Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 24.10.2018
- Uruchomiony przez twujstary (administrator) DESKTOP-51EG90U (03-11-2018 12:13:13)
- Uruchomiony z C:\Users\twujstary\Desktop
- Załadowane profile: twujstary & (Dostępne profile: twujstary)
- Platform: Windows 10 Pro Wersja 1703 15063.726 (X64) Język: Polski (Polska)
- Internet Explorer Wersja 11 (Domyślna przeglądarka: Opera)
- Tryb startu: Normal
- Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Procesy (filtrowane) =================
- (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
- (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
- (Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
- (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
- (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
- (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
- (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
- (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
- (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
- (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
- (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
- (Amagicom AB) C:\Program Files\Mullvad VPN\resources\mullvad-daemon.exe
- () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
- (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
- (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
- (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
- (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
- (Valve Corporation) D:\Steam\Steam.exe
- (TrueCrypt Foundation) C:\Program Files\TrueCrypt\TrueCrypt.exe
- () C:\Program Files (x86)\SteamServerBrowser\SteamServerBrowser.exe
- () C:\Program Files (x86)\DFX\dfx.exe
- (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
- () C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
- () C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
- (Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
- (Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
- (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
- (Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
- (Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
- (Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
- (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
- (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
- (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
- (Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
- (Opera Software) C:\Program Files\Opera\56.0.3051.52\opera.exe
- (Opera Software) C:\Program Files\Opera\56.0.3051.52\opera_crashreporter.exe
- (Opera Software) C:\Program Files\Opera\56.0.3051.52\opera.exe
- (Opera Software) C:\Program Files\Opera\56.0.3051.52\opera.exe
- (Opera Software) C:\Program Files\Opera\56.0.3051.52\opera.exe
- (Opera Software) C:\Program Files\Opera\56.0.3051.52\opera.exe
- (Opera Software) C:\Program Files\Opera\56.0.3051.52\opera.exe
- (Opera Software) C:\Program Files\Opera\56.0.3051.52\opera.exe
- (Opera Software) C:\Program Files\Opera\56.0.3051.52\opera.exe
- (Opera Software) C:\Program Files\Opera\56.0.3051.52\opera.exe
- (Opera Software) C:\Program Files\Opera\56.0.3051.52\opera.exe
- (Opera Software) C:\Program Files\Opera\56.0.3051.52\opera.exe
- (Opera Software) C:\Program Files\Opera\56.0.3051.52\opera.exe
- (Opera Software) C:\Program Files\Opera\56.0.3051.52\opera.exe
- (Opera Software) C:\Program Files\Opera\56.0.3051.52\opera.exe
- ==================== Rejestr (filtrowane) ===========================
- (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
- HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
- HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-01-11] (Realtek Semiconductor)
- HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
- HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated)
- HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated)
- HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
- HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Inc.)
- HKLM-x32\...\Run: [FxSound Enhancer] => C:\Program Files (x86)\DFX\dfx.exe [1665528 2017-06-30] ()
- HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [125872 2018-09-19] (VMware, Inc.)
- HKU\S-1-5-21-1043391465-3389820748-3846585623-1001\...\Run: [Steam] => D:\Steam\steam.exe [3208992 2018-10-13] (Valve Corporation)
- HKU\S-1-5-21-1043391465-3389820748-3846585623-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3112744 2018-09-05] (Electronic Arts)
- HKU\S-1-5-21-1043391465-3389820748-3846585623-1001\...\Run: [TrueCrypt] => C:\Program Files\TrueCrypt\TrueCrypt.exe [1516496 2017-10-07] (TrueCrypt Foundation)
- HKU\S-1-5-21-1043391465-3389820748-3846585623-1001\...\Run: [Spotify] => C:\Users\twujstary\AppData\Roaming\Spotify\Spotify.exe [21325200 2018-02-15] (Spotify Ltd)
- HKU\S-1-5-21-1043391465-3389820748-3846585623-1001\...\Run: [SteamServerBrowser] => C:\Program Files (x86)\SteamServerBrowser\SteamServerBrowser.exe [228352 2017-02-26] ()
- HKU\S-1-5-21-1043391465-3389820748-3846585623-1001\...\Run: [Spotify Web Helper] => C:\Users\twujstary\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2018-02-15] (Spotify Ltd)
- HKU\S-1-5-21-1043391465-3389820748-3846585623-1001\...\Run: [Discord] => C:\Users\twujstary\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.)
