Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 26-05.2019 Uruchomiony przez kryst (administrator) DESKTOP-VGDGFA6 (LENOVO 34485S4) (26-05-2019 17:34:08) Uruchomiony z C:\Users\kryst\Desktop Załadowane profile: kryst (Dostępne profile: kryst) Platform: Windows 10 Pro (X64) Język: Polski (Polska) Domyślna przeglądarka: Opera Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () [Brak podpisu cyfrowego] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe () [Brak podpisu cyfrowego] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1904.31.0_x64__8wekyb3d8bbwe\Calculator.exe () [Brak podpisu cyfrowego] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19041.481.0_x64__8wekyb3d8bbwe\YourPhone.exe () [Brak podpisu cyfrowego] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe (Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\Freedome.exe (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\fsvpnservice.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Huawei Technologies Co., Ltd. -> ) [Brak podpisu cyfrowego] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel(R) Driver & Support Assistant -> Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe (Intel(R) Driver & Support Assistant -> Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Lenovo -> ) C:\Program Files (x86)\Lenovo\System Update\SUService.exe (Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe (Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe (Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe (Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe (Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe (Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MsMpEng.exe (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\NisSrv.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174336 2015-08-13] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411840 2015-08-13] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411840 2015-08-13] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1719456 2013-12-10] (Sunplus Innovation Technology Inc. -> SunplusIT, Inc.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [126712 2018-11-15] (Intel(R) Driver & Support Assistant -> Intel) HKLM-x32\...\Winlogon: [Userinit] HKU\S-1-5-21-3671806271-1740960767-1859935781-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [5262992 2018-03-07] (Disc Soft Ltd -> Disc Soft Ltd) HKU\S-1-5-21-3671806271-1740960767-1859935781-1001\...\Run: [AceStream] => C:\Users\kryst\AppData\Roaming\ACEStream\engine\ace_engine.exe [27000 2016-05-19] (Innovative Digital Technologies -> ) HKU\S-1-5-21-3671806271-1740960767-1859935781-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18594760 2018-09-19] (Piriform Ltd -> Piriform Ltd) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-21] (Google LLC -> Google Inc.) GroupPolicy: Ograniczenia ? <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {10A1AA12-F142-40A9-B7DC-236320D19CCC} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {25D4859F-D2F3-477B-9EB5-EA27220B0718} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation) Task: {2E388DD7-C8F9-4635-9836-3BDBD9302629} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-24] (Microsoft Corporation -> Microsoft Corporation) Task: {35F89DDA-82AA-42F9-A23B-0FCCA146C7AD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-24] (Microsoft Corporation -> Microsoft Corporation) Task: {447CEB6B-9FDC-49EF-A3C8-91BFA4D361E2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-24] (Microsoft Corporation -> Microsoft Corporation) Task: {4B43C750-63F2-4FB2-A217-DB5566A2F1EC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd) Task: {5A4CA756-CC4D-4942-A354-C18F00D6D3D5} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758488 2019-01-25] (Lenovo -> ) Task: {629C021D-DF73-4558-9C23-1826DADDF401} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) Task: {63BADB62-4471-4C99-BFC3-D48860599317} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_pepper.exe [1452600 2019-04-10] (Adobe Inc. -> Adobe) Task: {733E505C-8B0A-4B05-A007-72A7CD49707B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-29] (Google Inc -> Google Inc.) Task: {75A93E9E-F147-4FEE-A835-8191860B6A8A} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe [1456696 2019-04-18] (Adobe Inc. -> Adobe) Task: {7C329CDF-DA7B-4541-8C3D-DD13F60EDB7C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13769584 2018-09-19] (Piriform Ltd -> Piriform Ltd) Task: {A31256A1-8C4F-42F2-B733-BCAE84B17B7D} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758488 2019-01-25] (Lenovo -> ) Task: {A8855078-1282-4EDF-8D4B-6F20696F1EC5} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {A9D9874E-2073-475D-B89E-F6187CCB27B6} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [112528 2018-11-06] (Lenovo -> Lenovo) Task: {AC140463-1AF2-488A-B114-C3E6343BC4E9} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgrInst.exe [60304 2018-11-06] (Lenovo -> ) Task: {B3BF9400-8F42-4CEC-ACC2-0D3B3DEA6200} - System32\Tasks\VPN PRO => C:\Program Files (x86)\Innovative Solutions\VPN PRO\vpnpro.exe Task: {C4D900D3-C0E5-4FE2-98DB-5E9396331003} - System32\Tasks\Opera scheduled Autoupdate 1519328259 => C:\Program Files\Opera\launcher.exe [1465432 2019-04-21] (Opera Software AS -> Opera Software) Task: {CCAD7E65-196D-4313-84B2-005AC110AE0E} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3671806271-1740960767-1859935781-1001 => C:\Users\kryst\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [122344 2019-04-04] (Lenovo (Beijing) Limited -> Lenovo Group Limited) Task: {D5337E79-BEAB-44FA-9366-7582588B6463} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-24] (Microsoft Corporation -> Microsoft Corporation) Task: {E51B35B8-F36F-4E2A-A26B-6D4A9185F426} - System32\Tasks\Lenovo Power Management Driver PnP Task => C:\WINDOWS\System32\ibmpmsvc.exe [851800 2018-12-26] (Lenovo -> Lenovo.) Task: {F6938144-CF4D-43ED-AC4D-ACC349A690EA} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation) Task: {FA8106AC-2F0B-4272-8383-321E9E4D3F20} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-29] (Google Inc -> Google Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\..\Interfaces\{fd7f3e92-677a-43a9-8729-007b083104f2}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== FireFox: ======== FF DefaultProfile: l6c3jsu1.default FF ProfilePath: C:\Users\kryst\AppData\Roaming\Mozilla\Firefox\Profiles\l6c3jsu1.default [2019-05-26] FF HKU\S-1-5-21-3671806271-1740960767-1859935781-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\kryst\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi FF Extension: (Ace Script) - C:\Users\kryst\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2018-01-24] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_171.dll [2019-04-18] (Adobe Inc. -> ) FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_171.dll [2019-04-18] (Adobe Inc. -> ) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC) FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-3671806271-1740960767-1859935781-1001: @acestream.net/acestreamplugin,version=3.1.1 -> C:\Users\kryst\AppData\Roaming\ACEStream\player\npace_plugin.dll [2015-08-06] (Innovative Digital Technologies -> Innovative Digital Technologies) FF Plugin HKU\S-1-5-21-3671806271-1740960767-1859935781-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-3671806271-1740960767-1859935781-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-3671806271-1740960767-1859935781-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://www.google.pl/ CHR StartupUrls: Default -> "hxxp://google.pl/","hxxps://www.google.pl/" CHR Profile: C:\Users\kryst\AppData\Local\Google\Chrome\User Data\Default [2019-05-26] CHR Extension: (Prezentacje) - C:\Users\kryst\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-29] CHR Extension: (Dokumenty) - C:\Users\kryst\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-29] CHR Extension: (Dysk Google) - C:\Users\kryst\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-29] CHR Extension: (YouTube) - C:\Users\kryst\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-29] CHR Extension: (Tampermonkey) - C:\Users\kryst\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2019-05-13] CHR Extension: (Arkusze) - C:\Users\kryst\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-29] CHR Extension: (Video Downloader PLUS) - C:\Users\kryst\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2019-04-29] CHR Extension: (Dokumenty Google offline) - C:\Users\kryst\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-14] CHR Extension: (AdBlock) - C:\Users\kryst\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-05-22] CHR Extension: (Dropbox) - C:\Users\kryst\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2018-10-15] CHR Extension: (Ace Script) - C:\Users\kryst\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2018-12-13] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\kryst\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-29] CHR Extension: (Gmail) - C:\Users\kryst\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29] CHR Extension: (Chrome Media Router) - C:\Users\kryst\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-23] CHR Profile: C:\Users\kryst\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-05-05] CHR Extension: (Prezentacje) - C:\Users\kryst\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-05] CHR Extension: (Dokumenty) - C:\Users\kryst\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-05] CHR Extension: (Dysk Google) - C:\Users\kryst\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-05] CHR Extension: (YouTube) - C:\Users\kryst\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-05] CHR Extension: (Arkusze) - C:\Users\kryst\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-05] CHR Extension: (Dokumenty Google offline) - C:\Users\kryst\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-05-05] CHR Extension: (Ace Script) - C:\Users\kryst\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2019-03-05] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\kryst\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-05] CHR