2019-09-11 18:20 - 2019-08-13 06:08 - 001221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll

2019-09-11 18:20 - 2019-08-13 06:08 - 000662016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll

2019-09-11 18:20 - 2019-08-13 04:51 - 000421376 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe

2019-09-11 18:20 - 2019-08-13 02:57 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll

2019-09-11 18:19 - 2019-09-04 12:06 - 000402016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll

2019-09-11 18:19 - 2019-09-04 11:45 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll

2019-09-11 18:19 - 2019-09-04 11:45 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll

2019-09-11 18:19 - 2019-09-04 11:44 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll

2019-09-11 18:19 - 2019-09-04 11:44 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys

2019-09-11 18:19 - 2019-09-04 11:44 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll

2019-09-11 18:19 - 2019-09-04 11:42 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll

2019-09-11 18:19 - 2019-09-04 10:52 - 000467400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll

2019-09-11 18:19 - 2019-09-04 10:51 - 000662328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe

2019-09-11 18:19 - 2019-09-04 10:51 - 000322360 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll

2019-09-11 18:19 - 2019-09-04 10:50 - 000356896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll

2019-09-11 18:19 - 2019-09-04 10:35 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll

2019-09-11 18:19 - 2019-09-04 07:24 - 001298960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll

2019-09-11 18:19 - 2019-09-04 07:15 - 000323904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll

2019-09-11 18:19 - 2019-09-04 07:14 - 000420984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xbgmengine.dll

2019-09-11 18:19 - 2019-09-04 07:14 - 000361752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll

2019-09-11 18:19 - 2019-09-04 07:13 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2019-09-11 18:19 - 2019-09-04 07:13 - 001260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2019-09-11 18:19 - 2019-09-04 07:13 - 001141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2019-09-11 18:19 - 2019-09-04 07:13 - 000983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe

2019-09-11 18:19 - 2019-09-04 07:13 - 000735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll

2019-09-11 18:19 - 2019-09-04 07:13 - 000692352 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll

2019-09-11 18:19 - 2019-09-04 07:13 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys

2019-09-11 18:19 - 2019-09-04 07:05 - 000550520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll

2019-09-11 18:19 - 2019-09-04 07:04 - 000286616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll

2019-09-11 18:19 - 2019-09-04 07:03 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll

2019-09-11 18:19 - 2019-09-04 07:03 - 000581264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll

2019-09-11 18:19 - 2019-09-04 07:03 - 000538192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll

2019-09-11 18:19 - 2019-09-04 07:02 - 001805872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll

2019-09-11 18:19 - 2019-09-04 07:02 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll

2019-09-11 18:19 - 2019-09-04 07:02 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll

2019-09-11 18:19 - 2019-09-04 06:46 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll

2019-09-11 18:19 - 2019-09-04 06:45 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll

2019-09-11 18:19 - 2019-09-04 06:45 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll

2019-09-11 18:19 - 2019-09-04 06:44 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll

2019-09-11 18:19 - 2019-09-04 06:43 - 000436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys

2019-09-11 18:19 - 2019-09-04 06:43 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll

2019-09-11 18:19 - 2019-09-04 06:43 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll

2019-09-11 18:19 - 2019-09-04 06:42 - 002929152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll

2019-09-11 18:19 - 2019-09-04 06:42 - 001862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll

2019-09-11 18:19 - 2019-09-04 06:42 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll

2019-09-11 18:19 - 2019-09-04 06:42 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll

2019-09-11 18:19 - 2019-09-04 06:42 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll

2019-09-11 18:19 - 2019-09-04 06:42 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll

2019-09-11 18:19 - 2019-09-04 06:42 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll

2019-09-11 18:19 - 2019-09-04 06:41 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll

2019-09-11 18:19 - 2019-09-04 06:41 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll

2019-09-11 18:19 - 2019-09-04 06:41 - 001347584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll

2019-09-11 18:19 - 2019-09-04 06:41 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll

2019-09-11 18:19 - 2019-09-04 06:40 - 001232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll

2019-09-11 18:19 - 2019-09-04 06:40 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll

2019-09-11 18:19 - 2019-09-04 06:40 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll

2019-09-11 18:19 - 2019-09-04 06:39 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll

2019-09-11 18:19 - 2019-09-04 06:39 - 000927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll

2019-09-11 18:19 - 2019-09-04 06:39 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll

2019-09-11 18:19 - 2019-09-04 06:39 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll

2019-09-11 18:19 - 2019-09-04 06:39 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2019-09-11 18:19 - 2019-09-04 06:39 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll

2019-09-11 18:19 - 2019-09-04 06:38 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll

2019-09-11 18:19 - 2019-09-04 05:22 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim

2019-09-11 18:19 - 2019-08-13 20:21 - 000665400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll

2019-09-11 18:19 - 2019-08-13 20:21 - 000221016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll

2019-09-11 18:19 - 2019-08-13 20:20 - 000106560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe

2019-09-11 18:19 - 2019-08-13 20:06 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2019-09-11 18:19 - 2019-08-13 20:06 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComputerDefaults.exe

2019-09-11 18:19 - 2019-08-13 20:05 - 002017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2019-09-11 18:19 - 2019-08-13 17:06 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll

2019-09-11 18:19 - 2019-08-13 17:04 - 001585304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll

2019-09-11 18:19 - 2019-08-13 16:44 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll

2019-09-11 18:19 - 2019-08-13 16:43 - 001295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll

2019-09-11 18:19 - 2019-08-13 16:43 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll

2019-09-11 18:19 - 2019-08-13 16:43 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll

2019-09-11 18:19 - 2019-08-13 16:42 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2019-09-11 18:19 - 2019-08-13 16:40 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll

2019-09-11 18:19 - 2019-08-13 16:39 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll

2019-09-11 18:19 - 2019-08-13 12:08 - 000117240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe

2019-09-11 18:19 - 2019-08-13 11:49 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe

2019-09-11 18:19 - 2019-08-13 11:49 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe

2019-09-11 18:19 - 2019-08-13 08:37 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll

2019-09-11 18:19 - 2019-08-13 06:54 - 000790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll

2019-09-11 18:19 - 2019-08-13 06:46 - 000194360 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll

2019-09-11 18:19 - 2019-08-13 06:44 - 001793472 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll

2019-09-11 18:19 - 2019-08-13 06:13 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll

2019-09-11 18:19 - 2019-08-13 06:12 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll

2019-09-11 18:19 - 2019-08-13 06:12 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll

2019-09-11 18:19 - 2019-08-13 06:12 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll

2019-09-11 18:19 - 2019-08-13 06:12 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll

2019-09-11 18:19 - 2019-08-13 06:11 - 000302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll

2019-09-11 18:19 - 2019-08-13 06:08 - 000320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2019-09-11 18:19 - 2019-08-13 04:49 - 000806328 _____ C:\WINDOWS\SysWOW64\locale.nls

2019-09-11 18:19 - 2019-08-13 04:49 - 000806328 _____ C:\WINDOWS\system32\locale.nls

2019-09-11 18:19 - 2019-08-13 02:57 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll

2019-09-11 18:19 - 2019-08-13 02:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll

2019-09-11 18:19 - 2019-08-13 02:57 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll

2019-09-08 14:04 - 2019-09-08 14:04 - 000000100 _____ C:\Users\domin\Documents\Zapisy TinyTask.rec

2019-09-08 13:37 - 2019-09-08 13:37 - 000036352 _____ () C:\Users\domin\Desktop\TinyTask.exe

2019-09-07 20:13 - 2019-09-07 20:13 - 000057344 _____ C:\Users\domin\Desktop\Clicker.exe