- HKU\S-1-5-21-1043391465-3389820748-3846585623-1001\...\Run: [TrueCrypt Format] => C:\Program Files\TrueCrypt\TrueCrypt Format.exe [1610704 2017-10-07] (TrueCrypt Foundation)
- HKU\S-1-5-21-1043391465-3389820748-3846585623-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018121104651\...\Run: [Steam] => D:\Steam\steam.exe [3208992 2018-10-13] (Valve Corporation)
- HKU\S-1-5-21-1043391465-3389820748-3846585623-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018121104651\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3112744 2018-09-05] (Electronic Arts)
- HKU\S-1-5-21-1043391465-3389820748-3846585623-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018121104651\...\Run: [TrueCrypt] => C:\Program Files\TrueCrypt\TrueCrypt.exe [1516496 2017-10-07] (TrueCrypt Foundation)
- HKU\S-1-5-21-1043391465-3389820748-3846585623-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018121104651\...\Run: [Spotify] => C:\Users\twujstary\AppData\Roaming\Spotify\Spotify.exe [21325200 2018-02-15] (Spotify Ltd)
- HKU\S-1-5-21-1043391465-3389820748-3846585623-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018121104651\...\Run: [SteamServerBrowser] => C:\Program Files (x86)\SteamServerBrowser\SteamServerBrowser.exe [228352 2017-02-26] ()
- HKU\S-1-5-21-1043391465-3389820748-3846585623-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018121104651\...\Run: [Spotify Web Helper] => C:\Users\twujstary\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2018-02-15] (Spotify Ltd)
- HKU\S-1-5-21-1043391465-3389820748-3846585623-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018121104651\...\Run: [Discord] => C:\Users\twujstary\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.)
- HKU\S-1-5-21-1043391465-3389820748-3846585623-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018121104651\...\Run: [TrueCrypt Format] => C:\Program Files\TrueCrypt\TrueCrypt Format.exe [1610704 2017-10-07] (TrueCrypt Foundation)
- ==================== Internet (filtrowane) ====================
- (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
- Tcpip\Parameters: [DhcpNameServer] 89.231.1.206 217.172.224.160
- Tcpip\..\Interfaces\{0def86cb-752d-4576-a8ef-b1fa3d0a1eb1}: [DhcpNameServer] 89.231.1.206 217.172.224.160
- Tcpip\..\Interfaces\{1fac14f4-09ae-4004-b0b8-bd4412cf4495}: [DhcpNameServer] 89.231.1.206 217.172.224.160
- Tcpip\..\Interfaces\{6cc8b452-7038-470c-905b-099b1df240c0}: [DhcpNameServer] 89.231.1.206 217.172.224.160
- Internet Explorer:
- ==================
- FireFox:
- ========
- FF DefaultProfile: q4zkjccv.default
- FF ProfilePath: C:\Users\twujstary\AppData\Roaming\Mozilla\Firefox\Profiles\q4zkjccv.default [2018-11-02]
- FF Extension: (Hoxx VPN Proxy) - C:\Users\twujstary\AppData\Roaming\Mozilla\Firefox\Profiles\q4zkjccv.default\Extensions\@hoxx-vpn.xpi [2018-08-09]
- FF Extension: (HTTPS Everywhere) - C:\Users\twujstary\AppData\Roaming\Mozilla\Firefox\Profiles\q4zkjccv.default\Extensions\https-everywhere-eff@eff.org.xpi [2018-08-09]
- FF Extension: (Self-Destructing Cookies) - C:\Users\twujstary\AppData\Roaming\Mozilla\Firefox\Profiles\q4zkjccv.default\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi [2017-04-25] [Przestarzałe]
- FF Extension: (Decentraleyes) - C:\Users\twujstary\AppData\Roaming\Mozilla\Firefox\Profiles\q4zkjccv.default\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2018-08-09]
- FF Extension: (Privacy Badger) - C:\Users\twujstary\AppData\Roaming\Mozilla\Firefox\Profiles\q4zkjccv.default\Extensions\jid1-MnnxcxisBPnSXQ-eff@jetpack.xpi [2018-08-09]
- FF Extension: (uBlock Origin) - C:\Users\twujstary\AppData\Roaming\Mozilla\Firefox\Profiles\q4zkjccv.default\Extensions\uBlock0@raymondhill.net.xpi [2018-08-13]
- FF Extension: (iMEGA) - C:\Users\twujstary\AppData\Roaming\Mozilla\Firefox\Profiles\q4zkjccv.default\Extensions\{065ee92a-ad57-42a2-b6d5-466b6fd8e24d}.xpi [2017-07-01] [Przestarzałe]
- FF Extension: (StartupMaster) - C:\Users\twujstary\AppData\Roaming\Mozilla\Firefox\Profiles\q4zkjccv.default\Extensions\{506d044e-41fa-4cc8-9dc6-9ff70e96eebf}.xpi [2017-04-25] [Przestarzałe]
- FF Extension: (Greasemonkey) - C:\Users\twujstary\AppData\Roaming\Mozilla\Firefox\Profiles\q4zkjccv.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2018-04-01]
- FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-10-10] ()
- FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems)
- FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-10] ()
- FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-08-21] (NVIDIA Corporation)
- FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-08-21] (NVIDIA Corporation)
- FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems)
- Opera:
- =======
- OPR Extension: (Play HLS M3u8) - C:\Users\twujstary\AppData\Roaming\Opera Software\Opera Stable\Extensions\ckblfoghkjhaclegefojbgllenffajdc [2018-10-13]
- OPR Extension: (DotVPN — a better way to VPN) - C:\Users\twujstary\AppData\Roaming\Opera Software\Opera Stable\Extensions\hiegahbgoabbpoieploedhfnobmpgbeg [2018-05-20]
- OPR Extension: (Set password for your browser ( Opera lock )) - C:\Users\twujstary\AppData\Roaming\Opera Software\Opera Stable\Extensions\hlimdilplebcephnbbibnldbhjhoipfh [2018-06-17]
- OPR Extension: (uBlock Origin) - C:\Users\twujstary\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2018-10-01]
- OPR Extension: (Zainstaluj rozszerzenia Chrome) - C:\Users\twujstary\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2018-10-13]
- OPR Extension: (Tampermonkey) - C:\Users\twujstary\AppData\Roaming\Opera Software\Opera Stable\Extensions\mfdhdgbonjidekjkjmjaneanmdmpmidf [2018-07-29]
- OPR Extension: (Adblock Plus) - C:\Users\twujstary\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-11-01]
- ==================== Usługi (filtrowane) ====================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Inc.)