Extension: (Gmail) - C:\Users\kryst\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-05] CHR Extension: (Chrome Media Router) - C:\Users\kryst\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-05] CHR Profile: C:\Users\kryst\AppData\Local\Google\Chrome\User Data\System Profile [2019-03-06] CHR HKU\S-1-5-21-3671806271-1740960767-1859935781-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx Opera: ======= OPR Extension: (Custom Style Script) - C:\Users\kryst\AppData\Roaming\Opera Software\Opera Stable\Extensions\hmnbfbgbgicodipenaajdcogalomcmph [2018-09-27] OPR Extension: (Tampermonkey) - C:\Users\kryst\AppData\Roaming\Opera Software\Opera Stable\Extensions\mfdhdgbonjidekjkjmjaneanmdmpmidf [2019-01-26] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [365056 2019-05-04] (Avira Operations GmbH & Co. KG) [Brak podpisu cyfrowego] R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3480720 2018-03-07] (Disc Soft Ltd -> Disc Soft Ltd) R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [23800 2018-11-15] (Intel(R) Driver & Support Assistant -> Intel) R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937192 2018-11-07] (Intel(R) Software Development Products -> ) R2 Freedome Service; C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\fsvpnservice.exe [861128 2019-05-25] (F-Secure Corporation -> F-Secure Corporation) R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-08-23] (Huawei Technologies Co., Ltd. -> ) [Brak podpisu cyfrowego] R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [320472 2018-01-02] (Intel(R) pGFX -> Intel Corporation) S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation) S2 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [892760 2018-12-26] (Lenovo -> Lenovo.) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-04-04] (Intel Corporation-Wireless Connectivity Solutions -> ) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5382448 2019-04-10] (Microsoft Windows Publisher -> Microsoft Corporation) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [251432 2018-11-01] (Synaptics Incorporated -> Synaptics Incorporated) R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [192232 2018-11-07] (Intel(R) Software Development Products -> ) S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937192 2018-11-07] (Intel(R) Software Development Products -> ) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\NisSrv.exe [3851264 2019-04-24] (Microsoft Corporation -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MsMpEng.exe [118144 2019-04-24] (Microsoft Corporation -> Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3833248 2016-04-04] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 bcbtums; C:\WINDOWS\System32\drivers\bcbtums.sys [178472 2016-09-29] (Broadcom Corporation -> Broadcom Corporation.) S3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [313112 2019-03-13] (Bluestack Systems, Inc. -> Bluestack System Inc. ) S3 btwampfl; C:\WINDOWS\System32\drivers\btwampfl.sys [222024 2016-09-29] (Broadcom Corporation -> Broadcom Corporation.) S3 cxwmbclass; C:\WINDOWS\System32\drivers\cxwmbclass.sys [124416 2019-03-13] (Microsoft Windows -> Microsoft Corporation) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-03-19] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-03-19] (Disc Soft Ltd -> Disc Soft Ltd) S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R3 fsfreedometap; C:\WINDOWS\System32\drivers\fsfreedometap.sys [38888 2019-05-25] (WDKTestCert mbbldr,131864997439240006 -> The OpenVPN Project) R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD.sys [44744 2014-02-03] (Intel CASE -> ) R3 LnvHIDHW; C:\WINDOWS\System32\drivers\LnvHIDHW.sys [27496 2012-07-30] (Lenovo(Japan)Ltd. -> Lenovo) R3 MbmUsbSerial; C:\WINDOWS\System32\Drivers\MbmUsbSerial.sys [81392 2015-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Ericsson AB) R3 MkBusFilter; C:\WINDOWS\system32\DRIVERS\MbmDeviceFilter.sys [42208 2015-07-02] (Ericsson AB -> ) R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3354384 2015-05-04] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2018-08-14] (Avira Operations GmbH & Co. KG -> The OpenVPN Project) R0 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [44160 2018-12-26] (Lenovo -> Lenovo.) R3 risdxc; C:\WINDOWS\System32\drivers\risdxc64.sys [106496 2013-09-08] (Microsoft Windows Hardware Compatibility Publisher -> REDC) S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [43008 2018-11-07] (Intel Corporation -> ) S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [50784 2016-10-02] (Synaptics Incorporated -> Synaptics Incorporated) R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42536 2018-11-01] (Synaptics Incorporated -> Synaptics Incorporated) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 SynRMIHID; C:\WINDOWS\System32\drivers\SynRMIHID.sys [67248 2015-08-07] (Synaptics Incorporated -> Synaptics Incorporated) S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [35784 2017-02-03] (Avira Operations GmbH & Co. KG -> The OpenVPN Project) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-04-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344544 2019-04-24] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60896 2019-04-24] (Microsoft Windows -> Microsoft Corporation) R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2018-09-28] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-05-26 17:34 - 2019-05-26 17:34 - 000030371 _____ C:\Users\kryst\Desktop\FRST.txt 2019-05-26 17:33 - 2019-05-26 17:34 - 000000000 ____D C:\FRST 2019-05-26 17:31 - 2019-05-26 17:31 - 002435584 _____ (Farbar) C:\Users\kryst\Desktop\FRST64.exe 2019-05-26 01:31 - 2019-05-21 22:23 - 000036468 _____ C:\Users\kryst\Desktop\Lordish.ttf 2019-05-26 01:31 - 2018-05-27 19:07 - 002455596 _____ C:\Users\kryst\Desktop\LeaveNoFingerprints.ttf 2019-05-26 01:31 - 2013-07-13 15:38 - 000335788 _____ C:\Users\kryst\Desktop\CFAnarchy-Regular.ttf 2019-05-26 01:31 - 2005-10-02 00:49 - 000002172 _____ C:\Users\kryst\Desktop\defused_readme.txt 2019-05-26 01:31 - 2005-10-02 00:48 - 000563156 _____ C:\Users\kryst\Desktop\defused.ttf 2019-05-26 01:30 - 2019-05-26 01:30 - 001391499 _____ C:\Users\kryst\Desktop\leave_no_fingerprints.zip 2019-05-26 01:30 - 2019-05-26 01:30 - 000749779 _____ C:\Users\kryst\Desktop\penguins_left_for_dead_by_tonatello_d2zf5tk-fullview.pdn 2019-05-26 01:30 - 2019-05-26 01:30 - 000399765 _____ C:\Users\kryst\Desktop\defused.zip 2019-05-26 01:30 - 2019-05-26 01:30 - 000211578 _____ C:\Users\kryst\Desktop\cf_anarchy.zip 2019-05-26 01:29 - 2019-05-26 01:29 - 000023695 _____ C:\Users\kryst\Desktop\lordish.zip 2019-05-25 23:12 - 2019-05-25 23:16 - 000000000 ____D C:\ProgramData\F-Secure 2019-05-25 23:12 - 2019-05-25 23:12 - 000038888 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\fsfreedometap.sys 2019-05-25 23:12 - 2019-05-25 23:12 - 000002451 _____ C:\Users\Public\Desktop\Freedome.lnk 2019-05-25 23:12 - 2019-05-25 23:12 - 000000000 ____D C:\Users\kryst\Desktop\FreVPN.2.27.5861.0 2019-05-25 23:12 - 2019-05-25 23:12 - 000000000 ____D C:\Users\kryst\AppData\Local\F-Secure 2019-05-25 23:12 - 2019-05-25 23:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freedome 2019-05-25 23:12 - 2019-05-25 23:12 - 000000000 ____D C:\Program Files (x86)\F-Secure 2019-05-25 22:49 - 2019-05-25 23:08 - 066926558 _____ C:\Users\kryst\Desktop\FreVPN.2.27.5861.0.7z 2019-05-25 22:03 - 2019-05-25 22:06 - 063962571 _____ C:\Users\kryst\Desktop\8 Ball Pool v4.4.0 Mod v1 iHackedit.com.apk 2019-05-25 18:34 - 2019-05-25 18:34 - 000128609 _____ C:\Users\kryst\Desktop\Payslip-17-05-2019-1.pdf 2019-05-25 18:33 - 2019-05-25 18:33 - 000128603 _____ C:\Users\kryst\Desktop\Payslip-24-05-2019-1.pdf 2019-05-25 14:25 - 2019-05-25 14:25 - 000001232 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk 2019-05-25 14:23 - 2019-05-25 14:23 - 000000000 ____D C:\Users\kryst\Desktop\avira_phantom_vpn_2.24.1.25128 2019-05-25 14:11 - 2019-05-25 14:13 - 007989198 _____ C:\Users\kryst\Desktop\avira_phantom_vpn_2.24.1.25128.7z 2019-05-23 21:39 - 2019-05-26 11:32 - 000000000 ____D C:\Program Files\Mozilla Firefox 2019-05-20 18:12 - 2019-05-20 18:12 - 000000000 ____D C:\Users\kryst\Desktop\UltimateTribalWarsBot_v2.030_x64 2019-05-20 18:11 - 2019-05-20 18:11 - 067409839 _____ C:\Users\kryst\Desktop\UltimateTribalWarsBot_v2.030_x64.zip 2019-05-20 14:25 - 2019-05-20 14:25 - 009682960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-05-20 14:25 - 2019-05-20 14:25 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-05-20 14:25 - 2019-05-20 14:25 - 006545096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-05-20 14:25 - 2019-05-20 14:25 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2019-05-20 14:25 - 2019-05-20 14:25 - 004627456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2019-05-20 14:25 - 2019-05-20 14:25 - 004588536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2019-05-20 14:25 - 2019-05-20 14:25 - 002777440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2019-05-20 14:25 - 2019-05-20 14:25 - 002275680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2019-05-20 14:25 - 2019-05-20 14:25 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll 2019-05-20 14:25 - 2019-05-20 14:25 - 001253904 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-05-20 14:25 - 2019-05-20 14:25 - 001048592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-05-20 14:25 - 2019-05-20 14:25 - 000090664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll 2019-05-20 14:25 - 2019-05-20 14:25 - 000080400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys 2019-05-20 14:25 - 2019-05-20 14:25 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin 2019-05-20 14:25 - 2019-05-20 14:25 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin 2019-05-20 14:25 - 2019-05-20 14:25 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin 2019-05-20 14:25 - 2019-05-20 14:25 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin 2019-05-20 14:25 - 2019-05-20 14:25 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin 2019-05-20 14:25 - 2019-05-20 14:25 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin 2019-05-20 14:25 - 2019-05-20 14:25 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin 2019-05-20 14:25 - 2019-05-20 14:25 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin 2019-05-18 20:55 - 2019-05-18 20:55 - 000000000 ____D C:\Users\kryst\Desktop\lucida-blackletter 2019-05-17 14:26 - 2019-05-17 14:26 - 026807808 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 023438848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 020814848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 019022336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 007883776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 007879680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 007687576 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 006440960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 006309040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 006072320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 004883968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 004660736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 003905536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 003743744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 003637248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2019-05-17 14:26 - 2019-05-17 14:26 - 003602944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 003557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 003384832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 003363856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2019-05-17 14:26 - 2019-05-17 14:26 - 002708480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2019-05-17 14:26 - 2019-05-17 14:26 - 002422272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2019-05-17 14:26 - 2019-05-17 14:26 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 001860096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 001760768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 001699496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2019-05-17 14:26 - 2019-05-17 14:26 - 001641616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 001470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2019-05-17 14:26 - 2019-05-17 14:26 - 001395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 001342608 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2019-05-17 14:26 - 2019-05-17 14:26 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 001290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 001225728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2019-05-17 14:26 - 2019-05-17 14:26 - 001179680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2019-05-17 14:26 - 2019-05-17 14:26 - 001062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2019-05-17 14:26 - 2019-05-17 14:26 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000895792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000807464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2019-05-17 14:26 - 2019-05-17 14:26 - 000758896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe 2019-05-17 14:26 - 2019-05-17 14:26 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000660992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000586280 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2019-05-17 14:26 - 2019-05-17 14:26 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe 2019-05-17 14:26 - 2019-05-17 14:26 - 000508432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2019-05-17 14:26 - 2019-05-17 14:26 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000449376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000444944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2019-05-17 14:26 - 2019-05-17 14:26 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000317240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys 2019-05-17 14:26 - 2019-05-17 14:26 - 000254952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2019-05-17 14:26 - 2019-05-17 14:26 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys 2019-05-17 14:26 - 2019-05-17 14:26 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE 2019-05-17 14:26 - 2019-05-17 14:26 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000212792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2019-05-17 14:26 - 2019-05-17 14:26 - 000203272 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000202768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys 2019-05-17 14:26 - 2019-05-17 14:26 - 000201016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys 2019-05-17 14:26 - 2019-05-17 14:26 - 000198456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys 2019-05-17 14:26 - 2019-05-17 14:26 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2019-05-17 14:26 - 2019-05-17 14:26 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE 2019-05-17 14:26 - 2019-05-17 14:26 - 000179728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2019-05-17 14:26 - 2019-05-17 14:26 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000177976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2019-05-17 14:26 - 2019-05-17 14:26 - 000163240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe 2019-05-17 14:26 - 2019-05-17 14:26 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000147736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe 2019-05-17 14:26 - 2019-05-17 14:26 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000121656 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS 2019-05-17 14:26 - 2019-05-17 14:26 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe 2019-05-17 14:26 - 2019-05-17 14:26 - 000066688 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll 2019-05-17 14:26 - 2019-05-17 14:26 - 000055792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll 2019-05-12 10:10 - 2019-05-12 10:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VisiPics 2019-05-12 10:10 - 2019-05-12 10:10 - 000000000 ____D C:\Program Files (x86)\VisiPics 2019-05-12 10:10 - 2006-08-12 01:44 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll 2019-05-12 10:09 - 2019-05-12 10:10 - 002208665 _____ (Ozone ) C:\Users\kryst\Desktop\VisiPics-1-31.exe 2019-05-05 15:20 - 2019-05-06 02:26 - 000000448 __RSH C:\ProgramData\ntuser.pol 2019-05-05 12:09 - 2019-05-05 12:09 - 001052728 _____ (Akeo Consulting) C:\Users\kryst\Desktop\rufus-3.5.exe 2019-05-04 11:58 - 2019-05-04 11:58 - 012844032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 012140032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 005436904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 005296640 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 005210904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 004997096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 003982848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 003551112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 003426816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 003406848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 002995712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 002701512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 002393088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 002205184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 002073960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 001994976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 001768960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 001674696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 001671352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 001653760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 001467552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 001382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 001219640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 001001472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000806600 _____ C:\WINDOWS\SysWOW64\locale.nls 2019-05-04 11:58 - 2019-05-04 11:58 - 000806600 _____ C:\WINDOWS\system32\locale.nls 2019-05-04 11:58 - 2019-05-04 11:58 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000780632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000725696 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx 2019-05-04 11:58 - 2019-05-04 11:58 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000676256 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000651576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2019-05-04 11:58 - 2019-05-04 11:58 - 000649064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000638376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx 2019-05-04 11:58 - 2019-05-04 11:58 - 000553656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000540720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000514632 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000454160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2019-05-04 11:58 - 2019-05-04 11:58 - 000451080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000421392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2019-05-04 11:58 - 2019-05-04 11:58 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe 2019-05-04 11:58 - 2019-05-04 11:58 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2019-05-04 11:58 - 2019-05-04 11:58 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe 2019-05-04 11:58 - 2019-05-04 11:58 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiag.exe 2019-05-04 11:58 - 2019-05-04 11:58 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000280592 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000263576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe 2019-05-04 11:58 - 2019-05-04 11:58 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe 2019-05-04 11:58 - 2019-05-04 11:58 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe 2019-05-04 11:58 - 2019-05-04 11:58 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000157200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000122680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000109568 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll 2019-05-04 11:58 - 2019-05-04 11:58 - 000086960 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe 2019-05-04 11:58 - 2019-05-04 11:58 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe 2019-05-04 11:58 - 2019-05-04 11:58 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe 2019-05-03 22:48 - 2019-05-12 13:08 - 000000000 ____D C:\Users\kryst\Desktop\Milan 2019-05-01 14:23 - 2019-05-01 14:23 - 000000000 ____D C:\Users\Public\BlueStacks ==================== Jeden miesiąc (zmodyfikowane) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-05-26 17:29 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-05-26 17:28 - 2019-02-11 02:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-05-26 16:46 - 2018-02-22 20:35 - 000000000 __SHD C:\Users\kryst\IntelGraphicsProfiles 2019-05-26 11:33 - 2018-04-09 23:52 - 000000000 ____D C:\Users\kryst\AppData\LocalLow\Mozilla 2019-05-26 11:32 - 2018-04-09 23:52 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2019-05-26 11:32 - 2018-04-09 23:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-05-26 09:29 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF 2019-05-25 22:38 - 2019-02-11 02:33 - 001768544 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-05-25 22:38 - 2018-09-15 17:43 - 000785588 _____ C:\WINDOWS\system32\perfh015.dat 2019-05-25 22:38 - 2018-09-15 17:43 - 000152350 _____ C:\WINDOWS\system32\perfc015.dat 2019-05-25 22:34 - 2019-02-11 02:34 - 000003700 _____ C:\WINDOWS\System32\Tasks\Lenovo Power Management Driver PnP Task 2019-05-25 22:34 - 2019-02-11 02:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-05-25 22:33 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2019-05-25 16:30 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps 2019-05-25 16:30 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-05-25 14:25 - 2018-04-07 05:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2019-05-25 14:25 - 2018-04-07 05:53 - 000000000 ____D C:\ProgramData\Avira 2019-05-25 14:25 - 2018-04-07 05:53 - 000000000 ____D C:\Program Files (x86)\Avira 2019-05-24 14:21 - 2018-08-05 21:00 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant 2019-05-23 14:42 - 2019-02-11 02:34 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3671806271-1740960767-1859935781-1001 2019-05-23 14:42 - 2019-02-11 02:30 - 000002418 _____ C:\Users\kryst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-05-23 14:42 - 2018-02-22 20:37 - 000000000 ___RD C:\Users\kryst\OneDrive 2019-05-23 05:10 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-05-22 19:17 - 2018-06-18 23:50 - 000000000 ____D C:\ProgramData\Packages 2019-05-21 23:33 - 2018-09-29 08:50 - 000002314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-05-20 14:26 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-05-17 16:33 - 2019-02-11 02:27 - 000258560 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-05-17 14:48 - 2018-09-15 08:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2019-05-16 17:36 - 2018-12-15 18:28 - 000000000 ____D C:\Users\kryst\Desktop\Dieta 2019-05-15 09:30 - 2018-02-22 20:42 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-05-15 09:28 - 2018-02-22 20:42 - 132445408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-05-15 01:27 - 2019-02-11 02:34 - 000003568 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2019-05-15 01:27 - 2019-02-11 02:34 - 000003444 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2019-05-14 14:51 - 2018-11-06 15:13 - 000000000 ____D C:\Users\kryst\AppData\Local\LenovoServiceBridge 2019-05-13 22:23 - 2018-09-15 08:36 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2019-05-13 22:23 - 2018-09-15 08:36 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2019-05-11 19:13 - 2019-03-08 18:29 - 000000000 ____D C:\Users\kryst\Desktop\Muzyka do auta 2019-05-11 19:12 - 2019-02-09 22:35 - 000000000 ____D C:\Users\kryst\Desktop\zdjecia 2019-05-11 19:12 - 2018-04-17 16:01 - 000000000 ____D C:\Users\kryst\Desktop\Nowy folder 2019-05-05 16:14 - 2019-02-11 02:30 - 000000000 ____D C:\Users\kryst 2019-05-05 15:09 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2019-05-05 15:09 - 2018-02-23 03:56 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2019-05-05 03:42 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\TextInput 2019-05-05 03:42 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences 2019-05-05 03:42 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2019-05-01 16:02 - 2018-02-22 20:35 - 000000000 ____D C:\Users\kryst\AppData\Local\Packages 2019-05-01 14:23 - 2019-03-15 19:25 - 000003946 _____ C:\WINDOWS\System32\Tasks\BlueStacksHelper ==================== SigCheck =============================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ============================