2019-09-07 20:11 - 2019-09-07 20:11 - 000000000 ____D C:\Users\domin\AppData\Roaming\Highresolution Enterprises

2019-09-07 20:11 - 2019-09-07 20:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Highresolution Enterprises

2019-09-07 20:11 - 2019-09-07 20:11 - 000000000 ____D C:\Program Files\Highresolution Enterprises

2019-09-06 23:50 - 2019-06-29 06:07 - 000002032 _____ C:\Users\domin\Desktop\Electrum.lnk

2019-08-31 20:49 - 2019-03-28 11:11 - 000029232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll

2019-08-31 20:49 - 2019-03-28 11:11 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll

2019-08-31 20:49 - 2019-03-28 11:09 - 000032816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll

2019-08-31 20:49 - 2019-03-28 11:09 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll

2019-08-31 20:49 - 2019-03-28 08:35 - 000772176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_clr0400.dll

2019-08-31 20:49 - 2019-03-28 08:35 - 000702400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase_clr0400.dll

2019-08-31 20:49 - 2019-03-28 08:35 - 000622832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_clr0400.dll

2019-08-31 20:49 - 2019-03-28 08:35 - 000433448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140_clr0400.dll

2019-08-31 20:49 - 2019-03-28 08:35 - 000087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140_clr0400.dll

2019-08-31 20:49 - 2019-03-28 08:35 - 000083768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140_clr0400.dll

 

==================== Jeden miesiąc (zmodyfikowane) ========

 

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

 

2019-09-30 15:47 - 2018-06-29 14:11 - 000000000 ____D C:\FRST

2019-09-30 15:41 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI

2019-09-30 15:41 - 2017-07-17 13:49 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin

2019-09-30 15:40 - 2018-07-12 20:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2019-09-30 15:38 - 2018-08-16 23:08 - 000000068 __RSH C:\WINDOWS\system32\Drivers\winhv.winsecurity

2019-09-30 15:33 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2019-09-30 15:32 - 2019-05-25 23:08 - 000000000 ____D C:\Program Files (x86)\TunnelBear

2019-09-30 15:31 - 2018-07-12 20:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG

2019-09-30 15:31 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy

2019-09-30 15:31 - 2017-07-17 05:02 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy

2019-09-30 14:33 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP

2019-09-30 14:33 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF

2019-09-30 13:47 - 2018-07-12 20:56 - 000004224 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{DF88AB34-9852-465D-90FC-1A87ACB200DE}

2019-09-29 21:53 - 2017-07-31 13:26 - 000000000 ____D C:\Users\domin\AppData\Roaming\.minecraft

2019-09-29 19:12 - 2018-07-12 20:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2019-09-29 11:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness

2019-09-28 23:38 - 2018-06-29 14:15 - 000000000 ____D C:\ProgramData\Malwarebytes

2019-09-28 21:40 - 2018-07-23 22:52 - 000000000 ____D C:\Users\domin\AppData\Roaming\discord

2019-09-28 20:44 - 2018-07-12 20:56 - 000003496 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA

2019-09-28 20:44 - 2018-07-12 20:56 - 000003272 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

2019-09-28 20:44 - 2018-07-12 20:56 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update

2019-09-28 20:44 - 2018-07-12 20:56 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-628336397-1476835057-3598675240-1001

2019-09-28 20:44 - 2018-07-12 20:56 - 000002856 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-628336397-1476835057-3598675240-1002

2019-09-28 20:44 - 2018-07-12 20:56 - 000002218 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC

2019-09-28 20:44 - 2018-07-12 20:56 - 000002146 _____ C:\WINDOWS\system32\Tasks\StartCN

2019-09-27 18:07 - 2018-07-12 20:34 - 000002407 _____ C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2019-09-27 18:07 - 2017-07-17 05:17 - 000000000 ___RD C:\Users\domin\OneDrive

2019-09-25 22:26 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps

2019-09-25 14:20 - 2017-09-10 11:34 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2019-09-24 22:18 - 2018-08-14 21:40 - 000000000 ____D C:\WINDOWS\Panther

2019-09-24 22:18 - 2018-07-12 20:55 - 000037932 _____ C:\WINDOWS\diagwrn.xml

2019-09-24 22:18 - 2018-07-12 20:55 - 000022863 _____ C:\WINDOWS\diagerr.xml

2019-09-24 21:53 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp

2019-09-24 21:52 - 2018-09-15 16:37 - 000000000 ____D C:\Users\domin\AppData\Local\CrashDumps

2019-09-24 20:55 - 2018-07-12 20:34 - 000000000 ____D C:\Users\domin

2019-09-23 14:26 - 2019-05-19 14:13 - 000000000 ____D C:\Users\domin\Desktop\zdjecia

2019-09-22 13:55 - 2018-01-28 01:32 - 000000000 ____D C:\Users\domin\AppData\LocalLow\Mozilla

2019-09-20 23:49 - 2017-08-02 18:51 - 000000000 ____D C:\Users\domin\AppData\Roaming\steelseries-engine-3-client

2019-09-19 20:27 - 2019-07-12 16:19 - 008547636 _____ (cfx-collective) C:\Users\domin\Desktop\FiveM.exe

2019-09-19 17:31 - 2018-06-16 14:39 - 000000000 ____D C:\ProgramData\Origin

2019-09-17 23:44 - 2018-04-01 13:03 - 000000000 ____D C:\Users\domin\AppData\Local\PlaceholderTileLogoFolder

2019-09-17 23:32 - 2018-03-01 20:17 - 000000000 ____D C:\Users\domin\AppData\Local\Packages

2019-09-16 22:39 - 2017-07-31 00:11 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client

2019-09-16 22:24 - 2017-07-31 00:14 - 000000000 ____D C:\Users\domin\AppData\Roaming\TS3Client

2019-09-16 22:24 - 2017-07-17 12:11 - 000000000 ____D C:\Program Files (x86)\Steam

2019-09-16 22:09 - 2018-03-02 22:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

2019-09-16 14:11 - 2017-12-26 00:09 - 000000000 ____D C:\Users\domin\AppData\Local\Spotify

2019-09-16 14:05 - 2017-12-26 00:06 - 000000000 ____D C:\Users\domin\AppData\Roaming\Spotify

2019-09-15 13:01 - 2017-11-05 16:45 - 000000000 ____D C:\Users\domin\Documents\Rockstar Games

2019-09-13 15:05 - 2018-03-25 13:22 - 000000000 ____D C:\Users\domin\AppData\Roaming\EasyAntiCheat

2019-09-13 02:51 - 2017-07-17 13:49 - 000000000 ____D C:\ProgramData\Package Cache

2019-09-11 21:03 - 2018-07-12 20:46 - 001763504 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2019-09-11 21:03 - 2018-04-12 17:54 - 000782334 _____ C:\WINDOWS\system32\perfh015.dat

2019-09-11 21:03 - 2018-04-12 17:54 - 000151496 _____ C:\WINDOWS\system32\perfc015.dat

2019-09-11 20:58 - 2018-03-01 20:39 - 000000000 ___RD C:\Users\domin\3D Objects

2019-09-11 20:58 - 2017-07-17 05:15 - 000000000 __RHD C:\Users\Public\AccountPictures

2019-09-11 20:56 - 2018-07-12 20:29 - 000299408 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2019-09-11 18:38 - 2018-04-12 17:56 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection

2019-09-11 18:38 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs

2019-09-11 18:38 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel

2019-09-11 18:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput

2019-09-11 18:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism

2019-09-11 18:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe

2019-09-11 18:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences

2019-09-11 18:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellComponents

2019-09-11 18:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions

2019-09-11 18:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr

2019-09-11 18:38 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism

2019-09-08 17:47 - 2018-08-11 15:41 - 000000000 ____D C:\Users\domin\AppData\Roaming\Electrum

2019-09-08 10:23 - 2017-07-31 09:56 - 000000000 ____D C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2019-09-08 10:22 - 2019-04-29 16:55 - 000000000 ____D C:\Users\domin\AppData\Roaming\DVDVideoSoft

2019-09-08 10:22 - 2017-07-17 13:40 - 000000000 ____D C:\Fraps

2019-09-08 10:13 - 2019-06-29 13:32 - 000000000 ____D C:\Users\domin\AppData\Local\cache

2019-09-01 05:57 - 2018-11-15 16:01 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2019-09-01 05:57 - 2018-11-15 16:01 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2019-08-31 13:33 - 2019-07-12 17:07 - 000000000 ____D C:\Users\domin\AppData\Local\DigitalEntitlements

 

==================== Pliki w katalogu głównym wybranych folderów ================

 

2019-05-24 10:11 - 2019-05-24 10:11 - 000007676 _____ () C:\Users\domin\AppData\Local\recently-used.xbel

2019-02-16 17:50 - 2019-02-16 17:50 - 000007603 _____ () C:\Users\domin\AppData\Local\Resmon.ResmonCfg

 

==================== SigCheck ===============================

 

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

 

==================== Koniec FRST.txt ============================

[Gość]

Narzędzie producenta usunęło wszystkie widoczne pozostałości po Kasperskim a pozostałości po Avaście usunął FRST, tak więc w tym aspekcie jest w porządku.

W trybie awaryjnym systemu uruchom FRST a następnie (poprzez skrót klawiszowy CTRL + Y) otwórz notatnik systemowy. Wklej w nim poniższą zawartość:

 

CloseProcesses:
HKLM-x32\...\RunOnce: [unKIS] => wscript.exe //b C:\Users\domin\AppData\Local\Temp\UnKIS.vbs <==== UWAGA
S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-09-24] (bookingDesktopApp.) [brak podpisu cyfrowego]
S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-09-24] (bookingDesktopApp.) [brak podpisu cyfrowego]
2019-09-29 11:35 - 2019-09-29 11:36 - 005659678 _____ (Swearware) C:\Users\domin\Downloads\ComboFix.exe
2019-09-24 14:08 - 2019-09-30 15:32 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-09-24 13:46 - 2019-09-24 13:46 - 000000000 ____D C:\Program Files (x86)\bookingDesktopApp
2019-09-24 13:24 - 2019-09-24 13:24 - 002515160 _____ ( ) C:\Users\domin\Desktop\Rufus-41921-AsystentPobierania_1879116183.exe
EmptyTemp:

Poprzez skrót klawiszowy CTRL + S (albo przez Plik -> Zapisz) zapisz zmiany w notatniku a następnie w FRST kliknij na Napraw. Na zakończenie naprawy FRST poprosi o restart systemu.

Podaj log z naprawy (Fixlog.txt) i napisz jak działa system w trybie normalnym po tej naprawie.

[Dominicz3k 0]

Działa system tak samo jak wczesniej, nie zauwazylem zadnych zmian poza tym ze mnie wylogowalo ze wszystkiego w google.

 

Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 30-09-2019

Uruchomiony przez domin (30-09-2019 20:55:39) Run:7

Uruchomiony z C:\Users\domin\Desktop

Załadowane profile: domin (Dostępne profile: defaultuser0 & domin)

Tryb startu: Safe Mode (with Networking)

==============================================

 

fixlist - zawartość:

*****************

CloseProcesses:

HKLM-x32\...\RunOnce: [unKIS] => wscript.exe //b C:\Users\domin\AppData\Local\Temp\UnKIS.vbs <==== UWAGA

S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-09-24] (bookingDesktopApp.) [brak podpisu cyfrowego]

S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-09-24] (bookingDesktopApp.) [brak podpisu cyfrowego]

2019-09-29 11:35 - 2019-09-29 11:36 - 005659678 _____ (Swearware) C:\Users\domin\Downloads\ComboFix.exe

2019-09-24 14:08 - 2019-09-30 15:32 - 000000008 __RSH C:\ProgramData\ntuser.pol

2019-09-24 13:46 - 2019-09-24 13:46 - 000000000 ____D C:\Program Files (x86)\bookingDesktopApp

2019-09-24 13:24 - 2019-09-24 13:24 - 002515160 _____ ( ) C:\Users\domin\Desktop\Rufus-41921-AsystentPobierania_1879116183.exe

EmptyTemp:

*****************

 

Procesy zostały pomyślnie zamknięte.

"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\UnKIS" => nie znaleziono

bookingdesktopapp => serwis nie znaleziono.

bookingdesktopappm => serwis nie znaleziono.

"C:\Users\domin\Downloads\ComboFix.exe" => nie znaleziono

"C:\ProgramData\ntuser.pol" => nie znaleziono

"C:\Program Files (x86)\bookingDesktopApp" => nie znaleziono

"C:\Users\domin\Desktop\Rufus-41921-AsystentPobierania_1879116183.exe" => nie znaleziono

 

=========== EmptyTemp: ==========

 

BITS transfer queue => 10772480 B

DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1056016 B

Java, Flash, Steam htmlcache => 474644816 B

Windows/system/drivers => 20321535 B

Edge => 3692517 B

Chrome => 429260860 B

Firefox => 0 B

Opera => 160792 B

 

Temp, IE cache, history, cookies, recent:

Default => 6656 B

Users => 0 B

ProgramData => 0 B

Public => 0 B

systemprofile => 0 B

systemprofile32 => 0 B

LocalService => 21358 B

LocalService => 0 B

NetworkService => 37378 B

NetworkService => 0 B

defaultuser0 => 6656 B

domin => 160465600 B

 

RecycleBin => 16904298 B

EmptyTemp: => 1 GB danych tymczasowych Usunięto.

 

================================

 

 

System wymagał restartu.

 

==== Koniec Fixlog 20:57:00 ====

[amp41 370]

Nie masz czasem kilku kont na kompie?...bo to trochę tak wygląda że jesteś na koncie bez uprawnień admina,może zaloguj się do konta MS.

[Gość]

Nie masz czasem kilku kont na kompie?...bo to trochę tak wygląda że jesteś na koncie bez uprawnień admina,może zaloguj się do konta MS.

Ale widać w logach że autor pracuje na koncie z uprawnieniami admina:

 

Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 29-09-2019

Uruchomiony przez domin (administrator) DESKTOP-4BKG2L8 (30-09-2019 15:46:30)

 

==================== Konta użytkowników: =============================

 

Administrator (S-1-5-21-628336397-1476835057-3598675240-500 - Administrator - Disabled)

defaultuser0 (S-1-5-21-628336397-1476835057-3598675240-1000 - Limited - Disabled) => C:\Users\defaultuser0

domin (S-1-5-21-628336397-1476835057-3598675240-1001 - Administrator - Enabled) => C:\Users\domin

Gość (S-1-5-21-628336397-1476835057-3598675240-501 - Limited - Disabled)

Konto domyślne (S-1-5-21-628336397-1476835057-3598675240-503 - Limited - Disabled)

WDAGUtilityAccount (S-1-5-21-628336397-1476835057-3598675240-504 - Limited - Disabled)

 

Działa system tak samo jak wczesniej, nie zauwazylem zadnych zmian poza tym ze mnie wylogowalo ze wszystkiego w google.

W takim razie sprawdziłbym czy w trybie czystego rozruchu system nadal szwankuje Mój link.

[Dominicz3k 0]

W trybie czystego rozruchu system nadal szwankuje

Czysty rozruch robilem w trybie awaryjnym ponieważ msconfig i menedżer zadań nie działają w trybie normalnym

[Gość]

Ciężki przypadek. Jeszcze ewentualnie można spróbować przywrócić system do stanu początkowego

jeśli format to ostateczność.

[Dominicz3k 0]

Jak zrobić instalke z USB co i jak ustawic z biosie na plycie asus p7p55-m i czy ta powinna wyglądać instalka na pendrive?