- R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated)
- R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
- S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7361312 2018-10-03] ()
- S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-08-22] (EasyAntiCheat Ltd)
- R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
- R2 MullvadVPN; C:\Program Files\Mullvad VPN\resources\mullvad-daemon.exe [8315904 2018-10-16] (Amagicom AB) [Brak podpisu cyfrowego]
- S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2213696 2018-09-05] (Electronic Arts)
- R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3084104 2018-09-05] (Electronic Arts)
- S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
- S3 SoundBoosterService; C:\Program Files (x86)\Letasoft Sound Booster\SoundBoosterService.exe [153272 2018-08-07] (Letasoft)
- R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [15445936 2018-09-19] ()
- R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
- R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
- R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
- R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
- ===================== Sterowniki (filtrowane) ======================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- S3 DFX11_1; C:\Windows\system32\drivers\dfx11_1x64.sys [28008 2018-03-08] (Windows (R) Win 7 DDK provider)
- R3 DFX12; C:\Windows\system32\drivers\dfx12x64.sys [39048 2018-03-08] (Windows (R) Win 7 DDK provider)
- S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-11-28] (Disc Soft Ltd)
- S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-11-28] (Disc Soft Ltd)
- R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152688 2018-10-18] (Malwarebytes)
- R3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [32840 2017-09-19] (ELAN Microelectronic Corp.)
- S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2017-06-29] (LogMeIn Inc.)
- R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-09-19] (REALiX(tm))
- S3 kmloop; C:\Windows\System32\drivers\loop.sys [16896 2017-03-18] (Microsoft Corporation)
- R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198000 2018-11-02] (Malwarebytes)
- R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [119136 2018-11-02] (Malwarebytes)
- R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [63768 2018-11-02] (Malwarebytes)
- R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [260480 2018-11-02] (Malwarebytes)
- R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [111152 2018-11-03] (Malwarebytes)
- R1 MpKsla5e171a7; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{ADAAB0DA-3E7C-4136-971B-21571FF70A42}\MpKsla5e171a7.sys [58120 2018-11-02] (Microsoft Corporation)
- R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f5be1f8d25335236\nvlddmkm.sys [17212744 2018-08-22] (NVIDIA Corporation)
- R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
- S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
- S3 qcusbser; C:\Windows\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (QUALCOMM Incorporated)
- R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [984032 2017-09-19] (Realtek )
- S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
- S2 SecDrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [163644 2018-02-20] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Brak podpisu cyfrowego]
- S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
- R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [213216 2018-10-15] (Oracle Corporation)
- R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [223000 2018-10-15] (Oracle Corporation)
- S3 VOICEMOD_Driver; C:\Windows\system32\drivers\vmdrv.sys [45408 2018-03-15] (Windows (R) Win 7 DDK provider)
- R0 vsock; C:\Windows\System32\DRIVERS\vsock.sys [92040 2018-06-22] (VMware, Inc.)
- R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc.)
- S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
- R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
- R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
- U4 npcap_wifi; Brak ImagePath
- S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
- S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X]
- S3 RtlWlanu; \SystemRoot\System32\drivers\rtwlanu.sys [X]
- S3 VBAudioVACMME; \SystemRoot\system32\DRIVERS\vbaudio_cable64_win7.sys [X]
- S3 VBAudioVMVAIOMME; \SystemRoot\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [X]
- S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
- ==================== NetSvcs (filtrowane) ===================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- ==================== Jeden miesiąc - utworzone pliki i foldery ========
- (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
- 2018-11-03 12:11 - 2018-11-03 12:11 - 000111152 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
- 2018-11-02 19:28 - 2018-11-02 19:28 - 000119136 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
- 2018-11-02 19:28 - 2018-11-02 19:28 - 000063768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
- 2018-11-02 19:24 - 2018-11-02 19:24 - 000260480 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
- 2018-11-02 19:24 - 2018-11-02 19:24 - 000000008 __RSH C:\ProgramData\ntuser.pol
- 2018-11-02 19:14 - 2018-11-02 19:14 - 000000000 ____D C:\Windows\Panther
- 2018-11-02 18:40 - 2018-11-02 19:22 - 000011660 _____ C:\Users\twujstary\Desktop\Fixlog.txt
- 2018-11-02 18:10 - 2018-11-02 18:40 - 000004935 _____ C:\Users\twujstary\Downloads\i.txt
- 2018-11-02 17:32 - 2018-11-02 17:32 - 000052792 _____ C:\Users\twujstary\Desktop\Shortcut.txt
- 2018-11-02 17:31 - 2018-11-02 17:32 - 000056280 _____ C:\Users\twujstary\Desktop\Addition.txt
- 2018-11-02 17:30 - 2018-11-03 12:14 - 000019749 _____ C:\Users\twujstary\Desktop\FRST.txt
- 2018-11-02 16:10 - 2018-11-02 16:14 - 000000000 ____D C:\Users\twujstary\AppData\Roaming\.purple
- 2018-11-02 16:09 - 2018-11-02 16:09 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pidgin.lnk
- 2018-11-02 16:08 - 2018-11-02 19:24 - 000000000 ____D C:\ProgramData\Mullvad VPN
- 2018-11-02 16:08 - 2018-11-02 16:19 - 000000000 ____D C:\Users\twujstary\AppData\Local\Mullvad VPN
- 2018-11-02 16:08 - 2018-11-02 16:09 - 000000000 ____D C:\Program Files (x86)\Pidgin
- 2018-11-02 16:08 - 2018-11-02 16:08 - 000001858 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mullvad VPN.lnk
- 2018-11-02 16:08 - 2018-11-02 16:08 - 000001846 _____ C:\Users\Public\Desktop\Mullvad VPN.lnk
- 2018-11-02 16:08 - 2018-11-02 16:08 - 000000000 ____D C:\Users\twujstary\AppData\Roaming\Mullvad VPN
- 2018-11-02 16:08 - 2018-11-02 16:08 - 000000000 ____D C:\Program Files\Mullvad VPN
- 2018-11-02 16:07 - 2018-11-02 16:07 - 056126080 _____ (Mullvad VPN) C:\Users\twujstary\Desktop\MullvadVPN-2018.4.exe
- 2018-11-02 16:04 - 2018-11-02 16:05 - 008671032 _____ C:\Users\twujstary\Downloads\pidgin-2.13.0.exe
- 2018-11-02 15:07 - 2018-11-02 15:07 - 000001113 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
- 2018-11-02 14:17 - 2018-11-02 14:17 - 000000000 ____D C:\Users\twujstary\AppData\Local\mbam
- 2018-11-02 14:16 - 2018-11-02 14:16 - 000198000 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
- 2018-11-02 14:16 - 2018-11-02 14:16 - 000001880 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
- 2018-11-02 14:16 - 2018-11-02 14:16 - 000000000 ____D C:\Users\twujstary\AppData\Local\mbamtray
- 2018-11-02 14:16 - 2018-11-02 14:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
- 2018-11-02 14:16 - 2018-11-02 14:16 - 000000000 ____D C:\ProgramData\Malwarebytes
- 2018-11-02 14:16 - 2018-10-18 09:44 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
- 2018-11-02 14:15 - 2018-11-02 14:16 - 078612224 _____ (Malwarebytes ) C:\Users\twujstary\Desktop\mb3-setup-consumer-3.6.1.2711-1.0.482-1.0.7607.exe
- 2018-11-02 14:01 - 2018-11-02 14:05 - 000000000 ____D C:\Windows\AppReadiness
- 2018-11-02 13:55 - 2018-11-02 13:55 - 000000000 _____ C:\Windows\SysWOW64\last.dump
- 2018-11-02 10:06 - 2018-11-02 10:06 - 000000000 ____D C:\Users\twujstary\Documents\Virtual Machines
- 2018-11-02 10:05 - 2018-11-02 10:07 - 000000000 ____D C:\Users\twujstary\AppData\Roaming\VMware
- 2018-11-02 10:05 - 2018-11-02 10:07 - 000000000 ____D C:\Users\twujstary\AppData\Local\VMware
- 2018-11-02 10:04 - 2018-09-19 04:16 - 000374192 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
- 2018-11-02 10:04 - 2018-09-19 04:10 - 000099272 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
- 2018-11-02 10:04 - 2018-06-22 01:31 - 000092040 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vsock.sys
- 2018-11-02 10:04 - 2018-06-22 01:31 - 000046472 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll
- 2018-11-02 10:04 - 2018-06-22 01:31 - 000042376 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
- 2018-11-02 10:03 - 2018-11-02 19:24 - 000000000 ____D C:\ProgramData\VMware
- 2018-11-02 10:03 - 2018-11-02 10:03 - 003231096 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
- 2018-11-02 10:03 - 2018-11-02 10:03 - 000001286 _____ C:\Users\Public\Desktop\VMware Workstation Pro.lnk
- 2018-11-02 10:03 - 2018-11-02 10:03 - 000001024 _____ C:\Windows\SysWOW64\%TMP%
- 2018-11-02 10:03 - 2018-11-02 10:03 - 000000000 ____D C:\Users\Public\Documents\Shared Virtual Machines
- 2018-11-02 10:03 - 2018-11-02 10:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
- 2018-11-02 10:03 - 2018-11-02 10:03 - 000000000 ____D C:\Program Files\Common Files\VMware
- 2018-11-02 10:03 - 2018-11-02 10:03 - 000000000 ____D C:\Program Files (x86)\VMware
- 2018-11-02 10:03 - 2018-09-19 04:17 - 001266096 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
- 2018-11-02 10:03 - 2018-09-19 04:16 - 000396208 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
- 2018-11-02 10:03 - 2018-09-19 04:16 - 000134104 _____ (VMware, Inc.) C:\Windows\system32\vnetinst.dll
- 2018-11-02 10:03 - 2018-09-19 04:16 - 000043992 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
- 2018-11-02 10:03 - 2018-09-05 22:43 - 000084752 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
- 2018-11-02 09:59 - 2018-11-02 10:01 - 536606728 _____ (VMware, Inc.) C:\Users\twujstary\Desktop\VMware-workstation-full-15.0.0-10134415.exe
- 2018-11-02 09:35 - 2018-11-02 15:09 - 000000000 ____D C:\Users\twujstary\VirtualBox VMs
- 2018-11-02 09:35 - 2018-11-02 15:09 - 000000000 ____D C:\Users\twujstary\.VirtualBox
- 2018-11-02 09:34 - 2018-11-02 15:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
- 2018-11-02 09:34 - 2018-11-02 09:34 - 000000000 ____D C:\Program Files\Oracle
- 2018-11-02 09:34 - 2018-10-15 11:27 - 000168824 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
- 2018-11-02 09:34 - 2018-10-15 11:26 - 000984512 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
- 2018-11-02 09:31 - 2018-11-02 09:31 - 114016768 _____ (Oracle Corporation) C:\Users\twujstary\Desktop\VirtualBox-5.2.20-125813-Win.exe
- 2018-11-02 08:49 - 2018-11-03 12:13 - 000000000 ____D C:\FRST
- 2018-11-02 08:49 - 2018-11-02 08:49 - 002414592 _____ (Farbar) C:\Users\twujstary\Desktop\FRST64.exe
- 2018-11-02 08:45 - 2018-11-02 08:46 - 048222451 _____ C:\Users\twujstary\Desktop\Desktop.rar
- 2018-11-02 08:41 - 2018-11-02 08:41 - 000000000 ___HD C:\$AV_AVG
- 2018-11-01 15:41 - 2018-11-01 16:17 - 000000000 ____D C:\Users\twujstary\Desktop\FON
- 2018-10-31 20:28 - 2018-10-31 20:28 - 000853504 _____ (WarGods.ro) C:\Users\twujstary\Desktop\WarGods Cheat Defender Win8.exe
- 2018-10-30 21:09 - 2018-10-30 21:09 - 002615821 _____ C:\Users\twujstary\Downloads\bhop_mann.rar
- 2018-10-29 19:57 - 2018-10-29 19:57 - 000001712 _____ C:\Users\Public\Desktop\FxSound Enhancer.lnk
- 2018-10-29 19:57 - 2018-10-29 19:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FxSound Enhancer
- 2018-10-29 19:56 - 2018-10-29 19:57 - 004121969 _____ C:\Users\twujstary\Downloads\FxSound Enhancer 13.008 Setup + Crack.rar
- 2018-10-27 20:55 - 2018-10-27 20:56 - 077976048 _____ (TeamSpeak Systems GmbH) C:\Users\twujstary\Desktop\TeamSpeak3-Client-win64-3.1.10.exe
- 2018-10-26 22:20 - 2018-10-26 22:49 - 000000000 ____D C:\Users\twujstary\AppData\Roaming\HLSW
- 2018-10-26 22:20 - 2018-10-26 22:20 - 011613796 _____ (Stripf Software ) C:\Users\twujstary\Desktop\hlsw_1_4_0_2_setup.exe
- 2018-10-26 22:20 - 2018-10-26 22:20 - 000001024 _____ C:\Users\twujstary\Desktop\HLSW.lnk
- 2018-10-26 22:20 - 2018-10-26 22:20 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HLSW
- 2018-10-26 22:20 - 2018-10-26 22:20 - 000000000 ___SD C:\Program Files (x86)\HLSW
- 2018-10-26 19:46 - 2018-10-26 21:33 - 000000000 ____D C:\Users\twujstary\Documents\Assassin's Creed Syndicate
- 2018-10-25 21:48 - 2018-10-25 22:19 - 000000497 _____ C:\Users\twujstary\Desktop\Nowy AutoHotkey Script.ahk
- 2018-10-19 15:12 - 2018-10-19 15:12 - 000001038 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk
- 2018-10-15 11:26 - 2018-10-15 11:26 - 000223000 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys
- 2018-10-15 11:26 - 2018-10-15 11:26 - 000213216 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp6.sys
- 2018-10-13 18:38 - 2018-10-13 18:38 - 000000000 ____D C:\Users\twujstary\AppData\Roaming\obs-studio-node-server
- 2018-10-13 17:39 - 2018-10-13 17:39 - 001135289 _____ C:\Users\twujstary\Desktop\Nowy dokument tekstowy.txt
- 2018-10-13 17:38 - 2018-10-13 17:38 - 001135289 _____ C:\Users\twujstary\Desktop\Nowy dokument tekstowy.js
- 2018-10-12 11:17 - 2018-10-12 11:17 - 000005074 _____ C:\Users\twujstary\AppData\Local\recently-used.xbel
- 2018-10-10 20:14 - 2018-10-10 20:14 - 000855568 _____ C:\Users\twujstary\Documents\belmondo.xcf
- 2018-10-07 12:27 - 2018-10-07 12:27 - 000025092 _____ C:\Users\twujstary\Downloads\ATPP.v1.3.zip
- 2018-10-07 12:14 - 2018-10-07 12:14 - 000000000 ____D C:\Program Files (x86)\Auslogics
- 2018-10-07 12:13 - 2018-10-07 12:13 - 021221088 _____ (Auslogics ) C:\Users\twujstary\Desktop\boost-speed-setup.exe
- 2018-10-07 12:02 - 2018-10-07 12:04 - 926056410 _____ C:\Users\twujstary\Desktop\rap.rar
- 2018-10-07 11:57 - 2018-10-07 11:58 - 930573556 _____ C:\Users\twujstary\Desktop\erape.rar
- 2018-10-07 11:52 - 2018-10-07 11:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskTrix
- 2018-10-07 11:52 - 2018-10-07 11:52 - 000000000 ____D C:\Program Files (x86)\DiskTrix
- 2018-10-07 11:51 - 2018-10-07 11:51 - 002547712 _____ C:\Users\twujstary\Desktop\UltimateDefragFREE(dobreprogramy.pl).exe
- ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
- (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
- 2018-11-02 22:56 - 2017-09-19 16:12 - 000000000 ____D C:\ProgramData\NVIDIA
- 2018-11-02 19:24 - 2017-03-23 03:19 - 000000006 ____H C:\Windows\Tasks\SA.DAT
- 2018-11-02 19:23 - 2017-03-18 12:40 - 000786432 _____ C:\Windows\system32\config\BBI
- 2018-11-02 19:19 - 2017-03-18 22:03 - 000000000 ___HD C:\Windows\system32\GroupPolicy
- 2018-11-02 19:19 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
- 2018-11-02 19:16 - 2017-03-23 03:19 - 000235432 _____ C:\Windows\system32\FNTCACHE.DAT
- 2018-11-02 19:14 - 2018-09-29 16:50 - 000000000 ____D C:\Users\twujstary\AppData\Local\Avg
- 2018-11-02 19:14 - 2018-09-29 16:47 - 000000000 ____D C:\ProgramData\AVG
- 2018-11-02 18:40 - 2018-09-29 16:49 - 000000000 ____D C:\Windows\System32\Tasks\AVG
- 2018-11-02 18:40 - 2018-05-04 17:50 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
- 2018-11-02 18:23 - 2018-04-01 12:34 - 000000000 ____D C:\Users\twujstary\AppData\Roaming\slobs-client
- 2018-11-02 18:23 - 2017-03-23 03:28 - 003239184 _____ C:\Windows\system32\PerfStringBackup.INI
- 2018-11-02 18:23 - 2017-03-20 04:58 - 001524622 _____ C:\Windows\system32\perfh015.dat
- 2018-11-02 18:23 - 2017-03-20 04:58 - 000374940 _____ C:\Windows\system32\perfc015.dat
- 2018-11-02 16:34 - 2017-09-19 16:24 - 000000000 ____D C:\Users\twujstary\AppData\Roaming\TS3Client
- 2018-11-02 16:19 - 2017-09-19 16:36 - 000000000 ____D C:\Users\twujstary\AppData\LocalLow\Mozilla
- 2018-11-02 16:13 - 2017-10-03 15:13 - 000000000 ____D C:\Users\twujstary\AppData\Local\CrashDumps
- 2018-11-02 16:08 - 2017-10-05 18:03 - 000000000 ____D C:\Program Files (x86)\Mullvad
- 2018-11-02 15:09 - 2017-03-18 22:01 - 000000000 ____D C:\Windows\INF
- 2018-11-02 14:13 - 2017-10-08 10:38 - 000000000 ____D C:\Users\twujstary\AppData\Roaming\TrueCrypt
- 2018-11-02 14:08 - 2018-05-12 12:12 - 000000000 ____D C:\ProgramData\VMProtect Software
- 2018-11-02 14:08 - 2018-02-18 14:32 - 000000000 ____D C:\Program Files (x86)\WoM2
- 2018-11-02 14:08 - 2017-09-19 17:02 - 000000000 ____D C:\Users\twujstary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
- 2018-11-02 14:07 - 2018-08-22 09:11 - 000000000 ____D C:\Users\twujstary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VB Audio
- 2018-11-02 14:07 - 2018-08-22 09:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio
- 2018-11-02 14:07 - 2018-08-22 09:11 - 000000000 ____D C:\Program Files\VB
- 2018-11-02 14:07 - 2018-05-11 13:38 - 000000000 ____D C:\Users\twujstary\AppData\Local\TP-Link
- 2018-11-02 14:07 - 2018-04-27 19:06 - 000000000 ____D C:\Users\twujstary\AppData\Roaming\Visual Studio Setup
- 2018-11-02 14:07 - 2018-04-11 12:34 - 000000000 ____D C:\ProgramData\Hi-Rez Studios
- 2018-11-02 14:07 - 2017-09-21 14:22 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
- 2018-11-02 14:06 - 2018-05-11 13:39 - 000000000 ____D C:\ProgramData\TP-Link
- 2018-11-02 14:06 - 2018-02-14 13:16 - 000000000 ____D C:\Program Files\rempl
- 2018-11-02 14:06 - 2017-10-17 19:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
- 2018-11-02 14:05 - 2018-09-22 19:13 - 000000000 ____D C:\Program Files (x86)\Symulator Jazdy 2
- 2018-11-02 14:05 - 2018-05-28 15:37 - 000000000 ____D C:\Program Files\Sandboxie
- 2018-11-02 14:05 - 2017-09-23 03:57 - 000000000 ____D C:\Users\twujstary\AppData\Roaming\TeamViewer
- 2018-11-02 14:05 - 2017-03-23 03:28 - 000000000 ____D C:\Users\twujstary\AppData\Local\Packages
- 2018-11-02 14:05 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
- 2018-11-02 14:04 - 2018-07-08 18:31 - 000000000 ____D C:\Users\twujstary\Documents\AutomaticSolution Software
- 2018-11-02 14:04 - 2017-09-30 13:06 - 000000000 ____D C:\Program Files\Rockstar Games
- 2018-11-02 14:04 - 2017-09-30 13:06 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
- 2018-11-02 14:02 - 2018-07-14 13:55 - 000000000 ____D C:\Program Files (x86)\MTA San Andreas 1.5
- 2018-11-02 14:02 - 2018-07-14 13:54 - 000000000 ____D C:\ProgramData\MTA San Andreas All
- 2018-11-02 14:02 - 2017-09-19 16:24 - 000000000 ____D C:\ProgramData\Package Cache
- 2018-11-02 14:01 - 2018-01-20 20:40 - 000000000 ____D C:\Users\twujstary\AppData\Roaming\IrfanView
- 2018-11-02 14:00 - 2018-09-11 13:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
- 2018-11-02 13:59 - 2018-09-30 09:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garena
- 2018-11-02 13:59 - 2018-09-30 09:30 - 000000000 ____D C:\ProgramData\Garena
- 2018-11-02 13:59 - 2018-09-30 09:30 - 000000000 ____D C:\Program Files (x86)\Garena
- 2018-11-02 13:59 - 2018-09-11 13:27 - 000000000 ____D C:\Users\twujstary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
- 2018-11-02 13:59 - 2017-11-28 16:16 - 000000000 ____D C:\Users\twujstary\AppData\Local\GG
- 2018-11-02 13:59 - 2017-10-22 15:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
- 2018-11-02 13:59 - 2017-09-22 18:31 - 000000000 ____D C:\Fraps
- 2018-11-02 13:58 - 2018-01-05 02:15 - 000000000 ____D C:\Program Files\Epic Games
- 2018-11-02 13:58 - 2017-11-02 13:27 - 000000000 ____D C:\ProgramData\Orbit
- 2018-11-02 13:58 - 2017-10-11 18:18 - 000000000 ____D C:\Users\twujstary\Documents\My Games
- 2018-11-02 13:57 - 2018-01-27 22:21 - 000000000 ____D C:\Program Files (x86)\Counter Strike 1.6 v23
- 2018-11-02 13:57 - 2017-11-09 16:19 - 000000000 ____D C:\Users\twujstary\AppData\Local\Dxtory Software
- 2018-11-02 13:56 - 2017-11-02 12:35 - 000000000 ____D C:\Program Files\CCleaner
- 2018-11-02 09:35 - 2017-03-23 03:27 - 000000000 ____D C:\Users\twujstary
- 2018-11-01 14:23 - 2018-09-01 21:21 - 000000000 ___RD C:\Users\twujstary\Desktop\mixtape
- 2018-11-01 14:23 - 2018-07-11 14:36 - 000000000 ____D C:\Users\twujstary\Documents\REAPER Media
- 2018-11-01 13:40 - 2018-04-11 04:09 - 000000000 ___RD C:\Users\twujstary\Desktop\rapssyyy
- 2018-10-31 20:18 - 2018-04-01 12:33 - 000000000 ____D C:\Program Files\Streamlabs OBS
- 2018-10-30 14:00 - 2018-08-07 12:24 - 000000000 ____D C:\Users\twujstary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DFX for JRiver
- 2018-10-29 19:59 - 2018-08-07 12:24 - 000000000 ____D C:\Program Files (x86)\DFX
- 2018-10-28 14:00 - 2017-03-23 03:19 - 000000000 ____D C:\Windows\system32\SleepStudy
- 2018-10-27 20:57 - 2018-09-24 16:49 - 000000968 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
- 2018-10-27 20:57 - 2017-09-19 16:24 - 000000930 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
- 2018-10-23 10:44 - 2017-03-18 22:03 - 000000000 ___HD C:\Windows\ELAMBKUP
- 2018-10-19 15:12 - 2017-09-25 13:20 - 000000000 ____D C:\Program Files\Opera
- 2018-10-12 11:18 - 2017-09-26 14:26 - 000000000 ____D C:\Users\twujstary\.gimp-2.8
- 2018-10-12 11:17 - 2017-09-27 18:24 - 000000000 ____D C:\Users\twujstary\AppData\Local\gtk-2.0
- 2018-10-12 10:52 - 2017-09-19 16:35 - 000000000 ____D C:\Program Files\Mozilla Firefox
- 2018-10-12 10:52 - 2017-09-19 16:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
- 2018-10-10 13:29 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\SysWOW64\Macromed
- 2018-10-10 13:29 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\system32\Macromed
- 2018-10-09 13:17 - 2017-10-04 10:02 - 000000000 ____D C:\Users\twujstary\AppData\Roaming\Notepad++
- 2018-10-07 12:36 - 2018-02-24 15:39 - 000000000 ____D C:\Users\twujstary\AppData\Local\SquirrelTemp
- 2018-10-07 12:36 - 2017-10-17 19:47 - 000000000 ____D C:\Users\twujstary\AppData\Roaming\Sony
- 2018-10-07 12:36 - 2017-09-19 19:02 - 000000000 ____D C:\ProgramData\Norton
- 2018-10-07 12:36 - 2017-09-19 16:11 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
- 2018-10-07 12:36 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\LiveKernelReports
- 2018-10-07 12:30 - 2018-09-08 17:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed Rivals
- 2018-10-07 12:30 - 2018-03-31 20:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
- 2018-10-07 12:30 - 2018-02-09 16:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Forza Horizon 3
- 2018-10-07 12:30 - 2017-10-21 08:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Watch_Dogs 2
- 2018-10-07 12:30 - 2017-10-18 12:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed Unity
- 2018-10-07 12:30 - 2017-10-01 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed IV Black Flag
- 2018-10-07 12:21 - 2017-03-18 22:03 - 000000000 __RSD C:\Windows\Media
- 2018-10-07 12:21 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\Registration
- 2018-10-07 12:21 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\IME
- 2018-10-07 12:21 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\Help
- 2018-10-07 10:33 - 2018-09-22 16:06 - 000000000 ___RD C:\Users\twujstary\Creative Cloud Files
- 2018-10-07 10:33 - 2017-10-11 17:50 - 000000000 ____D C:\Users\twujstary\AppData\Local\Adobe
- ==================== Pliki w katalogu głównym wybranych folderów =======
- 2017-12-16 19:28 - 2015-02-15 15:03 - 000421888 _____ () C:\Program Files\lame_enc.dll
- 2017-03-18 21:59 - 2017-03-18 21:59 - 000174592 ____N (Microsoft Corporation) C:\Program Files (x86)\Common Files\LeruiekwBgIiD.exe
- 2018-02-03 02:36 - 2018-02-03 02:36 - 000000054 _____ () C:\Users\twujstary\AppData\Roaming\updater.cfg
- 2018-08-22 09:26 - 2018-08-22 09:55 - 000004617 _____ () C:\Users\twujstary\AppData\Roaming\VoiceMeeterDefault.xml
- 2017-10-05 20:58 - 2018-02-25 15:29 - 000000600 _____ () C:\Users\twujstary\AppData\Roaming\winscp.rnd
- 2018-03-29 21:14 - 2018-03-29 21:14 - 000000037 ___SH () C:\Users\twujstary\AppData\Local\20986331705021ca58edc424.96250074
- 2018-08-12 16:00 - 2018-08-12 16:00 - 000172923 _____ () C:\Users\twujstary\AppData\Local\3AC4.tmp
- 2018-08-12 16:11 - 2018-08-12 16:11 - 000123332 _____ () C:\Users\twujstary\AppData\Local\4A98.tmp
- 2018-08-12 16:26 - 2018-08-12 16:26 - 000177678 _____ () C:\Users\twujstary\AppData\Local\74ED.tmp
- 2018-09-28 10:41 - 2018-09-28 10:41 - 000000000 _____ () C:\Users\twujstary\AppData\Local\oobelibMkey.log
- 2017-10-05 20:28 - 2018-03-29 14:24 - 000000600 _____ () C:\Users\twujstary\AppData\Local\PUTTY.RND
- 2018-10-12 11:17 - 2018-10-12 11:17 - 000005074 _____ () C:\Users\twujstary\AppData\Local\recently-used.xbel
- 2017-09-20 09:23 - 2018-03-16 14:40 - 000007606 _____ () C:\Users\twujstary\AppData\Local\Resmon.ResmonCfg
- 2017-12-28 03:45 - 2017-12-28 03:45 - 000000000 _____ () C:\Users\twujstary\AppData\Local\zenmap.exe.log
- ==================== Bamital & volsnap ======================
- (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
- C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo
- C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo
- C:\Windows\explorer.exe => Plik podpisany cyfrowo
- C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo
- C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo
- C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo
- C:\Windows\system32\services.exe => Plik podpisany cyfrowo
- C:\Windows\system32\User32.dll => Plik podpisany cyfrowo
- C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo
- C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo
- C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo
- C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo
- C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo
- C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
- C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo
- LastRegBack: 2018-10-30 09:18
- ==================== Koniec FRST.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement