Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 19.08.2018 02
- Uruchomiony przez Czacha (administrator) LAPTOP-5AJ8S20G (22-08-2018 20:30:47)
- Uruchomiony z C:\Users\Czacha\Desktop
- Załadowane profile: Czacha (Dostępne profile: Czacha)
- Platform: Windows 10 Home Wersja 1709 16299.547 (X64) Język: Polski (Polska)
- Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome)
- Tryb startu: Normal
- Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Procesy (filtrowane) =================
- (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
- (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
- (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igfxCUIService.exe
- (Microsoft Corporation) C:\Windows\System32\wlanext.exe
- (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
- (COMODO) C:\Program Files (x86)\Comodo\COMODO Secure Shopping\csssrv64.exe
- (Intel Corporation) C:\Windows\System32\ibtsiva.exe
- (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
- (Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
- (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
- (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
- (COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
- (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
- (Conexant Systems, Inc.) C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe
- (Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
- (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
- (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
- (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
- (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
- (Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
- (Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
- (Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
- (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
- () C:\ProgramData\Microsoft\Windows\Power\PowerSvc.exe
- () C:\Program Files\fik Branton Updater\Branton.exe
- (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
- (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
- (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
- (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
- () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
- (CloudBees, Inc.) C:\ProgramData\Microsoft\Windows\EventSvc\eventsvc.exe
- () C:\ProgramData\Microsoft\Windows\EventSvc\work0.exe
- (Microsoft Corporation) C:\Windows\System32\dllhost.exe
- (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
- (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
- (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
- (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
- () C:\Program Files\Branton\Branton.exe
- (Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
- (Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
- (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
- (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
- () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
- (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
- (Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
- (f.lux Software LLC) C:\Users\Czacha\AppData\Local\FluxSoftware\Flux\flux.exe
- (Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
- (Epic Games, Inc.) C:\Program Files (x86)\Gry\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
- (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igfxEM.exe
- (COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
- (SweetLabs, Inc) C:\Users\Czacha\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
- (Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
- (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
- (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
- (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
- (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
- (Python Software Foundation) C:\Users\Czacha\AppData\Roaming\YoutubeDownloader\python\python.exe
- (AIMP DevTeam) C:\Program Files (x86)\AIMP\AIMP.exe
- (Microsoft Corporation) C:\Windows\System32\dllhost.exe
- (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
- ==================== Rejestr (filtrowane) ===========================
- (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
- HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
- HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
- HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [602968 2015-12-07] (Conexant Systems, Inc.)
- HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323056 2015-11-04] (Intel Corporation)
- HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (Lenovo(beijing) Limited)
- HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2208448 2018-03-13] (COMODO)
- HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830232 2016-03-08] (Conexant Systems, Inc.)
- HKLM-x32\...\Run: [vdcss] => C:\Program Files (x86)\COMODO\COMODO Secure Shopping\vdcss.exe [7690936 2017-06-30] (COMODO)
- HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4072376 2018-01-17] (COMODO)
- HKU\S-1-5-21-661999521-1470042451-2146426113-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4958912 2016-11-17] (Disc Soft Ltd)
- HKU\S-1-5-21-661999521-1470042451-2146426113-1001\...\Run: [Gaijin.Net Agent] => C:\Users\Czacha\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2268232 2017-12-29] (Gaijin Entertainment)
- HKU\S-1-5-21-661999521-1470042451-2146426113-1001\...\Run: [Steam] => C:\Program Files (x86)\SteamN\steam.exe [3206432 2018-08-09] (Valve Corporation)
- HKU\S-1-5-21-661999521-1470042451-2146426113-1001\...\Run: [f.lux] => C:\Users\Czacha\AppData\Local\FluxSoftware\Flux\flux.exe [1806344 2018-07-03] (f.lux Software LLC)
- HKU\S-1-5-21-661999521-1470042451-2146426113-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [7368480 2018-08-19] (Lavasoft)
- HKU\S-1-5-21-661999521-1470042451-2146426113-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Gry\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32973712 2018-07-26] (Epic Games, Inc.)
- HKU\S-1-5-21-661999521-1470042451-2146426113-1001\...\Run: [YoutubeDownloader_upd] => C:\Users\Czacha\AppData\Roaming\YoutubeDownloader_upd\python\pythonw.exe [95904 2018-08-01] (Python Software Foundation) <==== UWAGA
- HKU\S-1-5-21-661999521-1470042451-2146426113-1001\...\Run: [YoutubeDownloader] => C:\Users\Czacha\AppData\Roaming\YoutubeDownloader\python\pythonw.exe [95904 2018-08-01] (Python Software Foundation) <==== UWAGA
- HKU\S-1-5-21-661999521-1470042451-2146426113-1001\...\MountPoints2: {b7c39bfb-af39-11e6-af16-001e101f6e95} - "F:\setup.exe"
- HKU\S-1-5-21-661999521-1470042451-2146426113-1001\...\MountPoints2: {c9dd9127-4e39-11e7-af8c-c85b76110638} - "F:\HiSuiteDownLoader.exe"
- Startup: C:\Users\Czacha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamerHash.lnk [2018-08-17]
- ShortcutTarget: GamerHash.lnk -> C:\Users\Czacha\AppData\Local\GamerHash\GamerHashLauncher.exe (Brak pliku)
- ==================== Internet (filtrowane) ====================
- (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
- Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
- Tcpip\..\Interfaces\{2b152973-32aa-4a4e-9341-96c812872784}: [NameServer] 192.168.200.1,213.199.225.14
- Tcpip\..\Interfaces\{9cb7c6f8-b0b2-45d7-a9fe-80fcf71f4292}: [NameServer] 82.163.143.178,82.163.142.180
- Tcpip\..\Interfaces\{9cb7c6f8-b0b2-45d7-a9fe-80fcf71f4292}: [DhcpNameServer] 192.168.1.1
- Internet Explorer:
- ==================
- HKU\S-1-5-21-661999521-1470042451-2146426113-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
- HKU\S-1-5-21-661999521-1470042451-2146426113-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
- HKU\S-1-5-21-661999521-1470042451-2146426113-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
- SearchScopes: HKU\S-1-5-21-661999521-1470042451-2146426113-1001 -> DefaultScope {578ABA60-4607-4998-910A-C2BB53A5630E} URL =
- SearchScopes: HKU\S-1-5-21-661999521-1470042451-2146426113-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://pl.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10454__180606__yaie&p={searchTerms}
- BHO: IeUrlFilter Class -> {2DD257A3-5028-41AE-A1E7-A12F76A08893} -> C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho64.dll [2017-06-30] (COMODO)
- BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-08-18] (Microsoft Corporation)
- BHO-x32: IeUrlFilter Class -> {2DD257A3-5028-41AE-A1E7-A12F76A08893} -> C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll [2017-06-30] (COMODO)
- Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-18] (Microsoft Corporation)
- Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-18] (Microsoft Corporation)
- Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-18] (Microsoft Corporation)
- Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-18] (Microsoft Corporation)
- FireFox:
- ========
- FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-06] (Microsoft Corporation)
- FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
- FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
- FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
- FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
- Chrome:
- =======
- CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
- CHR DefaultSearchKeyword: Default -> Adaware Secure
- CHR Profile: C:\Users\Czacha\AppData\Local\Google\Chrome\User Data\Default [2018-08-18]
- CHR Extension: (Prezentacje) - C:\Users\Czacha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
- CHR Extension: (Dokumenty) - C:\Users\Czacha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
- CHR Extension: (Dysk Google) - C:\Users\Czacha\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-15]
- CHR Extension: (YouTube) - C:\Users\Czacha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-15]
- CHR Extension: (Adblock Plus) - C:\Users\Czacha\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-08-16]
- CHR Extension: (Adaware Ad Block) - C:\Users\Czacha\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmllgdnjnkbapbchnebiedipojhmnjej [2018-08-18]
- CHR Extension: (Galaxy-View) - C:\Users\Czacha\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcbeddldohkakodfncjnkkjfojggbahp [2016-11-14]
- CHR Extension: (Arkusze) - C:\Users\Czacha\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
- CHR Extension: (Dokumenty Google offline) - C:\Users\Czacha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-15]
- CHR Extension: (Save to Facebook) - C:\Users\Czacha\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2017-01-11]
- CHR Extension: (Adaware Secure) - C:\Users\Czacha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj [2018-08-16]
- CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Czacha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-02]
- CHR Extension: (Adaware Web Protection) - C:\Users\Czacha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnooggpliipegmffiolegeppbgkclbpi [2018-08-18]
- CHR Extension: (Gmail) - C:\Users\Czacha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-15]
- CHR Extension: (Chrome Media Router) - C:\Users\Czacha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-17]
- CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx
- CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx
- CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx
- ==================== Usługi (filtrowane) ====================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7206312 2018-07-17] ()
- S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [688992 2017-02-27] (Lenovo)
- R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8853984 2018-08-09] (Microsoft Corporation)
- R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11395096 2018-03-13] (COMODO)
- R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2018-03-13] (COMODO)
- R2 csssrv; C:\Program Files (x86)\COMODO\COMODO Secure Shopping\csssrv64.exe [3210936 2017-06-30] (COMODO)
- R2 CxUtilSvc; C:\Program Files\Conexant\SAII\CxUtilSvc.exe [132096 2016-05-12] (Conexant Systems, Inc.) [Brak podpisu cyfrowego]
- R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1473216 2016-11-17] (Disc Soft Ltd)
- R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [3074312 2018-07-04] (Comodo)
- S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [776832 2018-05-02] (EasyAntiCheat Ltd)
- R2 EventSvc; C:\ProgramData\Microsoft\Windows\EventSvc\eventsvc.exe [360448 2018-07-24] (CloudBees, Inc.) [Brak podpisu cyfrowego] <==== UWAGA
- R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-29] (Lenovo)
- S4 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
- S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation)
- R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [184064 2017-01-13] (Intel Corporation)
- S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Brak podpisu cyfrowego]
- R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [71408 2018-05-16] (Lenovo Group Limited)
- R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1199544 2018-01-17] (COMODO)
- S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273544 2016-12-07] (Lenovo)
- S4 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [655744 2012-06-28] ()
- S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2017-02-13] ()
- R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
- S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
- R2 PowerSvc; C:\ProgramData\Microsoft\Windows\Power\PowerSvc.exe [6406448 2018-06-25] () [Brak podpisu cyfrowego] <==== UWAGA
- R2 SAService; C:\WINDOWS\system32\SAsrv.exe [431960 2015-09-15] (Conexant Systems, Inc.)
- R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [267328 2017-05-16] (Synaptics Incorporated)
- R2 Update Service; C:\Program Files\fik Branton Updater\Branton.exe [788480 2018-08-17] () [Brak podpisu cyfrowego]
- R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25888 2018-08-19] ()
- S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
- S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
- S2 WMPNetworkAcSvc; C:\Users\Czacha\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe [3920896 2018-08-16] () [Brak podpisu cyfrowego] <==== UWAGA
- R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3743648 2017-02-13] (Intel® Corporation)
- R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
- R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
- S2 SysSvc; "C:\Users\Czacha\AppData\Local\NtvHost\syssvc.exe" [X]
- ===================== Sterowniki (filtrowane) ======================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- R1 cmdcss; C:\WINDOWS\system32\drivers\cmdcss.sys [126056 2017-03-31] (COMODO)
- R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [44056 2018-02-02] (COMODO)
- R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [830448 2018-02-02] (COMODO)
- R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50768 2018-02-02] (COMODO)
- R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-11-22] (Disc Soft Ltd)
- R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-11-22] (Disc Soft Ltd)
- R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [253696 2017-01-13] (Intel Corporation)
- R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [133896 2018-02-02] (COMODO)
- R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63200 2017-12-13] (COMODO)
- R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2017-09-29] (Intel Corporation)
- S3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_bc6256506b580c14\nvlddmkm.sys [16923064 2017-10-07] (NVIDIA Corporation)
- S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-11] (NVIDIA Corporation)
- R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation)
- R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-10-11] (NVIDIA Corporation)
- R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-23] (Realtek )
- R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-08-05] (Realsil Semiconductor Corporation)
- S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
- R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [1057864 2016-10-03] (Sunplus Innovation Technology Inc.)
- S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
- S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
- S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
- R3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
- S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
- S3 xhunter1; C:\WINDOWS\xhunter1.sys [37344 2017-04-29] (Wellbia.com Co., Ltd.)
- ==================== NetSvcs (filtrowane) ===================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- ==================== Jeden miesiąc - utworzone pliki i foldery ========
- (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
- 2018-08-22 20:30 - 2018-08-22 20:31 - 000022692 _____ C:\Users\Czacha\Desktop\FRST.txt
- 2018-08-22 20:30 - 2018-08-22 20:30 - 000000000 ____D C:\FRST
- 2018-08-22 20:29 - 2018-08-22 10:18 - 002413056 _____ (Farbar) C:\Users\Czacha\Desktop\FRST64.exe
- 2018-08-22 20:29 - 2018-08-22 10:18 - 001773568 _____ (Farbar) C:\Users\Czacha\Desktop\FRST.exe
- 2018-08-18 15:21 - 2018-08-18 15:21 - 000002067 _____ C:\Users\Public\Desktop\Hotel Giant 2.lnk
- 2018-08-18 15:21 - 2018-08-18 15:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotel Giant 2
- 2018-08-18 15:16 - 2018-08-18 15:18 - 000000000 ____D C:\Users\Czacha\Downloads\Hotel Giant Tycoon 2
- 2018-08-18 12:31 - 2018-08-18 12:31 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
- 2018-08-18 12:31 - 2018-08-18 12:31 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
- 2018-08-18 12:31 - 2018-08-18 12:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Narzędzia pakietu Microsoft Office
- 2018-08-17 20:12 - 2018-08-18 18:29 - 000000000 ____D C:\Users\Czacha\AppData\Local\NtvHost
- 2018-08-17 19:53 - 2018-08-17 19:53 - 000013976 _____ C:\WINDOWS\System32\Tasks\Branton
- 2018-08-17 19:53 - 2018-08-17 19:53 - 000003964 _____ C:\WINDOWS\System32\Tasks\Branton Launcher
- 2018-08-17 19:53 - 2018-08-17 19:53 - 000001540 _____ C:\WINDOWS\Tasks\Branton.job
- 2018-08-17 19:53 - 2018-08-17 19:53 - 000000490 _____ C:\WINDOWS\Tasks\Branton Launcher.job
- 2018-08-17 19:53 - 2018-08-17 19:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fik Branton Updater
- 2018-08-17 19:53 - 2018-08-17 19:53 - 000000000 ____D C:\Program Files\fik Branton Updater
- 2018-08-17 19:53 - 2018-08-17 19:53 - 000000000 ____D C:\Program Files\Branton
- 2018-08-17 19:52 - 2018-08-17 21:07 - 000000000 ____D C:\Users\Czacha\AppData\Local\GoogleChromeUserData
- 2018-08-17 19:52 - 2018-08-17 19:52 - 000000034 _____ C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}
- 2018-08-17 19:52 - 2018-08-17 19:52 - 000000000 ____D C:\Users\Czacha\AppData\Roaming\WMPNetworkAcSvc
- 2018-08-17 19:50 - 2018-08-17 19:52 - 000000000 ____D C:\Users\Czacha\AppData\Local\GoogleChromeApplication
- 2018-08-17 19:47 - 2018-08-17 20:00 - 000000000 ____D C:\Users\Czacha\AppData\Roaming\YoutubeDownloader_upd
- 2018-08-17 19:47 - 2018-08-17 20:00 - 000000000 ____D C:\Users\Czacha\AppData\Roaming\YoutubeDownloader
- 2018-08-17 19:47 - 2018-08-17 19:47 - 000004010 _____ C:\WINDOWS\System32\Tasks\YoutubeDownloader_upd
- 2018-08-17 19:47 - 2018-08-17 19:47 - 000003540 _____ C:\WINDOWS\System32\Tasks\YoutubeDownloader
- 2018-08-17 19:42 - 2018-08-17 19:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerSnowie
- 2018-08-17 15:30 - 2018-08-17 20:46 - 886519864 _____ C:\Users\Czacha\Downloads\Hearts of Iron 2 Doomsday - Armagedon[PL].rar
- 2018-08-17 15:28 - 2018-08-17 23:14 - 000000000 ____D C:\Users\Czacha\AppData\LocalLow\uTorrent
- 2018-08-17 15:05 - 2018-08-17 15:05 - 000001335 _____ C:\Users\Czacha\Desktop\Hearts of Iron IV Waking the Tiger.lnk
- 2018-08-17 11:46 - 2018-08-17 12:49 - 000000000 ____D C:\Users\Czacha\Downloads\codex-hearts.of.iron.iv.waking.the.tiger
- 2018-08-16 23:17 - 2018-08-18 12:26 - 000000000 ____D C:\Users\Czacha\Documents\Paradox Interactive
- 2018-08-16 23:17 - 2018-08-16 23:17 - 000000000 ____D C:\Users\Public\Documents\Steam
- 2018-08-16 23:16 - 2018-08-16 23:16 - 000001342 _____ C:\Users\Czacha\Desktop\Europa Universalis IV Rule Britannia.lnk
- 2018-08-16 18:38 - 2018-08-16 18:38 - 000000000 ___HD C:\$GetCurrent
- 2018-08-16 18:34 - 2018-08-16 19:17 - 000000000 ____D C:\Windows10Upgrade
- 2018-08-16 17:23 - 2018-08-16 22:06 - 000000000 ____D C:\Users\Czacha\Downloads\codex-europa.universalis.iv.rule.britannia
- 2018-08-16 17:14 - 2018-08-16 17:14 - 000000000 ____D C:\WINDOWS\UpdateAssistant
- 2018-08-10 20:33 - 2018-08-10 20:33 - 000441894 _____ C:\Users\Czacha\Desktop\ZUA.pdf
- 2018-07-31 21:09 - 2018-07-31 21:09 - 000000000 ____D C:\Users\Czacha\Downloads\Scenes Of A Sexual Nature [2006] [DVDRip.XViD-NoName] [Lektor PL] (Arx]
- 2018-07-31 20:38 - 2018-08-17 19:35 - 000000000 ____D C:\Users\Czacha\Downloads\Filmy
- 2018-07-31 20:38 - 2018-07-31 23:03 - 000000000 ____D C:\Users\Czacha\Downloads\Seriale
- 2018-07-31 19:58 - 2018-07-31 19:58 - 000000000 ____D C:\Users\Czacha\Downloads\The.Orphanage.2007
- 2018-07-29 22:24 - 2018-07-29 22:24 - 000000000 ___HD C:\Users\Public\Shared Files
- ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
- (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
- 2018-08-22 20:27 - 2016-10-15 20:38 - 000000000 ____D C:\Users\Czacha\AppData\Roaming\AIMP
- 2018-08-22 20:23 - 2017-10-12 19:05 - 001474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
- 2018-08-22 20:07 - 2016-10-15 16:29 - 000000000 ____D C:\Users\Czacha\AppData\Local\CrashDumps
- 2018-08-22 16:43 - 2017-04-26 23:05 - 000000000 ____D C:\ProgramData\NVIDIA
- 2018-08-22 16:39 - 2016-10-15 21:53 - 000000000 ____D C:\Users\Czacha\AppData\Local\Host App Service
- 2018-08-22 16:35 - 2016-10-15 21:54 - 000000000 __SHD C:\Users\Czacha\IntelGraphicsProfiles
- 2018-08-21 21:49 - 2017-10-28 03:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
- 2018-08-21 12:24 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
- 2018-08-20 14:56 - 2017-10-22 12:42 - 000000000 ___DC C:\WINDOWS\Panther
- 2018-08-20 14:05 - 2017-10-28 04:13 - 000024768 _____ C:\WINDOWS\diagwrn.xml
- 2018-08-20 14:05 - 2017-10-28 04:13 - 000024768 _____ C:\WINDOWS\diagerr.xml
- 2018-08-20 01:26 - 2017-09-29 10:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
- 2018-08-20 00:52 - 2018-04-12 18:58 - 000000000 ___HD C:\$WINDOWS.~BT
- 2018-08-20 00:52 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\Registration
- 2018-08-20 00:52 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
- 2018-08-19 23:47 - 2017-10-26 11:50 - 066172700 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
- 2018-08-19 12:51 - 2017-01-15 16:56 - 000000000 ____D C:\Users\Czacha\AppData\Roaming\vlc
- 2018-08-19 10:04 - 2016-10-15 21:57 - 000000000 __RDL C:\Users\Czacha\OneDrive
- 2018-08-18 15:22 - 2016-12-16 12:03 - 000000000 ____D C:\Users\Czacha\Documents\My Games
- 2018-08-18 15:20 - 2016-06-13 01:13 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
- 2018-08-18 15:19 - 2018-05-01 23:59 - 000000000 ____D C:\Program Files (x86)\Gry
- 2018-08-18 12:41 - 2017-09-29 15:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
- 2018-08-18 12:31 - 2016-06-13 01:05 - 000002520 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
- 2018-08-18 12:31 - 2016-06-13 01:05 - 000002508 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
- 2018-08-18 12:31 - 2016-06-13 01:05 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
- 2018-08-18 12:31 - 2016-06-13 01:05 - 000002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
- 2018-08-18 12:31 - 2016-06-13 01:05 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
- 2018-08-18 12:25 - 2016-06-13 01:02 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
- 2018-08-18 12:24 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
- 2018-08-18 12:24 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
- 2018-08-17 23:14 - 2017-06-29 21:52 - 000000000 ____D C:\Users\Czacha\AppData\Roaming\uTorrent
- 2018-08-17 20:18 - 2017-08-17 14:58 - 000000000 ____D C:\Users\Czacha\AppData\Roaming\Comodo
- 2018-08-17 19:50 - 2016-06-13 02:04 - 000000000 ____D C:\ProgramData\Intel
- 2018-08-17 15:25 - 2017-10-28 04:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
- 2018-08-17 15:06 - 2017-09-29 10:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
- 2018-08-17 11:33 - 2018-07-14 20:07 - 000000000 ____D C:\Program Files\rempl
- 2018-08-17 11:26 - 2017-05-02 00:59 - 000000000 ____D C:\Users\Czacha\AppData\Local\Adobe
- 2018-08-17 11:25 - 2017-10-28 04:12 - 000004702 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
- 2018-08-17 11:24 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
- 2018-08-17 11:24 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
- 2018-08-17 11:22 - 2017-10-28 04:09 - 002344612 _____ C:\WINDOWS\system32\PerfStringBackup.INI
- 2018-08-17 11:22 - 2017-09-30 16:29 - 001075066 _____ C:\WINDOWS\system32\perfh015.dat
- 2018-08-17 11:22 - 2017-09-30 16:29 - 000233782 _____ C:\WINDOWS\system32\perfc015.dat
- 2018-08-17 00:23 - 2017-05-22 17:04 - 000000000 ____D C:\Program Files (x86)\SteamN
- 2018-08-16 18:41 - 2016-10-21 00:45 - 000000000 ____D C:\WINDOWS\system32\MRT
- 2018-08-16 18:33 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
- 2018-08-16 18:33 - 2016-10-21 00:45 - 137343192 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
- 2018-08-13 14:31 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\NDF
- 2018-08-13 10:38 - 2017-10-28 04:12 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-661999521-1470042451-2146426113-1001
- 2018-08-13 10:38 - 2016-10-15 21:57 - 000002417 _____ C:\Users\Czacha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
- 2018-08-09 23:29 - 2016-10-15 16:05 - 000002314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
- 2018-08-09 23:29 - 2016-10-15 16:05 - 000002273 _____ C:\Users\Public\Desktop\Google Chrome.lnk
- 2018-08-06 23:19 - 2018-07-02 19:35 - 000000000 ____D C:\ProgramData\Packages
- 2018-08-06 17:31 - 2018-07-13 15:52 - 000836480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
- 2018-08-06 17:31 - 2018-07-13 15:52 - 000181120 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
- 2018-07-29 22:24 - 2017-02-11 13:54 - 000000000 ____D C:\Intel
- 2018-07-29 22:18 - 2018-05-02 00:01 - 000000000 ____D C:\Users\Czacha\AppData\Local\UnrealEngine
- ==================== Pliki w katalogu głównym wybranych folderów =======
- 2018-04-17 22:57 - 2018-04-17 22:57 - 000006067 _____ () C:\Users\Czacha\AppData\Local\recently-used.xbel
- 2017-08-18 05:35 - 2017-08-18 05:35 - 000007640 _____ () C:\Users\Czacha\AppData\Local\Resmon.ResmonCfg
- ZeroAccess:
- C:\Users\Czacha\AppData\Local\NtvHost
- C:\Users\Czacha\AppData\Local\NtvHost\ext.zip
- C:\Users\Czacha\AppData\Local\NtvHost\host.json
- C:\Users\Czacha\AppData\Local\NtvHost\ntd.cfg
- C:\Users\Czacha\AppData\Local\NtvHost\syssvc.xml
- C:\Users\Czacha\AppData\Local\NtvHost\n\nup.zip.tmp
- C:\Users\Czacha\AppData\Local\NtvHost\ext\background.html
- C:\Users\Czacha\AppData\Local\NtvHost\ext\background.js
- C:\Users\Czacha\AppData\Local\NtvHost\ext\manifest.json
- C:\Users\Czacha\AppData\Local\NtvHost\ext\_locales\en_US\messages.json
- C:\Users\Czacha\AppData\Local\NtvHost\ext\_locales\en\messages.json
- C:\Users\Czacha\AppData\Local\NtvHost\ext\ico\128.png
- C:\Users\Czacha\AppData\Local\NtvHost\ext\ico\16.png
- C:\Users\Czacha\AppData\Local\NtvHost\ext\ico\32.png
- C:\Users\Czacha\AppData\Local\NtvHost\ext\ico\48.png
- Pliki do przeniesienia lub usunięcia:
- ====================
- C:\Users\Czacha\AppData\Roaming\YoutubeDownloader_upd\python\pythonw.exe
- C:\Users\Czacha\AppData\Roaming\YoutubeDownloader\python\pythonw.exe
- Niektóre pliki w TEMP:
- ====================
- 2018-08-17 19:35 - 2018-08-17 19:50 - 000001040 _____ () C:\Users\Czacha\AppData\Local\Temp\43193543dddd.exe
- 2018-08-17 19:54 - 2018-08-17 19:54 - 000020480 _____ (CatX) C:\Users\Czacha\AppData\Local\Temp\cubesta.exe
- 2018-08-17 19:35 - 2018-08-17 19:35 - 003828053 _____ () C:\Users\Czacha\AppData\Local\Temp\fag.exe
- 2018-08-17 19:34 - 2018-08-17 19:34 - 000032768 _____ (DianneLMeans@armyspy.com ) C:\Users\Czacha\AppData\Local\Temp\fagw.exe
- 2018-08-17 19:35 - 2018-08-17 19:35 - 002076160 _____ () C:\Users\Czacha\AppData\Local\Temp\MediaPlay.exe
- 2018-08-17 19:35 - 2018-08-17 19:35 - 000016384 _____ (Nicole R. Cosentino ) C:\Users\Czacha\AppData\Local\Temp\tuna.exe
- 2018-08-18 10:56 - 2018-08-19 10:05 - 000391024 _____ (adaware) C:\Users\Czacha\AppData\Local\Temp\wcupdater.exe
- 2018-08-17 19:54 - 2018-08-17 19:54 - 000877520 _____ () C:\Users\Czacha\AppData\Local\Temp\XVD.exe
- ==================== Bamital & volsnap ======================
- (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
- C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo
- C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo
- C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo
- C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo
- C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo
- C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo
- C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo
- C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo
- C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo
- C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo
- C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo
- C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo
- C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo
- C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
- C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo
- LastRegBack: 2018-08-16 18:31
- ==================== Koniec FRST.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement